I have setup Splunk behind Traefik with docker-compose and I'm noticing some issues with TLS when the host port of instance is changed to a port other than 443 and a root_endpoint is being used. If these conditions are met Splunk returns "404 page not found".
Example 3 - Splunk-Traefik-with-Root-Endpoint (Port Forwarding)
Continuing on from Example 2 when the proxy (Traefik) host port is mapped to 443, but this is on a vm and a port on the hypervisor is mapped to 443 Splunk returns error 404 again (For example using Vagrant and mapping 8443 on the host to 443 on the vm and visiting https://localhost:8443/splunk)
In Example 2 I have also noticed when accessing https://localhost:8443/splunk the page is getting forwarded to http://localhost:8443/splunk/en-GB/ it looks like it's changing from https to http, this would suggest it's a proxy issue but
I do know this configuration has worked for other applications and I don't know what is causing this behaviour with Splunk. Also it's weird that that when no root_endpoint is defined as in Example 1 everything is resolved as it should.
Hi All,
I have setup Splunk behind Traefik with docker-compose and I'm noticing some issues with TLS when the host port of instance is changed to a port other than 443 and a root_endpoint is being used. If these conditions are met Splunk returns "404 page not found".
Example 1 - Splunk-Traefik-without-Root-Endpoint
https://gist.github.com/lluked/771a1f7f9bbd8ef2581e8828f3b25f9e
When the proxy (Traefik) host port is mapped to 443, Splunk is accessible at https://localhost:443
When the proxy (Traefik) host port is mapped to 8443, Splunk is accessible at https://localhost:8443
Both of these scenarios work as expected.
Example 2 - Splunk-Traefik-with-Root-Endpoint
https://gist.github.com/lluked/438b10a6321ff50feb8d704690a0cafc
A root_endpoint has now been introduced.
When the proxy (Traefik) host port is mapped to 443, Splunk is accessible at https://localhost:443/splunk
When the proxy (Traefik) host port is mapped to 8443, Splunk returns error 404 at https://localhost:8443/splunk
Splunk now does not work with the forwarded port.
Example 3 - Splunk-Traefik-with-Root-Endpoint (Port Forwarding)
Continuing on from Example 2 when the proxy (Traefik) host port is mapped to 443, but this is on a vm and a port on the hypervisor is mapped to 443 Splunk returns error 404 again (For example using Vagrant and mapping 8443 on the host to 443 on the vm and visiting https://localhost:8443/splunk)
Example 4 - Splunk-Traefik-with-Root-Endpoint (No TLS)
If TLS is removed from the configuration everything works fine again.
When the proxy (Traefik) host port is mapped to 443, Splunk is accessible at http://localhost:443/splunk
When the proxy (Traefik) host port is mapped to 8443, Splunk is accessible at http://localhost:8443/splunk
#
In Example 2 I have also noticed when accessing https://localhost:8443/splunk the page is getting forwarded to http://localhost:8443/splunk/en-GB/ it looks like it's changing from https to http, this would suggest it's a proxy issue but I do know this configuration has worked for other applications and I don't know what is causing this behaviour with Splunk. Also it's weird that that when no root_endpoint is defined as in Example 1 everything is resolved as it should.
Please can anyone help?