Traefik 2.2 note register jenkins

When I deploy jenkins on the docker swarm, jenkins is not registered on traefik 2.2

Traefik 2.2 was installed as follows:

[root@master-node01 ~]# cat traefik.yml
version: '3.3'

services:

traefik:
# Use the latest Traefik image
image: traefik:v2.2
ports:
# Listen on port 80, default for HTTP, necessary to redirect to HTTPS
- 80:80
# Listen on port 443, default for HTTPS
- 443:443
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.role == manager
update_config:
parallelism: 1
delay: 10s
restart_policy:
condition: on-failure
placement:
constraints:
# Make the traefik service run only on the node with this label
# as the node with it has the volume for the certificates
- node.labels.traefik-public.traefik-public-certificates == true
labels:
# Enable Traefik for this service, to make it available in the public network
- traefik.enable=true
# Use the traefik-public network (declared below)
- traefik.docker.network=traefik-public
# Use the custom label "traefik.constraint-label=traefik-public"
# This public Traefik will only use services with this label
# That way you can add other internal Traefik instances per stack if needed
- traefik.constraint-label=traefik-public
# admin-auth middleware with HTTP Basic auth
# Using the environment variables USERNAME and HASHED_PASSWORD
- traefik.http.middlewares.admin-auth.basicauth.users={USERNAME?Variable not set}:{HASHED_PASSWORD?Variable not set}
# https-redirect middleware to redirect HTTP to HTTPS
# It can be re-used by other stacks in other Docker Compose files
- traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
- traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
# traefik-http set up only to use the middleware to redirect to https
# Uses the environment variable DOMAIN
- traefik.http.routers.traefik-public-http.rule=Host(traefik.${DOMAIN?Variable not set})
- traefik.http.routers.traefik-public-http.entrypoints=http
- traefik.http.routers.traefik-public-http.middlewares=https-redirect
# traefik-https the actual router using HTTPS
# Uses the environment variable DOMAIN
- traefik.http.routers.traefik-public-https.rule=Host(traefik.${DOMAIN?Variable not set})
- traefik.http.routers.traefik-public-https.entrypoints=https
- traefik.http.routers.traefik-public-https.tls=true
# Use the special Traefik service api@internal with the web UI/Dashboard
- traefik.http.routers.traefik-public-https.service=api@internal
# Use the "le" (Let's Encrypt) resolver created below
- traefik.http.routers.traefik-public-https.tls.certresolver=le
# Enable HTTP Basic auth, using the middleware created above
- traefik.http.routers.traefik-public-https.middlewares=admin-auth
# Define the port inside of the Docker service to use
- traefik.http.services.traefik-public.loadbalancer.server.port=8080
volumes:
# Add Docker as a mounted volume, so that Traefik can read the labels of other services
- /var/run/docker.sock:/var/run/docker.sock:ro
# Mount the volume to store the certificates
- traefik-public-certificates:/certificates
command:
# Enable Docker in Traefik, so that it reads labels from Docker services
- --providers.docker
# Add a constraint to only use services with the label "traefik.constraint-label=traefik-public"
- --providers.docker.constraints=Label(traefik.constraint-label, traefik-public)
# Do not expose all Docker services, only the ones explicitly exposed
- --providers.docker.exposedbydefault=false
# Enable Docker Swarm mode
- --providers.docker.swarmmode
# Create an entrypoint "http" listening on address 80
- --entrypoints.http.address=:80
# Create an entrypoint "https" listening on address 80
- --entrypoints.https.address=:443
# Create the certificate resolver "le" for Let's Encrypt, uses the environment variable EMAIL
- --certificatesresolvers.le.acme.email=${EMAIL?Variable not set}
# Store the Let's Encrypt certificates in the mounted volume
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
# Use the TLS Challenge for Let's Encrypt
- --certificatesresolvers.le.acme.tlschallenge=true
# Enable the access log, with HTTP requests
- --accesslog
# Enable the Traefik log, for configurations and errors
- --log
# Enable the Dashboard and API
- --api
networks:
# Use the public network created to be shared between Traefik and
# any other service that needs to be publicly available with HTTPS
- traefik-public

volumes:

Create a volume to store the certificates, there is a constraint to make sure

Traefik is always deployed to the same Docker node with the same volume containing

the HTTPS certificates

traefik-public-certificates:

networks:

