Traefik - Funky Penguin's Geek Cookbook


#41

Sure, no problem, it’s below:

version: "3.2"

services:
  traefik:
    image: traefik
    command: --web --docker --docker.swarmmode --docker.watch --docker.domain=example.com -- logLevel=DEBUG
    ports:
      - target: 80
        published: 80
        protocol: tcp
        mode: host
      - target: 443
        published: 443
        protocol: tcp
        mode: host
      - target: 8080
        published: 8080
        protocol: tcp
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /var/data/config/traefik/traefik.toml:/traefik.toml:ro
      - /var/data/config/traefik/acme.json:/acme.json
    labels:
      - "traefik.enable=false"
    networks:
      - public
    deploy:
      mode: global
      placement:
        constraints: [node.role == manager]
      restart_policy:
        condition: on-failure

networks:
  public:
    driver: overlay
    ipam:
      driver: default
      config:
      - subnet: 192.168.0.0/24

192.168.0.0/24 is the network segment the physical docker node is on. Not sure if that’s supposed to be my external, internet routable IP… but that is dynamic.

From where I sit, the “dial tcp” errors not able to connect to 127.0.0.1:53 seem to be the hurdle I’m facing now. FWIW, I setup the registry mirror service too and it also seems to be having trouble connecting to the “docker dns”. This shows up in its logs as well:

panic: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on 127.0.0.11:53: read udp 127.0.0.1:45493->127.0.0.11:53: i/o timeout

#42

Okay, yeah, my subnet definition was the problem… I switched the subnet directive to be “10.1.0.0/24” and it looks like traefik was able to start up.

Now I just need to troubleshoot why the let’s encrypt http challenge is not working. :slight_smile:


#43

I believe there is a typo on the yml, it should be --docker.swarmMode instead of --docker.swarmmode this, is true at least for the traefik version I’m using.

Thanks for the recipe.


#44

Ports mapping didn’t work on mac. Here are my changes which could be helpful to run it locally.
Thanks!

services:
  traefik:
    image: traefik
    command: --web --docker --docker.swarmmode --docker.watch --docker.domain=your-domain.com --logLevel=DEBUG
    ports:
      - "80:80/tcp"
      - "443:443/tcp"
      - "8080:8080/tcp"

#45

I keep seeing this message in my docker swarm for traefik. Only using wallabag to test at the moment. And I’ve already been rate limited. :stuck_out_tongue:

traefik_traefik.0.1im380tylloo@dev.redacted.org | time=“2019-03-21T22:56:45Z” level=debug msg=“Filtering container without port, traefik_traefik.1im380tylloon8orfxq5jl7cc: port label is missing, please use traefik.port as default value or define port label for all segments (‘traefik.<segment_name>.port’)”

I had to manually add a DNS name. Which provider is recommended? I can switch to something that works with Traefik. Time to look at docs again.


#46

I like CloudFlare, it works well with Traefik. Can’t speak about the others :slight_smile:


#47

Thanks funkypenguin! Love your work.


#48

Running into a wall. https://wallabag.mydomain.com just displays a 404. I have not setup oauth in anyway, hopefully it isn’t causing an issue. Any ideas on how to troubleshoot this?


#49

The 404 means you’re talking to Traefik, but Traefik doesn’t know how to route your request. Did you set traefik.port ? (I think it should be 8080)


#50

I just did, and I can see the dashboard but no frontends/backends. Hmm…


#51

If possible is there any chance you are able to join our discord so we can help troubleshoot :slight_smile:


#52

I can confirm NAMECHEAP works fine with Traefik too – even the wildcard DNS challenge – BUT – they don’t unlock the API key for that until you’ve spent like $50 with them. Woth it if you like their domain hosting prices and are comfortable locking in a longer purchase.

Jerry