Docker container with dual ports/paths

4integration · March 20, 2024, 5:42pm

Hi,

I have Traefik (2.10.4) running since a while and mainly to Docker containers with Let's Encrypt.

Now I have a container which listen on two ports and I cannot figure out how to it the proper way.

Port 6749 has a path /admin (and everything below that path) it listen on (admin UI)
Port 8443 handles all other request/paths

So I want Traefik to:

https://auth.myorg.net/admin/* to be routed to port 6749
https://auth.myorg.net/* to be routed to port 8443

docker-compose.yml (not working)

version: '3.9'
services:
  fancy_container:
    image: the_fancy_image
    container_name: fancy_container
    ports:
      - 6749:6749
      - 8443:8443
    labels:
      - traefik.enable=true
      - traefik.http.services.admin_service.loadbalancer.server.port=6749
      - traefik.http.services.admin_service.loadbalancer.server.scheme=https
      - traefik.http.routers.admin_service.rule=Host(`auth.myorg.net`)
      - traefik.http.routers.admin_service.tls=true
      - traefik.http.routers.admin_service.tls.certresolver=le
      - traefik.http.routers.admin_service.service=admin_service
      - traefik.http.routers.admin_service.middlewares=ipwhitelist
      - traefik.http.routers.admin_service.rule=Path(`/admin`)

      - traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/24, 192.168.1.1/24
    networks:
      - web
    restart: always
networks:
  web:
    name: web
    external: true

Do you have any solution on this?

bluepuma77 · March 20, 2024, 8:55pm

This is easy, but are you sure it’s gonna work with your application?

One port seems to be a GUI and those usually don’t like to be be placed under a path, as they mostly respond with absolute links to scripts (/static/script.js) and images, so those won’t be found.

Example: Traefik dashboard

Can some kind of "base path" be configured for the app? If not, you need separate sub-domains.

4integration · March 21, 2024, 5:51pm

@bluepuma77 easy sound good but not for me right now

If I run the application (an OAuth2/OIDC provider) it listen on two ports of interest

Port 6749
- Here it only accept traffic on sub path /admin
Port 8443
- Here it is accepting on "all" other paths like /token/internal/authorize and /token/internal/token

Would be very happy with help on the easy solution with Traefik
(We have this running in the company I work for but using HAProxy, for this case I have Traefik so would use that)

Topic		Replies	Views
Using two container listening on the same url one with https and one without Traefik v2 docker	0	320	September 21, 2020
Traefik using diff paths for diff containers Traefik v2 docker , middleware	5	2046	March 6, 2020
Traefik letsencrypt dnschallenge workaround with haproxy Traefik v2 docker , letsencrypt-acme	4	2237	March 14, 2022
Using Traefik with two NICs and several dns-assignments Traefik v2 docker , file	0	1659	November 3, 2020
Traefik as reverse-proxy in front of 2 docker containers exposing one port each Traefik v2 docker	9	6737	January 5, 2021

Docker container with dual ports/paths

Related Topics