Traefik - Funky Penguin's Geek Cookbook


#41

Sure, no problem, it’s below:

version: "3.2"

services:
  traefik:
    image: traefik
    command: --web --docker --docker.swarmmode --docker.watch --docker.domain=example.com -- logLevel=DEBUG
    ports:
      - target: 80
        published: 80
        protocol: tcp
        mode: host
      - target: 443
        published: 443
        protocol: tcp
        mode: host
      - target: 8080
        published: 8080
        protocol: tcp
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /var/data/config/traefik/traefik.toml:/traefik.toml:ro
      - /var/data/config/traefik/acme.json:/acme.json
    labels:
      - "traefik.enable=false"
    networks:
      - public
    deploy:
      mode: global
      placement:
        constraints: [node.role == manager]
      restart_policy:
        condition: on-failure

networks:
  public:
    driver: overlay
    ipam:
      driver: default
      config:
      - subnet: 192.168.0.0/24

192.168.0.0/24 is the network segment the physical docker node is on. Not sure if that’s supposed to be my external, internet routable IP… but that is dynamic.

From where I sit, the “dial tcp” errors not able to connect to 127.0.0.1:53 seem to be the hurdle I’m facing now. FWIW, I setup the registry mirror service too and it also seems to be having trouble connecting to the “docker dns”. This shows up in its logs as well:

panic: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on 127.0.0.11:53: read udp 127.0.0.1:45493->127.0.0.11:53: i/o timeout

#42

Okay, yeah, my subnet definition was the problem… I switched the subnet directive to be “10.1.0.0/24” and it looks like traefik was able to start up.

Now I just need to troubleshoot why the let’s encrypt http challenge is not working. :slight_smile:


#43

I believe there is a typo on the yml, it should be --docker.swarmMode instead of --docker.swarmmode this, is true at least for the traefik version I’m using.

Thanks for the recipe.