如何在同一个 https 域下使用 traefik 服务两个提供者后端 url
How to serve two provider backends with traefik under the same https domain url
[ 有了 Siyu 的有用评论,我可以解决问题,另外我需要在标签中设置一个入口点 - 我已经添加了更正的 docker-compose.yaml,这就是我需要修复的全部 ]
目前我已经重新配置了我的 synology 工作站以使用 traefik 处理 https 流量。
我想使用 traefik 为 docker 容器提供服务,并且仍然通过 http 提供 synology 工作站的 Web 界面(通过使用 traefik 也作为 SSL 卸载程序)。 Traefik 现在有处理两个 provider 后端的问题,一个是 "original" synology 网络服务器,一个是 docker 来来去去的容器。
当前设置用于提供 "test.com"(Synology DSM 网络界面)。但是,如果尝试使用“/dashboard”访问容器,它只会给我一个 404。
如何设置它,以便为两个后端(docker + docker 之外的网络服务器)提供服务?
数据点
- docker接口被识别,
- 标签(*见下文)是从 traefik 中读取的(可以在日志中看到)
- synology nginx 在 docker 的 外部 运行(不是作为容器!)
- 整个 synology 工作站在 IPv4 /IPv6 环境(两者)中提供服务
- Synology nginx 被修改为不在标准 http/https 端口上提供服务(它只重定向到端口 5000/5001,正如我在 nginx 配置中看到的那样)
应提供的预期设置
注意原来的synology是一个catch all域(/*)
+-----------------------------------------------------------------------
| Synology Workstation
|
| +--------------------------------------------------------+
| | Docker |
| | +---------+ +-------------------+ |
|-->HTTPS-->|-->HTTPS-->| Traefik |-->HTTP-->| test.com/dashboard| |
| 443:443 | | | | | |
| | +---------+--+ +-------------------+ |
| | | | |
| | | | +------------------+ |
| | | +--HTTP-->| test.com/stats | |
| | | +------------------- |
| | | |
| +----------------|----------------------------------------
| | +-------------------+
| +--HTTP-->|test.com/* |
| |(nginx of synology)|
| +-------------------+
+--------------------------------------------------------------------
traefik.toml 看起来像这样:
debug=true
logLevel="DEBUG"
[traefikLog]
filePath = "/etc/traefik/traefik.log"
[accessLog]
filePath = "/etc/traefik/access.log"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
certFile = "/etc/pki/tls/certs/test.com.crt"
keyFile = "/etc/pki/tls/private/test.com.key"
[backends]
[backends.wbackend]
[backends.wbackend.servers.server]
url = "http://workstation.test.com:5000"
#weight = 10
[frontends]
[frontends.workstation]
backend = "wbackend"
passHostHeader = true
entrypoints = ["https"]
[frontends.workstation.routes.route1]
rule = "Host:workstation.test.com"
# You MUST ADD file otherwise traefik does not parse the fronted rules
[file]
[docker]
endpoint = "unix:///var/run/docker.sock"
Docker-撰写片段(查看映射域的标签)。
---
version: '2'
services:
traefik:
# Check latest version: https://hub.docker.com/r/library/traefik/tags/
image: traefik:1.7.6
restart: unless-stopped
container_name: traefik
mem_limit: 300m
#network_mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /volume1/container/traefik/etc/pki/tls/certs/workstation.test.com.crt:/etc/pki/tls/certs/workstation.test.com.crt
- /volume1/container/traefik/etc/pki/tls/private/workstation.test.com.key:/etc/pki/tls/private/workstation.test.com.key
- /volume1/container/traefik/etc/traefik:/etc/traefik
ports:
- "80:80"
- "443:443"
labels:
- traefik.stat.frontend.rule=Host:workstation.test.com;Path:/dashboard
- traefik.stat.backend=traefik
- traefik.stat.frontend.entryPoints=https
- traefik.stat.frontend.rule=Host:workstation.test.com;PathPrefixStrip:/dashboard
- traefik.stat.port=8080
您的配置存在一些问题:
- 你的toml没有传入
- api 未启用
- 标签中缺少后端
- 应该使用
PathPrefixStrip
尝试
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /path/to/traefik.toml:/etc/traefik/traefik.toml
command: --api
ports:
- "80:80"
- "443:443"
- "8080:8080" // help you debug
labels:
- traefik.backend=traefik
- "traefik.frontend.rule=PathPrefixStrip:/dashboard/;Host:test.io"
- traefik.port=8080
[ 有了 Siyu 的有用评论,我可以解决问题,另外我需要在标签中设置一个入口点 - 我已经添加了更正的 docker-compose.yaml,这就是我需要修复的全部 ]
目前我已经重新配置了我的 synology 工作站以使用 traefik 处理 https 流量。
我想使用 traefik 为 docker 容器提供服务,并且仍然通过 http 提供 synology 工作站的 Web 界面(通过使用 traefik 也作为 SSL 卸载程序)。 Traefik 现在有处理两个 provider 后端的问题,一个是 "original" synology 网络服务器,一个是 docker 来来去去的容器。 当前设置用于提供 "test.com"(Synology DSM 网络界面)。但是,如果尝试使用“/dashboard”访问容器,它只会给我一个 404。
如何设置它,以便为两个后端(docker + docker 之外的网络服务器)提供服务?
