Kop publish local docker ip insted of binded host ip

laserg commented 1 year ago

Hi. Thx for work and so... If I understand the idea correctly the BIND_IP is the ip used for publishing all the services in compose file. But on my config all services published by kop uses docker net ip insted of binded one.

I tried this two ways

treafiek and kop runs on the different vms/hosts
treafiek and kop runs on the same vms/hosts

The kop docker-compose.yml for same host case:

version: "3.2"
services:
  traefik-kop:
    image: "ghcr.io/jittering/traefik-kop:latest"
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - "REDIS_ADDR=${GATEWAY_VM_IP}:63792"
      - "REDIS_PASS=${TRAEFIK_REDIS_PASS}"
      - "BIND_IP=${GATEWAY_VM_IP}"
      - "DEBUG=1"
    networks:
      - internal
  portainer:
    image: portainer/portainer-ce:2.19.0
    ports:
      - "8080:9000"
    volumes:
      - portainer_data:/data
      - /var/run/docker.sock:/var/run/docker.sock
    restart: unless-stopped
    networks:
      - internal
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.portainer-https.rule=Host(`portainer.example.com`)"
      - "traefik.http.routers.portainer-https.entrypoints=websecure"
      - "traefik.http.routers.portainer-https.tls.certresolver=letsentcrypt"
      - "traefik.http.routers.portainer-http.rule=Host(`portainer.example.com`)"
      - "traefik.http.routers.portainer-http.entrypoints=web"
      - "traefik.http.routers.portainer-http.middlewares=https-redirect"
      - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
      - "traefik.http.routers.portainer-https.service=portainer"
      - "traefik.http.services.portainer.loadbalancer.server.port=8080"
      - "kop.bind.ip=2.2.2.2"
  ldap-user-manager:
    image: 'wheelybird/ldap-user-manager:v1.6'
    ports:
      - "8081:80"
    environment:
      - SERVER_HOSTNAME=lum.example.com
      - 'LDAP_URI=ldap://${GATEWAY_VM_IP}'
      - 'LDAP_BASE_DN=dc=example,dc=com'
      - LDAP_REQUIRE_STARTTLS=FALSE
      - FORCE_RFC2307BIS=FALSE
      - NO_HTTPS=TRUE
      - LDAP_ADMINS_GROUP=admins
      - 'LDAP_ADMIN_BIND_DN=cn=admin,dc=example,dc=com'
      - LDAP_ADMIN_BIND_PWD=185183b7_fe9d_45a4_a231_e33edd88f242
      - LDAP_IGNORE_CERT_ERRORS=true
      - EMAIL_DOMAIN=example.com
    restart: unless-stopped
    networks:
      - internal
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.ldap-user-manager-https.rule=Host(`lum.example.com`)"
      - "traefik.http.routers.ldap-user-manager-https.entrypoints=websecure"
      - "traefik.http.routers.ldap-user-manager-https.tls.certresolver=letsentcrypt"
      - "traefik.http.routers.ldap-user-manager-http.rule=Host(`lum.example.com`)"
      - "traefik.http.routers.ldap-user-manager-http.entrypoints=web"
      - "traefik.http.routers.ldap-user-manager-http.middlewares=https-redirect"
      - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
      - "traefik.http.routers.ldap-user-manager-https.service=ldap-user-manager"
      - "traefik.http.services.ldap-user-manager.loadbalancer.server.port=8081"
volumes:
  portainer_data:
networks:
  internal:

The kop .env:

GATEWAY_VM_IP=192.168.0.86
TRAEFIK_REDIS_PASS=0211680c-4b6b-111e-be56-0242ac120002

