I am trying to install This docker image
which runs on port 3000 for http and 3001 for https.
I need to run just HTTP version on a LocalNetwork.
I am getting network error in browser console when upload test is running.
version: "3.3"
services:
traefik:
image: "traefik:v2.8"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- "5000:80"
- "5001:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
openspeedtest:
image: "openspeedtest/latest"
container_name: "speedtest-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.openspeedtest.rule=Host(`unraid.vishnu.pro`)"
- "traefik.http.routers.openspeedtest.entrypoints=web"
I don't know why i need to add
"traefik.http.middlewares.limit.buffering.maxRequestBodyBytes
now it is working for me.
mytraefik yml
version: "3.9"
services:
traefik:
image: traefik:v2.8.0
container_name: traefik
command:
- --log.level=INFO
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
ports:
- 5000:80
- 5001:443
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
openspeedtest:
image: openspeedtest/latest
container_name: speedtest-service
labels:
- "traefik.enable=true"
- "traefik.http.routers.openspeedtest.rule=Host(`192.168.1.15`)"
- "traefik.http.routers.openspeedtest.entrypoints=web"
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000"
- "traefik.http.routers.openspeedtest.middlewares=limit"
- "traefik.http.routers.openspeedtest-https.rule=Host(`192.168.1.15`)"
- "traefik.http.routers.openspeedtest-https.entrypoints=websecure"
# - "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000"
- "traefik.http.routers.openspeedtest-https.middlewares=limit"
- "traefik.http.routers.openspeedtest-https.tls=true"
- "traefik.http.routers.openspeedtest-https.tls.certresolver=leresolver"
Related
The whoami container deployed on 8082 port isn't redirecting
request: localhost:8082/rrt --> redirect: localhost:8082/ppka
but it isn't redirecting localhost:8082/ppka address. How can i solve this problem.
version: "3.7"
services:
traefik:
image: "traefik:v2.9"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
image: "traefik/whoami"
container_name: "simple-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.entrypoints=web"
- "traefik.http.routers.whoami.rule=Host(`localhost`) && PathPrefix(`/rrt`)"
- "traefik.http.routers.whoami.middlewares=redirect-regex"
- "traefik.http.middlewares.redirect-regex.redirectregex.regex=/rrt"
- "traefik.http.middlewares.redirect-regex.redirectregex.replacement=/ppka"
- "traefik.http.middlewares.redirect-regex.redirectregex.permanent=false"
ports:
- "8082:80"
request: localhost:8082/rrt --> redirect: localhost:8082/ppka
I'm running a dotnet GRPC API (recipients-api) and I want to use grpcui to test it. Both services are been declared on a docker-compose file. I'm declaring grpcui as a dependant service of recipients-api, and as I need it to be fully available before grpcui can run, I'm also using a health probe to ensure it's alive. The problem is that it seems like recipients-api entry point is not been run, it's like the process were stuck waiting for the health check to be sucessfull before hiting the container entrypoint, so it alsways throws a timeout. Any clues?
Here is my docker-compose file:
version: '3.4'
services:
recipientservice-api:
image: ${DOCKER_REGISTRY-}dataintegrationrecipientserviceapi
container_name: recipientservice-api
build:
context: ..
dockerfile: ../src/DataIntegration.RecipientService.Api/Dockerfile
environment:
ASPNETCORE_ENVIRONMENT: "Development"
ASPNETCORE_URLS: "http://+:5000"
MongoDb__ConnectionString: mongodb://wfuser:MyPassw0rd_#mongodb:27017/RecipientService?tls=false
MongoDb__"Database": "RecipientService"
expose:
- "5000"
ports:
- "5000:5000"
depends_on:
- mongodb
networks:
- recipients-network
healthcheck:
test: ["CMD", "bin/grpc_health_probe", "-connect-timeout 10s", "-rpc-timeout 4s", "-addr=localhost:5000"]
interval: 2s
retries: 5
start_period: 15s
timeout: 10s
grpcui:
image: fullstorydev/grpcui
container_name: grpcui
depends_on:
recipientservice-api:
condition: service_healthy
command:
- -plaintext
- -vvv
- recipientservice-api:5000
networks:
- recipients-network
ports:
- "8080:8080"
mongodb:
image: mongo:5.0
container_name: "mongodb"
hostname: mongodb
environment:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: MyPassw0rd_123
MONGO_INITDB_DATABASE: RecipientService
volumes:
- mongo-recipients:/var/opt/mongodb
- ./init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
ports:
- "27017:27017"
expose:
- 27017
networks:
- recipients-network
networks:
recipients-network:
name: recipients-network
driver: bridge
volumes:
mongo-recipients:
I am trying to redirect from the specific port of the service to the domain name in traefik.
