gpt4 book ai didi

Traefik:转发身份验证不起作用

转载 作者:行者123 更新时间:2023-12-01 22:28:08 30 4
gpt4 key购买 nike

我正在尝试调整可用的教程 here身份验证配置详见official Trafik documentation .

我创建了一个简单的服务,当收到此地址上的 GET 请求时,该服务始终响应 200 OK:http://172.27.10.56:9999/verify

然后,我更改了 traefik.toml,并添加了以下内容:

[entrypoints.http.auth.forward]
address = "http://172.27.10.56:9999/verify"

但是我的身份验证服务从未被调用。事实上,通过此配置,traefik 会停止重定向所有请求。

这是我的 Dockerfile:

FROM traefik:v1.4.1-alpine
ADD traefik.toml /traefik.toml

这是我的 traefik.toml

debug = true
logLevel = "DEBUG"
defaultEntryPoints = ["http"]

[entryPoints]
[entryPoints.http]
address = ":80"
[entrypoints.http.auth.forward]
address = "http://172.27.10.56:9999/verify"

[web]
address = ":8080"

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "docker.localhost"
watch = true

这是我的 docker-compose.yaml

traefik:
image: dsp/traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock

machine:
image: katacoda/docker-http-server
labels:
- "traefik.backend=machine-echo"
- "traefik.frontend.rule=Host:machine-echo.example.com"

echo:
image: katacoda/docker-http-server:v2
labels:
- "traefik.backend=echo"
- "traefik.frontend.rule=Host:echo-echo.example.com"

这是 traefik 启动的输出:

