Traefik and Dremio howto config?

Traefik and Dremio how to configure?

Hello, I'm trying to configure Traefik as a reverse proxy to use the Dremio data lake, someone has already done this configuration.

I can access Dremio, but I have access to its API port 31010.

These are my configuration files:

traefik.toml

[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"

[entryPoints.websecure]
address = ":443"

[api]
dashboard = true
debug = true

[certificatesResolvers.lets-encrypt.acme]
email = "admin@example.com"
storage = "acme.json"
[certificatesResolvers.lets-encrypt.acme.tlsChallenge]

[providers.docker]
watch = true
network = "web"

[providers.file]
filename = "traefik_dynamic.toml"

[accessLog]
filePath = "/var/log/traefik/access.log"
[accessLog.filters]
statusCodes = ["200", "300-302"]
retryAttempts = true
minDuration = "10ms"

traefik_dynamic.toml

[http.middlewares.simpleAuth.basicAuth]
users = [
"admin:xxxxxxxxxxxxxxxxxxxxxxxxxxx"
]

[http.routers.api]
rule = "Host(monitor.example.com)"
entrypoints = ["websecure"]
middlewares = ["simpleAuth"]
service = "api@internal"
[http.routers.api.tls]
certResolver = "lets-encrypt"

[accessLog]
filePath = "/var/log/traefik/access.log"

docker-compose.yaml

version: "3"

networks:
web:
external: true
internal:
external: false

services:
prd_easydoc_api:
image: example-image
labels:
- traefik.http.routers.wed.rule=Host(wed2.example.com)
- traefik.http.routers.wed.tls=true
- traefik.http.routers.wed.tls.certresolver=lets-encrypt
- traefik.port=80
networks:
- internal
- web

dremio:
image: dremio/dremio-oss
container_name: dremio
expose:
- 31010
labels:
- traefik.http.routers.dremio.rule=Host(dremio.example)
- traefik.http.routers.dremio.tls=true
- traefik.http.routers.dremio.tls.certresolver=lets-encrypt
- traefik.tcp.services.dremio.loadbalancer.server.port=31010
volumes:
- dremio:/opt/dremio/data
networks:
- internal
- web

volumes:
dremio:

image984×40 2.44 KB

Can you make your config easier to read, with indenting? Use 3 backticks before and after.

Do you only need a plain TCP connection for your service, no additional http? And you want to run that plain TCP with TLS in parallel to other http services over external port 443?

Update: looking at dremio-oss Docker page there is more than just a single port. You need to know which protocols they use.

docker run -p 9047:9047 -p 31010:31010 -p 45678:45678 dremio/dremio-oss

hi @bluepuma77

Hello, I need to access the Dremio administration portal through port 9074/443, which is already working.

And I have Apache superset running to create dashboards and I need to connect to the dremio api on port 31010 using an ODBC connection string

i try to telnet to my server address on port 31010 and the connection is refused

Should port 31010 use TLS and should Traefik terminate the encryption?

Not required for this connection as superset and dremio are in the same VPC

But you want it to go through Traefik, right?

yes I have a docker-compose setup that works but it's too complex with Nginx and consul and Haproxy as a load balance, I want to use traefik for the simplicity of these cases

Not sure if this works (http and TCP on the same entrypoint), but you could try

labels:
- traefik.tcp.routers.dremio.entrypoints=websecure
- traefik.tcp.routers.dremio.rule=HostSNI(`dremio.example`)
- traefik.tcp.routers.dremio.tls=true
- traefik.tcp.routers.dremio.tls.certresolver=lets-encrypt
- traefik.tcp.services.dremio.loadbalancer.server.port=31010

If it does not work, I would setup a new entrypoint with port 31010, give it a name, assign it and don't forget to open the port with Docker.

it did not work, with this confguration not even the administration portal accesses

image775×210 6.17 KB

I went back to the initial config and telnet works on the container's ip