te')); return $arr; } /* 遍历用户所有主题 * @param $uid 用户ID * @param int $page 页数 * @param int $pagesize 每页记录条数 * @param bool $desc 排序方式 TRUE降序 FALSE升序 * @param string $key 返回的数组用那一列的值作为 key * @param array $col 查询哪些列 */ function thread_tid_find_by_uid($uid, $page = 1, $pagesize = 1000, $desc = TRUE, $key = 'tid', $col = array()) { if (empty($uid)) return array(); $orderby = TRUE == $desc ? -1 : 1; $arr = thread_tid__find($cond = array('uid' => $uid), array('tid' => $orderby), $page, $pagesize, $key, $col); return $arr; } // 遍历栏目下tid 支持数组 $fid = array(1,2,3) function thread_tid_find_by_fid($fid, $page = 1, $pagesize = 1000, $desc = TRUE) { if (empty($fid)) return array(); $orderby = TRUE == $desc ? -1 : 1; $arr = thread_tid__find($cond = array('fid' => $fid), array('tid' => $orderby), $page, $pagesize, 'tid', array('tid', 'verify_date')); return $arr; } function thread_tid_delete($tid) { if (empty($tid)) return FALSE; $r = thread_tid__delete(array('tid' => $tid)); return $r; } function thread_tid_count() { $n = thread_tid__count(); return $n; } // 统计用户主题数 大数量下严谨使用非主键统计 function thread_uid_count($uid) { $n = thread_tid__count(array('uid' => $uid)); return $n; } // 统计栏目主题数 大数量下严谨使用非主键统计 function thread_fid_count($fid) { $n = thread_tid__count(array('fid' => $fid)); return $n; } ?>docker - NomadConsulTraefik on WSL2 - Stack Overflow

科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>docker - NomadConsulTraefik on WSL2 - Stack Overflow

    docker - NomadConsulTraefik on WSL2 - Stack Overflow

    programmeradmin3浏览0评论

    I've been trying to get a dev setup up revolving around Nomad/Consul with a Traefik reverse proxy, and while Nomad and Consul run fine in dev mode on WSL (Ubuntu 22.04), I'm having issues getting Traefik to work. The job runs, deployes, it gets successfully registered in Consul, but it's producing no logs whatsoever and I can't access the dashboard at all (Connection reset, connection refused, etc.) whatsoever. I'm not super familiar with WSL and I'm assuming it's a networking issue, but I have literally ran out of options. Below are my configs/commands and what I've tried so far.

    nomad-setup.sh (ran this on the WSL VM)

    #!/bin/bash

set -e

exec > >(sudo tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1

HOME_DIR="ubuntu"

# Config bridge and firewall --------------------------------
sudo modprobe bridge
sudo ufw disable || echo "ufw not installed"

# Install common deps ---------------------------------------
sudo apt-get update
sudo apt-get install -y apt-transport-https gpg wget curl coreutils ca-certificates

# Install nomad ---------------------------------------------
sudo wget -O-  | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]  $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install nomad

# Install consul --------------------------------------------
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]  $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install -y consul

# Install CNI -----------------------------------------------
export ARCH_CNI=$( [ $(uname -m) = aarch64 ] && echo arm64 || echo amd64)
export CNI_PLUGIN_VERSION=v1.6.2
sudo curl -L -o cni-plugins.tgz "/${CNI_PLUGIN_VERSION}/cni-plugins-linux-${ARCH_CNI}-${CNI_PLUGIN_VERSION}".tgz
sudo mkdir -p /opt/cni/bin
sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
sudo apt-get update && sudo apt-get install -y consul-cni

# Install Docker
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done

sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL  -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update && sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# Install Temurin ------------------------------------------
sudo wget -qO -  | gpg --dearmor | tee /etc/apt/trusted.gpg.d/adoptium.gpg > /dev/null
sudo echo "deb  $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main" | sudo tee /etc/apt/sources.list.d/adoptium.list
sudo apt-get update && sudo apt-get install -y temurin-21-jdk

# Set ENV variables ------------------------------------------
export NOMAD_ADDR=http://localhost:4646
export JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64

