Traefik v2:404,同时将HTTP流量全局路由到HTTPS [英] Traefik v2: 404 while routing HTTP traffic globally to HTTPS
问题描述
我有一个问题,我可以路由HTTPS流量,但是无法将HTTP流量全局重定向到HTTPS。在我的情况下,我只需要HTTPS流量,因此我想重定向所有传入的流量。
I have the problem that I can route HTTPS traffic but I can not globally redirect the HTTP traffic to HTTPS. In my case I only want HTTPS traffic, so that I want to redirect all the incoming traffic.
当前,当我尝试通过HTTP服务URL时,出现了404错误。 。
我已经在Treafik中启用了DEBUG日志,但是在日志中看不到任何问题或不正常的东西。
Currently I get an 404 error while I try to serve my URLs over HTTP. I already enabled DEBUG logs in Treafik, but I can not see any problems or unnormal stuff in the logs.
此外,我在Stackoverflow上看到了一个非常相似的主题,但是我们发现,他的错误与我的错误有所不同:如何使用Traefik 2.0和Docker Compose标签将HTTP重定向到https ?
Additionally I saw a pretty similar topic here on Stackoverflow, but we found out, that his error was not the same to mine: How to redirect http to https with Traefik 2.0 and Docker Compose labels?
以下设置基于此处的博客条目: https://blog.containo.us/traefik-2-0-docker-101-fc2893944b9d
The following setup is based on the blog entry here: https://blog.containo.us/traefik-2-0-docker-101-fc2893944b9d
我的设置
我在集群中配置了Traefik,如下所示:
I configured Traefik in my swarm like this:
global:
checkNewVersion: false
sendAnonymousUsage: false
api:
dashboard: true
entryPoints:
web:
address: :80
websecure:
address: :443
providers:
providersThrottleDuration: 2s
docker:
watch: true
endpoint: unix:///var/run/docker.sock
swarmMode: true
swarmModeRefreshSeconds: 15s
exposedByDefault: false
network: webgateway
log:
level: DEBUG
accessLog: {}
certificatesResolvers:
default:
acme:
email: {email}
storage: /etc/traefik/acme/acme.json
httpChallenge:
entryPoint: web
并开始具有以下docker-compose文件的Traefik
And started Traefik with the following docker-compose file
version: '3'
services:
proxy:
image: traefik:latest
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /data/docker_data/traefik/traefik-2.yml:/etc/traefik/traefik.yml
- /data/docker_data/traefik/acme-2.json:/etc/traefik/acme/acme.json
labels:
# redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
我的服务配置有以下标签:
My services are configured with the following labels:
traefik.http.routers.myapp.rule=Host(`myapp.ch`)
traefik.http.routers.myapp.service=myapp
traefik.http.routers.myapp.entrypoints=websecure
# I don't think that the following one is required here...
# traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
traefik.http.routers.myapp.tls.certresolver=default
traefik.http.services.myapp.loadbalancer.server.port=3000
traefik.http.routers.myapp.tls=true
traefik.enable=true
知道为什么这行不通吗?
Any ideas why this is not working?
推荐答案
您不需要配置Traefik服务本身。在Traefik上,您仅需要具有:443(websecure)和:80(web)的入口点
You don't need to configure the Traefik service itself. On Traefik you only need to have entrypoints to :443 (websecure) and :80 (web)
因为Traefik仅充当入口点,并且不会执行重定向,中间件
Because Traefik only acts as entryPoint and will not do the redirect, the middleware on the target service will do that.
现在将目标服务配置为以下内容:
Now configure your target service as the following:
version: '2'
services:
mywebserver:
image: 'httpd:alpine'
container_name: mywebserver
labels:
- traefik.enable=true
- traefik.http.middlewares.mywebserver-redirect-websecure.redirectscheme.scheme=https
- traefik.http.routers.mywebserver-web.middlewares=mywebserver-redirect-websecure
- traefik.http.routers.mywebserver-web.rule=Host(`sub.domain.com`)
- traefik.http.routers.mywebserver-web.entrypoints=web
- traefik.http.routers.mywebserver-websecure.rule=Host(`sub.domain.com`)
- traefik.http.routers.mywebserver-websecure.tls.certresolver=mytlschallenge
- traefik.http.routers.mywebserver-websecure.tls=true
- traefik.http.routers.mywebserver-websecure.entrypoints=websecure
# if you have multiple ports exposed on the service, specify port in the websecure service
- traefik.http.services.mywebserver-websecure.loadbalancer.server.port=9000
所以基本上流程是这样的:
So basically the flow goes like this:
请求: http://sub.domain.com:80 -> traefik(服务)-> mywebserver-web(路由器,http规则)-> mywebserver-redirect-websecure(中间件,重定向至https) -> mywebserver-websecure(路由器,https规则)-> mywebserver(服务)
Request: http://sub.domain.com:80 --> traefik (service) --> mywebserver-web (router, http rule) --> mywebserver-redirect-websecure (middleware, redirect to https) --> mywebserver-websecure (router, https rule) --> mywebserver (service)
这篇关于Traefik v2:404,同时将HTTP流量全局路由到HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!