Today, I've a problem with traefik .
I'm trying to use traefik as a reverse proxy . In my network, I have some containers in docker (with swarm), and some other servers/VM .
So, I want to redirect some subdomains to containers, and some other to servers .
So for the moment, I've done some tests, and I can redirect to servers, or to docker containers, but not the two at the same time .
The following configuration work in "file" mode, and if I comment all the "file" part, it's work in docker mode .
So, how to do this to work ? Is it just a configuration problem ? Or traefik can't handle that (seems strange because traefik ui show "file"/"docker" in tab mode) ?
I'm using the docker image : traefik:1.7-rc1
with this configuration for traefik (traefik.toml) :
debug = false
logLevel = "DEBUG"
defaultEntryPoints = ["https","http"]
insecureSkipVerify = true
sendAnonymousUsage = true
[api]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "site.com"
watch = true
swarmMode = true
[file]
[backends]
[backends.nas]
[backends.nas.LoadBalancer]
method = "drr"
[backends.nas.servers.server1]
url = "https://192.168.1.38"
weight = 1
[backends.teapot]
[backends.teapot.LoadBalancer]
method = "drr"
[backends.teapot.servers.server1]
url = "https://192.168.1.40"
weight = 1
[backends.gitserver]
[backends.gitserver.LoadBalancer]
method = "drr"
[backends.gitserver.servers.server1]
url = "https://192.168.1.60"
weight = 1
[frontends]
[frontends.nas]
backend = "nas"
passHostHeader = true
[frontends.nas.routes.test]
rule = "Host: nas.site.com"
[frontends.teapot]
backend = "teapot"
passHostHeader = true
[frontends.teapot.routes.test]
rule = "Host: teapot.site.com"
[frontends.tpt]
backend = "teapot"
passHostHeader = true
[frontends.tpt.routes.test]
rule = "Host: tpt.site.com"
[frontends.gitserver]
backend = "gitserver"
passHostHeader = true
[frontends.gitserver.routes.test]
rule = "Host: gitserver.site.com"
[acme]
email = "[email protected]"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
Here is my compose for traefik :
version: '3'
services:
reverse-proxy:
image: traefik:1.7 # The official Traefik docker image
ports:
- "80:80" # The HTTP port
- "8080:8080" # The Web UI (enabled by --api)
- 443:443
networks:
- web
deploy:
labels:
- "traefik.enable=false"
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
- /mnt/hgfs/docker/traefik/config/traefik.toml:/traefik.toml
- /mnt/hgfs/docker/traefik/config/acme.json:/acme.json:rw
networks:
web:
external: true
and here, a sample of my services compose :
version: '3'
services:
tautulli:
image: tautulli/tautulli:latest
environment:
UID: 1000
GID: 1000
TZ: Europe/Paris
networks:
- web
- default
deploy:
labels:
- "traefik.frontend.rule=Host:tautulli.site.com"
- "traefik.docker.network=web"
- "traefik.enable=true"
- "traefik.port=8181"
- "traefik.protocol=http"
ports:
- "8181:8181"
volumes:
- /mnt/hgfs/docker/tautulli/config:/config
- /mnt/hgfs/docker/tautulli/logs:/logs
networks:
web:
external: true
also, I've some others problems with traefik, like containers created after traefik container, are not linked, even with watch = true
, same with file, but I'll take problems one by one .
Thanks you for your answers .
edit :
after some discussions with traefik support, I understand that :
Ok, So finally I found a solution .
In fact, I use vmware on windows, with a linux Vm, and the rights of acme.json are always 777, so traefik dislike it, and skip let's encrypt support .
But, this has also some side effect, like taking in account only one of the configuration (file, or docker) .
So finnaly, to resolve this :
remove the binding to acme.json
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With