The kop log is

vm-user@gateway-vm:~/stacks/admin$ sudo docker logs admin_traefik-kop_1
time="2023-09-05T18:41:01Z" level=debug msg="using traefik-kop config: {DockerConfig: DockerHost:unix:///var/run/docker.sock Hostname:6de8854d1ccb BindIP:192.168.0.86 Addr:192.168.0.86:63792 Pass:0215680c-4b6b-11ee-be56-0242ac120002 DB:0 PollInterval:60}"
time="2023-09-05T18:41:01Z" level=info msg="creating new redis store at 192.168.0.86:63792 for hostname 6de8854d1ccb"
time="2023-09-05T18:41:01Z" level=info msg="Starting provider aggregator *traefikkop.MultiProvider"
time="2023-09-05T18:41:01Z" level=info msg="starting polling provider with 1m0s interval"
time="2023-09-05T18:41:01Z" level=info msg="Starting provider *docker.Provider"
time="2023-09-05T18:41:01Z" level=debug msg="*docker.Provider provider configuration: {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"swarmModeRefreshSeconds\":\"15s\"}"
time="2023-09-05T18:41:01Z" level=debug msg="Provider connection established with docker 24.0.5 (API 1.43)" providerName=docker
time="2023-09-05T18:41:01Z" level=debug msg="Filtering disabled container" providerName=docker container=traefik-kop-admin-6de8854d1ccb1d2c10dfc604cfc4ede10b3556502470eff22fdd0b19d8f57e29
time="2023-09-05T18:41:01Z" level=debug msg="Filtering disabled container" providerName=docker container=openldap-gateway-5e38cd41b2c630039ec9dcbc30138524e1b6cf2084abea5abcff24f51ac9bdb9
time="2023-09-05T18:41:01Z" level=debug msg="Filtering disabled container" providerName=docker container=authelia-redis-gateway-225a26a9e9fdededd1fbc180f1f6d67fced9b30117bd55bc81c043d100584f0f
time="2023-09-05T18:41:01Z" level=debug msg="Filtering disabled container" providerName=docker container=traefik-redis-gateway-6c3930a5a6b3c551760a4062084dbe3615678bedb0b1f709b66a74fc8a34093c
time="2023-09-05T18:41:01Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"authelia\":{\"entryPoints\":[\"websecure\"],\"service\":\"authelia\",\"rule\":\"Host(`auth.larin.center`)\",\"tls\":{\"certResolver\":\"letsentcrypt\"}},\"ldap-user-manager-http\":{\"entryPoints\":[\"web\"],\"middlewares\":[\"https-redirect\"],\"service\":\"ldap-user-manager\",\"rule\":\"Host(`lum.larin.center`)\"},\"ldap-user-manager-https\":{\"entryPoints\":[\"websecure\"],\"service\":\"ldap-user-manager\",\"rule\":\"Host(`lum.larin.center`)\",\"tls\":{\"certResolver\":\"letsentcrypt\"}},\"portainer-http\":{\"entryPoints\":[\"web\"],\"middlewares\":[\"https-redirect\"],\"service\":\"portainer\",\"rule\":\"Host(`portainer.larin.center`)\"},\"portainer-https\":{\"entryPoints\":[\"websecure\"],\"service\":\"portainer\",\"rule\":\"Host(`portainer.larin.center`)\",\"tls\":{\"certResolver\":\"letsentcrypt\"}},\"traefik-http\":{\"entryPoints\":[\"web\"],\"middlewares\":[\"https-redirect\"],\"service\":\"traefik-gateway\",\"rule\":\"Host(`traefik.larin.center`)\"},\"traefik-https\":{\"entryPoints\":[\"websecure\"],\"middlewares\":[\"authelia@docker\"],\"service\":\"api@internal\",\"rule\":\"Host(`traefik.larin.center`)\",\"tls\":{\"certResolver\":\"letsentcrypt\"}}},\"services\":{\"authelia\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.29.0.5:9091\"}],\"passHostHeader\":true}},\"ldap-user-manager\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://192.168.16.4:8081\"}],\"passHostHeader\":true}},\"portainer\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://192.168.16.2:8080\"}],\"passHostHeader\":true}},\"traefik-gateway\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.29.0.6:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"authelia\":{\"forwardAuth\":{\"address\":\"http://authelia:9091/api/verify?rd=https://auth.larin.center\",\"trustForwardHeader\":true,\"authResponseHeaders\":[\"Remote-User\",\"Remote-Groups\",\"Remote-Name\",\"Remote-Email\"]}},\"authelia-basic\":{\"forwardAuth\":{\"address\":\"http://authelia:9091/api/verify?auth=basic\",\"trustForwardHeader\":true,\"authResponseHeaders\":[\"Remote-User\",\"Remote-Groups\",\"Remote-Name\",\"Remote-Email\"]}},\"https-redirect\":{\"redirectScheme\":{\"scheme\":\"https\",\"permanent\":true}}}},\"tcp\":{},\"udp\":{}}" providerName=docker
time="2023-09-05T18:41:01Z" level=info msg="refreshing traefik-kop configuration"
time="2023-09-05T18:41:01Z" level=debug msg="found http service: portainer@docker" service=portainer@docker service-type=http
time="2023-09-05T18:41:01Z" level=debug msg="found router 'portainer-http@docker' for service portainer"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/admin_portainer_1' (2b1222bc496fce7acade908d6605053e66c160d44bfbacc6991d373b6e97a751) for service 'portainer'"
time="2023-09-05T18:41:01Z" level=debug msg="found label kop.bind.ip with IP '2.2.2.2' for service portainer"
time="2023-09-05T18:41:01Z" level=debug msg="using load balancer URL for port detection: http://192.168.16.2:8080" service=portainer@docker service-type=http
time="2023-09-05T18:41:01Z" level=debug msg="found router 'portainer-http@docker' for service portainer"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/admin_portainer_1' (2b1222bc496fce7acade908d6605053e66c160d44bfbacc6991d373b6e97a751) for service 'portainer'"
