Traefik负载平衡到错误的nginx docker容器

uajslkp6  于 2023-04-20  发布在  Docker
关注(0)|答案(1)|浏览(139)

我在项目中实现traefik时遇到了一个奇怪的问题。
我有一个仓库来配置traefik和其他服务,我想在应用程序之间共享,和2个应用程序(API和监控)使用这些服务在网络上“共享”。
我的问题是当我转到url https://monitoring.local时,我在API nginx容器中随机获得日志,所以我的监控应用程序无法工作。当api服务关闭时,监控工作正常。当我转到https://api.local时,一切正常。
这看起来像负载均衡监控。本地url到监控nginx容器随机负载均衡到API nginx容器。
我试着改变traefik配置中的很多东西,但没有解决问题:(
如果你们中的一些人得到任何线索,我会采取它:)
这是我的Traefik docker-compose.yml

version: "3.8"

services:
    traefik:
        image: traefik:v2.9
        container_name: local_traefik
        depends_on:
            -  mkcert
        ports:
            - "80:80"
            - "443:443"
        volumes:
            - certs:/etc/ssl/traefik
            - ./config/traefik/traefik.yml:/etc/traefik/traefik.yml:ro
            - ./config/traefik/dynamic.yml:/etc/traefik/dynamic.yml:ro
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - ./.docker/log:/var/log
        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.traefik-secure.entrypoints=https"
            - "traefik.http.routers.traefik-secure.rule=Host(`traefik.local`)"
            - "traefik.http.routers.traefik-secure.tls=true"
            - "traefik.http.services.traefik.loadbalancer.server.port=8080"
        restart: unless-stopped
        security_opt:
            - no-new-privileges:true

    mkcert:
        build:
            context: ./docker/images/mkcert
            dockerfile: Dockerfile
        image: mkcert:1.4.4
        volumes:
            - certs:/root/.local/share/mkcert
        command: sh -c "./mkcert -install && \
            ./mkcert -cert-file /root/.local/share/mkcert/local-cert.pem \
            -key-file /root/.local/share/mkcert/local-cert.key *.local"
        labels:
            - "traefik.enable=false"

    localstack:
        build:
            context: ./docker/images/localstack
        image: localstack:1.4.0
        container_name: local_localstack
        depends_on:
            - traefik
        environment:
            - LOCALSTACK_PERSISTENCE=1
            - SERVICES=s3,sqs,events
            - DEBUG=1
            - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
            - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
            - EAGER_SERVICE_LOADING=1
            - DATA_DIR=/tmp/localstack/data
            - DOCKER_HOST=unix:///var/run/docker.sock
        ports:
            - '4566:4566'
            - '4510-4559:4510-4559'
        volumes:
            - ./docker/volumes/localstack/init:/docker-entrypoint-initaws.d
            - ./docker/volumes/localstack/files:/tmp/localstack/files
            - ./docker/volumes/localstack/data:/tmp/localstack/data
        labels:
            - "traefik.enable=false"
        networks:
            - shared
            - default

    database:
        image: mongo:${DATABASE_VERSION}
        restart: always
        environment:
            MONGO_INITDB_ROOT_USERNAME: ${DATABASE_USER}
            MONGO_INITDB_ROOT_PASSWORD: ${DATABASE_PASSWORD}
        ports:
            - ${DATABASE_PORT}:27017
        expose:
            - ${DATABASE_PORT}
        volumes:
            -  ./docker/volumes/database/init/init.sh:/docker-entrypoint-initdb.d/mongo-init.sh:ro
            - data-documents:/data/db
        labels:
            - "traefik.enable=false"
        networks:
            - shared
            - default

volumes:
    certs:
        external: true
    data-documents:
        driver: local

networks:
    default:
        name: proxy
        external: true
    shared:
        external: true

traefik.yml

api:
  insecure: true
  dashboard: true

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

providers:
  file:
    filename: /etc/traefik/dynamic.yml
    watch: true
  docker:
    endpoint: unix:///var/run/docker.sock
    exposedByDefault: false
    network: proxy

serversTransport:
  insecureSkipVerify: true

log:
    level: DEBUG
    filePath: /var/log/traefik.log

accessLog:
    filePath: /var/log/traefik-access.log

dynamic.yml

http:
  routers:
    traefik:
      rule: "Host(`traefik.local`)"
      service: "api@internal"
      tls:
        domains:
          - main: "local"
            sans:
              - "*.local"

tls:
  certificates:
    - certFile: "/etc/ssl/traefik/local-cert.pem"
      keyFile: "/etc/ssl/traefik/local-cert.key"

