502代理错误(docker + traefik + apache)
[英]502 Proxy Error ( docker + traefik + apache )
问题描述
I'm trying to setup traefik for SSL termination on my local development instance. 
我正在尝试为本地开发实例上的SSL终止设置traefik。 Following up this guide I have the following configuration. 遵循本指南,我有以下配置。
docker-compose.yml 泊坞窗,compose.yml
version: '2.1'
services:
mariadb:
image: wodby/mariadb:10.2-3.0.2
healthcheck:
test: "/usr/bin/mysql --user=dummyuser --password=dummypasswd --execute \"SHOW DATABASES;\" | grep database"
interval: 3s
timeout: 1s
retries: 5
restart: always
environment:
MYSQL_ROOT_PASSWORD: dummy
MYSQL_DATABASE: database
volumes:
- ./mariadb-init:/docker-entrypoint-initdb.d # Place init .sql file(s) here.
- mysql:/var/lib/mysql # I want to manage volumes manually.
php:
depends_on:
mariadb:
condition: service_healthy
ports:
- "25:25"
- "587:587"
environment:
PHP_FPM_CLEAR_ENV: "no"
DB_HOST: mariadb
#DB_USER: dummy
DB_PASSWORD: dummypasswd
DB_NAME: database
DB_DRIVER: mysql
PHP_POST_MAX_SIZE: "256M"
PHP_UPLOAD_MAX_FILESIZE: "256M"
PHP_MAX_EXECUTION_TIME: 300
volumes:
- codebase:/var/www/html/
- private:/var/www/html/private
solr:
image: mxr576/apachesolr-4.x-drupal-docker
ports:
- "8983:8983"
labels:
- 'traefik.backend=solr'
- 'traefik.port=8983'
# - 'traefik.frontend.rule=Host:192.168.33.10'
volumes:
- solr:/opt/solr/example/solr/collection1/data
restart: always
portainer:
image: portainer/portainer
command: --no-auth -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- 'traefik.backend=portainer'
- 'traefik.port=9000'
restart: always
apache:
image: wodby/php-apache:2.4-2.0.2
# ports:
# - "80:80"
depends_on:
- php
environment:
APACHE_LOG_LEVEL: warn
APACHE_BACKEND_HOST: php
APACHE_SERVER_ROOT: /var/www/html/drupal
volumes:
- codebase:/var/www/html/
- private:/var/www/html/private
labels:
- 'traefik.backend=apache'
- 'traefik.docker.network=proxy'
- "traefik.frontend.rule=Host:127.0.0.1"
- "traefik.enable=true"
- "traefik.port=80"
- "traefik.default.protocol=http"
restart: always
networks:
- proxy
traefik:
image: traefik
command: -c /traefik.toml --web --docker --logLevel=INFO
ports:
- '80:80'
- '443:443'
- '8888:8080' # Dashboard
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /codebase/traefik.toml:/traefik.toml
- /codebase/certs/cert.crt:/cert.crt
- /codebase/certs/cert.key:/cert.key
volumes:
solr:
external: true
mysql:
external: true
codebase:
external: true
private:
external: true
networks:
proxy:
external: true
traefik.toml traefik.toml
logLevel = "DEBUG" # <---
defaultEntryPoints = ["https", "http"] # <---
[accessLog]
[traefikLog]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
certFile = "/cert.crt"
keyFile = "/cert.key"
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false
When trying to verify the instance, I get a 502 Bad Gateway 尝试验证实例时,我收到502错误网关
curl -i -k https://127.0.0.1
HTTP/1.1 502 Bad Gateway
Content-Length: 392
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 14 Sep 2018 16:34:36 GMT
Server: Apache/2.4.29 (Unix) LibreSSL/2.5.5
X-Content-Type-Options: nosniff
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>502 Proxy Error</title>
</head><body>
<h1>Proxy Error</h1>
<p>The proxy server received an invalid
response from an upstream server.<br />
The proxy server could not handle the request <em><a href="/index.php">GET /index.php</a></em>.<p>
Reason: <strong>DNS lookup failure for: php</strong></p></p>
</body></html>
A reset for docker-compose and the docker network didn't help. 重置docker-compose和docker网络无济于事。 I've checked the issue on their repo and it seems like nobody got a definitive solution. 我已经在他们的仓库中检查了这个问题 ,似乎没人能找到确定的解决方案。 Anybody has an idea on how to solve this? 有人对如何解决这个问题有想法吗?
Edit:Update for full docker-compose file. 编辑:更新完整的docker-compose文件。
1 个解决方案
解决方案1
0 已采纳 2018-09-16 12:29:31
You are trying to connect to php container from apache service using service discovery. 您正在尝试使用服务发现从apache服务连接到php容器。 But php container is not attached to the network proxy , Because you haven't declared network for it. 但是php容器未附加到网络proxy ,因为尚未为其声明网络。 The same case is with mariabd as well. mariabd也是如此。 So, When you connect to apache/traefik they look for host php which is not attached to the network proxy and throw error 502 . 因此,当您连接到apache/traefik它们会查找未附加到网络proxy主机php并抛出错误502 。
Unless and until you specify external network, Docker containers will not be connected to them. 除非且直到您指定外部网络,否则Docker容器将不会连接到它们。
Hence, You have to specify the network as follows for all the services in order to make docker service discovery work properly. 因此,您必须为所有服务指定以下网络,以使docker服务发现正常工作。
networks:
- proxy
Bonus: 奖金:
Since you have done port mapping. 既然您已经完成了端口映射。 You can also use public Ip of your host machine followed by the port to connect to services from docker container and from outside containers as well. 您还可以使用主机的公共Ip,然后使用端口,以连接来自docker容器和外部容器的服务。
Example:
Let us assume your ip is
192.168.0.123then you can connect tophpfrom any services in docker container and even from outside docker as192.168.0.123:25and192.168.0.123:587.192.168.0.123那么您可以从docker容器中的任何服务甚至从外部docker以192.168.0.123:25和192.168.0.123:587连接到php。 This is because you have exposed ports 25,587 by mapping them to host ports 25,587 .
Some references: 一些参考:
- Docker networking Docker网络
- Networking using the host network 使用主机网络联网
- Connect a container to a user-defined bridge 将容器连接到用户定义的网桥
- Networking with standalone containers 与独立容器联网
- Service discovery 服务发现
- Networking in Compose (check "Specify custom networks" section) 撰写网络 (请选中“指定自定义网络”部分)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.