time="2023-09-05T18:41:01Z" level=debug msg="using explicitly set port 8080 for portainer@docker" service-type=http service=portainer@docker
time="2023-09-05T18:41:01Z" level=info msg="publishing http://2.2.2.2:8080" service=portainer@docker service-type=http
time="2023-09-05T18:41:01Z" level=debug msg="found http service: traefik-gateway@docker" service-type=http service=traefik-gateway@docker
time="2023-09-05T18:41:01Z" level=debug msg="found router 'traefik-http@docker' for service traefik-gateway"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/gateway_traefik_1' (0b0f005b646af94a8c930161983cbc0ea17e06d2877d994e953af06b74217460) for service 'traefik-gateway'"
time="2023-09-05T18:41:01Z" level=debug msg="found router 'traefik-http@docker' for service traefik-gateway"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/gateway_traefik_1' (0b0f005b646af94a8c930161983cbc0ea17e06d2877d994e953af06b74217460) for service 'traefik-gateway'"
time="2023-09-05T18:41:01Z" level=debug msg="no network label set for traefik-gateway@docker"
time="2023-09-05T18:41:01Z" level=debug msg="using load balancer URL for port detection: http://172.29.0.6:80" service-type=http service=traefik-gateway@docker
time="2023-09-05T18:41:01Z" level=debug msg="found router 'traefik-http@docker' for service traefik-gateway"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/gateway_traefik_1' (0b0f005b646af94a8c930161983cbc0ea17e06d2877d994e953af06b74217460) for service 'traefik-gateway'"
time="2023-09-05T18:41:01Z" level=warning msg="found more than one host-port binding for container '/gateway_traefik_1' (80:80, 443:443)" service=traefik-gateway@docker service-type=http
time="2023-09-05T18:41:01Z" level=debug msg="using existing port 80" service-type=http service=traefik-gateway@docker
time="2023-09-05T18:41:01Z" level=info msg="publishing http://192.168.0.86:80" service=traefik-gateway@docker service-type=http
time="2023-09-05T18:41:01Z" level=debug msg="found http service: authelia@docker" service=authelia@docker service-type=http
time="2023-09-05T18:41:01Z" level=debug msg="found router 'authelia@docker' for service authelia"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/gateway_authelia_1' (e64e4018a8eac24a6490bddaf60f4dc1249e05a65f90cc03a5dae35e2d1336c0) for service 'authelia'"
time="2023-09-05T18:41:01Z" level=debug msg="found router 'authelia@docker' for service authelia"
time="2023-09-05T18:41:01Z" level=debug msg="found container '/gateway_authelia_1' (e64e4018a8eac24a6490bddaf60f4dc1249e05a65f90cc03a5dae35e2d1336c0) for service 'authelia'"
time="2023-09-05T18:41:01Z" level=debug msg="no network label set for authelia@docker"
time="2023-09-05T18:41:01Z" level=debug msg="using load balancer URL for port detection: http://172.29.0.5:9091" service-type=http service=authelia@docker
time="2023-09-05T18:41:01Z" level=debug msg="found router 'authelia@docker' for service authelia"
time="2023-09-05T18:41:02Z" level=debug msg="found container '/gateway_authelia_1' (e64e4018a8eac24a6490bddaf60f4dc1249e05a65f90cc03a5dae35e2d1336c0) for service 'authelia'"
time="2023-09-05T18:41:02Z" level=debug msg="using explicitly set port 9091 for authelia@docker" service=authelia@docker service-type=http
time="2023-09-05T18:41:02Z" level=info msg="publishing http://192.168.0.86:9091" service=authelia@docker service-type=http
time="2023-09-05T18:41:02Z" level=debug msg="found http service: ldap-user-manager@docker" service=ldap-user-manager@docker service-type=http
time="2023-09-05T18:41:02Z" level=debug msg="found router 'ldap-user-manager-http@docker' for service ldap-user-manager"
time="2023-09-05T18:41:02Z" level=debug msg="found container '/admin_ldap-user-manager_1' (2ebaafe69e36f4f2e0f28290a4687e6c339eda403b1b013d11aea886fed8cc4f) for service 'ldap-user-manager'"
time="2023-09-05T18:41:02Z" level=debug msg="found router 'ldap-user-manager-http@docker' for service ldap-user-manager"
time="2023-09-05T18:41:02Z" level=debug msg="found container '/admin_ldap-user-manager_1' (2ebaafe69e36f4f2e0f28290a4687e6c339eda403b1b013d11aea886fed8cc4f) for service 'ldap-user-manager'"
time="2023-09-05T18:41:02Z" level=debug msg="no network label set for ldap-user-manager@docker"
time="2023-09-05T18:41:02Z" level=debug msg="using load balancer URL for port detection: http://192.168.16.4:8081" service=ldap-user-manager@docker service-type=http
time="2023-09-05T18:41:02Z" level=debug msg="found router 'ldap-user-manager-https@docker' for service ldap-user-manager"
time="2023-09-05T18:41:02Z" level=debug msg="found container '/admin_ldap-user-manager_1' (2ebaafe69e36f4f2e0f28290a4687e6c339eda403b1b013d11aea886fed8cc4f) for service 'ldap-user-manager'"
time="2023-09-05T18:41:02Z" level=debug msg="using explicitly set port 8081 for ldap-user-manager@docker" service-type=http service=ldap-user-manager@docker