下面是我的API docker-compose.yml文件

version: "3.8"

services:
    web:
        image: nginx:1.23-alpine
        restart: unless-stopped
        depends_on:
            - php-fpm
        volumes:
            - ./:/var/www:delegated
            - ${DOCKER_LOGS}/nginx/:/var/log/nginx
            - ${DOCKER_VOLUMES}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
            - ${DOCKER_VOLUMES}/nginx/conf.d/:/etc/nginx/conf.d:ro
            - ${DOCKER_VOLUMES}/nginx/sites-available/:/etc/nginx/sites-available:ro
            - ${DOCKER_VOLUMES}/nginx/proxy_params:/etc/nginx/proxy_params:ro
            - ${DOCKER_VOLUMES}/nginx/fastcgi_params:/etc/nginx/fastcgi_params:ro
            - certs:/etc/nginx/certs
        working_dir: /var/www
        command: [ nginx-debug, '-g', 'daemon off;' ]
        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.api-secure.entrypoints=https"
            - "traefik.http.routers.api-secure.rule=Host(`api.local`)"
            - "traefik.http.routers.api-secure.tls=true"
        networks:
            - proxy
            - api

    php-fpm:
        build:
            context: ${DOCKER_IMAGES}/php-fpm
            target: base
        image: apiv2-php:8.2.3-alpine3.16
        environment:
            COMPOSER_MEMORY_LIMIT: -1
            PHP_CS_FIXER_IGNORE_ENV: 1
        expose:
            - '9000'
        volumes:
            - ./:/var/www:rw,cached
            - ${DOCKER_VOLUMES}/php-fpm/php.ini:/usr/local/etc/php/conf.d/docker-php-ext-custom.ini:ro
        labels:
            - "traefik.enable=false"
        networks:
            - shared
            - api

volumes:
    data-api:
        driver: local
    certs:
        external: true

networks:
    proxy:
        external: true
    shared:
        external: true
    api:

这是我的监视docker-composer.yml

version: "3.8"

services:
    web:
        image: nginx:1.23-alpine
        restart: unless-stopped
        depends_on:
            - php-fpm
        volumes:
            - ./:/var/www:delegated
            - ${DOCKER_LOGS}/nginx/:/var/log/nginx
            - ${DOCKER_VOLUMES}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
            - ${DOCKER_VOLUMES}/nginx/conf.d/:/etc/nginx/conf.d:ro
            - ${DOCKER_VOLUMES}/nginx/sites-available/:/etc/nginx/sites-available:ro
            - ${DOCKER_VOLUMES}/nginx/proxy_params:/etc/nginx/proxy_params:ro
            - ${DOCKER_VOLUMES}/nginx/fastcgi_params:/etc/nginx/fastcgi_params:ro
            - certs:/etc/nginx/certs
        working_dir: /var/www
        command: [ nginx-debug, '-g', 'daemon off;' ]
        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.monitoring-secure.entrypoints=https"
            - "traefik.http.routers.monitoring-secure.service=monitoring-secure"
            - "traefik.http.routers.monitoring-secure.rule=Host(`monitoring.local`)"
            - "traefik.http.routers.monitoring-secure.tls=true"
            - "traefik.http.services.monitoring-secure.loadbalancer.server.port=80"
        networks:
            - proxy
            - monitoring

    php-fpm:
        build:
            context: ${DOCKER_IMAGES}/php-fpm
            target: base
        image: monitoring-php:8.2.3-alpine3.16
        environment:
            COMPOSER_MEMORY_LIMIT: -1
            PHP_CS_FIXER_IGNORE_ENV: 1
        expose:
            - '9000'
        volumes:
            - ./:/var/www:rw,cached
            - ${DOCKER_VOLUMES}/php-fpm/php.ini:/usr/local/etc/php/conf.d/docker-php-ext-custom.ini:ro
        labels:
            - "traefik.enable=false"
        networks:
            - shared
            - monitoring

    node:
        image: node:19.4-alpine3.17
        volumes:
            - ./:/var/www
        command: tail -f /dev/null
        working_dir: /var/www
        labels:
            - "traefik.enable=false"
        networks:
            - monitoring
volumes:
    certs:
        external: true

networks:
    proxy:
        external: true
    shared:
        external: true
    monitoring:

谢谢你的帮助!
朱利安

2uluyalo

2uluyalo1#

我们发现了这个问题,似乎有一个冲突,因为php-fpm容器有相同的名称。我们成功地解决了这个问题,通过前缀容器的项目名称。
谢谢你的帮助!

相关问题