堆栈内存溢出
  简体   繁体   English

Traefik 似乎忽略了路由器的规则(错误?)

[英]Traefik seems to ignore the rules of the routers (bug?)

 原文  2021-02-12 13:14:53       docker/ networking/ docker-compose/ reverse-proxy/ traefik

问题描述

Today, I'm calling for your help, because I'm encountering routing problems with Traefik (v2.4) and I have the impression that it's a bug with the latter.今天,我正在寻求您的帮助,因为我在使用Traefik (v2.4) 时遇到了路由问题,并且我觉得这是后者的错误。

I use Docker v20.10.2 and Docker Compose v1.25.0 on Debian 10 (Buster)我在 Debian 10 上使用 Docker v20.10.2 和 Docker 撰写 v1.25.0(Buster)

I'm looking for these redirections:我正在寻找这些重定向:

www.mywebsite.com
    |____main-wordpress:80
www.mywebsite.com/blog
    |____blog-wordpress:80

So I have a docker-compose.yml composed like this (extract):所以我有一个像这样组成的docker-compose.yml (摘录):

---
version: '2.4'

services:

  # *---------------------------*
  # | WordPress (for main site) |
  # *---------------------------*
  main-wordpress:
    image: wordpress:5.6
    hostname: main-wordpress
    environment:
      - WORDPRESS_DB_HOST=main-mysql
      - WORDPRESS_DB_USER=${MAIN_MYSQL_USER}
      - WORDPRESS_DB_PASSWORD=${MAIN_MYSQL_PASSWORD}
      - WORDPRESS_DB_NAME=${MAIN_MYSQL_DATABASE}
      - WORDPRESS_TABLE_PREFIX=wp_
    volumes:
      - ./volumes/wordpress/main:/var/www/html/
      - ./volumes/wordpress/php.ini:/usr/local/etc/php/conf.d/01_user.ini
    expose:
      - 80
    depends_on:
       - main-mysql
    labels:
      - "traefik.enable=true"
      # Redirect HTTP ➔ HTTPS
      - "traefik.http.routers.main-wordpress-web.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`))"
      - "traefik.http.routers.main-wordpress-web.priority=1"
      - "traefik.http.routers.main-wordpress-web.entrypoints=web"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
      # Route : HTTPS ➔ HTTP (WordPress)
      - "traefik.http.routers.main-wordpress-websecure.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`))"
      - "traefik.http.routers.main-wordpress-websecure.priority=1"
      - "traefik.http.services.webapp.loadbalancer.server.port=80"
      - "traefik.http.routers.main-wordpress-websecure.entrypoints=websecure"
      - "traefik.http.routers.main-wordpress-websecure.tls.certresolver=letsencrypt-1"
      # Enable "middlewares"
      - "traefik.http.routers.main-wordpress-web.middlewares=redirect-to-https"
    restart: unless-stopped

  # *-----------------------*
  # | WordPress (for /blog) |
  # *-----------------------*
  blog-wordpress:
    image: wordpress:4.9.8
    hostname: blog-wordpress
    environment:
      - WORDPRESS_DB_HOST=blog-mysql
      - WORDPRESS_DB_USER=${BLOG_MYSQL_USER}
      - WORDPRESS_DB_PASSWORD=${BLOG_MYSQL_PASSWORD}
      - WORDPRESS_DB_NAME=${BLOG_MYSQL_DATABASE}
      - WORDPRESS_TABLE_PREFIX=wp_
    volumes:
      - ./volumes/wordpress/blog/:/var/www/html/
      - ./volumes/wordpress/php.ini:/usr/local/etc/php/conf.d/01_user.ini
      - ./volumes/wordpress/blog/.htaccess:/var/www/html/.htaccess
    expose:
      - 80
    depends_on:
       - blog-mysql
    labels:
      - "traefik.enable=true"
      # Redirect HTTP ➔ HTTPS
      - "traefik.http.routers.blog-wordpress-web.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && PathPrefix(`/blog`)"
      - "traefik.http.routers.blog-wordpress-web.priority=10000"
      - "traefik.http.routers.blog-wordpress-web.entrypoints=web"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
      # Route : HTTPS ➔ HTTP (WordPress)
      - "traefik.http.routers.blog-wordpress-websecure.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && PathPrefix(`/blog`)"
      - "traefik.http.routers.blog-wordpress-websecure.priority=10000"
      - "traefik.http.services.webapp.loadbalancer.server.port=80"
      - "traefik.http.routers.blog-wordpress-websecure.entrypoints=websecure"
      - "traefik.http.routers.blog-wordpress-websecure.tls.certresolver=letsencrypt-1"
      # Enable "middlewares"
      - "traefik.http.routers.blog-wordpress-web.middlewares=redirect-to-https"
    restart: unless-stopped

