我正在尝试在 Docker Swarm 上使用 Portainer 设置 Traefik,并使用 Terraform 和 Ansible 运行它。我是这种类型的新手,这是我第一次在 Stack Overflow 上提出问题,非常感谢您的帮助。本质上,一旦我使用 Terraform 将 Ansible playbooks 应用到我的服务器上,我就会尝试访问它的 IP 并访问实际域以测试它们中的任何一个是否有效。到目前为止,只有“whoami”在https://test.domain.name/whoami工作,但其他人都没有工作,不是 Traefik 的仪表板,我不明白为什么。
这是 traefik-stack.yml:
version: "3.3"
services:
traefik:
image: "traefik:v2.3"
restart: always
command:
- "--log=true"
- "--log.level=DEBUG" #comment out when done
- "--api=true"
- "--api.insecure=true" #change to false when done
- "--api.dashboard=true" #change to false when done
- "--api.debug=true"
- "--providers.docker=true"
- "--providers.docker.swarmMode=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.network=dev"
- "--providers.docker.useBindPortIP=true"
- "--providers.file.directory=/etc/traefik"
- "--providers.file.watch=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.web-secure.address=:443"
- "--entrypoints.web-secure.http.tls=true"
- "--entrypoints.web-secure.http.tls.domains=domain.name"
ports:
- "80:80"
- "8080:8080"
- "443:443"
networks:
- dev
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "/opt/traefik.toml:/etc/traefik/traefik.toml"
- "/opt/certificates:/certificates"
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule = PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.routers.api.service=api@internal"
# Dummy service for Swarm port detection. The port can be any valid integer value.
- "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"
whoami:
image: "traefik/whoami"
networks:
- dev
deploy:
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Path(`/whoami`)"
- "traefik.http.routers.whoami.tls=true" #if active, whoami works on HTTPS, if off then works on http
networks:
dev:
external: true
这是搬运工-代理-stack.yml:
version: '3.3'
services:
agent:
image: portainer/agent
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
networks:
- agent_network
- dev
deploy:
mode: global
placement:
constraints: [node.platform.os == linux]
portainer:
image: portainer/portainer
command: -H tcp://tasks.agent:9001 --tlsskipverify
volumes:
- portainer_data:/data
networks:
- agent_network
- dev
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer.rule=PathPrefix(`/portainer`)"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
networks:
agent_network:
driver: overlay
attachable: true
dev:
external: true
volumes:
portainer_data:
这是 traefik.toml:
################################################################
#
# Configuration sample for Traefik v2.
#
# For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml
#
################################################################
################################################################
# Global configuration
################################################################
[global]
checkNewVersion = true
sendAnonymousUsage = true
################################################################
# Entrypoints configuration
################################################################
# Entrypoints definition
#
# Optional
# Default:
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web-secure]
address = ":443"
################################################################
# Traefik logs configuration
################################################################
# Traefik logs
# Enabled by default and log to stdout
#
# Optional
#
[log]
# Log level
#
# Optional
# Default: "ERROR"
#
level = "DEBUG"
# Sets the filepath for the traefik log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath = "log/traefik.log"
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format = "json"
################################################################
# Access logs configuration
################################################################
# Enable access logs
# By default it will write to stdout and produce logs in the textual
# Common Log Format (CLF), extended with additional fields.
#
# Optional
#
[accessLog]
# Sets the file path for the access log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath = "/path/to/log/log.txt"
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format = "json"
################################################################
# API and dashboard configuration
################################################################
# Enable API and dashboard
[api]
# Enable the API in insecure mode
#
# Optional
# Default: false
#
# insecure = true
# Enabled Dashboard
#
# Optional
# Default: true
#
# dashboard = false
################################################################
# Ping configuration
################################################################
# Enable ping
[ping]
# Name of the related entry point
#
# Optional
# Default: "traefik"
#
# entryPoint = "traefik"
################################################################
# Docker configuration backend
################################################################
# Enable Docker configuration backend
[providers.docker]
# Docker server endpoint. Can be a tcp or a unix socket endpoint.
#
# Required
# Default: "unix:///var/run/docker.sock"
#
# endpoint = "tcp://10.10.10.10:2375"
# Default host rule.
#
# Optional
# Default: "Host(`{{ normalize .Name }}`)"
#
# defaultRule = "Host(`{{ normalize .Name }}.docker.localhost`)"
# Expose containers by default in traefik
#
# Optional
# Default: true
#
# exposedByDefault = false
[[tls.certificates]]
certFile="/certificates/domain.name.cert"
keyFile="/certificates/domain.name.key"
我知道 Portainer 和 Portainer Agent 可以工作,因为在尝试添加 Traefik 之前它们运行良好,所以我的直觉是我在 Traefik 中做错了,或者 Traefik 和 Docker Swarm 一起工作有些奇怪。Terraform 应用时没有失败,运行时也没有错误,所以我不明白为什么只有 whoami 工作并且不返回 404。如果需要更多信息,请告诉我,抱歉这么长.