Using container with Traefik result in invalid SOAP Public base URL

[warlof]

Describe the issue Hi,

When we're using container with Traefik, the public SOAP url is not used to generate web services definitions. Calling http(s)://{host}/{container}/WS/Services is showing published web services with http(s)://{host}:7047/BC/WS/ Same apply in specific web service definition, at location attribute which is showing http(s)://{host}:7047/BC/WS/{Company}/{Type}/{Name}

This is preventing certain library to consume web service as they're using explicilty the location attribute ship in web service definition.

It's perhaps tied to #1832

Scripts used to create container and cause the issue

New-BcContainer -accept_eula `
    -containerName $container `
    -artifactUrl $artifactUrl `
    -enableTaskScheduler `
    -licenseFile $licenseFile `
    -databaseServer "$sqlServer\$sqlInstance" `
    -databasePrefix "docker-" `
    -databaseName $container `
    -databaseCredential $databaseCredentials `
    -useTraefik `
    -PublicDnsName $node_fqdn `
    -auth "NavUserPassword" `
    -shortcuts None `
    -Credential (New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $navUser, (ConvertTo-SecureString -String $navPassword -AsPlainText -Force))

Full output of scripts

Initializing...
Setting host.containerhelper.internal to 172.27.96.1 in container hosts file
Restarting Container
PublicDnsName unchanged
Hostname is {host}
PublicDnsName is {host}
Using NavUserPassword Authentication
Starting Internet Information Server
Starting Service Tier
Container IP Address: 172.27.109.64
Container Hostname  : {host}
Container Dns Name  : {host}
Web Client          : https://{host}/{container}/
Dev. Server         : https://{host}
Dev. ServerInstance : BC

Files:
http://{host}:8080/ALLanguage.vsix
http://{host}:8080/certificate.cer

Container Total Physical Memory is 128.0Gb
Container Free Physical Memory is 101.9Gb

Initialization took 30 seconds
Ready for connections!

[freddydk]

Duplicate of https://github.com/microsoft/navcontainerhelper/issues/983 You would have to file a bug for the product team to get this fixed, it isn't something I can fix in ContainerHelper, sorry

[freddydk]

Actually, there already was filed a bug based on 983 - and it is marked as fixed. What version of Business Central are you using here?

[catadumitru]

Hi Freddy, I also found the same issue here: https://github.com/microsoft/nav-docker/issues/460

I am running BC18 and I get the same issue:

Where can we see the bug that was "fixed" for this?

[freddydk]

You mentioned SOAP URL - but you are displaying OData. Could you check the SOAP WSDL?

[freddydk]

This is a problem in Business Central. OData feed doesn't use the PublicODataBaseUrl - the platform team will be looking at this - no ETA though, SOAP WSDL should be updated correctly and should be using PublicSoapBaseUrl

[catadumitru]

just tried with the latest BC18 onprem and it still looks like this

[freddydk]

What does Get-BcContainerServerConfiguration $containername

return?

[catadumitru]

