Websockets not working while running Portainer with Httpd proxying

I’ve set up the Portainer UI as a docker container, and it’s working great if I connect my browser to port 9000 (as in http://foo.bar.com:9000). I can navigate around the UI and open up container consoles (which use websockets) without a problem.

But, what I need to do is connect with SSL (as in https://foo.bar.com).

I set up an httpd container on the same machine, and gave it the following configuration file:

<VirtualHost *:443>
  ServerName foo.bar.com

  ProxyPass / http://foo.bar.com:9000/
  ProxyPassReverse / http://foo.bar.com:9000/
  RequestHeader set X-Forwarded-Proto "https"

  <Location /api/websocket/>
    RewriteEngine on
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
    RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
    RewriteRule /api/websocket/(.*) ws://foo.bar.com:9000/api/websocket/$1 [P]
  </Location>
  
  ## SSL directives
  SSLEngine on
  SSLCertificateFile      "/usr/local/apache2/conf/server.crt"
  SSLCertificateKeyFile   "/usr/local/apache2/conf/server.key"

  ## Logging
  ServerSignature Off
  ErrorLog "logs/error_ssl.log"
  CustomLog "logs/access_ssl.log" common 

</VirtualHost>

Both httpd and portainer are being brought up by separate docker-compose.yml files.

Now, the Portainer web pages still come up just fine, but the consoles for the containers won’t work. Somehow, my websocket configuration above is broken. Any ideas on what I might be doing wrong?

Hi
kindly confirm about portainer version,apache httpd version. and modules proxy,proxy_wstunnel.load has to be loaded on httpd
pl try putting like porxypass in conf
ProxyPass “ws:// foo.bar.com:9000/api/websocket/

I am using Portainer 2.0, Apache 2.4 I was able to figure out the problem on my own. First, I thought proxy_wstunnel would auto-load, but it wasn’t, so I had to add it with a LoadModule command. Second I needed more changes to my httpd configuration file. Here’s what worked:

<VirtualHost *:443>
  ServerName foo.bar.com
  ProxyPreserveHost on
  ProxyPreserveHost On
  ProxyRequests Off

  # allow for upgrading to websockets
  RewriteEngine On
  RewriteCond %{HTTP:Upgrade} =websocket [NC]
  RewriteRule ^/?(.*) ws://foo.bar.com:9000/$1 [P,L]
  RewriteCond %{HTTP:Upgrade} !=websocket [NC]
  RewriteRule ^/(.*)           http://foo.bar.com:9000/$1 [P,L]

  ProxyPass "/" "http://foo.bar.com:9000/"
  ProxyPassReverse "/" "http://foo.bar.com:9000/"

  ## SSL directives
  SSLEngine on
  SSLCertificateFile "/usr/local/apache2/conf/server.crt"
  SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"

  ## Logging
  ServerSignature Off
  ErrorLog "logs/error_ssl.log"
  CustomLog "logs/access_ssl.log" common

</VirtualHost>