Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cross Docker Compose Project Proxy #3599

Closed
Southclaws opened this issue Jul 11, 2018 · 7 comments

Comments

Projects
None yet
6 participants
@Southclaws
Copy link

commented Jul 11, 2018

Do you want to request a feature or report a bug?

Bug

What did you do?

I currently deploy a bunch of services from a single compose project - this includes a couple of wordpress sites, some API servers, some frontends, databases and, of course, Traefik.

I'm currently splitting that monolithic compose file into separate projects so I can move individual projects to other servers in future.

I've started with one project to test the waters but it seems Traefik doesn't seem to work the same with cross-project deployments.

What did you expect to see?

Traefik proxy my services.

What did you see instead?

Traefik not proxy my services.

Output of traefik version: (What version of Traefik are you using?)

Version:      v1.6.4
Codename:     tetedemoine
Go version:   go1.10.3
Built:        2018-06-15_03:12:50PM
OS/Arch:      linux/amd64

What is your environment & configuration (arguments, toml, provider, platform, ...)?

# -
# Global configuration
# -

debug = false
logLevel = "WARN"
defaultEntryPoints = ["http", "https"]
format = "common"


[entryPoints]
  [entryPoints.http]
  address = ":80"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
  [entryPoints.traefik]
    address=":8080"
    [entryPoints.traefik.auth]
      [entryPoints.traefik.auth.basic
        # omitted

[acme]
  email = "-" # omitted
  entryPoint = "https"
  storage = "/etc/traefik/acme/acme.json"
  acmeLogging = true
  onHostRule = true
  [acme.httpChallenge]
    entryPoint = "http"

# -
# Web configuration backend
# -

[api]
  entryPoint = "traefik"
  dashboard = true
  debug = true

# -
# Docker configuration backend
# -

[docker]
  endpoint = "unix:///var/run/docker.sock"
  exposedbydefault = true
  watch = true

# -
# Metrics
# -

[metrics]
  [metrics.prometheus]
    entryPoint = "traefik"

This is the compose file for the main service, I've omitted all the other services and left just the Traefik configuration:

version: '3.5'
networks:
    default:
        driver: bridge
        internal: false
    mongodb:
        driver: bridge
        internal: true
services:
    traefik:
        image: 'traefik:1.6.4'
        command: '--api --docker'
        restart: on-failure
        ports:
            - '${HTTP_PORT}:80'
            - '${HTTPS_PORT}:443'
            - '${DASH_PORT}:8080'
        volumes:
            - '/var/run/docker.sock:/var/run/docker.sock'
            - './traefik.toml:/etc/traefik/traefik.toml'
            - './acme:/etc/traefik/acme'
        labels:
            - 'traefik.frontend.rule=Host:traefik.southcla.ws'
            - traefik.frontend.headers.SSLRedirect=true
            - traefik.port=8080

And this is the configuration for the other project I'm trying to split off - it originally existed in the above compose file but, as I said, I want to separate these configurations.

If applicable, please paste the log output in DEBUG level (--logLevel=DEBUG switch)

I have monitoring requests (/metrics style) setup for most services and debug logs seem to log every request so I'll only grab this if absolutely necessary.

If necessary I could try and reproduce this on an empty server, if it is actually a bug and not a configuration problem.

@dduportal

This comment has been minimized.

Copy link
Contributor

commented Jul 12, 2018

Hello @Southclaws !

Thank you for your interest in the Træfik project and for you detailed feedback.

I tried to reproduce your case with the following Gist - https://gist.github.com/dduportal/7ad661227defd28f791ac3a99600c3c2 (a traefik.toml, a docker-compose.yml for Træfik and an app.yml for your application + the .env file) .

(Un)Fortunately, I see the services appearing in Traefik's WebUI (except the sample-api server because the container is restarting due to some go panics), so I am not sure about what is happening in your case:
capture d ecran 2018-07-12 a 12 16 17

Could you check Traefik's log and show us also the status of containers and network if you stil have the issue?

N.B. you might want to use the docker-compose network's external reference, to avoid some namespacing issues

@Southclaws

This comment has been minimized.

Copy link
Author

commented Jul 12, 2018

In my case, the services still appear on the Traefik frontend but when I hit the URL with curl/browser I get a 504 "Gateway Timeout" - sorry I actually completely forgot to mention that in my original issue!

Could it be that Traefik is running in a different project so it's on a different network? In my setup, I have deployments which is my monolithic compose project and then samp-servers which is the first "offshoot" (which, hopefully, everything else will also copy this separate project setup).

So I have Traefik connected to deployments_default and samp-servers (api server, frontend, mongodb) connected to samplist_default and samplist_mongodb.

Could this be resolved by creating an external network web and connecting both projects to that? I recently came across the problems outlined in #1254 and resolved that by explicitly setting everything to use the deployments_default network. I did actually try to use an external network but that resulted in every single servive getting 504'd

@Southclaws

This comment has been minimized.

Copy link
Author

commented Jul 17, 2018

I figured it out! Just in case anyone finds this via search, my solution:

It turned out that an external network is the way to do this, the first time I tried this I forgot to set --internal=false in the docker network create command. Once I did this, I switched every docker-compose file to use:

networks:
  default:
    external:
      name: gateway

Where gateway was created with:

docker network create \
    --driver=bridge \
    --attachable \
    --internal=false \
    gateway

Here's my full docker-compose.yml which is being deployed to production as of the date of this edit:

version: "3.5"
networks:
    default:
        external:
            name: gateway
    mongodb:
        driver: bridge
        internal: true

services:
    mongodb:
        image: "mongo:3.4"
        restart: on-failure
        environment:
...
        volumes:
            - "${DATA_DIR}/samplist/mongodb:/data/db"
        networks:
            - mongodb
        labels:
            - traefik.enable=false

    samp-servers-api:
        image: "southclaws/samp-servers-api:latest"
        restart: on-failure
        environment:
            SAMPLIST_BIND: "0.0.0.0:80" # binds to port 80
...
        networks:
            - default
            - mongodb
        depends_on:
            - mongodb
        labels:
            - traefik.docker.network=gateway
            - "traefik.frontend.rule=Host:api.samp-servers.net"
            - "traefik.frontend.headers.SSLRedirect=false"
            - "traefik.port=80"
            - com.centurylinklabs.watchtower.enable=true

    samp-servers-frontend:
        image: "southclaws/samp-servers-frontend:latest"
        restart: on-failure
        networks:
            - default
        labels:
            - traefik.docker.network=gateway
            - "traefik.frontend.rule=Host:samp-servers.net"
            - "traefik.frontend.headers.SSLRedirect=true"
            - "traefik.port=80"
            - com.centurylinklabs.watchtower.enable=true

@Southclaws Southclaws closed this Jul 17, 2018

@dduportal

This comment has been minimized.

Copy link
Contributor

commented Jul 23, 2018

Hello @Southclaws , sorry for the delay in the answer.

Thanks a lot for documenting your resolution, it will help many other users!

@Kylmakalle

This comment has been minimized.

Copy link

commented Sep 25, 2018

@Southclaws' solution for compose version: '3' will be

networks:
  gateway:
    external: true
@dschulten

This comment has been minimized.

Copy link

commented Mar 9, 2019

The mentioned docker-compose has been deleted in the meantime, here is its last version: https://github.com/Southclaws/samp-servers-api/blob/079bb8ec66832d490ae6720adaeb32d5b2da8623/docker-compose.yml

@Southclaws

This comment has been minimized.

Copy link
Author

commented Mar 11, 2019

Since moving my deployment manifests to a private repo, I've updated my above post with what my current manifest looks like (minus some unrelated DB config).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.