Client IP on Traefik with Docker Swarm - traefik

I try to get the client IP on a Traefik container which running on my Docker Swarm cluster.
On my Traefik service configuration, I use the long syntax for port publishing:
--publish published=80,target=80,mode=host \
--publish published=443,target=443,mode=host \
but on Traefik access log, I always obtain the IP address of docker_gwbridge interface.
Does any one know how to get the client IP in place of the IP of this interface?
Thanks in advance.

Related

Cannot access the application via node ip and node port

I have to deploy an application via Helm by supplying a VM Ip address and node port. Its a BareMetal Kubernetes cluster. The kubernetes cluster has ingress controller installed (as node port, this value is supplied in helm command). The problem is: I am receiving a 404 not found error if I access the applciation as:
curl http://{NODE_IP}:{nodeport}/path
there is no firewall. I have "allow all ingresss traffic" policy. But not sure what is wrong. I have now tried anything possible but cannot find the root cause.

Logs reporting Traefik is unable to find Docker socket at wrong endpoint

Currently trying to setup a Docker socket proxy container. I've added the new tcp address as the Docker endpoint in traefik.toml but the logs report that Traefik is unable to connect to the daemon at the standard address "unix:///var/run/docker.sock".
Is this just a bug in how the logs reports the problem or is Traefik actually looking for the daemon at the old endpoint?
Immediately after Traefik reads traefik.toml:
time="2019-06-16T18:33:10Z" level=info msg="Starting provider *docker.Provider {\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"TemplateVersion\":2,\"DebugLogGeneratedTemplate\":false,\"Endpoint\":\"unix:///var/run/docker.sock\",\"Domain\":\"\",\"TLS\":null,\"ExposedByDefault\":true,\"UseBindPortIP\":false,\"SwarmMode\":false,\"Network\":\"\",\"SwarmModeRefreshSeconds\":15}"
Error that repeats:
time="2019-06-16T18:33:11Z" level=error msg="Failed to retrieve information of the docker client and server host: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?"
time="2019-06-16T18:33:11Z" level=error msg="Provider connection error Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?, retrying in 676.457252ms"
traefik.toml config:
[docker]
endpoint = "tcp://localhost:2375"
domain = "my.domain"
I've tried changing the endpoint to the local IP of the host machine as well as the Docker network IP but all result in the same error.
Everything works fine as long as /var/run/docker.sock is mounted in the container (regardless of what the endpoint in traefik.toml is) but as soon as I remove it, I started getting the above errors.

How to CURL an instance of OpenStack from another Instance

I have running devstack on my machine and created an instance of Alpine Linux which runs a Rails API (IP 10.0.0.6) on port 3000 (also tried 80, 8080). Then I created a simple CirrOS client instance (IP 10.0.0.4) to access the /test endpoint of the API. However, i find that I can ŕun:
ping 10.0.0.6
from the CirrOS instance and receive response of packets. However, when I try:
curl -XGET http://10.0.0.6:3000/test
I receive the error:
curl: (7) couldn't connect to host
The two instances belong to the private network and the security group policy allows any Ingress and Egress of any kind of protocol.
The /test endpoint works locally on the API instance.
I also tested that I'm able to make an ssh connection from one instance to another.
What configuration could I be missing? Thanks!
Found the solution.
It wasn't a wrong configuration on openstack side.
I needed to run rails with the flag -b 0.0.0.0 to allow any IP. Rails on default only serves the localhost IP.
rails s -b 0.0.0.0
You could always try telneting on the particular port which server is running on to locate the issue whether it's networking issue or it is any other configuration issue.

How to configure Traefik with remote docker api to use remote host ip with natted ports

I am using Traefik 1.5.4 on a host separate from a docker host where i have containers running. I can configure traefik to see the remote docker host and see the containers running, but all of the backend ips are of the container internal network ips. These are not reachable from outside of the docker host. I would like to configure traefik so that it knows to use the remote docker hosts routable ip with the containers natted port.

Run Kubernetes on EC2

I am trying to run kubernetes on EC2 and I used CoreOs alpha channel ami.I configured Kubectl ssh tunnel for the communication between Kubectl client and Kubernetes API.
But when I try kubectl api-versions command, I am getting following error.
Couldn't get available api versions from server: Get http://MyIP:8080/api: dial tcp MyIP:8080: connection refused
MyIP - this has set accordingly.
What could be the reason for this?
Reason for this issue was that I haven't set the kubernetes_master environment variable properly. As there is a ssh tunnel between the kubectl client and API, kubernetes master environment variable should be set to localhost.