I’ve been running swag for quite some time now on my minimalist server running on a Raspberry Pi 4. Recently, I’ve started running into issues of 502 errors after:
A- an automatic update of a container by WatchTower – let’s not focus on that, as there might be solutions via WatchTower depending on what the root explanation turns out to be
B- a full system reboot
In both cases, it seems that swag fails to find some container (usually my grafana one) and gives me an upstream error: http://188.8.131.52 : connection refused. The configuration files do not use IPs, but Docker DNS names (i.e. ‘grafana’, so it normally connects to http://grafana). However, I now see IP addresses in the error logs. That it errors makes sense: when I check, the IP it’s trying to connect to is not (or no longer) the Docker-assigned IP corresponding to the container that should be reached. My hypothesis is that swag gets a DNS translation from Docker that matches the previous version of that container, because the new container still has to load. Then when the new container is loaded, it has a different IP than before. Indeed, the one thing that has changed recently on my system is that I’ve added quite a few new containers, so Docker is now much slower to start everything. This, I think, could explain scenario B above.
For reference my containers are created via Ansible, and I do not use docker-compose. My swag container and the container it needs are on a dedicated Docker bridge network. I also use Portainer for quick experiments, log-checking, and restarts.
My questions are:
1- is my hypothesis correct? or is there another reason why I’m seeing IP addresses in nginx logs when my config is not using IP addresses?
2- is there a clean solution to this problem?
3- lacking a better solution, would it work to set up my containers with a fixed IP chosen arbitrarily by me for each of them, so that that IP doesn’t change between container or system restarts?
Thanks in advance for your help!