How to use Drone behind Traefik? Error: received bogus greeting from client
How to use Drone behind Traefik? Error: received bogus greeting from client
我正在尝试使用无人机、traefik 和其他服务设置独立 docker 安装,配置如下:
version: '2'
volumes:
drone-data:
gogs-db-data:
gogs-data:
gogs-conf:
services:
#Database for Gogs - PostGres
gogsdb:
image: postgres:9.6
restart: always
labels:
- com.ansible.role=postgres
env_file:
- .env/gogsdb.env
volumes:
- gogs-db-data:/var/lib/postgresql/data
# Go Git Service. Version Control
gogs:
image: gcavalcante8808/docker-gogs
restart: always
labels:
- com.ansible.role=drone-server
- "traefik.frontend.rule=Host:gogs.cluster.local;PathPrefix:/"
- "traefik.port=3000"
- "traefik.docker.network=management-default"
- "traefik.enabled=true"
env_file:
- .env/gogs.env
volumes:
- gogs-data:/home/git/gogs-repositories
- gogs-conf:/home/git/gogs/custom
ports:
- "2222:2222"
depends_on:
- gogsdb
# Drone Server - CI/CD Support.
drone-server:
image: drone/drone:latest
ports:
- 8000:8000
env_file:
- .env/drone-server.env
volumes:
- drone-data:/var/lib/drone/
labels:
- com.ansible.role=drone-server
- "traefik.frontend.rule=Host:drone.cluster.local;PathPrefix:/"
- "traefik.port=9000"
- "traefik.docker.network=management-default"
- "traefik.enabled=true"
extra_hosts:
- "drone.cluster.local:127.0.0.1"
restart: always
# Drone Agent - Latest
drone-agent:
image: drone/agent:latest
command: agent
restart: always
env_file:
- .env/drone-server.env
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# Traefik - Reverse Proxy
traefik:
image: traefik:1.5
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 80:80
- 443:443
- 8080:8080
command: --logLevel=DEBUG \
--docker \
--docker.domain=cluster.local
--docker.watch
--web
在我的例子中,我的无人机服务器配置为使用映射到 docker-compose.yml 文件的地址 http://drone.cluster.local and I can access it through the port 8000 (http://drone.cluster.local:8080)。
但是如果我尝试访问地址 http://drone.cluster.local(通过 Traefik),我只会收到 "Internal Server Error" 并且无人机在其日志中显示以下消息:
INFO: 2018/01/09 02:58:31 transport: http2Server.HandleStreams received bogus greeting from client: "GET / HTTP/1.1\r\nHost: dr"
一些其他信息
Drone ENV 文件具有以下定义:
DRONE_OPEN=true
DRONE_HOST=http://drone.cluster.local
DRONE_GOGS=true
DRONE_GOGS_URL=http://gogs:3000/
DRONE_SECRET=test-secret
DRONE_SERVER=drone-server:9000
DRONE_ADMIN=gogs-admin
我可以使用我的主机文件到达 "cluster.local" 地址,如下所示:
127.0.0.1 semaphore.cluster.local drone.cluster.local gogs.cluster.local
目前,我没有任何 TLS 配置。
问题
考虑到所有提供的信息,我该如何解决这个 Traefik->Drone 问题?或者至少,绕过 "received bogus greeting from client" 问题。
提前致谢。
You have to enable https with traefik.
