Hello,
I'm using traefik v2 for a couple of containers. Most of them are working without a problem. All are running with a lets encrypt cert.
I'm running a standard notes instance, what is behaving weird. When I started the container it is working well, after some time 8h-72h, the IP of the container is somehow changed (will call it broken ip) and traefik cant route anymore. The ip change is shown in the traefik ui, i cant find the change in the docker network inspect.
This will result in a bad gateway and the container is not reachable from the outside anymore. I can reach it from the server via the broken ip and the working ip. My current fix is to restart the container, after this it is working for a while...
I dont know how to continue...
Broken:
Working:
root@v22019015010380916:/var/docker# curl http://172.19.0.6:3000/auth/params
{"error":{"message":"Please provide an email address."}}root@v22019015010380916:/var/docker# ^C
root@v22019015010380916:/var/docker# curl http://192.168.128.8:3000/auth/params
{"error":{"message":"Please provide an email address."}}root@v22019015010380916:/var/docker#
Docker-compose:
version: '3.2'
networks:
proxy:
external: true
backend:
external: false
services:
syncing-server-js:
image: standardnotes/syncing-server-js:latest
depends_on:
- db
- cache
entrypoint: [
"./wait-for.sh", "db", "3306",
"./wait-for.sh", "cache", "6379",
"./docker/entrypoint.sh", "start-web"
]
env_file: .env
environment:
PORT: 3000
networks:
- backend
syncing-server-js-worker:
image: standardnotes/syncing-server-js:latest
depends_on:
- db
- cache
- syncing-server-js
entrypoint: [
"./wait-for.sh", "db", "3306",
"./wait-for.sh", "cache", "6379",
"./wait-for.sh", "syncing-server-js", "3000",
"./docker/entrypoint.sh", "start-worker"
]
env_file: .env
environment:
PORT: 3000
networks:
- backend
api-gateway:
image: standardnotes/api-gateway:latest
depends_on:
- auth
- syncing-server-js
env_file: docker/api-gateway.env
ports:
- ${EXPOSED_PORT}:3000
environment:
PORT: 3000
AUTH_JWT_SECRET: '${AUTH_JWT_SECRET}'
entrypoint: [
"./wait-for.sh", "auth", "3000",
"./wait-for.sh", "syncing-server-js", "3000",
"./docker/entrypoint.sh", "start-web"
]
networks:
- backend
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.standardnotesserver-router.rule=Host(`notes.abc.de`)"
- "traefik.http.routers.standardnotesserver-router.entrypoints=websecure"
- "traefik.http.routers.standardnotesserver-router.tls.certresolver=mytlschallenge"
- "traefik.http.services.standardnotesserver-service.loadbalancer.server.port=3000"
auth:
image: standardnotes/auth:latest
depends_on:
- db
- cache
- syncing-server-js
entrypoint: [
"./wait-for.sh", "db", "3306",
"./wait-for.sh", "cache", "6379",
"./wait-for.sh", "syncing-server-js", "3000",
"./docker/entrypoint.sh", "start-web"
]
env_file: docker/auth.env
environment:
PORT: 3000
DB_HOST: '${DB_HOST}'
DB_REPLICA_HOST: '${DB_REPLICA_HOST}'
DB_PORT: '${DB_PORT}'
DB_DATABASE: '${DB_DATABASE}'
DB_USERNAME: '${DB_USERNAME}'
DB_PASSWORD: '${DB_PASSWORD}'
DB_DEBUG_LEVEL: '${DB_DEBUG_LEVEL}'
DB_MIGRATIONS_PATH: '${DB_MIGRATIONS_PATH}'
REDIS_URL: '${REDIS_URL}'
AUTH_JWT_SECRET: '${AUTH_JWT_SECRET}'
networks:
- backend
auth-worker:
image: standardnotes/auth:latest
depends_on:
- db
- cache
- auth
entrypoint: [
"./wait-for.sh", "db", "3306",
"./wait-for.sh", "cache", "6379",
"./wait-for.sh", "auth", "3000",
"./docker/entrypoint.sh", "start-worker"
]
env_file: docker/auth.env
environment:
PORT: 3000
DB_HOST: '${DB_HOST}'
DB_REPLICA_HOST: '${DB_REPLICA_HOST}'
DB_PORT: '${DB_PORT}'
DB_DATABASE: '${DB_DATABASE}'
DB_USERNAME: '${DB_USERNAME}'
DB_PASSWORD: '${DB_PASSWORD}'
DB_DEBUG_LEVEL: '${DB_DEBUG_LEVEL}'
DB_MIGRATIONS_PATH: '${DB_MIGRATIONS_PATH}'
REDIS_URL: '${REDIS_URL}'
AUTH_JWT_SECRET: '${AUTH_JWT_SECRET}'
networks:
- backend
db:
image: mariadb:10.3.12
environment:
MYSQL_DATABASE: '${DB_DATABASE}'
MYSQL_USER: '${DB_USERNAME}'
MYSQL_PASSWORD: '${DB_PASSWORD}'
MYSQL_ROOT_PASSWORD: '${DB_PASSWORD}'
ports:
- 3306
command: --default-authentication-plugin=mysql_native_password --character-set-server=utf8 --collation-server=utf8_general_ci
