Swarm docker provider connection issue

Traefik Traefik v2 (latest)
, ,
1

Hello everyone, I'm literally try to run into Traefik usage via QuickStart and the rest of documentation but I fail in the very beginning - trying to connect to Swarm provider.

Traefik and Swarm do see each other, they write to corresponding logs:
traefik:

level=error msg="Failed to retrieve information of the docker client and server host: error during connect: Get \"http://10.0.3.219:2377/v1.24/version\": EOF" providerName=docker

Swarm:

level=warning msg="grpc: Server.Serve failed to complete security handshake from \"10.0.3.1:50728\": tls: first record does not look like a TLS handshake" module=grpc

These IPs are correct, and obviously processes are reaching each other.
I can't logically understand (or Google through docs and forums) why Traefic sends HTTP requests instead of TCP, as configured, and why Swarm expects TLS handshake on the very basic configuration ...
Please help me to find missing configuration settings on both sides of this connection.

My setup is as follows (all instances are Ubuntu 18.04.1 LTS):

  1. Swarm server - I simply ran 'docker swarm init' on it and that's all. Server listens to 2377 port by default.
  2. Traefic server:
    traefic.toml:
[global]
  checkNewVersion = true
  sendAnonymousUsage = true
[entryPoints]
  [entryPoints.web]
    address = ":81"
  [entryPoints.websecure]
    address = ":8443"
[log]
  filePath = "/var/log/traefik.log"
[api]
  insecure = true
[providers.docker]
 endpoint = "tcp://10.0.3.219:2377"
 swarmmode = true
2

Check your provider docker configuration.The endpoint with port 2377 is wrong and traefik is no able to communicate with docker daemon.

  • TCP port 2377 . This port is used for communication between the nodes of a Docker Swarm or cluster.

It should be:

  • noTLS connection --> tcp://x.x.x.x:2375
  • TLS connection. --> tcp://x.x.x.x:2376
3

Thanks Diego!
It seems I need additional configuration to Swarm then - currently no process is listening to ports 2375 and 2376. I suspected that, as most of examples in web suggest 2375 (not 2377) port for traefik setup.
Can you please advise on keywords to look for in Swarm documentation?

I've decided to rethink the architecture meanwhile and launched traefik on the same manager node, using Docker socket locally for communication. However, I'm still curious what's missing in this very basic setup.

4

You could show here your docker-compose, static, dynamic files. Its much easier for troubleshooting

  • Docker swarm --> official documentation
  • Traefik docker provider --> static / dynamic configuration
5

@bodomic

There are a bunch of resource under: Docker - Traefik

6

Thanks for pointing, this is actually the documentation that instructs to put port 2377 in traefik provider setup:

Enabling the docker provider (Swarm Mode)


File (TOML)

[providers.docker]
  # swarm classic (1.12-)
  # endpoint = "tcp://127.0.0.1:2375"
  # docker swarm mode (1.12+)
  endpoint = "tcp://127.0.0.1:2377"
  swarmMode = true

I've used it literally and it does not work - literally, with errors listed in head topic.
I start to think that running Traefic inside of Swarm is crucial for this connection to work, and that's why my attempt to connect to Docker daemon on the same 2377 port (from a separate docker compose on different machine) fails. However, I can't see much practical sense in using tcp port if you have access to the main docker socket...

I'll stick to simply running traefik on the same machine with swarm manager and direct connection to swarm.
Thanks for your reply anyways, I appreciate.

7

I've provided all configs I used - zero config for Swarm (just 'swarm init' command) and traefik toml file to run it from command line. Nothing else.

I think we can consider this topic as completed, as I must have been mistaking the networking part of this interaction wholly and I'm gonna stick to socket usage for now.

Thank you for your replies.

8

Looks like this might be an error in the docs then. Definitely does not work on the swarm communication port.

Running it outside of the swarm would also be of little value as traefik has to have a common network with the container it has to route/proxy for. It is not a good example. :confused: