如何解决Traefik 似乎忽略了路由器的规则错误?
今天,我正在寻求您的帮助,因为我在使用 Traefik (v2.4) 时遇到了路由问题,我觉得这是后者的一个错误。
我在 Debian 10 (Buster) 上使用 Docker v20.10.2 和 Docker Compose v1.25.0
我正在寻找这些重定向:
www.mywebsite.com
|____main-wordpress:80
www.mywebsite.com/blog
|____blog-wordpress:80
所以我有一个 docker-compose.yml 像这样组成(摘录):
---
version: '2.4'
services:
# *---------------------------*
# | WordPress (for main site) |
# *---------------------------*
main-wordpress:
image: wordpress:5.6
hostname: main-wordpress
environment:
- WORDPRESS_DB_HOST=main-mysql
- WORDPRESS_DB_USER=${MAIN_MYSQL_USER}
- WORDPRESS_DB_PASSWORD=${MAIN_MYSQL_PASSWORD}
- WORDPRESS_DB_NAME=${MAIN_MYSQL_DATABASE}
- WORDPRESS_TABLE_PREFIX=wp_
volumes:
- ./volumes/wordpress/main:/var/www/html/
- ./volumes/wordpress/php.ini:/usr/local/etc/php/conf.d/01_user.ini
expose:
- 80
depends_on:
- main-mysql
labels:
- "traefik.enable=true"
# Redirect HTTP ➔ HTTPS
- "traefik.http.routers.main-wordpress-web.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`))"
- "traefik.http.routers.main-wordpress-web.priority=1"
- "traefik.http.routers.main-wordpress-web.entrypoints=web"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
# Route : HTTPS ➔ HTTP (WordPress)
- "traefik.http.routers.main-wordpress-websecure.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`))"
- "traefik.http.routers.main-wordpress-websecure.priority=1"
- "traefik.http.services.webapp.loadbalancer.server.port=80"
- "traefik.http.routers.main-wordpress-websecure.entrypoints=websecure"
- "traefik.http.routers.main-wordpress-websecure.tls.certresolver=letsencrypt-1"
# Enable "middlewares"
- "traefik.http.routers.main-wordpress-web.middlewares=redirect-to-https"
restart: unless-stopped
# *-----------------------*
# | WordPress (for /blog) |
# *-----------------------*
blog-wordpress:
image: wordpress:4.9.8
hostname: blog-wordpress
environment:
- WORDPRESS_DB_HOST=blog-mysql
- WORDPRESS_DB_USER=${BLOG_MYSQL_USER}
- WORDPRESS_DB_PASSWORD=${BLOG_MYSQL_PASSWORD}
- WORDPRESS_DB_NAME=${BLOG_MYSQL_DATABASE}
- WORDPRESS_TABLE_PREFIX=wp_
volumes:
- ./volumes/wordpress/blog/:/var/www/html/
- ./volumes/wordpress/php.ini:/usr/local/etc/php/conf.d/01_user.ini
- ./volumes/wordpress/blog/.htaccess:/var/www/html/.htaccess
expose:
- 80
depends_on:
- blog-mysql
labels:
- "traefik.enable=true"
# Redirect HTTP ➔ HTTPS
- "traefik.http.routers.blog-wordpress-web.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && PathPrefix(`/blog`)"
- "traefik.http.routers.blog-wordpress-web.priority=10000"
- "traefik.http.routers.blog-wordpress-web.entrypoints=web"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
# Route : HTTPS ➔ HTTP (WordPress)
- "traefik.http.routers.blog-wordpress-websecure.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && PathPrefix(`/blog`)"
- "traefik.http.routers.blog-wordpress-websecure.priority=10000"
- "traefik.http.services.webapp.loadbalancer.server.port=80"
- "traefik.http.routers.blog-wordpress-websecure.entrypoints=websecure"
- "traefik.http.routers.blog-wordpress-websecure.tls.certresolver=letsencrypt-1"
# Enable "middlewares"
- "traefik.http.routers.blog-wordpress-web.middlewares=redirect-to-https"
restart: unless-stopped
# *-------------------------*
# | Traefik (reverse-proxy) |
# *-------------------------*
traefik:
image: traefik:2.4
hostname: traefik
command:
- "--api=true"
- "--api.dashboard=true"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedbydefault=false"
# Entry points
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
# Access logs
- "--accesslog=true"
- "--accesslog.filepath=/access.log"
- "--accesslog.bufferingsize=200"
# ACME (Let's Encrypt)
- "--certificatesresolvers.letsencrypt-1.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt-1.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt-1.acme.email=${ACME_EMAIL}"
- "--certificatesresolvers.letsencrypt-1.acme.storage=/letsencrypt/acme.json"
- "--certificatesresolvers.letsencrypt-1.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory" # For DEV purpose
- "--log.level=DEBUG" # For DEBUG purpose
ports:
- '80:80'
- '443:443'
labels:
- "traefik.enable=true"
# Route : HTTPS ➔ HTTP (Traefik itself)
- "traefik.http.routers.traefik-websecure.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && (PathPrefix(`/api`) || PathPrefix(`/dashboard/`))"
- "traefik.http.routers.traefik-websecure.service=api@internal"
- "traefik.http.routers.traefik-websecure.entrypoints=websecure"
- "traefik.http.routers.traefik-websecure.tls.certresolver=letsencrypt-1"
- "traefik.http.middlewares.traefik-auth.basicAuth.users=${TRAEFIK_DASHBOARD_AUTH}"
# Redirect HTTP ➔ HTTPS
- "traefik.http.routers.traefik-web.rule=(HostHeader(`www.mywebsite.com`) || HostHeader(`mywebsite.com`)) && (PathPrefix(`/api`) || PathPrefix(`/dashboard/`))"
- "traefik.http.routers.traefik-web.entrypoints=web"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
# Enable "middlewares"
- "traefik.http.routers.traefik-websecure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-web.middlewares=redirect-to-https"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./volumes/traefik-certificates:/letsencrypt
- ./volumes/traefik-access.log:/access.log
restart: unless-stopped
当只有一个 WordPress 正在使用时,一切正常,路由按预期完成。
另一方面,当两个 WordPress 都在运行时,Traefik 在两者之间做一种“负载平衡”,就好像它们在每个之上运行一样其他。 我查看了 Traefik 的访问日志,这正是发生的事情,请求在两个容器之间拆分,而不管原始 URL 是什么。
我不理解这种行为,尽管我根据文档和规则对我来说很好定义了避免这种行为的优先级。
你认为我错过了什么吗?我一直在寻找 2 天,但我没有看到:/
感谢那些帮助我解决这个问题的人:)
解决方法
最后,我从 GitHub 上的 Kevin Pollet 那里得到了解决方案: solution from GitHub
为了简单起见,就我而言,我为两个 WordPress 使用相同的 Web 应用程序,因此 Traefik 在这种情况下进行了平衡。
为了阻止这种行为,制作两个不同的网络应用程序就足够了。从那以后,一切都按预期进行。
如果其他人有同样的问题......
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。