time="2023-09-05T18:41:02Z" level=info msg="publishing http://192.168.0.86:8081" service-type=http service=ldap-user-manager@docker
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-http/middlewares/0 = https-redirect"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-http/service = portainer"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-http/rule = Host(`traefik.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/authelia/tls/certResolver = letsentcrypt"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia-basic/forwardAuth/authResponseHeaders/0 = Remote-User"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia/forwardAuth/authResponseHeaders/0 = Remote-User"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-https/service = ldap-user-manager"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-https/tls/certResolver = letsentcrypt"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia/forwardAuth/authResponseHeaders/2 = Remote-Name"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-https/tls/certResolver = letsentcrypt"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/ldap-user-manager/loadBalancer/passHostHeader = true"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-https/entryPoints/0 = websecure"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-http/entryPoints/0 = web"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-https/entryPoints/0 = websecure"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/authelia/rule = Host(`auth.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/ldap-user-manager/loadBalancer/servers/0/url = http://192.168.0.86:8081"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/portainer/loadBalancer/servers/0/url = http://2.2.2.2:8080"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-http/middlewares/0 = https-redirect"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-http/service = ldap-user-manager"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/portainer/loadBalancer/passHostHeader = true"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/traefik-gateway/loadBalancer/passHostHeader = true"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia-basic/forwardAuth/authResponseHeaders/1 = Remote-Groups"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia/forwardAuth/authResponseHeaders/3 = Remote-Email"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/https-redirect/redirectScheme/scheme = https"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/https-redirect/redirectScheme/permanent = true"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-https/rule = Host(`lum.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/authelia/loadBalancer/passHostHeader = true"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/traefik-gateway/loadBalancer/servers/0/url = http://192.168.0.86:80"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia/forwardAuth/trustForwardHeader = true"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-https/service = portainer"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-https/rule = Host(`portainer.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-http/middlewares/0 = https-redirect"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia-basic/forwardAuth/address = http://authelia:9091/api/verify?auth=basic"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-http/entryPoints/0 = web"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-https/entryPoints/0 = websecure"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia-basic/forwardAuth/authResponseHeaders/3 = Remote-Email"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia/forwardAuth/address = http://authelia:9091/api/verify?rd=https://auth.larin.center"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-https/rule = Host(`traefik.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/authelia/service = authelia"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-http/rule = Host(`portainer.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-http/service = traefik-gateway"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-https/middlewares/0 = authelia@docker"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-https/service = api@internal"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/traefik-https/tls/certResolver = letsentcrypt"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/authelia/entryPoints/0 = websecure"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/ldap-user-manager-http/rule = Host(`lum.larin.center`)"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/routers/portainer-http/entryPoints/0 = web"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia-basic/forwardAuth/authResponseHeaders/2 = Remote-Name"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia/forwardAuth/authResponseHeaders/1 = Remote-Groups"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/authelia/loadBalancer/servers/0/url = http://192.168.0.86:9091"
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/middlewares/authelia-basic/forwardAuth/trustForwardHeader = true"

