We are trying to use TCP Routers to enable communication to SQL containers on default port 1433. As a user, mssql1.mycluster.com I should be routed to container 1 when using DNS: mssql:mycluster.com and when using
DNS: mssql2.mycluster.com I should be routed to container 2. Do you know how we can achieve this? When we use HOSTSNI match using without TLS it works only if we use wildcard * which routes ALL traffic coming in on 1433 to a singular container regardless of hostname.
How can we get hostname specific routing with similar port mappings to different backend containers?
Hello @Kenneth-Abrams,
Are you using TLS with your mysql containers?
TCP does not have a hostname to route on, so if you do not use TLS, there isn't much more that can be routed on.
Not currently, we are trying to get the routing to work first. Does it need to do end to end TLS from traefik to SQL or is the TLS offloaded by Traefik?
We are also using MS SQL for clarification
Would there be anyone who can help us look at our configuration? @daniel.tomcej We built a new SQL container with TLS connection on it and using hostSNI does not work unless its wildcard.
Hello @Kenneth-Abrams,
I talked with the team, and it is possible that MSSQL may not support running behind web-proxies that route via SNI.
There are open issues on Traefik's github similar to this for MySQL due to MySQL not using a standard TLS handhake.
Unfortunately if MSSQL does not support SNI routing or full TLS, there may not be much that can be done currently.