Traefik 不路由到其他容器

Question

我已经在我的前厅运行 Ubuntu 20.04 的服务器上设置了 Traefik 和 Portainer（我使用了本指南和本指南，但没有在第二个教程中设置默认 IP 白名单，因为我希望它成为一个可公开访问的网络服务器）。 这两个应用程序都可以运行，并且似乎都在使用 HTTPS。 我可以在 Portainer 中管理和创建容器。

为了测试我的配置，我添加了两个容器 - MySQL 和 Wordpress。 我在上面的教程中添加了 Traefik 标签，就像我设置 Traefik 时一样，我在 Portainer 中设置了 Wordpress 容器的域名，但是每当我尝试访问该域中的 Wordpress 站点时，我都会收到错误网关错误（只是词“坏网关”，甚至不是状态代码）。

我不确定我哪里出错了。 这是我的配置文件：

traefik.yml：

api:
  dashboard: true

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /config.yml
version: '3'

services:
  traefik:
    image: traefik:v2.0
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data/traefik.yml:/traefik.yml:ro
      - ./data/acme.json:/acme.json
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik.mywebsite.com`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=michael:$$apr1$$.m1mfSB0$$6Ypx6rfih8y.vHkNQe9rJ0"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.mywebsite.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true
certificatesResolvers:
  http:
    acme:
      email: me@myemail.com
      storage: acme.json
      httpChallenge:
        entryPoint: http

配置文件：

http:
  middlewares:
    https-redirect:
      redirectScheme:
        scheme: https

docker-compose.yml：

version: '3'

services:
  traefik:
    image: traefik:v2.0
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data/traefik.yml:/traefik.yml:ro
      - ./data/acme.json:/acme.json
      - ./data/config.yml:/config.yml:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik.mywebsite.com`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=michael:$$apr1$$.m1mfSB0$$6Ypx6rfih8y.vHkNQe9rJ0"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.mywebsite.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true

Wordpress/MySQL docker-compose.yml：

version: '3.1'

services:

  wordpress:
    image: wordpress
    restart: always
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: admin
      WORDPRESS_DB_PASSWORD: password
      WORDPRESS_DB_NAME: wordpressdb
    volumes:
      - wordpress:/var/www/html
    networks:
      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.wordpress.entrypoints=http"
      - "traefik.http.routers.wordpress.rule=Host(`myblog.com`)"
      - "traefik.http.routers.wordpress.middlewares=https-redirect@file"
      - "traefik.http.routers.wordpress-secure.entrypoints=https"
      - "traefik.http.routers.wordpress-secure.rule=Host(`myblog.com`)"
      - "traefik.http.routers.wordpress-secure.tls=true"
      - "traefik.http.routers.wordpress-secure.tls.certresolver=http"
      - "traefik.http.routers.wordpress-secure.service=wordpress"
      - "traefik.http.services.wordpress.loadbalancer.server.port=9000"
      - "traefik.docker.network=proxy"

  db:
    image: mysql:5.7
    restart: always
    environment:
      MYSQL_DATABASE: exampledb
      MYSQL_USER: username
      MYSQL_PASSWORD: password
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - db:/var/lib/mysql
    networks:
      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.mysql.entrypoints=http"
      - "traefik.http.routers.mysql.middlewares=https-redirect@file"
      - "traefik.http.routers.mysql-secure.entrypoints=https"
      - "traefik.http.routers.mysql-secure.tls=true"
      - "traefik.http.routers.mysql-secure.tls.certresolver=http"
      - "traefik.http.routers.mysql-secure.service=mysql"
      - "traefik.http.services.mysql.loadbalancer.server.port=9000"
      - "traefik.docker.network=proxy"

volumes:
  wordpress:
  db:

networks:
  proxy:
    external: true

如果需要，我也可以提供 Portainer docker-compose.yml 文件，但我认为没有必要。 这里的任何帮助都会很棒！

Answer 1

对于不同应用程序之间的网络连接，您必须在其中一个应用程序中创建网络。 我会在你的 traefik docker-compose.yml 中这样做

这意味着，在您的 traefik 撰写文件中，您不能将代理网络指定为外部，因为您在该应用程序中内部创建它，如下所示：

networks:
  proxy:

在您的 Wordpress/MySQL docker-compose.yml 中，您必须为外部网络指定一个名称，如下所示：

networks:
  proxy:
    external:
      name: "traefik_proxy"

当您使用 compose 创建新应用程序时，应用程序中的所有内容都会获得一个前缀，即放置 compose 文件的目录名。

意思是上面的例子只有在你的 traefik compose 文件被放置在一个名为“traefik”的目录中时才有效

这应该可以解决您的连接问题。