volumes:
- ./data/mysql:/var/lib/mysql
- ./data/import:/docker-entrypoint-initdb.d
networks:
- backend
cache:
image: redis:6.0-alpine
volumes:
- ./data/redis/:/data
ports:
- 6379
networks:
- backend
standardnotes-extensions:
container_name: standardnotes-extensions
build: . # https://github.com/moookino/snext/blob/master/Dockerfile
# https://stackoverflow.com/questions/50453931/docker-compose-build-context-from-git-repository-with-dockerfile-inside-folder
environment:
- URL=notes-ext.abc.de # https://github.com/iganeshk/standardnotes-extensions/blob/master/env.sample
- USERNAME=davidrot
- TOKEN=d483b1769ceb86e8dc113c406db6bdffa3e7e5b1
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.standardnotesextserver-router.rule=Host(`notes-ext.abc.de`)"
- "traefik.http.routers.standardnotesextserver-router.entrypoints=websecure"
- "traefik.http.routers.standardnotesextserver-router.tls.certresolver=mytlschallenge"
- "traefik.http.services.standardnotesextserver-service.loadbalancer.server.port=8043"
- "traefik.http.routers.standardnotesextserver-router.middlewares=corsheaders"
# CORS
- "traefik.http.middlewares.corsheaders.headers.accesscontrolallowmethods=GET,POST,PATCH,OPTIONS"
- "traefik.http.middlewares.corsheaders.headers.accesscontrolalloworiginlist=*"
- "traefik.http.middlewares.corsheaders.headers.accessControlAllowHeaders=Content-Type"
volumes:
db:
docker inspect network proxy (broken state):
[
{
"Name": "proxy",
"Id": "96d0baf9756e9cfa0043f03c806e0bad6b0fa15eb66f2fe6f77511656526f370",
"Created": "2020-01-15T17:08:22.589670502+01:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.19.0.0/16",
"Gateway": "172.19.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"099c96b0e0f9469984c8a8e7ca6bed41e588c14090739b10dabf326159b91f4c": {
"Name": "traefik",
"EndpointID": "528fd26b618da85c0a81acc4046bc9ca421d954d04be8584e85a261474d79b04",
"MacAddress": "02:42:ac:13:00:02",
"IPv4Address": "172.19.0.2/16",
"IPv6Address": ""
},
"16ed577d0c7b1f175ce94b9d45a90c09ba5c80ae371775a356b3bac912da125d": {
"Name": "standardnotes_api-gateway_1",
"EndpointID": "17360fed46bb5d7e8a9210b69a94e8f9cbc6bd29803bb639f9979046ecf73059",
"MacAddress": "02:42:ac:13:00:06",
"IPv4Address": "172.19.0.6/16",
"IPv6Address": ""
},
"1e5c070fbaebdebf860751bed3df306ee2486e8140158326ba676cb044c98968": {
"Name": "ratgebergeldat_rgg_1",
"EndpointID": "f1fa6bf1366479f8380feac78ef1d40639067dae7f50d2a53af94cbd599780a2",
"MacAddress": "02:42:ac:13:00:07",
"IPv4Address": "172.19.0.7/16",
"IPv6Address": ""
},
"5c4a1901626faa512829a8001cdec02216c4e08d3118348f221f8a79df55669c": {
"Name": "standardnotes-extensions",
"EndpointID": "b42bb877896233053819c9a65715e08c8ae352baadc1e9d127cf8e3125319de6",
"MacAddress": "02:42:ac:13:00:05",
"IPv4Address": "172.19.0.5/16",
"IPv6Address": ""
},
"703e90971e992778198e633eaaeec6d8285cf6c126f8d86e415cc077472fdc02": {
"Name": "nextcloud",
"EndpointID": "23931a9e6abd801d149a9a5785cd95a0840bc33335ef5fa599d89ab3ef7df355",
"MacAddress": "02:42:ac:13:00:08",
"IPv4Address": "172.19.0.8/16",
"IPv6Address": ""
},
"b26f2c22a4c8fcb575b8e1013d309a49bc5c951b0d0c8619038d648b111ef5e3": {
"Name": "website-ftp",
"EndpointID": "c59696e903098ffa507c176259f67d2a408532c137f0d123ab4c295ddb6634f8",
"MacAddress": "02:42:ac:13:00:09",
"IPv4Address": "172.19.0.9/16",
"IPv6Address": ""
},
"b841cb580918a311f13614e5ee47ff23e4e756bf8822c57078908a2d4c09d176": {
"Name": "website-http",
"EndpointID": "edd3b10e469dea039ce2190a923de17821da75d46d976630528a8ed8602a0ca6",
"MacAddress": "02:42:ac:13:00:0a",
"IPv4Address": "172.19.0.10/16",
"IPv6Address": ""
},
"e22839ee05e7b33e424057d4003579da76b6cf7d5cada953cba0feb79c641b1f": {
"Name": "gitlab",
"EndpointID": "af6cedc57158306dd757fa4eb152282acfdebdc9d1582c5f7ed8b5353ff4e68f",
"MacAddress": "02:42:ac:13:00:04",
"IPv4Address": "172.19.0.4/16",
"IPv6Address": ""
},
"e49486aec22d515942cd07f7dedee4c52dbcbd20aac93b0b56846110b3519486": {
"Name": "usertrack-server",
"EndpointID": "e8fbe92ea4ebd55dc2b331c420b38297a3264417835356d36af4528b127b27a6",
"MacAddress": "02:42:ac:13:00:03",
"IPv4Address": "172.19.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]