Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cross Docker Compose Project Proxy #3599

Closed
Southclaws opened this issue Jul 11, 2018 · 7 comments
Closed

Cross Docker Compose Project Proxy #3599

Southclaws opened this issue Jul 11, 2018 · 7 comments

Comments

@Southclaws
Copy link

@Southclaws Southclaws commented Jul 11, 2018

Do you want to request a feature or report a bug?

Bug

What did you do?

I currently deploy a bunch of services from a single compose project - this includes a couple of wordpress sites, some API servers, some frontends, databases and, of course, Traefik.

I'm currently splitting that monolithic compose file into separate projects so I can move individual projects to other servers in future.

I've started with one project to test the waters but it seems Traefik doesn't seem to work the same with cross-project deployments.

What did you expect to see?

Traefik proxy my services.

What did you see instead?

Traefik not proxy my services.

Output of traefik version: (What version of Traefik are you using?)

Version:      v1.6.4
Codename:     tetedemoine
Go version:   go1.10.3
Built:        2018-06-15_03:12:50PM
OS/Arch:      linux/amd64

What is your environment & configuration (arguments, toml, provider, platform, ...)?

# -
# Global configuration
# -

debug = false
logLevel = "WARN"
defaultEntryPoints = ["http", "https"]
format = "common"


[entryPoints]
  [entryPoints.http]
  address = ":80"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
  [entryPoints.traefik]
    address=":8080"
    [entryPoints.traefik.auth]
      [entryPoints.traefik.auth.basic
        # omitted

[acme]
  email = "-" # omitted
  entryPoint = "https"
  storage = "/etc/traefik/acme/acme.json"
  acmeLogging = true
  onHostRule = true
  [acme.httpChallenge]
    entryPoint = "http"

# -
# Web configuration backend
# -

[api]
  entryPoint = "traefik"
  dashboard = true
  debug = true

# -
# Docker configuration backend
# -

[docker]
  endpoint = "unix:///var/run/docker.sock"
  exposedbydefault = true
  watch = true

# -
# Metrics
# -

[metrics]
  [metrics.prometheus]
    entryPoint = "traefik"

This is the compose file for the main service, I've omitted all the other services and left just the Traefik configuration:

version: '3.5'
networks:
    default:
        driver: bridge
        internal: false
    mongodb:
        driver: bridge
        internal: true
services:
    traefik:
        image: 'traefik:1.6.4'
        command: '--api --docker'
        restart: on-failure
        ports:
            - '${HTTP_PORT}:80'
            - '${HTTPS_PORT}:443'
            - '${DASH_PORT}:8080'
        volumes:
            - '/var/run/docker.sock:/var/run/docker.sock'
            - './traefik.toml:/etc/traefik/traefik.toml'
            - './acme:/etc/traefik/acme'
        labels:
            - 'traefik.frontend.rule=Host:traefik.southcla.ws'
            - traefik.frontend.headers.SSLRedirect=true
            - traefik.port=8080

And this is the configuration for the other project I'm trying to split off - it originally existed in the above compose file but, as I said, I want to separate these configurations.

If applicable, please paste the log output in DEBUG level (--logLevel=DEBUG switch)

I have monitoring requests (/metrics style) setup for most services and debug logs seem to log every request so I'll only grab this if absolutely necessary.

If necessary I could try and reproduce this on an empty server, if it is actually a bug and not a configuration problem.

@dduportal
Copy link
Contributor

@dduportal dduportal commented Jul 12, 2018

Hello @Southclaws !

Thank you for your interest in the Træfik project and for you detailed feedback.

I tried to reproduce your case with the following Gist - https://gist.github.com/dduportal/7ad661227defd28f791ac3a99600c3c2 (a traefik.toml, a docker-compose.yml for Træfik and an app.yml for your application + the .env file) .

(Un)Fortunately, I see the services appearing in Traefik's WebUI (except the sample-api server because the container is restarting due to some go panics), so I am not sure about what is happening in your case:
capture d ecran 2018-07-12 a 12 16 17

Could you check Traefik's log and show us also the status of containers and network if you stil have the issue?