This is my config in yml file (swarm mode). Here I am trying to automatically redirect from https://portainer.com:8443 to https://portainer.com
I opened the port 8443 for traefik as well.
But when I am trying to do the redirection using: https://portainer.com/example to https://portainer.com it is working fine. How to make that work with ports?
version: '3.8'
services:
reverse-proxy:
image: traefik:latest
ports:
- 80:80
- 443:443
- 8443:8443
env_file:
- ./.env
deploy:
placement:
constraints: [node.role == manager]
update_config:
failure_action: rollback
labels:
# Enable traefik for the specific service
- "traefik.enable=true"
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=http"
- "traefik.http.routers.http-catchall.middlewares=https-redirect"
- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
# Make the Traefik use this domain in HTTPS
- "traefik.http.routers.traefik-https.rule=Host(`traefik.com`)"
# Allow the connections to the traefik api for the dashboard support
- "traefik.http.routers.traefik-https.service=api#internal"
- "traefik.http.services.traefik-svc.loadbalancer.server.port=9999"
# Use the Let's encrypt resolver
- "traefik.http.routers.traefik-https.tls=true"
- "traefik.http.routers.traefik-https.tls.certresolver=le"
# Use the traefik_net network that is declared below
- "traefik.docker.network=traefik_net"
# Use the auth for traefik dashboard
- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_AUTH_USER_PASSWORD}"
- "traefik.http.routers.traefik-https.middlewares=traefik-auth"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-public-certificates:/certificates
command:
- --providers.docker
- --providers.docker.swarmMode=true
- --providers.docker.exposedbydefault=false
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --certificatesresolvers.le.acme.email=port#port.com
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
- --certificatesresolvers.le.acme.httpchallenge=true
- --certificatesresolvers.le.acme.httpchallenge.entrypoint=http
- --accesslog
- --log
- --api
networks:
- traefik_net
agent:
image: portainer/agent:latest
environment:
# REQUIRED: Should be equal to the service name prefixed by "tasks." when
# deployed inside an overlay network
AGENT_CLUSTER_ADDR: tasks.agent
# AGENT_PORT: 9001
# LOG_LEVEL: debug
env_file:
- ./.env
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /var/lib/docker/volumes:/var/lib/docker/volumes
networks:
- agent_network
deploy:
mode: global
placement:
constraints: [ node.platform.os == linux ]
portainer:
image: portainer/portainer-ce:latest
command: -H tcp://tasks.agent:9001 --tlsskipverify
volumes:
- portainer_data:/data
networks:
- traefik_net
- agent_network
env_file:
- ./.env
deploy:
mode: replicated
replicas: 1
placement:
constraints: [ node.role == manager ]
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer.service=portainer"
- "traefik.http.routers.portainer.rule=Host(`portainer.com`)"
- "traefik.http.routers.portainer.entrypoints=https"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
- "traefik.http.routers.portainer.tls=true"
- "traefik.http.routers.portainer.tls.certresolver=le"
- "traefik.docker.network=traefik_net"
- "traefik.http.middlewares.portainer-redirect.redirectregex.regex=^https?://portainer.com:8443"
- "traefik.http.middlewares.portainer-redirect.redirectregex.replacement=https://portainer.com"
- "traefik.http.middlewares.portainer-redirect.redirectregex.permanent=true"
- "traefik.http.routers.portainer.middlewares=portainer-redirect"
Just need to add one more entrypoint and it will work:
version: '3.8'
services:
reverse-proxy:
image: traefik:latest
ports:
- 80:80
- 443:443
- 8443:8443
env_file:
- ./.env
deploy:
placement:
constraints: [node.role == manager]
update_config:
failure_action: rollback
labels:
# Enable traefik for the specific service
- "traefik.enable=true"
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=http"
- "traefik.http.routers.http-catchall.middlewares=https-redirect"
- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
# Make the Traefik use this domain in HTTPS
- "traefik.http.routers.traefik-https.rule=Host(`traefik.com`)"
# Allow the connections to the traefik api for the dashboard support
- "traefik.http.routers.traefik-https.service=api#internal"
- "traefik.http.services.traefik-svc.loadbalancer.server.port=9999"
# Use the Let's encrypt resolver
- "traefik.http.routers.traefik-https.tls=true"
