Traefik (v2) with docker: localhost vs. other /etc/hosts entry

Traefik Traefik v2 (latest)
1

Dear community,

I am struggling to understand why the following docker-compose works with

- "traefik.http.routers.a.rule=Host(`a.localhost`)"
- "traefik.http.routers.b.rule=Host(`b.localhost`)"

but not with

- "traefik.http.routers.a.rule=Host(`a.banana.com`)"
- "traefik.http.routers.b.rule=Host(`b.banana.com`)"

even though i have both defined in my /etc/hosts file:

127.0.0.1	localhost
127.0.0.1	banana.com

(Note that banana.com:8080 does bring up the traefik dashboard.)

Here's my docker-compose file:

version: '3'

services:
  
  reverse-proxy:
    # The official v2 Traefik docker image
    container_name: "traefik"
    image: traefik:v2.4
    # Enables the web UI and tells Traefik to listen to docker
    command: 
      # logfile, bind mounted onto host. see volumes.
      - --accesslog=true
      - --accesslog.filepath=/accesslog.json
      - --accesslog.format=json
      #- --accesslog.bufferingsize=5
      # api
      - --api.insecure=true
      - --api.dashboard=true
      - --api.debug=true
      # general logs
      - --log.level=DEBUG
      # set providers 
      - --providers.docker=true                   # docker is a provider
      - --providers.docker.network=web            # only look at containers this network
      - --providers.docker.exposedbydefault=false # each container needs to be explicitly enabled to be seen by traefik (- "traefik.enable=true")
      # set entrypoints
      - --entrypoints.web.address=:80
    
    ports:
      - "80:80"     # The HTTP port
      - "8080:8080" # The Web UI (enabled by --api.insecure=true)
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock #make traefik listen to docker events
      - ./accesslog.json:/accesslog.json  # mount local access-log-file into container
    networks:
      - web

  whoami:
    container_name: "WHOAMI_1"
    image: traefik/whoami # A container that exposes an API to show its IP address
    networks: 
      - web
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.a.rule=Host(`a.banana.com`)"
  
  whoami2:
    container_name: "WHOAMI_2"
    image: traefik/whoami # A container that exposes an API to show its IP address
    networks: 
      - web
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.b.rule=Host(`b.banana.com`)"

# i _think_ this tells docker that the network already exists and shall not be shut down on 'docker-compose down' 
networks:
  web:
    external: true
2

This would need to be:
127.0.0.1 banana.com a.banana.com b.banana.com

3

Thanks a lot for the quick reply, @cakiwi!

This keeps me wondering though: why don't i need to do that for localhost?

A related question:

I'm using pi-hole for local DNS names in my internal network. But since traefik needs to listen on port 80, I need to turn off the pi-hole container when running traefik.

Is there some best practice for this situation? Maybe to listen for DNS queries on port 81 and remap it to port 80 via middleware?

4

You're welcome,

Pihole is using 80 for the dashboard. I run mine on 8080.
dns is always port 53 tcp/udp

You could setup routers for the pihole. You'd need a http router for the dashboard and a tcp and a udp router for port 53.

1 Like
5

This is very helpful, thanks a lot @cakiwi :grinning:

6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.