exdox77 Posted April 22, 2020 Share Posted April 22, 2020 I have been toying around with Docker and Docker Compose lately and I finally got Traefik setup to reverse proxy all my containers to their own docker network. However, I have one container I was not able to put into the docker container network and sits outside of the docker network. It looks like I can still use Traefik to forward traffic to this container but when the request comes in the traefik container logs state "no route to host". I assume this is because the internal docker networks do not see other networks and are isolated. My questions is, how do it expose the docker networks to other non-docker networks? Quote Link to comment
primeval_god Posted April 27, 2020 Share Posted April 27, 2020 What interface is the problem container connected to? Also what interface is the Traefik container connected to? Quote Link to comment
exdox77 Posted April 27, 2020 Author Share Posted April 27, 2020 The problem container is traefik, which is connected to t2_proxy network with all the other containers, except for unifi. The unifi container needs to be on the main network br0. From what I can tell from the logs, traefik is trying to route requests to my unifi container but there are no routes. Quote Link to comment
primeval_god Posted April 27, 2020 Share Posted April 27, 2020 (edited) Have you tried connecting traefik to both the br0 and t2_proxy networks? Edited April 27, 2020 by primeval_god Quote Link to comment
exdox77 Posted April 27, 2020 Author Share Posted April 27, 2020 yes and traefik chokes and doesnt start back up. I have to disconnect the network from traefik for it work again. I maybe remove all these network i dont use anymore since i moved everything into docker. Ideally i would have 192.168.0.0/16 and then the docker networks and that would be it. Quote Link to comment
primeval_god Posted April 27, 2020 Share Posted April 27, 2020 Interesting, I will have to take a look at my Traefik setup when i get home. I am not certain if i have mine connected to br0, it is connected to multiple networks though. Quote Link to comment
exdox77 Posted April 27, 2020 Author Share Posted April 27, 2020 this is weird. i access the containers shell and ping a few ip's on br0 and they come back just fine. go to ping the ip configured for the unifi container and all packets are lost. no matter if i change the ip to different ip or not. Quote Link to comment
primeval_god Posted April 27, 2020 Share Posted April 27, 2020 Turns out that i no longer have my traefik container connected to multiple networks. For what reason does your ubiquity container need to be on br0? Quote Link to comment
exdox77 Posted April 28, 2020 Author Share Posted April 28, 2020 I originally had it on t2_proxy and then all my unifi devices lost access to the controller. So i moved it back to br0 and the devices connected again. Very strange behavior. I recently moved it back thinking that now I was done reconfiguring everything that it would be fine in t2_proxy. But l traefik still couldn't connect, but gave a 404 error this time and with no log data. Quote Link to comment
primeval_god Posted April 28, 2020 Share Posted April 28, 2020 One other thing you can try is using a static traefik config for your ubiquity container specifying the ip of your unraid server and the exposed ports of the container on br0. I do something similar for my Netdata container which has to be on the Host network to work properly. I use a file based configuration for that container only. Quote Link to comment
exdox77 Posted April 28, 2020 Author Share Posted April 28, 2020 Interesting, I have my netdata container on the t2_proxy using Traefik routes and it works just fine. I think i am going to try to move the container back to t2_proxy and reconfigure traefik. Quote Link to comment
primeval_god Posted April 28, 2020 Share Posted April 28, 2020 (edited) Its not that Netdata wont work on other networks, but there are a few metrics (its been so long i dont remember off hand which) that it can only collect if it shares the host's network namespace. See the limitations section under the link below. I am not certain it still applies to the netdata/netdata container but i havent bothered to check. https://github.com/titpetric/netdata Edited April 28, 2020 by primeval_god Quote Link to comment
primeval_god Posted May 12, 2020 Share Posted May 12, 2020 @exdox77 Did you ever get your traefik setup sorted out? Quote Link to comment
exdox77 Posted May 12, 2020 Author Share Posted May 12, 2020 Nope, others kept telling me to add a route on the host but couldn't figure out how to do it and no one really wanted to help. Then work got a little busy. I moved it to the docker network again but the unifi devices didn't like that it couldn't see the controller so i moved it back to the main network. So not sure what is up. Quote Link to comment
daze Posted August 25, 2020 Share Posted August 25, 2020 How do you get started with this? My docker-compose file gets hung up on ports 80/443 are the GUI listens to those ports on 0.0.0.0. I tried using a vlan, br0.50, and I get a bit farther, but not much. Any anyone share their compose file or however they did this. please? Quote Link to comment
primeval_god Posted August 25, 2020 Share Posted August 25, 2020 @daze I dont use docker-compose myself, I just run a traefik container and add the appropriate labels to the containers i want passed through (using unRAIDs dockerman templates). As for the port issue, I am not using port 80/443 for my traefik container. I chose another unused port pair as the entrypoint for my reverse proxy. Something like 9080/9443 which i mapped to ports 80/443 in the traefik docker container. 1 Quote Link to comment
daze Posted August 30, 2020 Share Posted August 30, 2020 I was trying to avoid using non-standard ports, but that'll do for now. Beats running a VM. Thanks for the reply! Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.