Я решил следовать этому руководству и столкнулся со многими проблемами.
Прежде всего необходимо указать команду traefik в command, иначе возникла ошибка, что entrypoint.sh не может найти команду storedata, и да > синтаксис yaml действителенспособ передачи многострочной команды в docker-compose.yml
Итак, вот docker-compose.yml:
docker-compose.yml
visualizer:
image: dockersamples/visualizer:latest
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
networks:
- traefik
- default
ports:
- "8001:8080"
deploy:
labels:
- "traefik.port=8080"
- "traefik.tags=monitoring"
- "traefik.docker.network=infra_traefik"
- "traefik.backend=visualizer"
- "traefik.frontend.rule=Host:visualizer.swarm.xxx.io"
- "traefik.frontend.auth.basic=admin:$$apr1$$dxw2H03E$$VWrfVhKQWyaRiZ4XsfWCK/"
restart_policy:
condition: on-failure
replicas: 1
placement:
constraints:
- node.labels.name == master
consul:
image: consul
command: agent -server -bootstrap-expect=1
volumes:
- consul-data:/consul/data
environment:
- CONSUL_LOCAL_CONFIG={"datacenter":"ams3","server":true}
- CONSUL_BIND_INTERFACE=eth0
- CONSUL_CLIENT_INTERFACE=eth0
deploy:
labels:
- "traefik.enable=false"
replicas: 1
placement:
constraints:
- node.role == manager
restart_policy:
condition: on-failure
networks:
- traefik
proxy_init:
image: traefik:1.6.3-alpine
command: >
traefik
storeconfig
--api
--entrypoints='Name:http Address::80 Redirect.EntryPoint:https'
--entrypoints='Name:https Address::443 TLS'
--defaultentrypoints=http,https
--acme
--acme.storage="traefik/acme/account"
--acme.entryPoint=https
--acme.httpChallenge.entryPoint=http
--acme.onHostRule=true
--acme.acmelogging=true
--acme.onDemand=false
--acme.email="xxx@gmail.com"
--docker
--docker.swarmMode
--docker.domain=swarm.xxx.io
--docker.watch
--consul
--consul.endpoint=consul:8500
--consul.prefix=traefik
--accesslogsfile=/dev/stdout
--debug
networks:
- traefik
deploy:
placement:
constraints:
- node.role == manager
restart_policy:
condition: on-failure
depends_on:
- consul
proxy:
image: traefik:1.6.3-alpine
depends_on:
- traefik_init
- consul
command: >
traefik
--consul
--consul.watch
--consul.endpoint=consul:8500
--consul.prefix=traefik
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
- traefik
ports:
- 80:80
- 443:443
- 8080:8080
deploy:
labels:
- "traefik.docker.network=infra_traefik"
- "traefik.port=8080"
- "traefik.tags=monitoring"
- "traefik.backend.loadbalancer.stickiness=true"
- "traefik.frontend.passHostHeader=true"
- "traefik.frontend.rule=Host:proxy.swarm.xxx.io"
- "traefik.frontend.auth.basic=admin:$$apr1$$hfqD9TtY$$oGSy9nS."