  # *-------------------------*
  # | Traefik (reverse-proxy) |
  # *-------------------------*
  traefik:
      image: traefik:2.4
      hostname: traefik
      command:
        - "--api=true"
        - "--api.dashboard=true"
        - "--providers.docker.endpoint=unix:///var/run/docker.sock"
        - "--providers.docker.exposedbydefault=false"
        # Entry points
        - "--entrypoints.web.address=:80"
        - "--entrypoints.websecure.address=:443"
        # Access logs
        - "--accesslog=true"
        - "--accesslog.filepath=/access.log"
        - "--accesslog.bufferingsize=200"
        # ACME (Let's Encrypt)
        - "--certificatesresolvers.letsencrypt-1.acme.httpchallenge=true"
        - "--certificatesresolvers.letsencrypt-1.acme.httpchallenge.entrypoint=web"
        - "--certificatesresolvers.letsencrypt-1.acme.email=${ACME_EMAIL}"
        - "--certificatesresolvers.letsencrypt-1.acme.storage=/letsencrypt/acme.json"
        - "--certificatesresolvers.letsencrypt-1.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory" # For DEV purpose
        - "--log.level=DEBUG" # For DEBUG purpose
      ports:
        - '80:80'
        - '443:443'
      labels:
        - "traefik.enable=true"
        # Route : HTTPS ➔ HTTP (Traefik itself)
        - "traefik.http.routers.traefik-websecure.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && (PathPrefix(`/api`) || PathPrefix(`/dashboard/`))"
        - "traefik.http.routers.traefik-websecure.service=api@internal"
        - "traefik.http.routers.traefik-websecure.entrypoints=websecure"
        - "traefik.http.routers.traefik-websecure.tls.certresolver=letsencrypt-1"
        - "traefik.http.middlewares.traefik-auth.basicAuth.users=${TRAEFIK_DASHBOARD_AUTH}"
        # Redirect HTTP ➔ HTTPS
        - "traefik.http.routers.traefik-web.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && (PathPrefix(`/api`) || PathPrefix(`/dashboard/`))"
        - "traefik.http.routers.traefik-web.entrypoints=web"
        - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
        - "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
        # Enable "middlewares"
        - "traefik.http.routers.traefik-websecure.middlewares=traefik-auth"
        - "traefik.http.routers.traefik-web.middlewares=redirect-to-https"
      volumes:
        - /var/run/docker.sock:/var/run/docker.sock:ro
        - ./volumes/traefik-certificates:/letsencrypt
        - ./volumes/traefik-access.log:/access.log
      restart: unless-stopped

When there is only one WordPress in use , everything works fine , routing is done as expected.只使用一个 WordPress 时一切正常,路由按预期完成。

On the other hand, when both WordPress are running , Traefik does a kind of "load balancing" between the two , as if they were running on top of each other.另一方面,当 WordPress 都在运行时,Traefik会在两者之间进行一种“负载平衡” ,就好像它们在彼此之上运行一样。 I looked into Traefik's access-logs and that's exactly what happens, requests are split between the two containers regardless of the original URL .我查看了 Traefik 的访问日志,这正是发生的情况,请求在两个容器之间拆分,而与原始 URL 无关

I don't understand this behavior even though I have well defined priorities to avoid this behavior according to the documentation and the rules seem good to me.我不理解这种行为,即使我根据文档定义了避免这种行为的优先级,并且这些规则对我来说似乎很好。

Do you think I missed something?你认为我错过了什么吗? I've been looking for 2 days and I don't see:/我一直在寻找2天,我没有看到:/

Thanks to those who will help me solve this problem:)感谢那些帮助我解决这个问题的人:)

1 个解决方案

解决方案1
 0  2021-02-12 14:49:00

Finally, i get the solution from Kevin Pollet on GitHub: solution from GitHub最后,我在 GitHub 上从Kevin Pollet那里得到了解决方案:来自 GitHub的解决方案

To make it simple, in my case, I was using the same webapp for both WordPress, so Traefik does a balancing in this case.为了简单起见,在我的例子中,我为两个 WordPress 使用了相同的 webapp,所以 Traefik 在这种情况下进行了平衡。

To stop this behaviour it was enough to make two different webapps.为了阻止这种行为,制作两个不同的 webapps 就足够了。 Since then, everything works as expected.从那时起,一切都按预期进行。

If anyone else has the same problem...如果其他人有同样的问题...

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 traefik 2 在同一个容器上的多个路由器和服务 - Multiple Routers and Services on the same container with traefik 2 Traefik 容器因文件规则而失败 - Traefik container fails with file rules 如何将 Gitlab CI 变量作为 Traefik traefik.http.routers.container_name.rule 标签值传递 - how to pass Gitlab CI variable as a Traefik traefik.http.routers.container_name.rule label value 不要在 traefik 规则中规范化 docker 容器名称 - Do not normalize docker container names in traefik rules traefik docker标签中基于主机和路径的路由规则的混合 - Mixture of host and path based routing rules in traefik docker labels 带有docker后端的traefik反向代理 - 在traefik的配置文件中配置前端规则而不是通过容器标签 - traefik reverse-proxy with docker backend - configure frontend rules in traefik's config file and not via container label Docker Traefik API 上的 GET 请求 - 按 CORS 规则阻止 - GET Request on Docker Traefik API - Block by CORS rules Elasticsearch Docker停止似乎忽略了SIGKILL - Elasticsearch Docker stop seems to ignore SIGKILL 使用 docker 容器时在文件中热重载 traefik 前端规则 - hot-reload traefik frontend rules in a file while using docker containers docker-compose 似乎忽略了 mariadb 上的.env-variables - docker-compose seems to ignore .env-variables on mariadb
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM