使用 https 时 Traefik 错误网关
Traefik bad gateways when using https
我正在尝试在 Docker 中使用 Traefik 实现 SSL,但我收到了几乎所有内部容器的错误“502 Bad Gateway”(Traefik 和 Prometheus 除外)
即使是全新安装,我也遇到了同样的问题,并且我没有这些容器的错误日志(表明它们应该 运行 没问题,并且在不使用 Traefik 的情况下,它们看起来确实不错)。我实施这些的方式有问题吗?或者也许我对 traefik 有很大的误解?
我检查了端口是否可用,子域是否已添加到云 DNS 以及服务和网络是否已启动 运行。
我还尝试重新启动容器。
所有服务无需通过Traefik即可访问(直接在url中输入端口)
(X_SERVER 变量在 .env 文件中,它解析为如下变量:grafana.mywebsite.com)
这是我的 docker-compose.yml:
version: '3'
networks:
private:
web:
external:
name: web
services:
# TRAEFIK
traefik:
image: traefik:maroilles-alpine
ports:
- "80:80"
- "443:443"
- "8200:8200"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config/traefik/acme:/etc/traefik/acme
- ./config/traefik/traefik.toml:/etc/traefik/traefik.toml:ro
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${TRAEFIK_SERVER}"
- "traefik.port=8200"
- "traefik.docker.network=web"
restart: always
# PROMETHEUS
prometheus:
image: prom/prometheus:v2.0.0
container_name: prometheus
volumes:
- ./docker/prometheus/:/etc/prometheus
- prometheus-data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--storage.tsdb.retention=200h'
ports:
- "9090:9090"
depends_on:
- cadvisor
networks:
- web
- private
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${PROMETHEUS_SERVER}"
- "traefik.port=9090"
- "traefik.docker.network=web"
restart: always
# CADVISOR
cadvisor:
image: google/cadvisor
container_name: cadvisor
volumes:
- /:/rootfs:ro
- /var/run:/var/run:rw
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
ports:
- "8463:8080"
networks:
- private
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${CADVISOR_SERVER}"
- "traefik.port=8463"
- "traefik.docker.network=web"
restart: always
# GRAFANA
grafana:
image: grafana/grafana:4.6.2
environment:
- GF_SERVER_ROOT_URL=${GRAFANA_SERVER}
container_name: grafana
volumes:
- grafana-data:/var/lib/grafana
ports:
- "3155:3000"
networks:
- web
- private
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:(GRAFANA_SERVER}"
- "traefik.port=3155"
- "traefik.docker.network=web"
restart: always
volumes:
prometheus-data: {}
grafana-data: {}
这是我的 traefik.toml:
debug = true
logLevel = "DEBUG"
defaultEntryPoints = ["https","http"]
[web]
address = ":8200"
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[retry]
[acme]
email = "my.awesome@email.com"
storageFile = "/etc/traefik/acme/acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "mywebsite.com"
watch = true
exposedByDefault = false
我希望在使用 HTTPS 时通过 Traefik 让我的所有页面可用,但其中一些显示错误 502 Bad Gateway(例如 Grafana)其他按预期工作(Prometheus,Traefik),有些则不是甚至可以访问 (apache)。
如果我不使用 Traefik(因此,直接通过正确的端口访问,例如:http://mywebsite.com:3155)页面显示正确,但它不安全并且不使用 Traefik
找到解决方案,
ports中需要去掉所有端口:
traefik中的端口绑定必须和原来的一致(eg:3155 for grafana)
现在我的大部分容器除了 Phpmyadmin(无法更改此容器的监听端口,它卡住了)都可用
我正在尝试在 Docker 中使用 Traefik 实现 SSL,但我收到了几乎所有内部容器的错误“502 Bad Gateway”(Traefik 和 Prometheus 除外) 即使是全新安装,我也遇到了同样的问题,并且我没有这些容器的错误日志(表明它们应该 运行 没问题,并且在不使用 Traefik 的情况下,它们看起来确实不错)。我实施这些的方式有问题吗?或者也许我对 traefik 有很大的误解?
我检查了端口是否可用,子域是否已添加到云 DNS 以及服务和网络是否已启动 运行。 我还尝试重新启动容器。 所有服务无需通过Traefik即可访问(直接在url中输入端口)
(X_SERVER 变量在 .env 文件中,它解析为如下变量:grafana.mywebsite.com)
这是我的 docker-compose.yml:
version: '3'
networks:
private:
web:
external:
name: web
services:
# TRAEFIK
traefik:
image: traefik:maroilles-alpine
ports:
- "80:80"
- "443:443"
- "8200:8200"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config/traefik/acme:/etc/traefik/acme
- ./config/traefik/traefik.toml:/etc/traefik/traefik.toml:ro
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${TRAEFIK_SERVER}"
- "traefik.port=8200"
- "traefik.docker.network=web"
restart: always
# PROMETHEUS
prometheus:
image: prom/prometheus:v2.0.0
container_name: prometheus
volumes:
- ./docker/prometheus/:/etc/prometheus
- prometheus-data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--storage.tsdb.retention=200h'
ports:
- "9090:9090"
depends_on:
- cadvisor
networks:
- web
- private
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${PROMETHEUS_SERVER}"
- "traefik.port=9090"
- "traefik.docker.network=web"
restart: always
# CADVISOR
cadvisor:
image: google/cadvisor
container_name: cadvisor
volumes:
- /:/rootfs:ro
- /var/run:/var/run:rw
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
ports:
- "8463:8080"
networks:
- private
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${CADVISOR_SERVER}"
- "traefik.port=8463"
- "traefik.docker.network=web"
restart: always
# GRAFANA
grafana:
image: grafana/grafana:4.6.2
environment:
- GF_SERVER_ROOT_URL=${GRAFANA_SERVER}
container_name: grafana
volumes:
- grafana-data:/var/lib/grafana
ports:
- "3155:3000"
networks:
- web
- private
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:(GRAFANA_SERVER}"
- "traefik.port=3155"
- "traefik.docker.network=web"
restart: always
volumes:
prometheus-data: {}
grafana-data: {}
这是我的 traefik.toml:
debug = true
logLevel = "DEBUG"
defaultEntryPoints = ["https","http"]
[web]
address = ":8200"
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[retry]
[acme]
email = "my.awesome@email.com"
storageFile = "/etc/traefik/acme/acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "mywebsite.com"
watch = true
exposedByDefault = false
我希望在使用 HTTPS 时通过 Traefik 让我的所有页面可用,但其中一些显示错误 502 Bad Gateway(例如 Grafana)其他按预期工作(Prometheus,Traefik),有些则不是甚至可以访问 (apache)。 如果我不使用 Traefik(因此,直接通过正确的端口访问,例如:http://mywebsite.com:3155)页面显示正确,但它不安全并且不使用 Traefik
找到解决方案, ports中需要去掉所有端口: traefik中的端口绑定必须和原来的一致(eg:3155 for grafana) 现在我的大部分容器除了 Phpmyadmin(无法更改此容器的监听端口,它卡住了)都可用