error while deploying traefik on new server #412

New Issue

codegod100 · 2023-02-13T07:59:24Z

codegod100 commented

2023-02-13 07:59:24 +00:00

vanilla install and getting

�2023-02-13T07:55:57.882754796Z time="2023-02-13T07:55:57Z" level=info msg="Configuration loaded from file: /etc/traefik/traefik.yml"
�2023-02-13T07:55:57.882963653Z time="2023-02-13T07:55:57Z" level=info msg="Traefik version 2.9.6 built on 2022-12-07T14:17:58Z"
�2023-02-13T07:55:57.884926860Z time="2023-02-13T07:55:57Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
�2023-02-13T07:55:57.889189990Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider aggregator aggregator.ProviderAggregator"
m2023-02-13T07:55:57.889474845Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *file.Provider"
p2023-02-13T07:55:57.891519005Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *traefik.Provider"
o2023-02-13T07:55:57.924586149Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *docker.Provider"
u2023-02-13T07:55:57.925227167Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *acme.ChallengeTLSALPN"
m2023-02-13T07:55:57.925573187Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *acme.Provider"
�2023-02-13T07:55:57.925794839Z time="2023-02-13T07:55:57Z" level=info msg="Testing certificate renew..." ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=production.acme
m2023-02-13T07:55:57.927076052Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *acme.Provider"
�2023-02-13T07:55:57.927215250Z time="2023-02-13T07:55:57Z" level=info msg="Testing certificate renew..." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme
�2023-02-13T07:56:43.491852612Z time="2023-02-13T07:56:43Z" level=error msg="building router handler: unknown TLS options: default@file" entryPointName=web-secure routerName=traefik_cloud_vera_pink@docker
�2023-02-13T07:56:43.492947553Z time="2023-02-13T07:56:43Z" level=error msg="unknown TLS options: default@file" routerName=traefik_cloud_vera_pink@docker entryPointName=web-secure

vanilla install and getting ``` �2023-02-13T07:55:57.882754796Z time="2023-02-13T07:55:57Z" level=info msg="Configuration loaded from file: /etc/traefik/traefik.yml" �2023-02-13T07:55:57.882963653Z time="2023-02-13T07:55:57Z" level=info msg="Traefik version 2.9.6 built on 2022-12-07T14:17:58Z" �2023-02-13T07:55:57.884926860Z time="2023-02-13T07:55:57Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n" �2023-02-13T07:55:57.889189990Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider aggregator aggregator.ProviderAggregator" m2023-02-13T07:55:57.889474845Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *file.Provider" p2023-02-13T07:55:57.891519005Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *traefik.Provider" o2023-02-13T07:55:57.924586149Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *docker.Provider" u2023-02-13T07:55:57.925227167Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *acme.ChallengeTLSALPN" m2023-02-13T07:55:57.925573187Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *acme.Provider" �2023-02-13T07:55:57.925794839Z time="2023-02-13T07:55:57Z" level=info msg="Testing certificate renew..." ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=production.acme m2023-02-13T07:55:57.927076052Z time="2023-02-13T07:55:57Z" level=info msg="Starting provider *acme.Provider" �2023-02-13T07:55:57.927215250Z time="2023-02-13T07:55:57Z" level=info msg="Testing certificate renew..." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme �2023-02-13T07:56:43.491852612Z time="2023-02-13T07:56:43Z" level=error msg="building router handler: unknown TLS options: default@file" entryPointName=web-secure routerName=traefik_cloud_vera_pink@docker �2023-02-13T07:56:43.492947553Z time="2023-02-13T07:56:43Z" level=error msg="unknown TLS options: default@file" routerName=traefik_cloud_vera_pink@docker entryPointName=web-secure ```

codegod100 added the

bug

label 2023-02-13 07:59:24 +00:00

codegod100 referenced this issue

2023-02-13 08:20:44 +00:00

App deployed but not displaying when I visit url #415

codegod100 commented

2023-02-13 08:28:59 +00:00

Is traefik supposed to be serving a web app on the traefik app domain in addition to routing traffic? If it is, then it is failing to do its job and I'm not sure what I'm doing wrong

decentral1se commented

2023-02-13 08:32:01 +00:00

Hmmmmm nice, thanks for reporting. Someone also reported that a new setup ran into this issue. I have this version of traefik deployed elsewhere and things are working, so not sure what the cause could be atm. Will dig into this later today.