Use the previously created public network "traefik-public", shared with other

services that need to be publicly available via this Traefik

traefik-public:
external: true

Jenkins I'm using the following form:

export DOMAIN=tce.mt.gov.br

[root@master-node01 ~]# cat jenkins.yml
version: "3.7"

services:
jenkins:
image: jenkins/jenkins
ports:
- 50000:50000
volumes:
# Ensure Jenkins content persist between restarts.
- /opt/jenkins:/var/jenkins_home # << The Folder need "chown - R 1000:1000 /opt/jenkins/" permission
# remove the '#' if you want to run blueocean docker agents (advanced only)
- /var/run/docker.sock:/var/run/docker.sock
networks:
- traefik-public
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.role == manager
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.jenkins-http.rule=Host(jenk.${DOMAIN?Variable not set})
- traefik.http.routers.jenkins-http.entrypoints=http
- traefik.http.routers.jenkins-http.middlewares=https-redirect
- traefik.http.routers.jenkins-https.rule=Host(jenk.${DOMAIN?Variable not set})
- traefik.http.routers.jenkins-https.entrypoints=https
- traefik.http.routers.jenkins-https.tls=true
- traefik.http.routers.jenkins-https.tls.certresolver=le
- traefik.http.services.jenkins.loadbalancer.server.port=8080

networks:
traefik-public:
external: true

Where can the error be, as it starts in the docker service normally without error::

[root@master-node01 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
ybrw4025tggi jenkins_jenkins replicated 1/1 jenkins/jenkins:latest *:50000->50000/tcp
lrtko3wzufu4 swarmpit_agent global 5/5 swarmpit/agent:latest
vqjromv2ub6y swarmpit_app replicated 1/1 swarmpit/swarmpit:latest *:888->8080/tcp
hgzl9qriq2kr swarmpit_db replicated 1/1 couchdb:2.3.0
npv7tbcn40kw swarmpit_influxdb replicated 1/1 influxdb:1.7
o2zhk4s50e79 swarmprom_alertmanager replicated 1/1 stefanprodan/swarmprom-alertmanager:v0.14.0
q2qptommu6ym swarmprom_cadvisor global 5/5 google/cadvisor:latest
gzl99q6osxmo swarmprom_dockerd-exporter global 5/5 stefanprodan/caddy:latest
4bl8zkdjyt59 swarmprom_grafana replicated 1/1 stefanprodan/swarmprom-grafana:5.3.4
t5uomka23nmi swarmprom_node-exporter global 5/5 stefanprodan/swarmprom-node-exporter:v0.16.0
u7nuyr54xutb swarmprom_prometheus replicated 1/1 stefanprodan/swarmprom-prometheus:v2.5.0
dkxq9xbwn6xm swarmprom_unsee replicated 1/1 cloudflare/unsee:v0.8.0
rysip4i2yh3o traefik_traefik replicated 1/1 traefik:v2.2 *:80->80/tcp, *:443->443/tcp

[root@master-node01 ~]# cat jenkins.yml
version: "3.7"

services:
jenkins:
image: jenkins/jenkins
ports:
- 50000:50000
volumes:
# Ensure Jenkins content persist between restarts.
- /opt/data/jenkins:/var/jenkins_home # << The Folder need 1000:1000 permission
- /opt/data/backup_restore:/var/jenkins_home_restore # << The Folder need 1000:1000 permission
# remove the '#' if you want to run blueocean docker agents (advanced only)
- /var/run/docker.sock:/var/run/docker.sock
networks:
- traefik-public
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.role == manager
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.jenkins-web-http.rule=Host(jenk.${DOMAIN?Variable not set})
- traefik.http.routers.jenkins-web-http.entrypoints=http
- traefik.http.routers.jenkins-web-http.middlewares=https-redirect
- traefik.http.routers.jenkins-web-https.rule=Host(jenk.${DOMAIN?Variable not set})
- traefik.http.routers.jenkins-web-https.entrypoints=https
- traefik.http.routers.jenkins-web-https.tls=true
- traefik.http.routers.jenkins-web-https.tls.certresolver=le
- traefik.http.services.jenkins-web.loadbalancer.server.port=8080

networks:
traefik-public:
external: true

Hi efcunha,

In order to better help you, please format the post using the code formatting tools available in Discourse. See: https://discourse.stonehearth.net/t/discourse-guide-code-formatting/30587

Also, please share your logs from Traefik (debug) when trying to access the service through curl, and any relevant configuration for Jenkins so that one of us in the community may replicate the problem you're having.

Warm regards,
_kc