mode: global
restart_policy:
condition: on-failure
placement:
constraints:
- node.role == manager
update_config:
parallelism: 1
delay: 10s
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
networks:
traefik:
driver: overlay
volumes:
portainer-data:
driver: local
consul-data:
driver: local
traefik-data:
driver: local
А вот что показывает журналы контейнера proxy_init:
infra_proxy_init.1.4rtllualg8od@swarm-manager-0 | 2018/06/12 15:41:35 Storing configuration:
{
"LifeCycle": {
"RequestAcceptGraceTimeout": 0,
"GraceTimeOut": 10000000000
},
"GraceTimeOut": 0,
"Debug": true,
"CheckNewVersion": true,
"SendAnonymousUsage": false,
"AccessLogsFile": "/dev/stdout",
"AccessLog": null,
"TraefikLogsFile": "",
"TraefikLog": null,
"Tracing": null,
"LogLevel": "DEBUG",
"EntryPoints": {
"http": {
"Address": ":80",
"TLS": null,
"Redirect": {
"entryPoint": "https"
},
"Auth": null,
"WhitelistSourceRange": null,
"WhiteList": null,
"Compress": false,
"ProxyProtocol": null,
"ForwardedHeaders": {
"Insecure": true,
"TrustedIPs": null
}
},
"https": {
"Address": ":443",
"TLS": {
"MinVersion": "",
"CipherSuites": null,
"Certificates": [],
"ClientCAFiles": null,
"ClientCA": {
"Files": null,
"Optional": false
}
},
"Redirect": null,
"Auth": null,
"WhitelistSourceRange": null,
"WhiteList": null,
"Compress": false,
"ProxyProtocol": null,
"ForwardedHeaders": {
"Insecure": true,
"TrustedIPs": null
}
}
},
"Cluster": null,
"Constraints": [],
"ACME": {
"Email": "xxx@gmail.com",
"Domains": null,
"Storage": "traefik/acme/account",
"StorageFile": "",
"OnDemand": false,
"OnHostRule": true,
"CAServer": "",
"EntryPoint": "https",
"DNSChallenge": null,
"HTTPChallenge": {
"EntryPoint": "http"
},
"DNSProvider": "",
"DelayDontCheckDNS": 0,
"ACMELogging": true,
"TLSConfig": null
},
"DefaultEntryPoints": [
"http",
"https"
],
"ProvidersThrottleDuration": 2000000000,
"MaxIdleConnsPerHost": 200,
"IdleTimeout": 0,
"InsecureSkipVerify": false,
"RootCAs": null,
"Retry": null,
"HealthCheck": {
"Interval": 30000000000
},
"RespondingTimeouts": null,
"ForwardingTimeouts": null,
"AllowMinWeightZero": false,
"Web": null,
"Docker": {
"Watch": true,
"Filename": "",
"Constraints": null,
"Trace": false,
"TemplateVersion": 0,
"DebugLogGeneratedTemplate": false,
"Endpoint": "unix:///var/run/docker.sock",
"Domain": "swarm.xxx.io",
"TLS": null,
"ExposedByDefault": true,
"UseBindPortIP": false,
"SwarmMode": true
},
"File": null,
"Marathon": null,
"Consul": {
"Watch": true,
"Filename": "",
"Constraints": [],
"Trace": false,
"TemplateVersion": 0,
"DebugLogGeneratedTemplate": false,
"Endpoint": "consul:8500",
"Prefix": "traefik",
"TLS": null,
"Username": "",
"Password": ""
},
"ConsulCatalog": null,
"Etcd": null,
"Zookeeper": null,
"Boltdb": null,
"Kubernetes": null,
"Mesos": null,
"Eureka": null,
"ECS": null,
"Rancher": null,
"DynamoDB": null,
"ServiceFabric": null,
"Rest": null,
"API": {
"EntryPoint": "traefik",
"Dashboard": true,
"Debug": false,
"CurrentConfigurations": null,
"Statistics": null
},
"Metrics": null,
"Ping": null
}
Во-вторых, я указал все, как в этом руководстве, все префиксы консула и т. Д., И Трафик говорит, что он не может найти интерфейсы и бэкэнды, также как и почти все в traefik/:
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/backends/\": Key not found in store"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/frontends/\": Key not found in store"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Transaction 8714f767-ed5a-477f-ae46-6ebd0b4e15c2 begins"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/tls/\": Key not found in store"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Configuration received from provider consul: {}"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=info msg="Skipping same configuration for provider consul"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot get key traefik/alias Key not found in store, setting default traefik"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/backends/\": Key not found in store"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:54:59Z" level=debug msg="Datastore reload"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=error msg="Datastore sync error: Object lock value: expected 8714f767-ed5a-477f-ae46-6ebd0b4e15c2, got 068a8a6d-66a9-4d01-b44e-020a601c05da, retrying in 677.561632ms"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Datastore reload"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Datastore reload"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/frontends/\": Key not found in store"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:54:59Z" level=debug msg="Cannot get key traefik/alias Key not found in store, setting default traefik"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/tls/\": Key not found in store"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/backends/\": Key not found in store"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/frontends/\": Key not found in store"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Configuration received from provider consul: {}"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:55:00Z" level=debug msg="Cannot list keys under \"traefik/tls/\": Key not found in store"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:55:00Z" level=debug msg="Configuration received from provider consul: {}"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:55:00Z" level=info msg="Skipping same configuration for provider consul"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=info msg="Skipping same configuration for provider consul"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot get key traefik/alias Key not found in store, setting default traefik"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/backends/\": Key not found in store"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:55:00Z" level=debug msg="Building ACME client..."
