I run several docker containers and currently access them though a plugin in Caddy (https://github.com/lucaslorentz/caddy-docker-proxy). The functionality is similar to the one in Traefik: automatically providing a proxy to the containers.
I am considering to switch to Traefik and wanted, on the same system, test some functionalities. Ports 80 and 443 are served by the caddy proxy so I wanted to organize my test setup like that:
- traefik listening to ports
40080,40443and48080 - the
whoamitest container (https://github.com/containous/whoami) serving the requests
To do that I created docker-compose configurations (example.info is actually the real domain in the configs):
# traefik
services:
traefik:
container_name: traefik
image: traefik
ports:
- 40080:40080
- 48080:8080
- 40443:40443
restart: unless-stopped
volumes:
- /etc/docker/container-data/traefik/traefik.yml:/etc/traefik/traefik.yml
- /var/run/docker.sock:/var/run/docker.sock
version: "3"
# whoami
whoami:
# A container that exposes an API to show its IP address
image: containous/whoami
labels:
- traefik.http.routers.whoami.rule=Host(`whoami.example.info`)
- traefik.enable=true
The Traefik config file:
# cat /etc/docker/container-data/traefik/traefik.yml root@srv
entryPoints:
web:
address: ":40080"
websecure:
address: ":40443"
api:
insecure: true
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
network: traefik_default
log:
level: DEBUG
After starting the containers, I ran
~ # curl -H Host:whoami.example.info http://whoami.example.info:40080
Gateway Timeout
On the Traefik console, the output is
time="2020-01-13T16:26:45Z" level=debug msg="vulcand/oxy/roundrobin/rr: begin ServeHttp on request" Request="{\"Method\":\"GET\",\"URL\":{\"Scheme\":\"\",\"Opaque\":\"\",\"User\":null,\"Host\":\"\",\"Path\":\"/\",\"RawPath\":\"\",\"ForceQuery\":false,\"RawQuery\":\"\",\"Fragment\":\"\"},\"Proto\":\"HTTP/1.1\",\"ProtoMajor\":1,\"ProtoMinor\":1,\"Header\":{\"Accept\":[\"*/*\"],\"User-Agent\":[\"curl/7.58.0\"],\"X-Forwarded-Host\":[\"whoami.example.info\"],\"X-Forwarded-Port\":[\"80\"],\"X-Forwarded-Proto\":[\"http\"],\"X-Forwarded-Server\":[\"b22c64039593\"],\"X-Real-Ip\":[\"192.168.10.2\"]},\"ContentLength\":0,\"TransferEncoding\":null,\"Host\":\"whoami.example.info\",\"Form\":null,\"PostForm\":null,\"MultipartForm\":null,\"Trailer\":null,\"RemoteAddr\":\"192.168.10.2:49718\",\"RequestURI\":\"/\",\"TLS\":null}"
time="2020-01-13T16:26:45Z" level=debug msg="vulcand/oxy/roundrobin/rr: Forwarding this request to URL" ForwardURL="http://172.17.0.2:80" Request="{\"Method\":\"GET\",\"URL\":{\"Scheme\":\"\",\"Opaque\":\"\",\"User\":null,\"Host\":\"\",\"Path\":\"/\",\"RawPath\":\"\",\"ForceQuery\":false,\"RawQuery\":\"\",\"Fragment\":\"\"},\"Proto\":\"HTTP/1.1\",\"ProtoMajor\":1,\"ProtoMinor\":1,\"Header\":{\"Accept\":[\"*/*\"],\"User-Agent\":[\"curl/7.58.0\"],\"X-Forwarded-Host\":[\"whoami.example.info\"],\"X-Forwarded-Port\":[\"80\"],\"X-Forwarded-Proto\":[\"http\"],\"X-Forwarded-Server\":[\"b22c64039593\"],\"X-Real-Ip\":[\"192.168.10.2\"]},\"ContentLength\":0,\"TransferEncoding\":null,\"Host\":\"whoami.example.info\",\"Form\":null,\"PostForm\":null,\"MultipartForm\":null,\"Trailer\":null,\"RemoteAddr\":\"192.168.10.2:49718\",\"RequestURI\":\"/\",\"TLS\":null}"
time="2020-01-13T16:27:15Z" level=debug msg="'504 Gateway Timeout' caused by: dial tcp 172.17.0.2:80: i/o timeout"
time="2020-01-13T16:27:15Z" level=debug msg="vulcand/oxy/roundrobin/rr: completed ServeHttp on request" Request="{\"Method\":\"GET\",\"URL\":{\"Scheme\":\"\",\"Opaque\":\"\",\"User\":null,\"Host\":\"\",\"Path\":\"/\",\"RawPath\":\"\",\"ForceQuery\":false,\"RawQuery\":\"\",\"Fragment\":\"\"},\"Proto\":\"HTTP/1.1\",\"ProtoMajor\":1,\"ProtoMinor\":1,\"Header\":{\"Accept\":[\"*/*\"],\"User-Agent\":[\"curl/7.58.0\"],\"X-Forwarded-Host\":[\"whoami.example.info\"],\"X-Forwarded-Port\":[\"80\"],\"X-Forwarded-Proto\":[\"http\"],\"X-Forwarded-Server\":[\"b22c64039593\"],\"X-Real-Ip\":[\"192.168.10.2\"]},\"ContentLength\":0,\"TransferEncoding\":null,\"Host\":\"whoami.example.info\",\"Form\":null,\"PostForm\":null,\"MultipartForm\":null,\"Trailer\":null,\"RemoteAddr\":\"192.168.10.2:49718\",\"RequestURI\":\"/\",\"TLS\":null}"
My understanding is that the route matched, the request was sent to the backend (whoami) but it failed to answer. I tried the same exercise with another such test container (https://hub.docker.com/r/vad1mo/hello-world-rest/) - with the same timeout.
What could be the reason for that? What needs to be changed in the configuration to get this basic proxy setup working?
EDIT Now that I look closely to the other logs, I see the following message when Traefik is reloading its configuration following the start of the whoami container:
time="2020-01-13T16:43:55Z" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"whoami\":{\"service\":\"whoami-docker-composed\",\"rule\":\"Host(`whoami.example.info`)\"}},\"services\":{\"whoami-docker-composed\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.17.0.2:80\"}],\"passHostHeader\":true}}}},\"tcp\":{}}" providerName=docker
time="2020-01-13T16:43:55Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [web websecure traefik]" routerName=whoami@docker
Should an entryPoint be defined somewhere? What is the reason for that definition?