带有码头后端的Traefik导致了糟糕的网关
带有码头后端的Traefik导致了糟糕的网关
提问于 2017-09-21 13:43:14
我设置了一个debian服务器,在这里我安装了docker和docker-组合。
我在sudo用户的家中创建了一个具有以下层次结构的文件夹:
~/docker-project
- docker-compose.yml
- /traefik/traefik.toml我做了一个docker-compose up -d,一切都启动了,我可以和其他子域一样到达具有工作ssl证书的traefik.mydomain.com。但是,如果我进入我的任何子域去访问我的被篡改的web服务,我会在我的浏览器中得到一个坏网关消息。如果我访问我的服务器IP地址并设置正确的端口,我就会看到我的webservice完美地工作。
所以我想我在配置码头/贸易关系时犯了错误,但是我找不到地点。
这是我的traefik.toml
defaultEntryPoints = ["http", "https"]
################################################################
# Web configuration backend
################################################################
[web]
address = ":8080"
[web.auth.basic]
# User: user | Password: password
users = ["user:hashedpassword"]
################################################################
# Entry-points configuration
################################################################
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
################################################################
# Docker configuration backend
################################################################
[docker]
domain = "mydomain.com"
watch = true
exposedbydefault = false
################################################################
# Let's encrypt
################################################################
[acme]
email = "my-email@mail.com"
storageFile = "/etc/traefik/acme.json"
onDemand = false
onHostRule = true
entryPoint = "https"这是我的docker-compose.yml
version: '2'
services:
traefik:
restart: always
image: traefik
container_name: traefik
ports:
- '80:80'
- '443:443'
- '8080:8080'
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=8080'
- 'traefik.frontend.rule=Host:traefik.mydomain.com'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik:/etc/traefik
plex:
image: linuxserver/plex
container_name: plex
environment:
- VERSION=latest
- PUID=1000
- PGID=1000
- TZ=TZ
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=9001'
- 'traefik.frontend.rule=Host:plex.mydomain.com'
ports:
- '9001:32400'
volumes:
- 'plex:/config'
- 'plex_transcode:/transcode'
- '/home/downloader/Downloads:/data/'
plexpy:
image: linuxserver/plexpy
container_name: plexpy
environment:
- PUID=1000
- PGID=1000
- TZ=TZ
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=9002'
- 'traefik.frontend.rule=Host:plexpy.mydomain.com'
ports:
- '9002:8181'
volumes:
- 'plexpy:/config'
transmission:
image: linuxserver/transmission
container_name: transmission
environment:
- PGID=1000
- PUID=1000
- TZ=TZ
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=9003'
- 'traefik.frontend.rule=Host:bt.mydomain.com'
ports:
- '9003:9091'
- '51413:51413'
- '51413:51413/udp'
volumes:
- 'transmission:/config'
- '/home/downloader/Downloads:/downloads'
- '/home/downloader/Downloads:/watch'
volumes:
plex:
driver: local
plex_transcode:
driver: local
plexpy:
driver: local
transmission:
driver: local谢谢你的帮助。
回答 2
Stack Overflow用户
回答已采纳
发布于 2017-09-21 14:32:30
因此,我设法得到了一个答案,多亏了非常好的traefik松弛频道!
所以我的集装箱都在同一个码头网络里,包括我的traefik集装箱。
问题是,我映射了所有的容器端口,以便从主机访问。
相反,我应该只将traefik端口映射到主机,只需公开-- web服务容器的端口,以便traefik能够在它们都在的码头网络中监听它们。
更改:-添加公开- Change traefik.port
我只需要在我的docker-Compose.yml中做这个更改:
version: '2'
services:
traefik:
restart: always
image: traefik
container_name: traefik
ports:
- '80:80'
- '443:443'
- '8080:8080'
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=8080'
- 'traefik.frontend.rule=Host:traefik.mydomain.com'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik:/etc/traefik
plex:
image: linuxserver/plex
container_name: plex
environment:
- VERSION=latest
- PUID=1000
- PGID=1000
- TZ=TZ
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=32400'
- 'traefik.frontend.rule=Host:plex.mydomain.com'
#ports:
# - '9001:32400'
expose:
- 32400
volumes:
- 'plex:/config'
- 'plex_transcode:/transcode'
- '/home/downloader/Downloads:/data/'
plexpy:
image: linuxserver/plexpy
container_name: plexpy
environment:
- PUID=1000
- PGID=1000
- TZ=TZ
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=8181'
- 'traefik.frontend.rule=Host:plexpy.mydomain.com'
#ports:
# - '9002:8181'
expose:
- 8181
volumes:
- 'plexpy:/config'
transmission:
image: linuxserver/transmission
container_name: transmission
environment:
- PGID=1000
- PUID=1000
- TZ=TZ
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=dockerplatform_default'
- 'traefik.port=9091'
- 'traefik.frontend.rule=Host:bt.mydomain.com'
#ports:
# - '9003:9091'
# - '51413:51413'
# - '51413:51413/udp'
expose:
- 9091
- 51413
volumes:
- 'transmission:/config'
- '/home/downloader/Downloads:/downloads'
- '/home/downloader/Downloads:/watch'
volumes:
plex:
driver: local
plex_transcode:
driver: local
plexpy:
driver: local
transmission:
driver: localStack Overflow用户
发布于 2020-12-22 09:04:08
由于Traefik v2现在已经发布,这个问题值得更新:
- 不再需要
expose端口防御了。 - 该容器的
port映射定义也不是。 - 唯一必要的是,容器中有东西在监听。
注意:如果您为例如一个Nginx容器定义,那么添加标签- 'traefik.port=9091',但也添加一个监听端口9091的服务器conf。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/46345585
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号