Docker container in the same network do not comunicate

Question

I got 2 containers in same bridge network but they don't communicate and I can't find why.

In fact I have a nginx container that serves for proxy pass to another container "gogs" but the proxy is not found and I get the error "No route"

Here is my network :

[root@pc-59 _data]# docker inspect nginxnet
[
    {
        "Name": "nginxnet",
        "Id": "f00a094d2dcd15d3a42e142b46245f41408f6d4013b17cf7992d0b573f3d07a4",
        "Created": "2019-12-27T20:17:37.878562424+01:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.3.27.0/24",
                    "Gateway": "172.3.27.2"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "253bd8d76090cb170d25ac1eb84cd411ea8d9c92f5dca7bfbb0133934c4be355": {
                "Name": "nginx",
                "EndpointID": "6bd16e068e16cd1ee060b00c6150bc9f1f579f9b17518e90f603ad64a099cf52",
                "MacAddress": "02:42:ac:03:1b:04",
                "IPv4Address": "172.3.27.4/24",
                "IPv6Address": ""
            },
            "53bf139329162bedb94a89bdfcc6c308684e923e3b825e7a5cb377f5a30ca71c": {
                "Name": "mariadb",
                "EndpointID": "6a4138a66f5b67cbae63a600532b80d51530da8bec867f250ed51d5a67bf3660",
                "MacAddress": "02:42:ac:03:1b:06",
                "IPv4Address": "172.3.27.6/24",
                "IPv6Address": ""
            },
            "c44952cf1fb97cf03b39b56a6824b6a2cbcb4f5c2836e5834336fde17cf8ad1d": {
                "Name": "gogs",
                "EndpointID": "f1642c905b0343bbaf28db8286b06917155fe80a3bd7c1dcc6618ece1c5c865a",
                "MacAddress": "02:42:ac:03:1b:05",
                "IPv4Address": "172.3.27.5/24",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

And here is the nginx config for proxy :

server {
  listen 443 ssl;
  server_name gogs.isin.party;

  ssl_certificate /etc/nginx/gogs.fullchain.pem; # Localisation de certifcat
  ssl_certificate_key /etc/nginx/gogs.privkey.pem; # Localisation de la clef
  ssl_protocols TLSv1.2; # Protocole SSL/TLS autorisé
  ssl_prefer_server_ciphers on; # Activation du chiffrement coté serveur
  ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

  location / {
    rewrite ^/?(.*)$ /$1 break;
    proxy_pass  http://172.3.27.5:3000;
  }

}

And the exact error I get when i try to reach my website "gogs" :

No route to host) while connecting to upstream, client: 192.168.1.11, server: gogs.fr, request: "GET / HTTP/1.1", upstream: "http://172.3.27.5:3000/"

FYI, the host is centos 8 and if I telnet localhost 3000 on the server host works (it listens) but if I do telnet 172.3.27.5 3000 from nginx container it fails.

Any idea to help ?

EDIT - 28/12/2019

Here some other logs :

From my nginx container using DNS as recommended in comments to ping and telnet gogs container :

root@253bd8d76090:/# ping gogs.nginxnet
PING gogs.nginxnet (172.3.27.5) 56(84) bytes of data.
64 bytes from gogs.nginxnet (172.3.27.5): icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from gogs.nginxnet (172.3.27.5): icmp_seq=2 ttl=64 time=0.089 ms
^C
--- gogs.nginxnet ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 49ms
rtt min/avg/max/mdev = 0.087/0.092/0.102/0.012 ms

root@253bd8d76090:/# telnet gogs.nginxnet 3000
Trying 172.3.27.5...
telnet: Unable to connect to remote host: No route to host

From gogs container in order to ping and telnet nginx container

bash-5.0# ping nginx
PING nginx (172.3.27.4): 56 data bytes
64 bytes from 172.3.27.4: seq=0 ttl=64 time=0.070 ms
64 bytes from 172.3.27.4: seq=1 ttl=64 time=0.087 ms
^C
--- nginx ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.070/0.092/0.125 ms
bash-5.0# telnet nginx 80
telnet: can't connect to remote host (172.3.27.4): Host is unreachable

It seems like all port have been forbidden but it shouldn't since all container are in same network.

Answer 1

Answering my own question :

The problem here is with Centos 8, not docker. In fact it's firewalld that block any connection between containers. Disabling completely firewalld will make the containers communicate again :) but stopping firewalld isn't a good idea, I mean about security.

So here is what I've done :

1. Remove all existing rule in firewalld (about port / interfacce)
2. Execute the following commands line to open everything needed for container to works :

shell

firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --reload
systemctl restart docker

firewall-cmd --zone=public --add-masquerade --permanent do the trick.