I'm trying to set up a reverse proxy to trino in docker compose:
networks:
proxy:
name: proxy
services:
traefik:
image: traefik:v3.0
ports:
- 1443:1443
# - 8181:8181 # dashboard port
networks:
- proxy
platform: linux/amd64
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command:
# - --api.dashboard=true
# - --api.dashboard.port=8181
# - --api.insecure=true
- --log.level=DEBUG
- --accesslog=true
- --providers.docker=true
- --providers.docker.exposedByDefault=false
- --providers.docker.network=proxy
- --entrypoints.websecure.address=:1443
- --entrypoints.websecure.asDefault=true
trino:
container_name: trino
image: vastdataorg/trino-vast:429
ports:
- 18080:8080
networks:
- proxy
platform: linux/amd64
volumes:
- ./vast.properties:/etc/trino/catalog/vast.properties:ro
labels:
- traefik.enable=true
- traefik.http.routers.mytrino.rule=Host(`trino.localhost`)
- traefik.http.routers.mytrino.entrypoints=websecure
- traefik.http.routers.mytrino.middlewares=trino-headers
- traefik.http.services.mytrino.loadbalancer.server.port=8080
# Define middleware for headers inline
- traefik.http.middlewares.trino-headers.headers.customrequestheaders.X-Forwarded-Host=trino.localhost
- traefik.http.middlewares.trino-headers.headers.customrequestheaders.X-Forwarded-For=${remoteAddr}
- traefik.http.middlewares.trino-headers.headers.customrequestheaders.X-Forwarded-Proto=https
However, I can't get past:
> curl -k https://trino.localhost:1443
404 page not found
In the traefik logs, I see:
traefik-1 | 172.22.0.1 - - [20/Oct/2024:18:16:40 +0000] "GET / HTTP/2.0" 404 19 "-" "-" 7 "-" "-" 0ms
From what I understand, trino doesn't need special configuration to sit behind a reverse proxy.
Any ideas how to debug?
UPDATE: curl with -v
> curl -v -k https://trino.localhost:1443
* Host trino.localhost:1443 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
* Trying [::1]:1443...
* connect to ::1 port 1443 from ::1 port 55961 failed: Connection refused
* Trying 127.0.0.1:1443...
* Connected to trino.localhost (127.0.0.1) port 1443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
* subject: CN=TRAEFIK DEFAULT CERT
* start date: Oct 20 21:11:37 2024 GMT
* expire date: Oct 20 21:11:37 2025 GMT
* issuer: CN=TRAEFIK DEFAULT CERT
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://trino.localhost:1443/
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: trino.localhost:1443]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.7.1]
* [HTTP/2] [1] [accept: */*]
> GET / HTTP/2
> Host: trino.localhost:1443
> User-Agent: curl/8.7.1
> Accept: */*
>
* Request completely sent off
< HTTP/2 404
< content-type: text/plain; charset=utf-8
< x-content-type-options: nosniff
< content-length: 19
< date: Sun, 20 Oct 2024 21:14:46 GMT
<
404 page not found
* Connection #0 to host trino.localhost left intact