Our Web service is working on port 80 but not working on 443 port.
Internally we are using docker overlay network.
When I run application I am getting error as - 502 bad gateway an existing connection was forcibly closed by the remote host.
I can use Docker Exec from the Traefik container and can successfully connect to the IIS site through the overlaynetwork on port 443 successfully.
Note- We are using self signed certificate for testing purposes.
job "traefik" {
datacenters = ["dc1"]
type = "system"
update {
healthy_deadline = "30m"
progress_deadline = "40m"
}
group "traefik" {
count = 1
network {
port "http" {
static = 80
}
port "https" {
static = 443
}
port "admin"{
static = 8080
}
}
task "traefik" {
driver = "docker"
service {
provider = "nomad"
port = "http"
tags = [
"traefik.enable=true",
]
check {
name = "alive"
type = "tcp"
port = "http"
interval = "10s"
timeout = "2s"
}
}
config {
image = "traefik:latest"
network_mode = "Overlaynetwork"
image_pull_timeout = "30m"
ports = ["admin", "http", "https"]
args = [
"--accesslog=true",
"--api=true",
"--api.dashboard=true",
"--api.insecure=true", ### For Test only, please do not use that in production
"--metrics=true",
"--metrics.prometheus=true",
"--ping=true",
"--entrypoints.web.address=:80",
"--entrypoints.websecure.address=:443",
"--entrypoints.traefik.address=:8080",
"--providers.nomad=true",
"--providers.nomad.endpoint.address=http://*.*.*.*:*", ### IP to your nomad server
"--serversTransport.insecureSkipVerify=true",
"--log.level=DEBUG"
]
auth {
username = ""
password = ""
}
}
}
}
}
Nomad Web Job -
job "dotnetpocKeyVault" {
type = "service"
update {
healthy_deadline = "60m"
progress_deadline = "70m"
}
datacenters = ["dc1"]
group "webs" {
count = 1
network {
port "https" {
to = 443
}
}
task "dotnet" {
driver = "docker"
service {
provider = "nomad"
port = "https"
tags = [
"traefik.enable=true",
"traefik.http.routers.nomadpoc.rule=Host(`abc.com`)",
"traefik.http.routers.nomadpoc.entrypoints=https",
"traefik.http.routers.nomadpoc.tls =true"
]
check {
type = "tcp"
port = "https"
interval = "10s"
timeout = "2s"
}
}
template {
data = <<EOF
{{plugin "powershell" }}{{file "D:/PowershellScript/SSLCertificate.pfx" }}
EOF
destination = "local\SSLCertificate.pfx"
change_mode="noop"
}
# Configuration is specific to each driver.
config {
network_mode = "Overlaynetwork"
image = "poc:latest"
ports = ["https"]
image_pull_timeout = "30m"
auth {
username = ""
password = ""
}
}
resources {
cpu = 1024 # MHz
memory = 1024 # MB
}
}
}
}