【发布时间】:2021-07-21 19:58:33
【问题描述】:
我已经设置了一个使用 Traefik v2 作为反向代理的 Docker Swarm,并且一直是able to access the dashboard with no issues.
我遇到了一个问题,即我无法从运行在不同节点上的任何服务获得响应,而不是运行 Traefik 的节点。我一直在测试和研究,并认为这是某种类型的网络问题。
我已经对一个空的 Nginx 映像进行了一些快速测试,并且能够部署另一个堆栈并在映像位于同一节点上时获得响应。 swarm 上跨多个节点(但不包括 Traefik 节点)部署的其他堆栈能够毫无问题地相互通信)。
这里是测试堆栈,用于提供我使用的一些上下文。
version: '3.8'
services:
test:
image: nginx:latest
deploy:
replicas: 1
placement:
constraints:
- node.role==worker
labels:
- "traefik.enable=true"
- "traefik.docker.network=uccser-dev-public"
- "traefik.http.services.test.loadbalancer.server.port=80"
- "traefik.http.routers.test.service=test"
- "traefik.http.routers.test.rule=Host(`TEST DOMAIN`) && PathPrefix(`/test`)"
- "traefik.http.routers.test.entryPoints=web"
networks:
- uccser-dev-public
networks:
uccser-dev-public:
external: true
uccser-dev-public 网络是一个覆盖所有节点的网络,没有加密。
如果我添加了一个约束来指定 Traefik 节点,那么请求就可以正常工作。但是,如果我将它切换到不同的节点,我会得到 Traefik 404 页面。
The Traefik dashboard is showing it sees the service.
但是访问日志显示如下:
proxy_traefik.1.6fbx58k4n3fj@SWARM_NODE | IP_ADDRESS - - [21/Jul/2021:09:03:02 +0000] "GET / HTTP/2.0" - - "-" "-" 1430 "-" "-" 0ms
它只是空白,我不知道从哪里开始。正常日志显示没有我可以看到的错误。
Traefik 堆栈文件:
version: '3.8'
x-default-opts:
&default-opts
logging:
options:
max-size: '1m'
max-file: '3'
services:
# Custom proxy to secure docker socket for Traefik
docker-socket:
<<: *default-opts
image: tecnativa/docker-socket-proxy
networks:
- traefik-docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
NETWORKS: 1
SERVICES: 1
SWARM: 1
TASKS: 1
deploy:
placement:
constraints:
- node.role == manager
# Reverse proxy for handling requests
traefik:
<<: *default-opts
image: traefik:2.4.11
networks:
- uccser-dev-public
- traefik-docker
volumes:
- traefik-public-certificates:/etc/traefik/acme/
ports:
- target: 80 # HTTP
published: 80
protocol: tcp
mode: host
- target: 443 # HTTPS
published: 443
protocol: tcp
mode: host
command:
# Docker
- --providers.docker
- --providers.docker.swarmmode
- --providers.docker.endpoint=tcp://docker-socket:2375
- --providers.docker.exposedByDefault=false
- --providers.docker.network=uccser-dev-public
- --providers.docker.watch
- --api
- --api.dashboard
- --entryPoints.web.address=:80
- --entryPoints.websecure.address=:443
- --log.level=DEBUG
- --global.sendAnonymousUsage=false
deploy:
placement:
constraints:
- node.role==worker
# Dynamic Configuration
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=Host(`SWARM_NODE`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.services.dummy-svc.loadbalancer.server.port=9999" # Dummy service for Swarm port detection. The port can be any valid integer value.
volumes:
traefik-public-certificates: {}
networks:
# This network is used by other services
# to connect to the proxy.
uccser-dev-public:
external: true
# This network is used for Traefik to talk to
# the Docker socket.
traefik-docker:
driver: overlay
driver_opts:
encrypted: 'true'
有什么想法吗?
【问题讨论】:
标签: docker docker-swarm traefik