- "traefik.http.routers.traefik-https.tls.certresolver=le"
# Use the traefik_net network that is declared below
- "traefik.docker.network=traefik_net"
# Use the auth for traefik dashboard
- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_AUTH_USER_PASSWORD}"
- "traefik.http.routers.traefik-https.middlewares=traefik-auth"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-public-certificates:/certificates
command:
- --providers.docker
- --providers.docker.swarmMode=true
- --providers.docker.exposedbydefault=false
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --entrypoints.https-new.address=:8443
- --certificatesresolvers.le.acme.email=port#port.com
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
- --certificatesresolvers.le.acme.httpchallenge=true
- --certificatesresolvers.le.acme.httpchallenge.entrypoint=http
- --accesslog
- --log
- --api
networks:
- traefik_net
agent:
image: portainer/agent:latest
environment:
# REQUIRED: Should be equal to the service name prefixed by "tasks." when
# deployed inside an overlay network
AGENT_CLUSTER_ADDR: tasks.agent
# AGENT_PORT: 9001
# LOG_LEVEL: debug
env_file:
- ./.env
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /var/lib/docker/volumes:/var/lib/docker/volumes
networks:
- agent_network
deploy:
mode: global
placement:
constraints: [ node.platform.os == linux ]
portainer:
image: portainer/portainer-ce:latest
command: -H tcp://tasks.agent:9001 --tlsskipverify
volumes:
- portainer_data:/data
networks:
- traefik_net
- agent_network
env_file:
- ./.env
deploy:
mode: replicated
replicas: 1
placement:
constraints: [ node.role == manager ]
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer.service=portainer"
- "traefik.http.routers.portainer.rule=Host(`portainer.com`)"
- "traefik.http.routers.portainer.entrypoints=https,https-new"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
- "traefik.http.routers.portainer.tls=true"
- "traefik.http.routers.portainer.tls.certresolver=le"
- "traefik.docker.network=traefik_net"
- "traefik.http.middlewares.portainer-redirect.redirectregex.regex=^https?://portainer.com:8443"
- "traefik.http.middlewares.portainer-redirect.redirectregex.replacement=https://portainer.com"
- "traefik.http.middlewares.portainer-redirect.redirectregex.permanent=true"
- "traefik.http.routers.portainer.middlewares=portainer-redirect"
I had deploy Gitea + drone + runner for my group. Normally runner-docker works fine, but runner-ssh and runner-exec don't work
deploy by docker compose
gitea
version: "3"
services:
gitea:
image: gitea/gitea:1.15.7
# container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_HOST=db:3306
- DB_NAME=gitea
- DB_USER=gitea
- DB_PASSWD=xxxxxxx
restart: always
volumes:
- ./gitea:/data
- /home/git/.ssh/:/data/git/.ssh
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "33333:3000"
- "22:22"
depends_on:
- db
db:
image: mariadb
restart: always
environment:
- MYSQL_ROOT_PASSWORD=xxxxxx
- MYSQL_USER=gitea
- MYSQL_PASSWORD=xxxxxx
- MYSQL_DATABASE=gitea
volumes:
- ./db:/var/lib/mysql
drone
version: "3"
services:
drone:
image: drone/drone
container_name: drone
ports:
- "8800:80"
# - "44443:443"
volumes:
- ./drone:/data
environment:
- DRONE_GITEA_SERVER=https://git.ioiox.com
- DRONE_GITEA_CLIENT_ID=xxxxxxxxx
- DRONE_GITEA_CLIENT_SECRET=xxxxxxxxx
- DRONE_RPC_SECRET=yyyyyyyyyyyyyy
- DRONE_SERVER_HOST=drone.ioiox.com
- DRONE_SERVER_PROTO=https
- DRONE_GIT_ALWAYS_AUTH=true
- DRONE_USER_CREATE=username:stilleshan,admin:true
restart: always
runner-docker & runner-ssh
version: "3"
services:
drone-runner-docker:
image: drone/drone-runner-docker:1
container_name: drone-runner-docker
# ports:
# - "3000:3000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- TZ=Asia/Shanghai
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=drone.ioiox.com
- DRONE_RPC_SECRET=yyyyyyyyyyyyyy
- DRONE_RUNNER_CAPACITY=5
- DRONE_RUNNER_NAME=runner-docker
restart: always
drone-runner-ssh:
image: drone/drone-runner-ssh
container_name: drone-runner-ssh
# ports:
# - 3001:3000
environment:
- TZ=Asia/Shanghai
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=drone.ioiox.com
- DRONE_RPC_SECRET=yyyyyyyyyyyyyy
- DRONE_RUNNER_CAPACITY=5
- DRONE_RUNNER_NAME=runner-ssh
restart: always
runner-exec
Install in centos7 by drone.io documents
issue
runner-exec
When I push to private repo activate runner, something wrong about git clone. But public repo works fine.
