Traefik in swarm mode - how to pass traffic to ip outside of swarm?

kisiel · February 22, 2020, 3:01pm

Hi,

standard traefik container verison v2.1.4
I have working traefik service in my swarm, all is working perfectly for services inside the swarm.
But I cannot figure out how to pass the traffic to the service outside of swarm

I tried to add those labels to the traefik service
- traefik.http.routers.service.rule=Host(domain.resolvable.to.swarm.cluster)
- traefik.http.routers.service.entrypoints=websecure
- traefik.http.routers.service.tls=true
- traefik.http.routers.service.tls.certresolver=leresolver
- traefik.http.services.service.loadbalancer.servers.url=http://192.168.1.xx:8080

192.168.1.xx points to the machine in the internal network serving http on port 8080

obviously as part of the command
- "--entrypoints.websecure.address=:443"
and
- "--certificatesresolvers.leresolver.acme.email=admin@address"
- "--certificatesresolvers.leresolver.acme.storage=/letsencrypt/acme.json"
- "--certificatesresolvers.leresolver.acme.tlschallenge=true"

any help?

ldez · February 22, 2020, 7:04pm

Hello,

To define routing outside of your cluster, you have to use the file provider.
The labels are only to create routing based on container.

https://docs.traefik.io/v2.1/providers/file/

kisiel · February 22, 2020, 10:19pm

thank you
it sort of works
except the router does not seem to pick up my certificate resolver.
Do I need to define another one for use with file?

my router config in file looks like this

http:
  routers:
    service:
      entryPoints:
      - websecure
      service: service
      rule: Host(`domain.resolvable.to.swarm.clusterl`)
      tls:
        certresolver: leresolver

the traefik ui says that TLS is set to true but does not list any resolver

kisiel · February 22, 2020, 10:23pm

got it

surprisingly there is a requirement to spell it
certResolver
not
certresolver

thank you gain!

n1nj4888 · June 16, 2020, 10:26pm

Hi There!

I’m also seeing a similar issue where Traefik v2 on swarm seems work great for Docker services but I keep getting 502 Bad Gateway Errors when I try to create a local (non Docker) proxy to an internal IP using the File Provider below? If you got this working with both Docker Providers and File Providers,
Could you please post your setup for the Traefik Stack and your dynamic file provider?

[http.routers]
  [http.routers.testhttp-rtr]
     entryPoints = [ "https" ]
     rule = "Host(`testhttp.example.com`)"
     service = "testhttp-svc"
     [http.routers.testhttp-rtr.tls]
       certResolver = "letsencryptresolver"

[http.services]
  [http.services.testhttp-svc]
    [http.services.testhttp-svc.loadBalancer]
      passHostHeader = true
      [[http.services.testhttp-svc.loadBalancer.servers]]
        url = "http://192.168.1.2:80"

Thanks!

Topic		Replies	Views
Traefik v2 + Docker Swarm + LE - Service/Subdomain routing Traefik v2 (latest) docker , docker-swarm , letsencrypt-acme	2	1052	March 23, 2022
Traefik dispatcher infront of other traefik instances Traefik v2 (latest) docker , letsencrypt-acme	8	1499	January 13, 2022
Reverse Proxy to the container and to an external service Traefik v2 (latest) docker , docker-swarm , file	1	1970	November 24, 2022
Traefik 2.0 Docker Swarm Traefik v2 (latest) docker-swarm	6	1884	November 4, 2019
Traefil -> docker swarm -> Redis Traefik v3 (beta) docker-swarm , tcp	7	799	November 23, 2023

Traefik in swarm mode - how to pass traffic to ip outside of swarm?

Related Topics