数据点
- docker接口被识别,
- 标签(*见下文)是从 traefik 中读取的(可以在日志中看到)
- synology nginx 在 docker 的 外部 运行(不是作为容器!)
- 整个 synology 工作站在 IPv4 /IPv6 环境(两者)中提供服务
- Synology nginx 被修改为不在标准 http/https 端口上提供服务(它只重定向到端口 5000/5001,正如我在 nginx 配置中看到的那样)
应提供的预期设置
注意原来的synology是一个catch all域(/*)
+-----------------------------------------------------------------------
| Synology Workstation
|
| +--------------------------------------------------------+
| | Docker |
| | +---------+ +-------------------+ |
|-->HTTPS-->|-->HTTPS-->| Traefik |-->HTTP-->| test.com/dashboard| |
| 443:443 | | | | | |
| | +---------+--+ +-------------------+ |
| | | | |
| | | | +------------------+ |
| | | +--HTTP-->| test.com/stats | |
| | | +------------------- |
| | | |
| +----------------|----------------------------------------
| | +-------------------+
| +--HTTP-->|test.com/* |
| |(nginx of synology)|
| +-------------------+
+--------------------------------------------------------------------
traefik.toml 看起来像这样:
debug=true
logLevel="DEBUG"
[traefikLog]
filePath = "/etc/traefik/traefik.log"
[accessLog]
filePath = "/etc/traefik/access.log"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
certFile = "/etc/pki/tls/certs/test.com.crt"
keyFile = "/etc/pki/tls/private/test.com.key"
[backends]
[backends.wbackend]
[backends.wbackend.servers.server]
url = "http://workstation.test.com:5000"
#weight = 10
[frontends]
[frontends.workstation]
backend = "wbackend"
passHostHeader = true
entrypoints = ["https"]
[frontends.workstation.routes.route1]
rule = "Host:workstation.test.com"
# You MUST ADD file otherwise traefik does not parse the fronted rules
[file]
[docker]
endpoint = "unix:///var/run/docker.sock"
Docker-撰写片段(查看映射域的标签)。
---
version: '2'
services:
traefik:
# Check latest version: https://hub.docker.com/r/library/traefik/tags/
image: traefik:1.7.6
restart: unless-stopped
container_name: traefik
mem_limit: 300m
#network_mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /volume1/container/traefik/etc/pki/tls/certs/workstation.test.com.crt:/etc/pki/tls/certs/workstation.test.com.crt
- /volume1/container/traefik/etc/pki/tls/private/workstation.test.com.key:/etc/pki/tls/private/workstation.test.com.key
- /volume1/container/traefik/etc/traefik:/etc/traefik
ports:
- "80:80"
- "443:443"
labels:
- traefik.stat.frontend.rule=Host:workstation.test.com;Path:/dashboard
- traefik.stat.backend=traefik
- traefik.stat.frontend.entryPoints=https
- traefik.stat.frontend.rule=Host:workstation.test.com;PathPrefixStrip:/dashboard
- traefik.stat.port=8080
您的配置存在一些问题:
- 你的toml没有传入
- api 未启用
- 标签中缺少后端
- 应该使用
PathPrefixStrip
尝试
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /path/to/traefik.toml:/etc/traefik/traefik.toml
command: --api
ports:
- "80:80"
- "443:443"
- "8080:8080" // help you debug
labels:
- traefik.backend=traefik
- "traefik.frontend.rule=PathPrefixStrip:/dashboard/;Host:test.io"
- traefik.port=8080