我在项目中实现traefik时遇到了一个奇怪的问题。
我有一个仓库来配置traefik和其他服务,我想在应用程序之间共享,和2个应用程序(API和监控)使用这些服务在网络上“共享”。
我的问题是当我转到url https://monitoring.local时,我在API nginx容器中随机获得日志,所以我的监控应用程序无法工作。当api服务关闭时,监控工作正常。当我转到https://api.local时,一切正常。
这看起来像负载均衡监控。本地url到监控nginx容器随机负载均衡到API nginx容器。
我试着改变traefik配置中的很多东西,但没有解决问题:(
如果你们中的一些人得到任何线索,我会采取它:)
这是我的Traefik docker-compose.yml
version: "3.8"
services:
traefik:
image: traefik:v2.9
container_name: local_traefik
depends_on:
- mkcert
ports:
- "80:80"
- "443:443"
volumes:
- certs:/etc/ssl/traefik
- ./config/traefik/traefik.yml:/etc/traefik/traefik.yml:ro
- ./config/traefik/dynamic.yml:/etc/traefik/dynamic.yml:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./.docker/log:/var/log
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.local`)"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
restart: unless-stopped
security_opt:
- no-new-privileges:true
mkcert:
build:
context: ./docker/images/mkcert
dockerfile: Dockerfile
image: mkcert:1.4.4
volumes:
- certs:/root/.local/share/mkcert
command: sh -c "./mkcert -install && \
./mkcert -cert-file /root/.local/share/mkcert/local-cert.pem \
-key-file /root/.local/share/mkcert/local-cert.key *.local"
labels:
- "traefik.enable=false"
localstack:
build:
context: ./docker/images/localstack
image: localstack:1.4.0
container_name: local_localstack
depends_on:
- traefik
environment:
- LOCALSTACK_PERSISTENCE=1
- SERVICES=s3,sqs,events
- DEBUG=1
- AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
- EAGER_SERVICE_LOADING=1
- DATA_DIR=/tmp/localstack/data
- DOCKER_HOST=unix:///var/run/docker.sock
ports:
- '4566:4566'
- '4510-4559:4510-4559'
volumes:
- ./docker/volumes/localstack/init:/docker-entrypoint-initaws.d
- ./docker/volumes/localstack/files:/tmp/localstack/files
- ./docker/volumes/localstack/data:/tmp/localstack/data
labels:
- "traefik.enable=false"
networks:
- shared
- default
database:
image: mongo:${DATABASE_VERSION}
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: ${DATABASE_USER}
MONGO_INITDB_ROOT_PASSWORD: ${DATABASE_PASSWORD}
ports:
- ${DATABASE_PORT}:27017
expose:
- ${DATABASE_PORT}
volumes:
- ./docker/volumes/database/init/init.sh:/docker-entrypoint-initdb.d/mongo-init.sh:ro
- data-documents:/data/db
labels:
- "traefik.enable=false"
networks:
- shared
- default
volumes:
certs:
external: true
data-documents:
driver: local
networks:
default:
name: proxy
external: true
shared:
external: true
traefik.yml
api:
insecure: true
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
file:
filename: /etc/traefik/dynamic.yml
watch: true
docker:
endpoint: unix:///var/run/docker.sock
exposedByDefault: false
network: proxy
serversTransport:
insecureSkipVerify: true
log:
level: DEBUG
filePath: /var/log/traefik.log
accessLog:
filePath: /var/log/traefik-access.log
dynamic.yml
http:
routers:
traefik:
rule: "Host(`traefik.local`)"
service: "api@internal"
tls:
domains:
- main: "local"
sans:
- "*.local"
tls:
certificates:
- certFile: "/etc/ssl/traefik/local-cert.pem"
keyFile: "/etc/ssl/traefik/local-cert.key"
下面是我的API docker-compose.yml文件