time="2017-10-26T15:00:17Z" level=info msg="Using TOML configuration file //traefik.toml" 
time="2017-10-26T15:00:17Z" level=info msg="Traefik version v1.4.1 built on 2017-10-24_05:25:28PM"
time="2017-10-26T15:00:17Z" level=debug msg="Global configuration loaded {"GraceTimeOut":10000000000,"Debug":true,"CheckNewVersion":true,"AccessLogsFile":"","AccessLog":null,"TraefikLogsFile":"","LogLevel":"DEBUG","EntryPoints":{"http":{"Network":"","Address":"","TLS":null,"Redirect":null,"Auth":{"Basic":null,"Digest":null,"Forward":{"Address":"http://172.27.10.56:9999/verify","TLS":null,"TrustForwardHeader":false},"HeaderField":""},"WhitelistSourceRange":null,"Compress":false,"ProxyProtocol":null,"ForwardedHeaders":{"Insecure":true,"TrustedIPs":null}}},"Cluster":null,"Constraints":[],"ACME":null,"DefaultEntryPoints":["http"],"ProvidersThrottleDuration":2000000000,"MaxIdleConnsPerHost":200,"IdleTimeout":0,"InsecureSkipVerify":false,"RootCAs":null,"Retry":null,"HealthCheck":{"Interval":30000000000},"RespondingTimeouts":null,"ForwardingTimeouts":null,"Docker":{"Watch":true,"Filename":"","Constraints":null,"Trace":false,"DebugLogGeneratedTemplate":false,"Endpoint":"unix:///var/run/docker.sock","Domain":"docker.localhost","TLS":null,"ExposedByDefault":true,"UseBindPortIP":false,"SwarmMode":false},"File":null,"Web":{"Address":":8080","CertFile":"","KeyFile":"","ReadOnly":false,"Statistics":null,"Metrics":null,"Path":"/","Auth":null,"Debug":false,"CurrentConfigurations":null,"Stats":null,"StatsRecorder":null},"Marathon":null,"Consul":null,"ConsulCatalog":null,"Etcd":null,"Zookeeper":null,"Boltdb":null,"Kubernetes":null,"Mesos":null,"Eureka":null,"ECS":null,"Rancher":null,"DynamoDB":null}"
time="2017-10-26T15:00:17Z" level=info msg="Preparing server http &{Network: Address: TLS:<nil> Redirect:<nil> Auth:0xc4204da780 WhitelistSourceRange:[] Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc4202a07c0} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
time="2017-10-26T15:00:17Z" level=info msg="Starting provider *docker.Provider {"Watch":true,"Filename":"","Constraints":null,"Trace":false,"DebugLogGeneratedTemplate":false,"Endpoint":"unix:///var/run/docker.sock","Domain":"docker.localhost","TLS":null,"ExposedByDefault":true,"UseBindPortIP":false,"SwarmMode":false}"
time="2017-10-26T15:00:17Z" level=info msg="Starting server on "
time="2017-10-26T15:00:17Z" level=info msg="Starting provider *web.Provider {"Address":":8080","CertFile":"","KeyFile":"","ReadOnly":false,"Statistics":null,"Metrics":null,"Path":"/","Auth":null,"Debug":true,"CurrentConfigurations":{},"Stats":{"Uptime":"2017-10-26T15:00:17.777369487Z","Pid":1,"ResponseCounts":{},"TotalResponseCounts":{},"TotalResponseTime":"0001-01-01T00:00:00Z"},"StatsRecorder":null}"
time="2017-10-26T15:00:17Z" level=debug msg="Provider connection established with docker 17.10.0-ce-rc1 (API 1.33)"
time="2017-10-26T15:00:17Z" level=debug msg="Validation of load balancer method for backend backend-echo failed: invalid load-balancing method ''. Using default method wrr."
time="2017-10-26T15:00:17Z" level=debug msg="Validation of load balancer method for backend backend-machine-echo failed: invalid load-balancing method ''. Using default method wrr."
time="2017-10-26T15:00:17Z" level=debug msg="Validation of load balancer method for backend backend-traefik-traefik failed: invalid load-balancing method ''. Using default method wrr."
time="2017-10-26T15:00:17Z" level=debug msg="Configuration received from provider docker: {"backends":{"backend-echo":{"servers":{"server-traefik_echo_1":{"url":"http://172.17.0.2:80","weight":0}},"loadBalancer":{"method":"wrr"}},"backend-machine-echo":{"servers":{"server-traefik_machine_1":{"url":"http://172.17.0.3:80","weight":0}},"loadBalancer":{"method":"wrr"}},"backend-traefik-traefik":{"servers":{"server-traefik_traefik_1":{"url":"http://172.17.0.4:80","weight":0}},"loadBalancer":{"method":"wrr"}}},"frontends":{"frontend-Host-echo-echo-example-com":{"entryPoints":["http"],"backend":"backend-echo","routes":{"route-frontend-Host-echo-echo-example-com":{"rule":"Host:echo-echo.example.com"}},"passHostHeader":true,"priority":0,"basicAuth":[],"headers":{}},"frontend-Host-machine-echo-example-com":{"entryPoints":["http"],"backend":"backend-machine-echo","routes":{"route-frontend-Host-machine-echo-example-com":{"rule":"Host:machine-echo.example.com"}},"passHostHeader":true,"priority":0,"basicAuth":[],"headers":{}},"frontend-Host-traefik-traefik-docker-localhost":{"entryPoints":["http"],"backend":"backend-traefik-traefik","routes":{"route-frontend-Host-traefik-traefik-docker-localhost":{"rule":"Host:traefik.traefik.docker.localhost"}},"passHostHeader":true,"priority":0,"basicAuth":[],"headers":{}}}}"
time="2017-10-26T15:00:17Z" level=debug msg="Last docker config received more than 2s, OK"
time="2017-10-26T15:00:17Z" level=debug msg="Creating frontend frontend-Host-echo-echo-example-com"
time="2017-10-26T15:00:17Z" level=debug msg="Wiring frontend frontend-Host-echo-echo-example-com to entryPoint http"
time="2017-10-26T15:00:17Z" level=debug msg="Creating route route-frontend-Host-echo-echo-example-com Host:echo-echo.example.com"
time="2017-10-26T15:00:17Z" level=debug msg="Creating backend backend-echo"
time="2017-10-26T15:00:17Z" level=debug msg="Creating load-balancer wrr"
time="2017-10-26T15:00:17Z" level=debug msg="Creating server server-traefik_echo_1 at http://172.17.0.2:80 with weight 0"
time="2017-10-26T15:00:17Z" level=debug msg="Creating frontend frontend-Host-machine-echo-example-com"
time="2017-10-26T15:00:17Z" level=debug msg="Wiring frontend frontend-Host-machine-echo-example-com to entryPoint http"
time="2017-10-26T15:00:17Z" level=debug msg="Creating route route-frontend-Host-machine-echo-example-com Host:machine-echo.example.com"
time="2017-10-26T15:00:17Z" level=debug msg="Creating backend backend-machine-echo"
time="2017-10-26T15:00:17Z" level=debug msg="Creating load-balancer wrr"
time="2017-10-26T15:00:17Z" level=debug msg="Creating server server-traefik_machine_1 at http://172.17.0.3:80 with weight 0"
time="2017-10-26T15:00:17Z" level=debug msg="Creating frontend frontend-Host-traefik-traefik-docker-localhost"
time="2017-10-26T15:00:17Z" level=debug msg="Wiring frontend frontend-Host-traefik-traefik-docker-localhost to entryPoint http"
time="2017-10-26T15:00:17Z" level=debug msg="Creating route route-frontend-Host-traefik-traefik-docker-localhost Host:traefik.traefik.docker.localhost"
time="2017-10-26T15:00:17Z" level=debug msg="Creating backend backend-traefik-traefik"
time="2017-10-26T15:00:17Z" level=debug msg="Creating load-balancer wrr"
time="2017-10-26T15:00:17Z" level=debug msg="Creating server server-traefik_traefik_1 at http://172.17.0.4:80 with weight 0"
time="2017-10-26T15:00:17Z" level=info msg="Server configuration reloaded on "

当我测试 Traefik 时,输出如下:

curl -H Host:machine-echo.example.com http://127.0.0.1
curl: (56) Recv failure: Connection reset by peer

但是,当我从 traefik.toml 中删除前向身份验证配置时,请求已成功重定向到 docker 容器:

curl -H Host:machine-echo.example.com http://127.0.0.1
<h1>This request was processed by host: 2a291e3bb05f</h1>

可能出了什么问题?

最佳答案

文档中似乎有拼写错误。我花了一段时间才弄清楚:

[entrypoints.http.auth.forward]

应该是:

[entryPoints.http.auth.forward]

“entryPoints”中的大写“P”

关于Traefik:转发身份验证不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46957944/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com