I tried setting DRONE_GIT_ALWAYS_AUTH=true or false also to no effect
enter image description here
runner-ssh
I use type: ssh in .drone.yml, Can trigger workflows. But got clone: skipped error, when i set disable clone step, also got error "greeting: skipped", I think the whole workflow can not working.
enter image description here
I try to used traefik 2 with 2 endpoints
toto.xxx/tata
toto.xxx/titi
But any endpoints work.
My docker-compose is
version: "3.7"
services:
traefik:
image: traefik:v2.2
restart: unless-stopped
environment:
- DUCKDNS_TOKEN=${DUCKDNS_TOKEN}
ports:
- 80:80
- 444:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${TRAEFIK_ACME}/acme.json:/etc/traefik/acme.json
- ${TRAEFIK_CONFIG}/traefik.yaml:/etc/traefik/traefik.yaml:ro
- ${TRAEFIK_LOG}:/etc/traefik/traefik_log
labels:
# General
- "traefik.enable=true"
# Traefik internal rules
- "traefik.http.routers.traefik.service=api#internal"
# hostname
- "traefik.http.routers.traefik.rule=Host(`ubuntu.local`) && PathPrefix(`/traefik`)"
# Authentication
# - "traefik.http.middlewares.traefik-auth.basicauth.users=USER:PASSWORD"
# - "traefik.http.routers.traefik.middlewares=traefik-auth"
# HTTPS
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
# Internal port
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
# Prefixes
- "traefik.http.middlewares.prefix-traefik.stripprefix.prefixes=/traefik"
- "traefik.http.middlewares.traefik.stripprefix.forceslash=true"
- "traefik.http.routers.traefik.middlewares=prefix-traefik#docker"
Does anyone have any ideas?
Thanks
I don't see from the snippet you share how did you try to configure traeifk with these endpoints. can you add more info?
In case you are trying to proxy traffic to other services behind the proxy, you need to set labels on these services with the needed router rules. Below is an example of doing this
proxy:
image: traefik:v2.2
command:
- '--log.level=DEBUG'
- '--providers.docker=true'
- '--entryPoints.web.address=:80'
- '--providers.providersThrottleDuration=2s'
- '--providers.docker.watch=true'
- '--providers.docker.swarmMode=true'
- '--providers.docker.swarmModeRefreshSeconds=15s'
- '--providers.docker.exposedbydefault=false'
- '--providers.docker.defaultRule=Host("lvh.me")'
- '--accessLog.bufferingSize=0'
- '--api=true'
- '--api.dashboard=true'
- '--api.insecure=true'
- '--ping.entryPoint=web'
- '--providers.redis.endpoints=redis:6379'
- '--providers.redis.rootkey=traefik'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
ports:
- '80:80'
- '8080:8080'
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik
networks:
- traefik
mailcatcher:
image: sj26/mailcatcher
deploy:
labels:
- traefik.enable=true
- traefik.tags=public
- traefik.http.services.mailcatcher.loadbalancer.server.port=1080
- traefik.http.routers.mailcatcher.rule=Host(`lvh.me`) && PathPrefix(`/mailcatcher`)
- traefik.http.routers.mailcatcher.service=mailcatcher
- traefik.http.routers.mailcatcher.entrypoints=web
- traefik.docker.network=traefik
logging:
driver: json-file
options:
'max-size': '10m'
'max-file': '5'
networks:
- traefik