docker Traefik版本2仅显示404或根本不显示网站

r3i60tvu  于 2023-02-11  发布在  Docker
关注(0)|答案(2)|浏览(350)

我尝试在版本2中设置Traefik,但我的浏览器中只出现“404 Page not found”或DNS_PROBE_FINISHED_NXDOMAIN错误。
当我检查路由器的API端点时,我可以看到我的两个容器在Traefik中被启用,并且规则是正确的。

curl http://localhost:8080/api/http/routers

[{"entryPoints":["web","secure"],"service":"gotify-gotify","rule":"Host(`sub2.example.org`)","tls":{"certResolver":"letsencrypt"},"status":"enabled","using":["secure","web"],"name":"gotify@docker","provider":"docker"},{"entryPoints":["web","secure"],"service":"nextcloud-cloud","rule":"Host(`sub.example.org`)","tls":{"certResolver":"letsencrypt"},"status":"enabled","using":["secure","web"],"name":"nextcloud@docker","provider":"docker"}]

但是在“sub2”上我根本没有得到任何网站,在“sub”上我得到“404页面找不到”。我已经为“*”设置了一个DNS条目,所以所有子域都到同一个服务器。
我为Docker集装箱设置了以下标签

labels:
traefik.enable: true
traefik.http.routers.nextcloud.rule: "Host(`sub.example.org`)"
traefik.http.routers.nextcloud.entrypoints: "web, secure"
traefik.http.routers.nextcloud.tls.certresolver: "letsencrypt"

这是我的Traefik配置traefik.tom l

[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.secure]
    address = ":443"

[providers.docker]
  exposedByDefault = false
  network = "traefik"

[certificatesResolvers.letsencrypt.acme]
  email = "me@example.org"
  storage = "acme.json"
  [certificatesResolvers.letsencrypt.acme.httpChallenge]
    entryPoint = "web"

[api]
  insecure = true
  debug = true
  dashboard = false

Traefik本身是作为码头集装箱运行的。

version: "3.7"

services:
  traefik:
    image: traefik:v2.0
    container_name: traefik
    restart: unless-stopped
    volumes:
    - "./traefik.toml:/etc/traefik/traefik.toml"
    - "./acme:/etc/traefik/acme"
    - "/var/run/docker.sock:/var/run/docker.sock"
    ports:
    - "80:80"
    - "127.0.0.1:8080:8080"
    - "443:443"
    networks:
    - traefik

networks:
  traefik:
    driver: bridge
    name: traefik

我使用ufw来管理防火墙规则,并打开了端口22、80和443

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
egmofgnx

egmofgnx1#

您可以找到traefik 2.2.1的工作示例。此外,您还可以查看完整的设置要点:https://gist.github.com/fatihyildizhan/8f124039a9bd3801f0caf3c01c3601fb
我更喜欢使用2.0版本的
traefik.yml
。它看起来很简单,很多人都熟悉YAML文件。

[Traefik v2.0] - docker-compose.yml  with httpChallenge

    version: '3.7'

    services:
      traefik:
        image: traefik:v2.2.1
        container_name: traefik
        restart: unless-stopped
        security_opt:
          - no-new-privileges:true
        networks:
          - proxy
        ports:
          - 80:80
          - 443:443
        volumes:
          - /etc/localtime:/etc/localtime:ro
          - /var/run/docker.sock:/var/run/docker.sock:ro
          - ./traefik.yml:/traefik.yml:ro
          - ./acme.json:/acme.json
        labels:
          - "traefik.enable=true"
          - "traefik.http.routers.traefik.entrypoints=http"
          - "traefik.http.routers.traefik.rule=Host(`traefik.your-domain.com`)"
          - "traefik.http.middlewares.traefik-auth.basicauth.users=username:hashed-password"
          - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
          - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
          - "traefik.http.routers.traefik-secure.entrypoints=https"
          - "traefik.http.routers.traefik-secure.rule=Host(`traefik.your-domain.com`)"
          - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
          - "traefik.http.routers.traefik-secure.tls=true"
          - "traefik.http.routers.traefik-secure.tls.certresolver=http"
          - "traefik.http.routers.traefik-secure.service=api@internal"
          - "traefik.http.services.traefik.loadbalancer.server.port=8080"

    networks:
      proxy:
        external: true

    [Traefik v2.0] - traefik.yml with httpChallenge

    api:
      dashboard: true

    # Writing Logs to a File, in JSON
    log:
      level: DEBUG
      filePath: "log-file.log"
      format: json

    # Configuring a buffer of 100 lines
    accessLog:
      filePath: "log-access.log"
      bufferingSize: 100  

    entryPoints:
      http:
        address: ":80"
      https:
        address: ":443"

    providers:
      docker:
        endpoint: "unix:///var/run/docker.sock"
        exposedByDefault: false

    certificatesResolvers:
      http:
        acme:
          email: your-email.com
          storage: acme.json
          httpChallenge:
            entryPoint: http    

    [Traefik v2.0] - your-container docker-compose.yml

    version: '3.7'

    services:
        your-container-name:
          image: docker.pkg.github.com/username/repo-name/image-name:latest
          container_name: your-container-name
          restart: unless-stopped
          security_opt:
            - no-new-privileges:true
          networks:
            - proxy
          volumes:
            - /etc/localtime:/etc/localtime:ro
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - ./data:/data
          labels:
            - "traefik.enable=true"
            - "traefik.http.routers.your-container-name.entrypoints=http"
            - "traefik.http.routers.your-container-name.rule=Host(`your-container-name.your-domain.com`)"
            - "traefik.http.middlewares.your-container-name-https-redirect.redirectscheme.scheme=https"
            - "traefik.http.routers.your-container-name.middlewares=your-container-name-https-redirect"
            - "traefik.http.routers.your-container-name-secure.entrypoints=https"
            - "traefik.http.routers.your-container-name-secure.rule=Host(`your-container-name.your-domain.com`)"
            - "traefik.http.routers.your-container-name-secure.tls=true"
            - "traefik.http.routers.your-container-name-secure.tls.certresolver=http"
            - "traefik.http.routers.your-container-name-secure.service=your-container-name"
            - "traefik.http.services.your-container-name.loadbalancer.server.port=80"
            - "traefik.docker.network=proxy"

    networks:
      proxy:
        external: true
mtb9vblg

mtb9vblg2#

有几个原因可能导致这种情况,其中包括:
1.您在DNS级别启用了SSL/TLS代理(例如CloudFlare),这将阻止http质询完成。
1.证书解析程序的存储路径配置错误(可能不是在这种情况下,而是对其他读取器);检查Traefik container日志docker logs traefik中是否存在

level=error msg="The ACME resolver \"[resolver]\" is skipped from the resolvers 
list because: unable to get ACME account: open /[path_to_storage]/acme.json: 
no such file or directory
level=error msg="the router [service]@docker uses a non-existent resolver: 
[resolver]"

等错误如果您看到这些错误,请确保存储文件夹存在和/或卷已从您的主机正确Map到Traefik docker container(您可能需要手动创建,Traefik不会为您创建,至少目前不会)。
1.代理背后的服务存在技术问题(例如,Nginx、Apache等配置错误)。Traefik将为一系列在技术上与真实的的404错误不对应的错误(例如,500、501,可能是其他错误)生成通用的404 page not found,这可能会引起混淆。

相关问题