我的群集集群有一些配置问题。我有一个在两个节点上运行的Web服务器,其中nginx配置为强制SSL。现在,我需要会话持久性,因此需要使用Traefik作为反向代理/负载平衡器。我对如何在我的Web服务的上游配置traefik服务感到困惑。
我的Traefik服务看起来像这样:
services:
loadbalancer:
image: traefik
command: --web --docker --docker.swarmmode --docker.watch --docker.domain=mydomain.prod --logLevel=DEBUG
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- $PWD/traefik.toml:/etc/traefik/traefik.toml
labels:
- "traefik.enable=false"
networks:
- frontend
deploy:
replicas: 1
placement:
constraints: [node.role==manager]
restart_policy:
condition: on-failure
我的Web服务的部署部分是:
deploy:
restart_policy:
condition: any
mode: global
placement:
constraints: [node.role==worker]
update_config:
parallelism: 1
delay: 20s
failure_action: rollback
max_failure_ratio: 1
order: stop-first
labels:
- "traefik.enable=true"
- "traefik.docker.network=my_frontend"
- "traefik.backend=my_website"
- "traefik.port=443"
- "traefik.frontend.redirect.entryPoint=https"
- "traefik.backend.loadbalancer.sticky=true"
- "traefik.frontend.rule=Host:mydomain.prod"
Traefik-TOML文件是(不确定我是否需要此文件):
logLevel = "DEBUG"
defaultEntryPoints = ["https", "http"]
# WEB interface of Traefik - it will show web page with overview of frontend and backend configurations
[web]
address = ":8080"
# Connection to docker host system (docker.sock)
[docker]
watch = true
# This will hide all docker containers that don't have explicitly
# set label to "enable"
exposedbydefault = false
# Force HTTPS
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443
如果我部署此堆栈,则不会出现任何错误。现在在端口80上连接到mydomain.prod可以按预期将我重定向到https,但NGINX表示 错误400-“普通的HTTP请求已发送到HTTPS端口” 。
那怎么可能出问题了?非常感谢你!