version: "3.8"
services:
web:
image: nginx:1.23-alpine
restart: unless-stopped
depends_on:
- php-fpm
volumes:
- ./:/var/www:delegated
- ${DOCKER_LOGS}/nginx/:/var/log/nginx
- ${DOCKER_VOLUMES}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ${DOCKER_VOLUMES}/nginx/conf.d/:/etc/nginx/conf.d:ro
- ${DOCKER_VOLUMES}/nginx/sites-available/:/etc/nginx/sites-available:ro
- ${DOCKER_VOLUMES}/nginx/proxy_params:/etc/nginx/proxy_params:ro
- ${DOCKER_VOLUMES}/nginx/fastcgi_params:/etc/nginx/fastcgi_params:ro
- certs:/etc/nginx/certs
working_dir: /var/www
command: [ nginx-debug, '-g', 'daemon off;' ]
labels:
- "traefik.enable=true"
- "traefik.http.routers.api-secure.entrypoints=https"
- "traefik.http.routers.api-secure.rule=Host(`api.local`)"
- "traefik.http.routers.api-secure.tls=true"
networks:
- proxy
- api
php-fpm:
build:
context: ${DOCKER_IMAGES}/php-fpm
target: base
image: apiv2-php:8.2.3-alpine3.16
environment:
COMPOSER_MEMORY_LIMIT: -1
PHP_CS_FIXER_IGNORE_ENV: 1
expose:
- '9000'
volumes:
- ./:/var/www:rw,cached
- ${DOCKER_VOLUMES}/php-fpm/php.ini:/usr/local/etc/php/conf.d/docker-php-ext-custom.ini:ro
labels:
- "traefik.enable=false"
networks:
- shared
- api
volumes:
data-api:
driver: local
certs:
external: true
networks:
proxy:
external: true
shared:
external: true
api:
这是我的监视docker-composer.yml
version: "3.8"
services:
web:
image: nginx:1.23-alpine
restart: unless-stopped
depends_on:
- php-fpm
volumes:
- ./:/var/www:delegated
- ${DOCKER_LOGS}/nginx/:/var/log/nginx
- ${DOCKER_VOLUMES}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ${DOCKER_VOLUMES}/nginx/conf.d/:/etc/nginx/conf.d:ro
- ${DOCKER_VOLUMES}/nginx/sites-available/:/etc/nginx/sites-available:ro
- ${DOCKER_VOLUMES}/nginx/proxy_params:/etc/nginx/proxy_params:ro
- ${DOCKER_VOLUMES}/nginx/fastcgi_params:/etc/nginx/fastcgi_params:ro
- certs:/etc/nginx/certs
working_dir: /var/www
command: [ nginx-debug, '-g', 'daemon off;' ]
labels:
- "traefik.enable=true"
- "traefik.http.routers.monitoring-secure.entrypoints=https"
- "traefik.http.routers.monitoring-secure.service=monitoring-secure"
- "traefik.http.routers.monitoring-secure.rule=Host(`monitoring.local`)"
- "traefik.http.routers.monitoring-secure.tls=true"
- "traefik.http.services.monitoring-secure.loadbalancer.server.port=80"
networks:
- proxy
- monitoring
php-fpm:
build:
context: ${DOCKER_IMAGES}/php-fpm
target: base
image: monitoring-php:8.2.3-alpine3.16
environment:
COMPOSER_MEMORY_LIMIT: -1
PHP_CS_FIXER_IGNORE_ENV: 1
expose:
- '9000'
volumes:
- ./:/var/www:rw,cached
- ${DOCKER_VOLUMES}/php-fpm/php.ini:/usr/local/etc/php/conf.d/docker-php-ext-custom.ini:ro
labels:
- "traefik.enable=false"
networks:
- shared
- monitoring
node:
image: node:19.4-alpine3.17
volumes:
- ./:/var/www
command: tail -f /dev/null
working_dir: /var/www
labels:
- "traefik.enable=false"
networks:
- monitoring
volumes:
certs:
external: true
networks:
proxy:
external: true
shared:
external: true
monitoring:
谢谢你的帮助!
朱利安
1条答案
按热度按时间2uluyalo1#
我们发现了这个问题,似乎有一个冲突,因为php-fpm容器有相同的名称。我们成功地解决了这个问题,通过前缀容器的项目名称。
谢谢你的帮助!