decentral1se referenced this issue

2023-02-13 08:35:06 +00:00

App deployed but not displaying when I visit url #415

decentral1se referenced this issue

2023-02-13 10:08:16 +00:00

App deployed but not displaying when I visit url #415

decentral1se commented

2023-02-13 10:13:55 +00:00

OK, down the rabbit hole we went. Here are the findings:

diff --git a/compose.yml b/compose.yml
index c018c7d..deebebb 100644
--- a/compose.yml
+++ b/compose.yml
@@ -44,7 +44,6 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "traefik.http.routers.${STACK_NAME}.tls.options=default@file"
         - "traefik.http.routers.${STACK_NAME}.service=api@internal"
         - "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
         - "coop-cloud.${STACK_NAME}.version=2.0.3+v2.9.6"

Makes shit work again. I undeployed an existing deployed of traefik on an older version, upgraded it and couldn't reproduce the error. Then I made some other config change and redeployed, then the error started happening. I think existing traefik deployments might be somehow caching the config.

Once I could reproduce, I removed the line and redeployed. Then shit worked. I could see in e.g. https://traefik.example.com/dashboard/#/http/routers/stack_name@docker that the TLS options were still getting loaded from the default namespace.

https://community.traefik.io/t/msg-unknown-tls-options-tls-opts-file/15704 seems to suggest that the new parser doesn't accept default@file on the labels because every container will get these defaults when routing via traefik. This is because we have file configuration set via b6bb286282/traefik.yml.tmpl (L12).

There seems to be some controversial discussion re: how to set TLS options reliably via the docke provider https://community.traefik.io/t/reliably-set-tls-options-with-the-docker-provider/14022.

TLDR; I think deleting this line is The Fix. This did work for @codegod100.

OK, down the rabbit hole we went. Here are the findings: ```diff diff --git a/compose.yml b/compose.yml index c018c7d..deebebb 100644 --- a/compose.yml +++ b/compose.yml @@ -44,7 +44,6 @@ services: - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - - "traefik.http.routers.${STACK_NAME}.tls.options=default@file" - "traefik.http.routers.${STACK_NAME}.service=api@internal" - "traefik.http.routers.${STACK_NAME}.middlewares=security@file" - "coop-cloud.${STACK_NAME}.version=2.0.3+v2.9.6" ``` Makes shit work again. I undeployed an existing deployed of traefik on an older version, upgraded it and couldn't reproduce the error. Then I made some other config change and redeployed, then the error started happening. I think existing traefik deployments might be somehow caching the config. Once I could reproduce, I removed the line and redeployed. Then shit worked. I could see in e.g. https://traefik.example.com/dashboard/#/http/routers/stack_name@docker that the TLS options were still getting loaded from the `default` namespace. https://community.traefik.io/t/msg-unknown-tls-options-tls-opts-file/15704 seems to suggest that the new parser doesn't accept `default@file` on the labels because every container will get these defaults when routing via traefik. This is because we have file configuration set via https://git.coopcloud.tech/coop-cloud/traefik/src/commit/b6bb28628277459990d23922ebdf9156acfcce88/traefik.yml.tmpl#L12. There seems to be some controversial discussion re: how to set TLS options reliably via the docke provider https://community.traefik.io/t/reliably-set-tls-options-with-the-docker-provider/14022. TLDR; I think deleting this line is The Fix. This did work for @codegod100.

decentral1se referenced this issue from a commit

2023-02-13 10:17:13 +00:00

fix: remove invalid tls label

decentral1se referenced this issue from coop-cloud/traefik

2023-02-13 10:17:36 +00:00

fix: remove invalid tls label #40

decentral1se commented

2023-02-14 06:56:09 +00:00

coop-cloud/traefik#40 is merged and the new traefik version is out, so hopefully this is fixed for new deployments! let's see...

https://git.coopcloud.tech/coop-cloud/traefik/pulls/40 is merged and the new traefik version is out, so hopefully this is fixed for new deployments! let's see...

🎉 1

decentral1se closed this issue

2023-02-14 06:56:14 +00:00

Sign in to join this conversation.

No Milestone

No project

No Assignees

2 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/organising#412