Using Tarantool http as Nginx upstream server - got error 13: Permission denied

Question

Have Nginx yum install Nginx

Have Tarantool + Cartridge

nginx.conf

upstream tarantool_httpd {
server 172.16.72.18:8082 max_fails=1 fail_timeout=15s;
keepalive 32;   
}

  server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;


        location / {
        }

    location = /redirections
    {
        proxy_pass http://tarantool_httpd;
    }
    location = /admin
    {
        proxy_pass http://tarantool_httpd;
    }


        error_page 404 /404.html;
        location = /404.html {
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        }
    }

When i request URL http://172.16.72.18/admin i got error 502 in access.log and error in Nginx error.log

connect() to 172.16.72.18:8082 failed (13: Permission denied) while connecting to upstream, client: 172.16.72.32

Answer 1

It looks like enabled SELinux.

Check it with sestatus and temporary disable with sudo setenforce 0

If the problem will be solved, you may disable it permanently with editing the /etc/selinux/config and seting SELINUX to disabled

Answer 2

If you don't want to disable SELinux completely (which I didn't recommend unless you really need to do it), using this command should be enough to allow nginx connections to the backend:

sudo setsebool -P httpd_can_network_connect on

However you can face some other SELinux incompatibilities so it is really make sense to check if some weird problem is gone with sudo setenforce 0 before going further in case of facing any.