id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 1417 Nginx won't start if hostname isn't valid kallisti5@… "This is the exact same issue as described in #1040 We use nginx in a container to route web services to various internal container services. As nginx currently works, if a hostname is unknown for a proxy, nginx refuses to start. nginx: [emerg] host not found in upstream ""gerrit_cgit_1"" in /etc/nginx/conf.d/cgit.conf:12 {{{ server { listen 80; listen [::]:80 ipv6only=on; server_name cgit.haiku-os.org git.haiku-os.org; access_log off; error_log off; return 301 https://$server_name$request_uri; } server { listen 443 ssl; listen [::]:443 ssl ipv6only=on; server_name cgit.haiku-os.org git.haiku-os.org; client_max_body_size 100m; ssl_certificate /etc/letsencrypt/live/cgit.haiku-os.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/cgit.haiku-os.org/privkey.pem; location / { proxy_bind $server_addr; proxy_pass http://gerrit_cgit_1:80; } } }}} In a container environment, if the gerrit_cgit_1 container isn't running, the host won't resolve. Instead of ""refusing to start"" due to one vhost not working, ideally, nginx should offer up HTTP 503 for service unavailable. There is a larger story around re-checking hostnames, but this change would mean that ""some services are functional"" (other vhosts that do resolve) vs ""everything is broken until you modify your config files because a container is not running"" If nginx doesn't want this to be the standard configuration, maybe add a ""proxy_unavailable warn"" vs ""proxy_unavailable error"" or something?" enhancement new minor other 1.13.x container Linux 774956f05acf 3.10.0-693.5.2.el7.x86_64 #1 SMP Fri Oct 20 20:32:50 UTC 2017 x86_64 Linux "nginx version: nginx/1.13.5 built by gcc 6.2.1 20160822 (Alpine 6.2.1) built with OpenSSL 1.0.2k 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module"