无法调用托管在 traefik 反向代理后面的 grpc 服务器
Unable to call grpc server hosted behind traefik reverse proxy
我面临一个奇怪的问题,我无法在容器中调用 traefik 代理 运行 后面托管的 gRPC 服务器 http/2 和来自 asp.net 5 应用程序的自定义子域托管在另一个容器中,另一个容器映射到它。
我收到以下错误:
Status(StatusCode="Unavailable", Detail="Error starting gRPC call. HttpRequestException: Connection timed out (subdomain:443) SocketException: Connection timed out", DebugException="System.Net.Http.HttpRequestException: Connection timed out (subdomain:443)
当我尝试从开发 docker-compose 调用相同的托管 gRPC 服务器时,它工作正常。
我尝试了不同的 Uri 地址组合(方案、主机和端口),这两种方法都是 Microsoft 在其网站上提供的调用 gRPC 服务器(控制台和 DI)的方法,我什至尝试将下面的 AppContext 设置为 true 但它看起来像托管应用无法开始通话。
System.AppContext.SetSwitch("System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport");
grpc server的docker-compose为:
version: '3'
networks:
web:
external: true
internal:
external: false
services:
grpcservice:
image: <imagename:tag>
labels:
- traefik.protocol=h2c
- traefik.backend=grpcservice
- traefik.frontend.rule=Host:<subdomain>
- traefik.docker.network=web
- traefik.port=9001
networks:
- internal
- web
environment:
- ASPNETCORE_ENVIRONMENT=Production
- FilePath__FPath=<some file>
- Auth0__Domain=<Domain>
- Auth0__Audience=<Audience>
restart: on-failure
Asp.net 5 App 的 docker-compose 是:
version: '3'
networks:
web:
external: true
internal:
external: false
services:
aspapp:
image: <imagename:tag>
labels:
- traefik.backend=aspapp
- traefik.frontend.rule=Host:<domain>
- traefik.docker.network=web
- traefik.port=9000
networks:
- internal
- web
environment:
- ASPNETCORE_ENVIRONMENT=Production
<Auth0 envoirnment vairables>
restart: on-failure
Traefik.toml 配置为:
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.dashboard]
address = ":8080"
[entryPoints.dashboard.auth]
[entryPoints.dashboard.auth.basic]
users = ["Auth credentials"]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[api]
entrypoint="dashboard"
[acme]
email = "email"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
logLevel = "DEBUG"
[traefikLog]
filePath = "traefik.log"
format = "json"
[docker]
domain = "domain"
watch = true
network = "web"
我只是无法理解为什么当我从托管应用程序和本地开发容器访问同一个 gRPC 服务器时会出现行为差异,我该如何解决?
这只是一个愚蠢的防火墙问题,阻止了容器 @ 443
我面临一个奇怪的问题,我无法在容器中调用 traefik 代理 运行 后面托管的 gRPC 服务器 http/2 和来自 asp.net 5 应用程序的自定义子域托管在另一个容器中,另一个容器映射到它。 我收到以下错误:
Status(StatusCode="Unavailable", Detail="Error starting gRPC call. HttpRequestException: Connection timed out (subdomain:443) SocketException: Connection timed out", DebugException="System.Net.Http.HttpRequestException: Connection timed out (subdomain:443)
当我尝试从开发 docker-compose 调用相同的托管 gRPC 服务器时,它工作正常。 我尝试了不同的 Uri 地址组合(方案、主机和端口),这两种方法都是 Microsoft 在其网站上提供的调用 gRPC 服务器(控制台和 DI)的方法,我什至尝试将下面的 AppContext 设置为 true 但它看起来像托管应用无法开始通话。
System.AppContext.SetSwitch("System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport");
grpc server的docker-compose为:
version: '3'
networks:
web:
external: true
internal:
external: false
services:
grpcservice:
image: <imagename:tag>
labels:
- traefik.protocol=h2c
- traefik.backend=grpcservice
- traefik.frontend.rule=Host:<subdomain>
- traefik.docker.network=web
- traefik.port=9001
networks:
- internal
- web
environment:
- ASPNETCORE_ENVIRONMENT=Production
- FilePath__FPath=<some file>
- Auth0__Domain=<Domain>
- Auth0__Audience=<Audience>
restart: on-failure
Asp.net 5 App 的 docker-compose 是:
version: '3'
networks:
web:
external: true
internal:
external: false
services:
aspapp:
image: <imagename:tag>
labels:
- traefik.backend=aspapp
- traefik.frontend.rule=Host:<domain>
- traefik.docker.network=web
- traefik.port=9000
networks:
- internal
- web
environment:
- ASPNETCORE_ENVIRONMENT=Production
<Auth0 envoirnment vairables>
restart: on-failure
Traefik.toml 配置为:
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.dashboard]
address = ":8080"
[entryPoints.dashboard.auth]
[entryPoints.dashboard.auth.basic]
users = ["Auth credentials"]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[api]
entrypoint="dashboard"
[acme]
email = "email"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
logLevel = "DEBUG"
[traefikLog]
filePath = "traefik.log"
format = "json"
[docker]
domain = "domain"
watch = true
network = "web"
我只是无法理解为什么当我从托管应用程序和本地开发容器访问同一个 gRPC 服务器时会出现行为差异,我该如何解决?
这只是一个愚蠢的防火墙问题,阻止了容器 @ 443