N.B. you might want to use the docker-compose network's external reference, to avoid some namespacing issues

@Southclaws
Copy link
Author

@Southclaws Southclaws commented Jul 12, 2018

In my case, the services still appear on the Traefik frontend but when I hit the URL with curl/browser I get a 504 "Gateway Timeout" - sorry I actually completely forgot to mention that in my original issue!

Could it be that Traefik is running in a different project so it's on a different network? In my setup, I have deployments which is my monolithic compose project and then samp-servers which is the first "offshoot" (which, hopefully, everything else will also copy this separate project setup).

So I have Traefik connected to deployments_default and samp-servers (api server, frontend, mongodb) connected to samplist_default and samplist_mongodb.

Could this be resolved by creating an external network web and connecting both projects to that? I recently came across the problems outlined in #1254 and resolved that by explicitly setting everything to use the deployments_default network. I did actually try to use an external network but that resulted in every single servive getting 504'd

@Southclaws
Copy link
Author

@Southclaws Southclaws commented Jul 17, 2018

I figured it out! Just in case anyone finds this via search, my solution:

It turned out that an external network is the way to do this, the first time I tried this I forgot to set --internal=false in the docker network create command. Once I did this, I switched every docker-compose file to use:

networks:
  default:
    external:
      name: gateway

Where gateway was created with:

docker network create \
    --driver=bridge \
    --attachable \
    --internal=false \
    gateway

Here's my full docker-compose.yml which is being deployed to production as of the date of this edit:

version: "3.5"
networks:
    default:
        external:
            name: gateway
    mongodb:
        driver: bridge
        internal: true

services:
    mongodb:
        image: "mongo:3.4"
        restart: on-failure
        environment:
...
        volumes:
            - "${DATA_DIR}/samplist/mongodb:/data/db"
        networks:
            - mongodb
        labels:
            - traefik.enable=false

    samp-servers-api:
        image: "southclaws/samp-servers-api:latest"
        restart: on-failure
        environment:
            SAMPLIST_BIND: "0.0.0.0:80" # binds to port 80
...
        networks:
            - default
            - mongodb
        depends_on:
            - mongodb
        labels:
            - traefik.docker.network=gateway
            - "traefik.frontend.rule=Host:api.samp-servers.net"
            - "traefik.frontend.headers.SSLRedirect=false"
            - "traefik.port=80"
            - com.centurylinklabs.watchtower.enable=true

    samp-servers-frontend:
        image: "southclaws/samp-servers-frontend:latest"
        restart: on-failure
        networks:
            - default
        labels:
            - traefik.docker.network=gateway
            - "traefik.frontend.rule=Host:samp-servers.net"
            - "traefik.frontend.headers.SSLRedirect=true"
            - "traefik.port=80"
            - com.centurylinklabs.watchtower.enable=true

@Southclaws Southclaws closed this Jul 17, 2018
@dduportal
Copy link
Contributor

@dduportal dduportal commented Jul 23, 2018

Hello @Southclaws , sorry for the delay in the answer.

Thanks a lot for documenting your resolution, it will help many other users!

@Kylmakalle
Copy link

@Kylmakalle Kylmakalle commented Sep 25, 2018

@Southclaws' solution for compose version: '3' will be

networks:
  gateway:
    external: true

@dschulten
Copy link

@dschulten dschulten commented Mar 9, 2019

The mentioned docker-compose has been deleted in the meantime, here is its last version: https://github.com/Southclaws/samp-servers-api/blob/079bb8ec66832d490ae6720adaeb32d5b2da8623/docker-compose.yml

@Southclaws
Copy link
Author

@Southclaws Southclaws commented Mar 11, 2019

Since moving my deployment manifests to a private repo, I've updated my above post with what my current manifest looks like (minus some unrelated DB config).

@traefik traefik locked and limited conversation to collaborators Sep 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
6 participants