docker 502用于Traefik 1.7中的选项

wkyowqbh  于 2022-11-22  发布在  Docker
关注(0)|答案(2)|浏览(164)

我正在Ubuntu上测试一个本地Icecast服务器,使用Docker容器中的Traefik 1.7。
当手动转到子域上的页面时,所有CORS标头均已设置:

但是从另一个本地域访问页面总是在OPTIONS上出现502错误。
我已经设法从Traefik容器中获得了一些调试信息,但我不知道如何解决这个问题。

everse-proxy    | time="2022-11-11T21:08:01Z" level=debug msg="vulcand/oxy/forward/http: begin ServeHttp on request" Request="{\"Method\":\"OPTIONS\",\"URL\":{\"Scheme\":\"http\",\"Opaque\":\"\",\"User\":null,\"Host\":\"10.10.1.8:8000\",\"Path\":\"\",\"RawPath\":\"\",\"ForceQuery\":false,\"RawQuery\":\"\",\"Fragment\":\"\",\"RawFragment\":\"\"},\"Proto\":\"HTTP/2.0\",\"ProtoMajor\":2,\"ProtoMinor\":0,\"Header\":{\"Accept\":[\"*/*\"],\"Accept-Encoding\":[\"gzip, deflate, br\"],\"Accept-Language\":[\"en-US,en;q=0.9,nl;q=0.8\"],\"Access-Control-Request-Headers\":[\"icy-metadata\"],\"Access-Control-Request-Method\":[\"GET\"],\"Cache-Control\":[\"no-cache\"],\"Origin\":[\"https://gsr.localhost.traefik.me\"],\"Pragma\":[\"no-cache\"],\"Referer\":[\"https://gsr.localhost.traefik.me/\"],\"Sec-Fetch-Dest\":[\"empty\"],\"Sec-Fetch-Mode\":[\"cors\"],\"Sec-Fetch-Site\":[\"same-site\"],\"User-Agent\":[\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36\"]},\"ContentLength\":0,\"TransferEncoding\":null,\"Host\":\"radio.localhost.traefik.me\",\"Form\":null,\"PostForm\":null,\"MultipartForm\":null,\"Trailer\":null,\"RemoteAddr\":\"127.0.0.1:53784\",\"RequestURI\":\"/radio\",\"TLS\":null}"
reverse-proxy    | time="2022-11-11T21:08:01Z" level=debug msg="Upstream ResponseWriter of type *pipelining.writerWithoutCloseNotify does not implement http.CloseNotifier. Returning dummy channel."
reverse-proxy    | time="2022-11-11T21:08:01Z" level=debug msg="'502 Bad Gateway' caused by: EOF"
reverse-proxy    | time="2022-11-11T21:08:01Z" level=debug msg="vulcand/oxy/forward/http: Round trip: http://10.10.1.8:8000, code: 502, Length: 11, duration: 5.960359ms tls:version: 303, tls:resume:true, tls:csuite:c02f, tls:server:radio.localhost.traefik.me"

docker-compose.yml

version: "3.1"

networks:
  db_default:
    external: true

services:
  reverse-proxy:
    container_name: reverse-proxy
    image: traefik:v1.7-alpine # The official Traefik docker image
    network_mode: "host"
    command: --api  --docker # Enables the web UI and tells Tr  fik to listen to docker
    volumes:
      - ./docker:/certs:ro
      - ./docker/traefik.toml:/etc/traefik/traefik.toml
      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events

  gsr2:
      container_name: gsrdev2
      build: docker
      volumes:
        - .bash_history:/root/.bash_history
        - ./:/var/www
        - ./log:/tmp/audit
      environment:
        #PHP_IDE_CONFIG: "serverName=gsr2.localhost.xip.io"
        XDEBUG_CONFIG: "start_with_request=yes"
      labels:
        - traefik.enable=true
        - "traefik.frontend.rule=Host:gsr.localhost.traefik.me"
      networks:
        - db_default

  icecast2:
    image: pltnk/icecast2
    container_name: icecast2
    expose:
      - 8000
    volumes:
      - ./icecast.xml:/etc/icecast2/icecast.xml
      - ./log:/var/log/icecast2
      - ./docker/bundle.pem:/etc/icecast2/bundle.pem
    labels:
      - traefik.enable=true
      - "traefik.frontend.rule=Host:radio.localhost.traefik.me"
    networks:
      - db_default

traefik.toml

defaultEntryPoints = ["http","https"]

loglevel="DEBUG"

[api]
    dashboard = false

[entryPoints]

[entryPoints.http]
    address = ":80"
#[entryPoints.http.redirect]
#    regex = "^http://(www.)*(.*)"
#    replacement = "https://$2"
#    permanent = true

[entryPoints.https]
    address = ":443"
    [entryPoints.https.tls]
       [[entryPoints.https.tls.certificates]]
           certFile = "/certs/cert.pem"
           keyFile = "/certs/key.pem"

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "localhost.traefik.me"
watch = true
exposedbydefault = false
network = "proxy"

Icecast服务器中的标头配置:

<http-headers>
        <header name="Access-Control-Allow-Origin" value="*" />
        <header name="Vary" value="Origin" />
        <header name="Access-Control-Allow-Methods" value="GET, OPTIONS, PUT, POST" />
        <header name="Access-Control-Allow-Headers" value="Content-Type, Icy-Metadata" />
        <header name="Access-Control-Expose-Headers" value="Icy-MetaInt, Icy-Br, Icy-Description, Icy-Genre, Icy-Name, Ice-Audio-Info, Icy-Url, Icy-Sr, Icy-Vbr, Icy-Pub" />

    </http-headers>
okxuctiv

okxuctiv1#

通常,502 Bad Gateway服务器错误响应代码表示服务器在充当网关或代理时从上游服务器收到无效响应。
我没有看到您的Dockerfile,但错误应该是由以下原因引起的:

  • 缺少网络规范。您必须在Docker文件中指定网络以允许容器连接
  • 缺少端口。添加traefik端口traefik.port=80
djmepvbi

djmepvbi2#

我修复了它!首先我迁移到Traefik 2。然后,根据the Traefik docs,我可以直接在我的容器上包含一些中间件来设置CORS的头,如下所示:

icecast2:
    image: pltnk/icecast2
    container_name: icecast2
    expose:
      - 8000
    volumes:
      - ./icecast.xml:/etc/icecast2/icecast.xml
      - ./log:/var/log/icecast2
    labels:
      - "traefik.http.middlewares.testheader.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
      - "traefik.http.middlewares.testheader.headers.accesscontrolalloworiginlist=*"
      - "traefik.http.middlewares.testheader.headers.accessControlAllowHeaders=Content-Type, Icy-Metadata"
      - "traefik.http.middlewares.testheader.headers.accesscontrolmaxage=100"
      - "traefik.http.middlewares.testheader.headers.addvaryheader=true"
      - traefik.enable=true
      - traefik.http.routers.icecast2.middlewares=testheader
      - "traefik.http.routers.icecast2.entrypoints=http,https"
      - "traefik.http.routers.icecast2.tls=true"
      - traefik.http.routers.icecast2.rule=Host(`radio.localhost.traefik.me`)

相关问题