ContainerName : devtest NetworkProtocol : Default DatabaseServer : localhost DatabaseInstance : SQLEXPRESS DatabaseName : CRONUS EnableSqlConnectionEncryption : false TrustSQLServerCertificate : false ServerInstance : BC EnableSqlInformationDebugger : true AmountOfSqlStatementsInDebugger : 10 EnableLongRunningSqlStatementsInDebugger : true LongRunningSqlStatementsInDebuggerThreshold : 500 ClientServicesPort : 7046 SOAPServicesPort : 7047 ODataServicesPort : 7048 ManagementServicesPort : 7045 ManagementServicesEnabled : true ClientServicesEnabled : true TestAutomationEnabled : true PageBackgroundTaskAllowedAutomationMethods : (Update,Microsoft.Dynamics.Nav.Client.BusinessChart;PublicKeyToken=31bf3856ad364e35) DeveloperServicesPort : 7049 DeveloperServicesEnabled : true DeveloperServicesSSLEnabled : true SnapshotDebuggerServicesPort : 7083 SnapshotDebuggerEnabled : true UsePermissionSetsFromExtensions : true SnapshotDebuggerServicesSSLEnabled : true ExtensionAllowedTargetLevel : Internal RequiredExtensions : SolutionVersionExtension : 00000000-0000-0000-0000-000000000000 ReportPDFFontEmbedding : true ReportAppDomainIsolation : true ReportMaxRows : 1000000 ReportDefaultMaxRows : 500000 ReportTimeout : 12:00:00 ReportDefaultTimeout : 06:00:00 ReportMaxDocuments : 500 ReportDefaultMaxDocuments : 200 QueryMaxRows : MaxValue QueryTimeout : MaxValue EnableSaveToWordForRdlcReports : true EnableSaveToExcelForRdlcReports : true EnableSaveFromReportPreview : true CompileBusinessApplicationAtStartup : true SOAPServicesEnabled : true ODataServicesEnabled : true ODataServicesV3EndpointEnabled : false ODataServicesV4EndpointEnabled : true SOAPServicesSSLEnabled : true ODataServicesSSLEnabled : true ODataMaxConnections : 0 ODataMaxConnectionsPerTenant : 0 ODataV4MaxConcurrentRequests : 5 ODataV4MaxRequestQueueSize : 95 SOAPMaxConcurrentRequests : 5 SOAPMaxRequestQueueSize : 95 SOAPMaxConnections : 0 SOAPMaxConnectionsPerTenant : 0 DeltaServiceClientTimeout : 00:02:00 ODataServicesOperationTimeout : 00:08:00 SOAPServicesOperationTimeout : 00:10:00 PublicODataBaseUrl : https://mydomain.com/devtestrest/odata PublicSOAPBaseUrl : https://mydomain.com/devtestsoap/ws PublicWebBaseUrl : https://mydomain.com/devtest PublicWinBaseUrl : DynamicsNAV://mydomain.com:7046/BC/ DefaultClient : Web ServicesOptionFormat : OptionCaption ServicesLanguage : en-US CalendarTwoDigitYearMax : -1 SOAPServicesMaxMsgSize : 65536 ServicesUseNTLMAuthentication : false ServicesDefaultTimeZone : UTC ServicesDefaultCompany : ODataServicesMaxPageSize : 20000 ClientServicesOperationTimeout : MaxValue ClientServicesProtectionLevel : EncryptAndSign MaxConcurrentCalls : 1000 ClientServicesMaxConcurrentConnections : 500 ClientServicesReconnectPeriod : 00:10:00 ClientServicesMaxNumberOfOrphanedConnections : 20 ClientServicesCompressionThreshold : 64 ClientServicesMaxUploadSize : 350 EnableDebugging : false DebuggingAllowed : true SqlTracingAllowed : true SqlLockTimeoutOverride : 0 ClientServicesMaxItemsInObjectGraph : 512 ClientServicesChunkSize : 28 ClientServicesProhibitedFileTypes : ade;adp;asp;bas;bat;chm;cmd;com;cpl;csh;exe;fxp;gadget;hlp;hta;inf;ins;isp;its;js;jse;ksh;lnk;mad;maf;mag;mam;maq;mar;mas;mat;mau;mav;maw;mda;mdb;mde;mdt;mdw;mdz;msc;msi;msp;mst;ops;pcd;pif;prf;p rg;pst;reg;scf;scr;sct;shb;shs;url;vb;vbe;vbs;vsmacros;vss;vst;vsw;ws;wsc;wsf;wsh ClientServicesAllowedFileTypes : NASServicesStartupCodeunit : NASServicesRunWithAdminRights : false EnableDeadlockMonitoring : false NASServicesStartupMethod : NASServicesStartupArgument : NASServicesEnableDebugging : false ClientServicesCredentialType : NavUserPassword UIElementRemovalOption : LicenseFileAndUserPermissions ClientServicesTokenSigningKey : ClientServicesFederationMetadataLocation : ServicesCertificateThumbprint : 4E115DD232BC72A257B45273CEB41CA7E345F8C3 ServicesCertificateValidationEnabled : false DisableTokenSigningCertificateValidation : false TokenSigningCertificateValidationMode : IssuerNameValidation DataCacheSize : 10 SessionEventTableRetainInterval : 90.00:00:00 NonInteractiveSessionsLogRetainInterval : 5.00:00:00 SqlCommandTimeout : 00:30:00 SqlManagementCommandTimeout : -1 SqlConnectionTimeout : 00:01:30 EnableSqlReadOnlyReplicaSupport : false EnableExclusiveExistsCheckOnModify : false BufferedInsertEnabled : true DisableSmartSql : false EnableFullALFunctionTracing : false Multitenant : False SqlConnectionIdleTimeout : 00:05:00 EnableALServerFileAccess : true EnableApplicationChannelLog : true EncryptionProvider : LocalKeyFile AzureKeyVaultAppSecretsPublisherValidationEnabled : true ExchangeAuthenticationMetadataLocation : AppIdUri : WSFederationLoginEndpoint : AzureActiveDirectoryClientId : AzureActiveDirectoryClientSecret : AzureActiveDirectoryClientCertificateThumbprint : EnableMembershipEntitlement : EnablePartialRecords : true MaxRowsToExportToExcel : MaxValue EnableTaskScheduler : false TaskSchedulerMaximumConcurrentRunningTasks : 3 DefaultTaskSchedulerSessionTimeout : 12:00:00 DefaultStartSessionTimeout : 08:00:00 ClientServicesKeepAliveInterval : 00:02:00 UseSimplifiedFilters : false ExcelAddInAzureActiveDirectoryClientId : DisableWriteInsideTryFunctions : true ExtendedSecurityTokenLifetime : 0 ClientServicesIdleClientTimeout : MaxValue ODataEnableExcelAddInAnnotations : true NavHttpClientMaxResponseContentSize : 150 NavHttpClientMaxTimeout : 00:05:00 ClientBuildRestriction : WarnClient TraceLevel : Normal ExternalTraceLevel : Error EnableDataExportImport : true MaximumSessionRecursionDepth : 14 MaxStreamReadSize : 1000000 ValidAudiences : DefaultLanguage : SupportedLanguages : UnsupportedLanguageIds : 1034 ApiServicesEnabled : True ApiSubscriptionsEnabled : true ApiSubscriptionExpiration : 3 ApiSubscriptionNotificationUrlTimeout : 5000 ApiSubscriptionSendingNotificationTimeout : 30000 ApiSubscriptionDelayTime : 30000 ApiSubscriptionMaxNumberOfNotifications : 100 ApiSubscriptionMaxNumberOfSubscriptions : 200 EnableSymbolLoadingAtServerStartup : False SqlLongRunningThreshold : 750 SqlLongRunningThresholdForApplicationInsights : 750 SqlBulkImportBatchSize : 448 UseIncrementalCompanyDelete : false TaskSchedulerSystemTaskStartTime : 00:00:00 TaskSchedulerSystemTaskEndTime : 23:59:59 ChildSessionsMaxConcurrency : 5 ChildSessionsMaxQueueLength : 100 PageBackgroundTaskDefaultTimeout : 00:02:00 PageBackgroundTaskMaxTimeout : 00:10:00 XmlMetadataCacheSize : 500 AllowSessionWhileSyncAndDataUpgrade : true SearchTimeout : 00:00:10 OverwriteExistingTranslations : true LockoutPolicyFailedAuthenticationCount : 0 LockoutPolicyFailedAuthenticationWindow : 0 ReplaceReportExecutionTimeWithClientTime : true UseFindMinusWhenPopulatingPage : true DisableQueryHintOptimizeForUnknown : true DisableQueryHintForceOrder : true DisableQueryHintLoopJoin : true EnableSqlQueryTopParameterization : false SecurityProtocol : Tls12 IntegrationRecordsTableId : 5151 LegacyOptionCaptionResolution : false EnableMultithreadedCompilation : true ApplicationInsightsInstrumentationKey : ApplicationInsightsConnectionString : EnableUserConsistencyValidationOnTasks : true AllowReadingCrossTenantApplicationDatabaseTables : false EnableExclusiveApplicationPackageRole : true ManagementServicesIdleClientTimeout : 02:00:00 ALLongRunningFunctionTracingThresholdForApplicationInsights : 10000 ALFunctionTimingEnabled : true ALCompatibleDateFormatCultureList : EnableCloudReplicationMaintenance : false EnableProfileCacheSynchronization : false AllowSessionCallSuspendWhenWriteTransactionStarted : true AzureKeyVaultClientId : 00000000-0000-0000-0000-000000000000 AzureKeyVaultClientCertificateStoreLocation : LocalMachine AzureKeyVaultClientCertificateStoreName : My AzureKeyVaultClientCertificateThumbprint : AzureKeyVaultKeyUri :

