I have traefik 2.11 serving as a reverse proxy for a number of docker-compose stacks.
All is working smoothly.
When a user makes a request that takes more than 60s, traefik returns a 502 error.
The backend is a django application and the request completes after some 100 seconds, successfully, then it signals a broken pipe, as the connection was closed upstream.
Now, I know that a request that takes more than 60 secs doesn't really make sense, but it's an admin interface, its just one request and it has to build a complex Excel file, and it's not really worth modifying the architecture and implant a queue system or background tasks in order to fullfill just this one request.
I've tried touching timeouts, but it seems there is nothing that really defaults to 60 seconds in the documentation.
Below, Traefik's configuration
services:
traefik:
image: "traefik:v2.11"
container_name: "traefik"
restart: always
command:
- "--log.level=INFO"
- "--accesslog=true"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.prod-resolver.acme.tlschallenge=true"
- "--certificatesresolvers.prod-resolver.acme.email=xxx@redacted.it"
- "--certificatesresolvers.prod-resolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- gw
volumes:
letsencrypt:
name: traefik_letsencrypt
external: true
networks:
gw:
external: true
The docker stack (the web application)
services:
web:
container_name: ${COMPOSE_PROJECT_NAME}_web
restart: unless-stopped
build:
context: .
dockerfile: ./compose/production/django/Dockerfile
image: openpolis/${COMPOSE_PROJECT_NAME}_production_django
expose:
- "5000"
depends_on:
- postgres
- redis
environment:
- POSTGRES_HOST=${POSTGRES_HOST}
- POSTGRES_PORT=${POSTGRES_PORT}
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
- DJANGO_DEBUG=${DJANGO_DEBUG}
- DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE}
- DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY}
- DJANGO_ADMIN_URL=${DJANGO_ADMIN_URL}
- DJANGO_ALLOWED_HOSTS=${DJANGO_ALLOWED_HOSTS}
- DJANGO_SECURE_SSL_REDIRECT=${DJANGO_SECURE_SSL_REDIRECT}
- DJANGO_DEFAULT_FROM_EMAIL=${DJANGO_DEFAULT_FROM_EMAIL}
- DJANGO_SERVER_EMAIL=${DJANGO_SERVER_EMAIL}
- REDIS_URL=${REDIS_URL}
- SENTRY_DSN=${SENTRY_DSN}
- CI_COMMIT_SHA=${CI_COMMIT_SHA}
command: /start
volumes:
- media:/app/rating_pa/media
- uwsgi_spooler:/var/lib/uwsgi
- weblogs:/var/log
networks:
- default
- gw
labels:
- "traefik.enable=true"
- "traefik.docker.network=gw"
- "traefik.http.middlewares.ratingpa-redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.ratingpa-redirect-to-https.redirectscheme.permanent=true"
- "traefik.http.middlewares.ratingpa-www-redirect.redirectregex.regex=^https?://(?:www.)?(.*)/?(.*)"
- "traefik.http.middlewares.ratingpa-www-redirect.redirectregex.replacement=https://$${1}$${2}"
- "traefik.http.middlewares.ratingpa-www-redirect.redirectregex.permanent=true"
# http://[www.]centrorep.it => https
- "traefik.http.routers.centrorep-it-http.rule=(Host(`centrorep.it`) || Host(`www.centrorep.it`))"
- "traefik.http.routers.centrorep-it-http.entrypoints=web"
- "traefik.http.routers.centrorep-it-http.middlewares=ratingpa-redirect-to-https"
# https://www.centrorep.it => https://centrorep.it
- "traefik.http.routers.www-centrorep-it.rule=Host(`www.centrorep.it`)"
- "traefik.http.routers.www-centrorep-it.tls.certresolver=prod-resolver"
- "traefik.http.routers.www-centrorep-it.middlewares=ratingpa-www-redirect"
# https://centrorep.it
- "traefik.http.routers.centrorep-it.rule=Host(`centrorep.it`)"
- "traefik.http.routers.centrorep-it.entrypoints=websecure"
- "traefik.http.routers.centrorep-it.tls.certresolver=prod-resolver"