traefik: Some requests failing in dockerized Traefik but working when Traefik is run directly on the host machine

Do you want to request a feature or report a bug?

Bug

What did you do?

I am using Traefik as a reverse proxy to my web application and to automatically general SSL certs with lets encrypt.

My application is a dockerized flask app served with Gunicorn.

I started Traefik in two ways:

  1. As a dockerized service running alongside my other docker-compose services. Here is the relevant snippet from my docker-compose file:
    traefik:
        container_name: traefik
        image: traefik:1.7.7
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - ./traefik:/etc/traefik
        ports:
            - "80:80"
            - "443:443"
            - "${TRAEFIK_ADMIN_PORT:-8080}:8080"
  1. Directly on the host machine using the binary downloaded from GitHub releases:

sudo ./traefik_linux-386 --configFile=traefik/traefik.toml

Note how I am using the same toml file in both instances.

What did you expect to see?

I expected to see no appreciable difference between running Traefik in the docker container and running it directly on the host.

What did you see instead?

Instead I saw many of the requests fail when running Traefik inside a docker container. When loading my web app some of the resources fail to load, while others load successfully. It is not always the same resources, but almost every page load some of the resources fail to load. Here is a screen grab of the safari network pane:

network-fail-6

In comparison when I run the binary downloaded on GH releases directly on the host machine (still running my app with docker) then I never see any failed resources.

Output of traefik version: (What version of Traefik are you using?)

Dockerized:

docker run traefik version
Version:      v1.7.7
Codename:     maroilles
Go version:   go1.11.4
Built:        2019-01-08_10:21:03AM
OS/Arch:      linux/amd64

On Host Machine:

./traefik_linux-386 version
Version:      v1.7.7
Codename:     maroilles
Go version:   go1.11.4
Built:        2019-01-08_10:21:03AM
OS/Arch:      linux/386

What is your environment & configuration (arguments, toml, provider, platform, …)?

debug = false
logLevel = "INFO"
defaultEntryPoints = ["http", "https"]

[accessLog]

[web]
# Port for the status page
address = ":8080"
  [web.auth.basic]
  users = ["admin:pass"]

# Entrypoints, http and https
[entryPoints]
  # http should be redirected to https
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  # https is the default
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

# Enable ACME (Let's Encrypt): automatic SSL
[acme]
# Email address used for registration
email = "me"
storageFile = "/etc/traefik/acme.json"
entryPoint = "https"
onDemand = false
OnHostRule = true
  [acme.httpChallenge]
  entryPoint = "http"

[retry]

# Enable Docker configuration backend
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false

If applicable, please paste the log output in DEBUG level (--logLevel=DEBUG switch)

(paste your output here)

Please let me know if any more information is needed.

https://stackoverflow.com/questions/54119727/traefik-request-has-been-aborted-and-tls-handshake-error-error-showing-up-in

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 17 (6 by maintainers)

Most upvoted comments

Thanks for opening this issue!

We need further information to better understand the problem you’re facing 🤔

Could you please join us on our Slack workspace and reach out to us on the (#support channel)?

We’re looking forward to talking to you there!

+2
traefiker on Jan 18, 2019

@paulcalabro For what its worth I tried the next few releases after reporting this issue and the issue still persisted. I reached out to containous via email and they said the issue was most likely something not related to Traefik and had to do with my environment. This could very well be the case but I think I am running a fairly simple and standard environment: AWS ubuntu image, official postgres docker container, official python 3.6 docker container

Luckily my workaround of running Traefik outside of the docker container on my actual host system has continued to work for me. I have not seen a single error since switching away from the official Traefik docker container. Have you tried not using the official Traefik docker container and instead running on your host system?

+1
jminardi on Apr 5, 2019
Read more comments on GitHub
← traefik: Service status successful even if one or all servers/services failed
traefik: Sporadic 502 response only when running through traefik →