使用 Traefik 2 作为 MariaDB 的 TCP 代理 (Docker)
Using Traefik 2 as TCP proxy for MariaDB (Docker)
我正在尝试使用 Traefik 作为 MariaDB 的反向代理,以便我可以从我的客户端连接。
目前 Traefik 在多个 WordPress 容器的 HTTP 和 HTTPS 上运行良好,但我在为 MariaDB 配置它时遇到问题。
这是当前配置:
Traefik 组合文件:
version: '3.5'
networks:
traefik:
name: traefik
services:
traefik:
image: traefik:latest
restart: always
container_name: traefik
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik.toml:/traefik.toml:ro
- ./acme.json:/acme.json
ports:
- 80:80
- 443:443
- 3306:3306
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.local`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=username:$$apr1$$j994eiLb$$KmPfiii4e9VkZwTPW2/RF1"
networks:
- traefik
Traefik 配置文件(traefik.toml):
# Network traffic will be entering our Docker network on the usual web ports
# (ie, 80 and 443), where Traefik will be listening.
[entyPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address= ":443"
[entryPoints.websecure.http.tls]
certResolver = "resolver"
# [entryPoints.ssh]
# address = ":2222"
[entryPoints.mariadb]
address = ":3306"
#Redirection from HTTP to HTTPS
[entryPoints.web.http]
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
#Integration with Let's Encrypt
[certificatesResolvers.resolver.acme]
email = "service@local"
storage = "acme.json"
[certificatesResolvers.resolver.acme.tlsChallenge]
#[log]
# level = "DEBUG"
[api]
#Defaul=true
dashboard = true
# Enable retry sending request if network error
[retry]
# These options are for Traefik's integration with Docker.
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
network = "traefik"
MariaDB 组合文件:
版本:'3.5'
networks:
traefik:
external:
name: traefik
services:
dbtest:
image: mariadb:latest
restart: always
container_name: dbtest
environment:
- MYSQL_DATABASE=admin
- MYSQL_USER=admin
- MYSQL_PASSWORD=admin
- MYSQL_ROOT_PASSWORD=admin
networks:
- traefik
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik"
- "traefik.tcp.routers.mariadb.entrypoints=mariadb"
- "traefik.tcp.routers.mariadb.rule=HostSNI(`test.local`)"
- "traefik.tcp.routers.mariadb.tls=true"
# - "traefik.tcp.routers.mariadb.service=dbtest"
# - "traefik.tcp.services.mariadb.loadbalancer.server.port=3306"
当我尝试从我的客户端连接到数据库时,它不起作用
有没有人有这方面的经验或很好的例子?
看起来无法像 test.local 那样指定主机名。相反,您需要使用一个包罗万象的 *.
我为 MariaDB 使用的标签是:
labels:
- "traefik.enable=true"
- "traefik.tcp.routers.mariadb.rule=HostSNI(`*`)"
- "traefik.tcp.routers.mariadb.entrypoints=mariadb"
- "traefik.tcp.routers.mariadb.service=mariadb-svc"
- "traefik.tcp.services.mariadb-svc.loadbalancer.server.port=3306"
我在 docker-compose 文件中使用了以下内容。当然你可以随意调整端口号。
静态配置:
traefik:
ports:
# db - postgres
- 5432:5432
# This override command section REPLACES the one in the docker-compose file.
command:
- --providers.docker
- --providers.docker.exposedbydefault=false
- --accesslog
- --log
- --api
# These create named entry points for later use in routers.
# You don't need to specify an entrypoint if the in port = out port. It will
# automatically figure that out.
- --entryPoints.postgres.address=:5432
动态配置:
db:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.tcp.routers.db-tcp.rule=HostSNI(`*`)
- traefik.tcp.routers.db-tcp.entrypoints=postgres
- traefik.tcp.routers.db-tcp.service=db-proxy
- traefik.tcp.services.db-proxy.loadbalancer.server.port=5432
我正在尝试使用 Traefik 作为 MariaDB 的反向代理,以便我可以从我的客户端连接。
目前 Traefik 在多个 WordPress 容器的 HTTP 和 HTTPS 上运行良好,但我在为 MariaDB 配置它时遇到问题。
这是当前配置:
Traefik 组合文件:
version: '3.5'
networks:
traefik:
name: traefik
services:
traefik:
image: traefik:latest
restart: always
container_name: traefik
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik.toml:/traefik.toml:ro
- ./acme.json:/acme.json
ports:
- 80:80
- 443:443
- 3306:3306
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.local`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=username:$$apr1$$j994eiLb$$KmPfiii4e9VkZwTPW2/RF1"
networks:
- traefik
Traefik 配置文件(traefik.toml):
# Network traffic will be entering our Docker network on the usual web ports
# (ie, 80 and 443), where Traefik will be listening.
[entyPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address= ":443"
[entryPoints.websecure.http.tls]
certResolver = "resolver"
# [entryPoints.ssh]
# address = ":2222"
[entryPoints.mariadb]
address = ":3306"
#Redirection from HTTP to HTTPS
[entryPoints.web.http]
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
#Integration with Let's Encrypt
[certificatesResolvers.resolver.acme]
email = "service@local"
storage = "acme.json"
[certificatesResolvers.resolver.acme.tlsChallenge]
#[log]
# level = "DEBUG"
[api]
#Defaul=true
dashboard = true
# Enable retry sending request if network error
[retry]
# These options are for Traefik's integration with Docker.
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
network = "traefik"
MariaDB 组合文件: 版本:'3.5'
networks:
traefik:
external:
name: traefik
services:
dbtest:
image: mariadb:latest
restart: always
container_name: dbtest
environment:
- MYSQL_DATABASE=admin
- MYSQL_USER=admin
- MYSQL_PASSWORD=admin
- MYSQL_ROOT_PASSWORD=admin
networks:
- traefik
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik"
- "traefik.tcp.routers.mariadb.entrypoints=mariadb"
- "traefik.tcp.routers.mariadb.rule=HostSNI(`test.local`)"
- "traefik.tcp.routers.mariadb.tls=true"
# - "traefik.tcp.routers.mariadb.service=dbtest"
# - "traefik.tcp.services.mariadb.loadbalancer.server.port=3306"
当我尝试从我的客户端连接到数据库时,它不起作用
有没有人有这方面的经验或很好的例子?
看起来无法像 test.local 那样指定主机名。相反,您需要使用一个包罗万象的 *.
我为 MariaDB 使用的标签是:
labels:
- "traefik.enable=true"
- "traefik.tcp.routers.mariadb.rule=HostSNI(`*`)"
- "traefik.tcp.routers.mariadb.entrypoints=mariadb"
- "traefik.tcp.routers.mariadb.service=mariadb-svc"
- "traefik.tcp.services.mariadb-svc.loadbalancer.server.port=3306"
我在 docker-compose 文件中使用了以下内容。当然你可以随意调整端口号。
静态配置:
traefik:
ports:
# db - postgres
- 5432:5432
# This override command section REPLACES the one in the docker-compose file.
command:
- --providers.docker
- --providers.docker.exposedbydefault=false
- --accesslog
- --log
- --api
# These create named entry points for later use in routers.
# You don't need to specify an entrypoint if the in port = out port. It will
# automatically figure that out.
- --entryPoints.postgres.address=:5432
动态配置:
db:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.tcp.routers.db-tcp.rule=HostSNI(`*`)
- traefik.tcp.routers.db-tcp.entrypoints=postgres
- traefik.tcp.routers.db-tcp.service=db-proxy
- traefik.tcp.services.db-proxy.loadbalancer.server.port=5432