基本 traefik https 配置(注意邮箱):
logLevel = "INFO"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "traefik@your.domain"
storage = "/etc/traefik/acme/acme.json"
onHostRule = true
entryPoint = "https"
[acme.httpChallenge]
entryPoint = "http"
基础无人机合成文件(这个配置你要懂,不要照搬,没用的):
version: '3.6'
services:
traefik:
image: traefik:v1.6-alpine
command: --api --docker
labels:
- "traefik.backend=traefik"
- "traefik.frontend.rule=Host:traefik.your.domain"
- "traefik.frontend.auth.basic=admin:$$apr1$$Tqxx8LG$[=11=]RS0xxxq7cEb0"
- "traefik.enable=true"
- "traefik.docker.network=gateway_traefik"
- "traefik.port=8080"
ports:
- "80:80"
- "443:443"
networks:
- traefik
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
read_only: false
- type: bind
source: /mnt/data/traefik/traefik.toml
target: /traefik.toml
read_only: false
- type: bind
source: /mnt/data/traefik/acme
target: /etc/traefik/acme
read_only: false
deploy:
replicas: 1
networks:
traefik:
name: gateway_traefik
external: true
我正在尝试使用无人机、traefik 和其他服务设置独立 docker 安装,配置如下:
version: '2'
volumes:
drone-data:
gogs-db-data:
gogs-data:
gogs-conf:
services:
#Database for Gogs - PostGres
gogsdb:
image: postgres:9.6
restart: always
labels:
- com.ansible.role=postgres
env_file:
- .env/gogsdb.env
volumes:
- gogs-db-data:/var/lib/postgresql/data
# Go Git Service. Version Control
gogs:
image: gcavalcante8808/docker-gogs
restart: always
labels:
- com.ansible.role=drone-server
- "traefik.frontend.rule=Host:gogs.cluster.local;PathPrefix:/"
- "traefik.port=3000"
- "traefik.docker.network=management-default"
- "traefik.enabled=true"
env_file:
- .env/gogs.env
volumes:
- gogs-data:/home/git/gogs-repositories
- gogs-conf:/home/git/gogs/custom
ports:
- "2222:2222"
depends_on:
- gogsdb
# Drone Server - CI/CD Support.
drone-server:
image: drone/drone:latest
ports:
- 8000:8000
env_file:
- .env/drone-server.env
volumes:
- drone-data:/var/lib/drone/
labels:
- com.ansible.role=drone-server
- "traefik.frontend.rule=Host:drone.cluster.local;PathPrefix:/"
- "traefik.port=9000"
- "traefik.docker.network=management-default"
- "traefik.enabled=true"
extra_hosts:
- "drone.cluster.local:127.0.0.1"
restart: always
# Drone Agent - Latest
drone-agent:
image: drone/agent:latest
command: agent
restart: always
env_file:
- .env/drone-server.env
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# Traefik - Reverse Proxy
traefik:
image: traefik:1.5
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 80:80
- 443:443
- 8080:8080
command: --logLevel=DEBUG \
--docker \
--docker.domain=cluster.local
--docker.watch
--web
在我的例子中,我的无人机服务器配置为使用映射到 docker-compose.yml 文件的地址 http://drone.cluster.local and I can access it through the port 8000 (http://drone.cluster.local:8080)。
但是如果我尝试访问地址 http://drone.cluster.local(通过 Traefik),我只会收到 "Internal Server Error" 并且无人机在其日志中显示以下消息:
INFO: 2018/01/09 02:58:31 transport: http2Server.HandleStreams received bogus greeting from client: "GET / HTTP/1.1\r\nHost: dr"
一些其他信息
Drone ENV 文件具有以下定义:
DRONE_OPEN=true
DRONE_HOST=http://drone.cluster.local
DRONE_GOGS=true
DRONE_GOGS_URL=http://gogs:3000/
DRONE_SECRET=test-secret
DRONE_SERVER=drone-server:9000
DRONE_ADMIN=gogs-admin
我可以使用我的主机文件到达 "cluster.local" 地址,如下所示:
127.0.0.1 semaphore.cluster.local drone.cluster.local gogs.cluster.local
目前,我没有任何 TLS 配置。
问题
考虑到所有提供的信息,我该如何解决这个 Traefik->Drone 问题?或者至少,绕过 "received bogus greeting from client" 问题。
提前致谢。
You have to enable https with traefik.
基本 traefik https 配置(注意邮箱):
logLevel = "INFO"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "traefik@your.domain"
storage = "/etc/traefik/acme/acme.json"
onHostRule = true
entryPoint = "https"
[acme.httpChallenge]
entryPoint = "http"
基础无人机合成文件(这个配置你要懂,不要照搬,没用的):
version: '3.6'
services:
traefik:
image: traefik:v1.6-alpine
command: --api --docker
labels:
- "traefik.backend=traefik"
- "traefik.frontend.rule=Host:traefik.your.domain"
- "traefik.frontend.auth.basic=admin:$$apr1$$Tqxx8LG$[=11=]RS0xxxq7cEb0"
- "traefik.enable=true"
- "traefik.docker.network=gateway_traefik"
- "traefik.port=8080"
ports:
- "80:80"
- "443:443"
networks:
- traefik
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
read_only: false
- type: bind
source: /mnt/data/traefik/traefik.toml
target: /traefik.toml
read_only: false
- type: bind
source: /mnt/data/traefik/acme
target: /etc/traefik/acme
read_only: false
deploy:
replicas: 1
networks:
traefik:
name: gateway_traefik
external: true