Hi, what's wrong in this configuration.
My goal is to connect to TCP port of RabbitMQ with TLS using Let's Encrypt.
http:
routers:
toTest:
rule: "Host(`my.example.com`)" # this works
service: rabbitmqweb
tls:
certResolver: letsencrypt
services:
rabbitmqweb:
loadBalancer:
servers:
- url: "http://rabbitmq:15672"
tcp:
routers:
to-rabbitmq:
entryPoints:
- "rabbitmq"
rule: "HostSNI(`my1.example.com`)" #this doesn't work
service: rabbitmq
tls:
certResolver: letsencrypt
services:
rabbitmq:
loadBalancer:
servers:
- address: "rabbitmq:5672"
Why do you think it is wrong? Did you receive an error message? Care to tell us?
Share your full Traefik static and dynamic config, and docker-compose.yml if used.
This is an exception from test client:
RabbitMQ.Client.Exceptions.BrokerUnreachableException: 'None of the specified endpoints were reachable'
This is the code (c#):
using System.Security.Authentication;
using System.Text;
using RabbitMQ.Client;
var factory = new ConnectionFactory { HostName = "my1.example.com", UserName="guest",Password= "guest", VirtualHost = "/",
Port = 5672, Ssl = new SslOption { Enabled = true }
};
using var connection = factory.CreateConnection();
This is docker compose of traefik:
version: '3'
services:
reverse-proxy:
# The official v2 Traefik docker image
image: traefik:v2.10.4
container_name: traefik
# restart: always
# Enables the web UI and tells Traefik to listen to docker
#network_mode: "host" #nefunguje
ports:
# The HTTP port
- "80:80"
# The Web UI (enabled by --api.insecure=true)
- "8080:8080"
- "443:443"
- "5432:5432"
- "5672:5672"
- "1883:1883"
volumes:
# So that Traefik can listen to the Docker events
- ./:/etc/traefik
- ./data/traefik.yml:/traefik.yml:ro
Traefik config:
api:
dashboard: true
#insecure: true
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
websecure:
address: ":443"
http:
tls:
certResolver: letsencrypt
postgres:
address: ":5432"
rabbitmq:
address: ":5672"
mqtt:
address: ":1883"
# pilot:
# dashboard: true
#tracing: {}
log:
level: DEBUG
providers:
http:
endpoint: "http://traefikkonfigurace/traefik.conf"
certificatesResolvers:
letsencrypt:
acme:
email: ********
storage: acme.json
keyType: EC384
httpChallenge:
entryPoint: web
RabbitMQ docker compose
version: "3.2"
services:
rabbitmq:
image: rabbitmq:3-management-alpine
container_name: 'rabbitmq'
#ports:
# - 5672:5672
# - 15672:15672
volumes:
- ~/.docker-conf/rabbitmq/data/:/var/lib/rabbitmq/
- ~/.docker-conf/rabbitmq/log/:/var/log/rabbitmq
networks:
- traefik_default
networks:
traefik_default:
external: true
Traefik is not in the same Docker network as RabbitMQ, so Traefik can not forward requests to RabbitMQ.
How is that possible?
If i run
docker inspect rabbitmq -f "{{json .NetworkSettings.Networks }}"
docker inspect traefik -f "{{json .NetworkSettings.Networks }}"
then both containers traefik and rabbitmq return result beginning with same network:
{"traefik_default":{"IPAMConfig":null,"Links":null,"Aliases":["rabbitmq", ...
{"traefik_default":{"IPAMConfig":null,"Links":null,"Aliases":["traefik","revers ...
I don’t understand your point. Why is the result cut short?
According to your configs, RabbitMQ is connected to traefik_default, Traefik is not.
It is not true.
Traefik is connected to traefik_default.
docker exec -it traefik sh
/ # ping rabbitmq
PING rabbitmq (172.19.0.5): 56 data bytes
64 bytes from 172.19.0.5: seq=0 ttl=64 time=0.170 ms
64 bytes from 172.19.0.5: seq=1 ttl=64 time=0.135 ms
^C
--- rabbitmq ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.135/0.152/0.170 ms
According to compose files you posted, only RabbitMQ has
What is http://traefikkonfigurace/traefik.conf?
traefik_default was created when i first started docker compose from folder named traefik.
I use it always this way and it just works and traefik use this network by default.
http://traefikkonfigurace/traefik.conf is just local web site providing dynamic configuration mentioned in my first comment here.
https://my.example.com works well so i suppose it is correct