0

I have been using Traefik as a reverse proxy for several containers managed through docker compose. It has been working well but I'm having some difficulty getting graylog running properly behind it.

This config (excerpt of the complete file, removed irrelevant services) works for me 

version: '3'

services:
  traefik:
    image: traefik 
    command: --docker 
    networks:
      - web
    ports:
      - "80:80"     
      - "8080:8080" 
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  graylog:
    image: graylog/graylog:3.0
    environment:
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
      - GRAYLOG_ROOT_PASSWORD_SHA2=somestuffhere
      - GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:9000
      - GRAYLOG_HTTP_EXTERNAL_URI=http://graylog.localhost/
    links:
      - mongodb:mongo
      - elasticsearch
    depends_on:
      - mongodb
      - elasticsearch
    networks:
      - web
      - default
    ports:
      - 9000:9000
      - 1514:1514
      - 1514:1514/udp
      - 12201:12201
      - 12201:12201/udp
    labels:
      - "traefik.docker.network=web"
      - "traefik.web.frontend.rule=Host:graylog.localhost"
      - "traefik.protocol=http"
      - "traefik.port=9000"
      - "traefik.enable=true"

I can then access graylog in my browser at http://graylog.localhost/

The problem occurs because I can't use domains like this in my staging env. What I have had to use is paths rather than domains e.g. the swagger service in my staging env is defined as 

swagger:
    image: swaggerapi/swagger-ui
    environment:
      SWAGGER_JSON: /swagger/staging-openapi.yaml
      BASE_URL: /swagger
    volumes:
      - /home/ubuntu/src/carelink_swagger_service:/swagger
    networks:
      - web
      - default
    labels:
      - "traefik.docker.network=web"
      - "traefik.frontend.rule=Host:my.staging.domain.org; PathPrefix: /swagger"
      - "traefik.protocol=http"
      - "traefik.port=8080"
      - "traefik.enable=true"

and I access services like this https://my.staging.domain.org/swagger/

Trying to adopt this approach for graylog 

graylog:
    image: graylog/graylog:3.0
    environment:
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
      - GRAYLOG_ROOT_PASSWORD_SHA2=somestuffhere
      - GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:9000
      - GRAYLOG_HTTP_EXTERNAL_URI=http://localhost/graylog/
    links:
      - mongodb:mongo
      - elasticsearch
    depends_on:
      - mongodb
      - elasticsearch
    networks:
      - web
      - default
    ports:
      - 9000:9000
      - 1514:1514
      - 1514:1514/udp
      - 12201:12201
      - 12201:12201/udp
    labels:
      - "traefik.docker.network=web"
      - "traefik.web.frontend.rule=Host:localhost; PathPrefix: /graylog"
      - "traefik.protocol=http"
      - "traefik.port=9000"
      - "traefik.enable=true"

and I get the following errors

enter image description here

I have gone through this Q/A, similar entries on the graylog forums etc. but I feel like I'm chasing my tail.

Philip O'Brien
  • 4,146
  • 10
  • 46
  • 96

1 Answers1

2

It's for Traefik 2.x but I think that you'll manage to convert your rules:

      labels:
        - "traefik.http.routers.graylog.rule=PathPrefix(`/graylog`)"
        - "traefik.http.routers.graylog.middlewares=graylog3@docker,graylog2@docker,graylog@docker"
        - "traefik.http.middlewares.graylog3.stripprefix.prefixes=/graylog"
        - "traefik.http.middlewares.graylog2.redirectregex.regex=^(.*)/graylog$$"
        - "traefik.http.middlewares.graylog2.redirectregex.replacement=$$1/graylog/"
        - "traefik.http.middlewares.graylog.replacepathregex.regex=^/graylog/(.*)"
        - "traefik.http.middlewares.graylog.replacepathregex.replacement=^/$$1"
        - "traefik.http.routers.graylog.service=graylog"
        - "traefik.http.services.graylog.loadbalancer.server.port=9000"
        - "traefik.docker.network=traefik"
eRIZ
  • 1,477
  • 16
  • 32