The proof of ip binding is

Expected IP is host 192.168.0.86

chetan commented 12 months ago

Hi @laserg, it looks like you are mixing up different methods assigning an IP. You can refer to the README file for the various methods used to bind an IP address to a service.

To clarify:

kop is meant to run on a different host than traefik. It's not needed when running on the same host (i.e., if it has access to the local docker daemon sock).
If "BIND_IP=${GATEWAY_VM_IP}" is the correct IP to use for services on the kop host, then that is the only config you need
You should remove the label kop.bind.ip from the portainer service
The ldap-user-manager service looks correct

Your logs, config and screenshot do not all agree with each other and so must not have been taken at the same time? For example, in the log output I see the correct IP you are looking for:

GATEWAY_VM_IP=192.168.0.86
time="2023-09-05T18:41:02Z" level=debug msg="writing traefik/http/services/ldap-user-manager/loadBalancer/servers/0/url = http://192.168.0.86:8081"

However this is different in the screenshot. Same with portainer, which is showing 192.168.16.2 in the screenshot but is configured to use 2.2.2.2 in the yaml config & the logs.

Hope this helps, let me know if you are still having trouble.

laserg commented 12 months ago

@chetan

Following your notes I made the minimal representative example Example, logs and screenshots attached.

Kop version: ghcr.io/jittering/traefik-kop:0.13.1

Steps to reproduce:

replace GATEWAY_VM_IP ADMIN_VM_IP in .env files
run compose files on the independent hosts

Expected result:

the portainer accessible at 192.168.0.44:8080
the portainer accessible at portainer.example.com
the portainer service represented in traefiek dashboard

Obtained result:

the portainer accessible at 192.168.0.44:8080
the portainer NOT accessible at portainer.example.com
the portainer service NOT represented in traefiek dashboard

kop-test.zip

P.S. All logs and screenshots taken at the same time. The only replacement made in logs and config is a domain.

chetan commented 11 months ago

@laserg the values written to redis by kop all look good to me. Have you checked the traefik logs to see what it's doing with those? Perhaps it's kicking it out for some reason or another. You may need to set traefik to debug to find out.

leotu commented 11 months ago

Under Weave Net should also local docker ip/port

https://github.com/weaveworks/weave

docker network ls

NETWORK ID     NAME              DRIVER      SCOPE
3bc7409fa166   bridge            bridge      local
2bf42f32c591   docker_gwbridge   bridge      local
a6ac1aab6808   host              host        local
db87f193d2f1   none              null        local
cf7aaf23205a   weave             weavemesh   local

VM IP: docker_gwbridge: ... inet 172.18.0.1

Container IP: ethwe0: ... inet addr:10.40.0.4

Traefik Server show URL http://172.18.0.3:80 It should find 10.40.0.4:80 instead of 172.18.0.3:80

chetan commented 11 months ago

@leotu I have not tried w/ weave, but the container networking support should cover that use case, I believe.

https://github.com/jittering/traefik-kop#container-networking

Do you have the traefik.docker.network label set?

jittering / traefik-kop

Kop publish local docker ip insted of binded host ip #26