Не удается связаться с Traefik из сети через порт 80
Я пытаюсь настроить Traefik для перенаправления имен хостов на порты на сервере в сети моей компании с несколькими приложениями.
Когда я пытаюсь получить доступ к обратному прокси-серверу через порт 80 с именем хоста "evolution" (DNS перенаправляет эволюцию на 192.168.XX.XX), я не могу связаться с Traefik (ничего в журналах).
Если я попытаюсь сделать то же самое непосредственно на сервере, на котором размещен Traefik, я смогу связаться с Traefik (журналы показывают мое соединение и перенаправление).
Спасибо за помощь, подробности ниже.
Примеры с curl:
С моей машины на сервере:
curl -v evolution.example.com
* Rebuilt URL to: evolution.example.com/
* timeout on name lookup is not supported
* Trying 192.168.33.33...
* connect to 192.168.33.33 port 80 failed: Timed out
* Failed to connect to evolution.example.com port 80: Timed out
* Closing connection 0
curl: (7) Failed to connect to evolution.example.com port 80: Timed out
С сервера:
curl -v evolution.example.com
* Rebuilt URL to: evolution.example.com/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to evolution.example.com (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host: evolution.example.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Content-Length: 0
< Date: Mon, 19 Nov 2018 15:44:40 GMT
< Expires: 0
< Location: http://evolution.example.com /signin;jsessionid=BB9A3713AD88C77324B318C142A44B6A?error=403
< Pragma: no-cache
< Server: Apache-Coyote/1.1
< Set-Cookie: JSESSIONID=BB9A3713AD88C77324B318C142A44B6A; Path=/; HttpOnly
< X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
< X-Xss-Protection: 1; mode=block
<
* Curl_http_done: called premature == 0
* Connection #0 to host evolution.example.com left intact
Вот мой файл docker-compose
version: '3'
services:
proxy:
image: traefik:v1.7-alpine
command: --web --docker --docker.domain=example.com --logLevel=DEBUG
restart: unless-stopped
networks:
- web
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /app/docker/volumes/traefik/traefik.toml:/etc/traefik/traefik.toml
- /app/docker/volumes/traefik-certs:/app/traefik/certs
networks:
web:
Вот этот трафик.томл
################################################################
# Global configuration
################################################################
# Enable debug mode
#
# Optional
# Default: false
#
debug = true
# Log level
#
# Optional
# Default: "ERROR"
#
# logLevel = "ERROR"
# Entrypoints to be used by frontends that do not specify any entrypoint.
# Each frontend can specify its own entrypoints.
#
# Optional
# Default: ["http"]
#
#defaultEntryPoints = ["http", "https"]
defaultEntryPoints = ["http"]
# Entrypoints definition
#
# Optional
# Default:
[entryPoints]
[entryPoints.http]
address = ":80"
#[entryPoints.http.redirect]
#entryPoint = "https"
#[entryPoints.https]
# minVersion = "VersionTLS12"
# address = ":443"
# [entryPoints.https.tls]
# [[entryPoints.https.tls.certificates]]
# CertFile="/app/docker/volumes/traefik-certs/server.cert"
# KeyFile="/app/docker/volumes/traefik-certs/server.key"
# Traefik logs
# Enabled by default and log to stdout
#
# Optional
#
# [traefikLog]
# Sets the filepath for the traefik log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
filePath = "/app/docker/volumes/traefik/log/traefik.log"
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format = "common"
# Enable access logs
# By default it will write to stdout and produce logs in the textual
# Common Log Format (CLF), extended with additional fields.
#
# Optional
#
# [accessLog]
# Sets the file path for the access log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath = "/path/to/log/log.txt"
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format = "common"
################################################################
# Web configuration backend
################################################################
# Enable web configuration backend
[web]
# Web administration port
#
# Required
#
address = ":8080"
################################################################
# Dashboard
################################################################
[api]
entryPoint = "traefik"
dashboard = true
debug = true
################################################################
# Docker configuration backend
################################################################
# Enable Docker configuration backend
[docker]
domain = "home.local"
watch = true
exposedbydefault = false
# Docker server endpoint. Can be a tcp or a unix socket endpoint.
#
# Required
# Default: "unix:///var/run/docker.sock"
#
# endpoint = "tcp://10.10.10.10:2375"
# Default domain used.
# Can be overridden by setting the "traefik.domain" label on a container.
#
# Optional
# Default: ""
#
# domain = "docker.localhost"
# Expose containers by default in traefik
#
# Optional
# Default: true
#
# exposedbydefault = true
################################################################
# File configuration backend
################################################################
# Enable File configuration backend
[file]
# Backends
[backends]
[backends.sonar]
[backends.sonar.servers]
[backends.sonar.servers.server1]
url = "http://192.168.33.33:9000"
[backends.jenkins]
[backends.jenkins.servers]
[backends.jenkins.servers.server1]
url = "http://192.168.33.33:8090"
[backends.evolution]
[backends.evolution.servers]
[backends.evolution.servers.server1]
url = "http://192.168.33.33:8081"
[backends.impevolution]
[backends.impevolution.servers]
[backends.impevolution.servers.server1]
url = "http://192.168.33.33:8180"
# Frontends
[frontends]
[frontends.sonar]
#entryPoints = ["http", "https"]
entryPoints = ["http"]
backend = "sonar"
passHostHeader = true
[frontends.sonar.routes.default]
rule = "Host:ic-sonar.example.com"
[frontends.jenkins]
#entryPoints = ["http", "https"]
entryPoints = ["http"]
backend = "jenkins"
passHostHeader = true
[frontends.jenkins.routes.default]
rule = "Host:ic-jenkins.example.com"
[frontends.evolution]
#entryPoints = ["http", "https"]
entryPoints = ["http"]
backend = "evolution"
passHostHeader = true
[frontends.evolution.routes.default]
rule = "Host:evolution.example.com"
[frontends.impevolution]
#entryPoints = ["http", "https"]
entryPoints = ["http"]
backend = "impevolution"
passHostHeader = true
[frontends.impevolution.routes.default]
rule = "Host:impevolution.example.com"