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:54:59Z" level=debug msg="Cannot list keys under \"traefik/frontends/\": Key not found in store"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:55:00Z" level=debug msg="Cannot list keys under \"traefik/tls/\": Key not found in store"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:55:00Z" level=debug msg="Configuration received from provider consul: {}"
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:55:00Z" level=info msg="Skipping same configuration for provider consul"
infra_proxy.0.vzv9q4rns6r7@swarm-manager-0 | time="2018-06-12T15:55:00Z" level=debug msg="Using HTTP Challenge provider."
infra_proxy.0.xu6e4zez242f@swarm-master | time="2018-06-12T15:55:00Z" level=debug msg="Reset ACME account object."
А вот логи из консула контейнера:
holms@debian ~> docker --tls service logs -f infra_consul
infra_consul.1.uo2dqcm0s6tv@swarm-master | ==> Found address '10.0.2.253' for interface 'eth0', setting bind option...
infra_consul.1.uo2dqcm0s6tv@swarm-master | ==> Found address '10.0.2.253' for interface 'eth0', setting client option...
infra_consul.1.uo2dqcm0s6tv@swarm-master | BootstrapExpect is set to 1; this is the same as Bootstrap mode.
infra_consul.1.uo2dqcm0s6tv@swarm-master | bootstrap = true: do not enable unless necessary
infra_consul.1.uo2dqcm0s6tv@swarm-master | ==> Starting Consul agent...
infra_consul.1.uo2dqcm0s6tv@swarm-master | ==> Consul agent running!
infra_consul.1.uo2dqcm0s6tv@swarm-master | Version: 'v1.1.0'
infra_consul.1.uo2dqcm0s6tv@swarm-master | Node ID: '05472876-6f66-bb37-5f4d-62b08624a655'
infra_consul.1.uo2dqcm0s6tv@swarm-master | Node name: 'ef0f060252d0'
infra_consul.1.uo2dqcm0s6tv@swarm-master | Datacenter: 'ams3' (Segment: '<all>')
infra_consul.1.uo2dqcm0s6tv@swarm-master | Server: true (Bootstrap: true)
infra_consul.1.uo2dqcm0s6tv@swarm-master | Client Addr: [10.0.2.253] (HTTP: 8500, HTTPS: -1, DNS: 8600)
infra_consul.1.uo2dqcm0s6tv@swarm-master | Cluster Addr: 10.0.2.253 (LAN: 8301, WAN: 8302)
infra_consul.1.uo2dqcm0s6tv@swarm-master | Encrypt: Gossip: false, TLS-Outgoing: false, TLS-Incoming: false
infra_consul.1.uo2dqcm0s6tv@swarm-master |
infra_consul.1.uo2dqcm0s6tv@swarm-master | ==> Log data will now stream in as it occurs:
infra_consul.1.uo2dqcm0s6tv@swarm-master |
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] raft: Initial configuration (index=1): [{Suffrage:Voter ID:05472876-6f66-bb37-5f4d-62b08624a655 Address:10.0.2.253:8300}]
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] serf: EventMemberJoin: ef0f060252d0.ams3 10.0.2.253
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] serf: EventMemberJoin: ef0f060252d0 10.0.2.253
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] agent: Started DNS server 10.0.2.253:8600 (udp)
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] raft: Node at 10.0.2.253:8300 [Follower] entering Follower state (Leader: "")
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] consul: Adding LAN server ef0f060252d0 (Addr: tcp/10.0.2.253:8300) (DC: ams3)
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] consul: Handled member-join event for server "ef0f060252d0.ams3" in area "wan"
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] agent: Started DNS server 10.0.2.253:8600 (tcp)
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] agent: Started HTTP server on 10.0.2.253:8500 (tcp)
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:19 [INFO] agent: started state syncer
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [WARN] raft: Heartbeat timeout from "" reached, starting election
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [INFO] raft: Node at 10.0.2.253:8300 [Candidate] entering Candidate state in term 2
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [INFO] raft: Election won. Tally: 1
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [INFO] raft: Node at 10.0.2.253:8300 [Leader] entering Leader state
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [INFO] consul: cluster leadership acquired
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [INFO] consul: New leader elected: ef0f060252d0
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:25 [INFO] consul: member 'ef0f060252d0' joined, marking health alive
infra_consul.1.uo2dqcm0s6tv@swarm-master | 2018/06/12 14:38:26 [INFO] agent: Synced node info