Old Labels for one of our services:
- traefik.enable=true
- traefik.frontend.rule=Host:st2web.acme.net
- traefik.docker.network=public
- traefik.backend=st2web
- traefik.port=80
- traefik.frontend.entryPoints=https
After migration the labels above were translated to
- traefik.enable=true
- traefik.http.routers.st2web.rule=Host(st2web.acme.net
)
- traefik.http.services.st2web.loadbalancer.server.port=80
- traefik.http.routers.st2web.entryPoints=websecure
I can see the router and service in the UI(see image), but it doesn't seem like the traefik is routing anything to the service.
Share your Traefik static and dynamic config, and docker-compose.yml
if used.
Here you go
[serversTransport]
insecureSkipVerify = true
[entryPoints]
[entryPoints.web]
address = ":80"
[entrypoints.metrics]
address = ":8085"
[entryPoints.websecure]
address = ":443"
[ping]
entryPoint = "https"
manualRouting = true
[log]
level = "DEBUG"
filePath = "/traefik.log"
format = "json"
[accessLog]
filePath = "/access.log"
format = "json"
[api]
dashboard = true
insecure = true
debug = true
[providers]
[providers.file]
filename = "/dynamic_conf.toml"
[providers.docker]
watch = true
network = "public"
exposedByDefault = false
[metrics]
[metrics.prometheus]
entryPoint = "metrics"
buckets = [0.1,0.3,1.2,5.0]
addServicesLabels = true
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/star.acme.net.crt"
keyFile = "/star.acme.net.key"
[[tls.certificates]]
certFile = "/st1web.acme.net.crt"
keyFile = "/st1web.acme.net.key"
version: "3"
networks:
public:
external: true
private:
external: false
services:
traefik:
image: traefik:2.10.1-alpine
labels:
- traefik.enable=true
- traefik.http.routers.traefik.rule=Host(`st1web.acme.net`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
- traefik.docker.network=public
- traefik.http.services.traefik.loadbalancer.server.port=80
- traefik.http.routers.traefik.service=traefik
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.api.rule=Host(`st1web.acme.net`)
- traefik.http.routers.api.service=api@internal
networks:
- public
ports:
- 80:80
- 443:443
- 8080:8080
- 8085:8085
volumes:
- /etc/pki/tls/opscert/star.acme.net.crt:/star.acme.net.crt
- /etc/pki/tls/opskey/star.acme.net.key:/star.acme.net.key
- /etc/pki/tls/opskey/st1web.acme.net.key:/st1web.acme.net.key
- /etc/pki/tls/opscert/st1web.acme.net.crt:/st1web.acme.net.crt
- /data/traefikv2/traefik_static_conf.toml:/traefik.toml
- /data/traefikv2/traefik_dynamic_conf.toml:/dynamic_conf.toml
- /data/traefikv2/access.log:/access.log
- /data/traefikv2/traefik.log:/traefik.log
- /var/run/docker.sock:/var/run/docker.sock
What’s your problem? Can you connect to the port? Do you use https and the domain name? What is the response?
I find it sub-optimal to use <> everywhere, because I can’t for example see if you use the same name within labels.
Did you check Traefik debug and access log?
I find it sub-optimal to use <> everywhere, because I can’t for example see if you use the same name within labels.- Updated the examples above to make sense.
What’s your problem? Can you connect to the port? Do you use https and the domain name? What is the response?- When I go to https://st2web.acme.net , I get a 404 not found. Here's what I'm seeing in the access logs.
{"ClientAddr":"10.130.21.21:51674","ClientHost":"10.130.21.21","ClientPort":"51674","ClientUsername":"-","DownstreamContentSize":19,"DownstreamStatus":404,"Duration":137892,"OriginContentSize":19,"OriginDuration":12443,"OriginStatus":404,"Overhead":125449,"RequestAddr":"st2web.acme.net","RequestContentSize":0,"RequestCount":127,"RequestHost":"st2web.acme.net","RequestMethod":"GET","RequestPath":"/","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"StartLocal":"2023-05-25T20:36:33.401647565Z","StartUTC":"2023-05-25T20:36:33.401647565Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"websecure","level":"info","msg":"","time":"2023-05-25T20:36:33Z"}
Check the debug log. Are you sure your target service is not responding with a 404 on path "/"?
curl http://172.19.0.2:80/
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>St2 Web UI</title>
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
<link rel="icon" href="favicon.ico" type="image/x-icon">
<!-- buils:styles -->
<link rel="stylesheet" href="css/style.css">
<!-- endbuild -->
<script type="text/javascript">
window.angular = {
module: (module) => ({
constant: (constant, value) => {
if (module !== 'main') {
throw new Error('The st2web angular-config-polyfill only supports the "main" module.');
}
if (constant !== 'st2Config') {
throw new Error('The st2web angular-config-polyfill only supports the "st2Config" constant.');
}
window.st2constants = window.st2constants || {};
window.st2constants.st2Config = value;
},
run: (fn) => {
if (module !== 'main') {
throw new Error('The st2web angular-config-polyfill only supports the "main" module.');
}
window.st2constants = window.st2constants || {};
window.st2constants.st2Config = window.st2constants.st2Config || {};
fn(window.st2constants.st2Config);
},
}),
};
</script>
</head>
What are you trying to tell us? You receive a html page from your server? Congrats, then Traefik works.
No sir, that was an answer to your question above
Are you sure your target service is not responding with a 404 on path "/"
So far we have established that I have the route configured to the right service and the service is responding on http://172.19.0.2:80/ locally but when I'm trying to hit https://st2web.acme.net/ . I'm seeing the access log as below. So the Traefik is getting the traffic but not routing to the service. So, what am I missing?
{"ClientAddr":"10.130.21.21:51674","ClientHost":"10.130.21.21","ClientPort":"51674","ClientUsername":"-","DownstreamContentSize":19,"DownstreamStatus":404,"Duration":137892,"OriginContentSize":19,"OriginDuration":12443,"OriginStatus":404,"Overhead":125449,"RequestAddr":"st2web.acme.net","RequestContentSize":0,"RequestCount":127,"RequestHost":"st2web.acme.net","RequestMethod":"GET","RequestPath":"/","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"StartLocal":"2023-05-25T20:36:33.401647565Z","StartUTC":"2023-05-25T20:36:33.401647565Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"websecure","level":"info","msg":"","time":"2023-05-25T20:36:33Z"}
Figured it out myself, I was missing the following label
traefik.http.routers.st2web.tls=true
system
Closed
May 29, 2023, 7:13pm
11
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.