[warlof]

Hi,

The thing is applying to the overall soa endpoints at least (so, soap and odata).

Used version is 16.5

What I don't hunderstand is using base url is working properly on non docker environments. Can it be a miss configuration from traefik or even an issue from it?

[freddydk]

I will try to spin up a VM with docker and traefik to troubleshoot.

[elweilando]

Same here. The request to the container URL always responds with an instance name "BC". For this reason, PowerBI or PowerQuery queries from Excel fail when going against a Docker container with traefik.

It's in 17.2 and 17.6

[elweilando]

Some news about this issue?

[warlof]

Is there anything else we can do/provide as extra information for this issue ?

[warlof]

If it may help with diagnose, using any OData (not v4) web service (like a page or a query) in Excel is resulting to the following error message :

(415) Unsupported Media Type.

1) publish page 33 (Customers) in WebServices as customers 2) in a Excel Workbook, load it using Data > Sources > Other > OData

EDIT: I wonder if overall replace issue is not coming from a bug from Traefik 1.x which has since be addressed in v2.x https://github.com/traefik/traefik/issues/6355

I tried to check what could cause an issue from my today report based on OData and Excel integration, and figure the resulting endpoint was altered :

Still using my Customers example, this is how the metadata url is exposed when directly accessed (without traefik front) : scheme://domain/NAV/OData/Company('DEMO')/customers

And this is the resulting url once pass by traefik : scheme://domain/NAV/OData/Company%28%27DEMO%27%29/customers

As you may notice, both ( and ' characters which encapsulate company are escaped - resulting into an invalid endpoint.

The upper github issue is referencing this special case as beeing addressed in v2.1 Question is : wouldn't is be better to switch used traefik version ?

[freddydk]

This is a problem in Business Central. OData feed doesn't use the PublicODataBaseUrl - the platform team will be looking at this - no ETA though, SOAP WSDL should be updated correctly and should be using PublicSoapBaseUrl

I will try to file a bug on the server team again (did that a few times already)

[freddydk]

This is the same issue as #2595 Closing this, keeping the other and will query and update from the Server team.