# Install phase finish ---------------------------------------

sudo apt-get clean
echo "Install complete"
sudo systemctl start docker

sleep 3

# Set configs ------------------------------------------------
echo "127.0.0.1 $(hostname)" | sudo tee --append /etc/hosts
DOCKER_BRIDGE_IP_ADDRESS=$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')

if [[ "$(uname -r)" == *"microsoft"* ]]; then
    echo "Detected WSL: Preventing /etc/resolv.conf from being reset..."
    sudo sh -c 'echo "[network]" > /etc/wsl.conf'
    sudo sh -c 'echo "generateResolvConf = false" >> /etc/wsl.conf'
    sudo chattr -i /etc/resolv.conf 2>/dev/null || true
fi

echo "nameserver $DOCKER_BRIDGE_IP_ADDRESS" | sudo tee /etc/resolv.conf.new
cat /etc/resolv.conf | sudo tee --append /etc/resolv.conf.new
sudo mv /etc/resolv.conf.new /etc/resolv.conf

if [[ "$(uname -r)" == *"microsoft"* ]]; then
    sudo chattr +i /etc/resolv.conf
fi

# Set env vars
echo "export NOMAD_ADDR=http://localhost:4646" | sudo tee --append /home/$HOME_DIR/.bashrc
echo "export JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64"  | sudo tee --append /home/$HOME_DIR/.bashrc

# Server setup phase finish -----------------------------------

    Then I run Nomad and Consul with (these work OK and are available on localhost on the Windows environment):

    sudo consul agent -dev -bind 0.0.0.0

    sudo nomad agent -dev -bind 0.0.0.0 -network-interface='{{ GetDefaultInterfaces | attr "name" }}''

    I then run the Traefik job:

    job "traefik" {
  region      = "global"
  datacenters = ["dc1"]
  type        = "service"

  group "traefik" {
    count = 1

    network {
      port  "http"{
        static = 8080
      }
      port  "admin"{
        static = 48080
      }
    }

    service {
      name = "traefik"

      check {
        name     = "alive"
        type     = "tcp"
        port     = "http"
        interval = "10s"
        timeout  = "2s"
      }
    }

    task "server" {
      driver = "docker"
      config {
        image = "traefik:3.3"
        ports = ["http", "admin"]
      }
      artifact {
        source      = "[redacted]traefik/traefik.yml"
        destination = "etc/traefik"
        options {
          filename = "traefik.yml"
        }
      }

      artifact {
        source      = "[redacted]traefik/dynamic.yml"
        destination = "etc/traefik"
        options {
          filename = "dynamic.yml"
        }
      }
    }
  }
}

    At this point Traefik gets discovered by Consul, the health check is successful and it points to the IP address of my WSL VM (e.g. XXX.XXX.XXX.XXX:8080). Accessing it on localhost, however on :48080/dashboard/ gives a connection reset and I see no logs whatsoever in the Nomad allocation (no failures, files are mounted successfully).

    I also tried the below commands to attempt to forward the traffic (since I have no idea at this point):

    sudo netsh interface portproxy add v4tov4 listenport=8080 listenaddress=0.0.0.0 connectport=8080 connectaddress=172.28.199.159

    sudo netsh interface portproxy add v4tov4 listenport=48080 listenaddress=0.0.0.0 connectport=48080 connectaddress=172.28.199.159

    and I added a rule in the firewall for WSL:

    New-NetFirewallRule -DisplayName "WSL" -Direction Inbound  -InterfaceAlias "vEthernet (WSL)"  -Action Allow

    I have also tried setting network_mode = "host" on the Traefik job, but that shows the docker container without ports (so I assume it's incorrect). Bridge network mode doesn't seem to change anything. Docker Desktop is updated/functional and it's running Linux containers.

    This is Traefik's static config:

    api:
    dashboard: true
    insecure: true

accessLog: {}

entryPoints:
    web:
        address: ':8080'
    dashboard:
        address: ':48080'

providers:
    consulCatalog:
        exposedByDefault: false
        connectAware: true
        connectByDefault: true
        endpoint:
            address: 'host.docker.internal:8500'
            scheme: http
    file:
        filename: '/etc/traefik/dynamic.yml'

log:
    level: DEBUG

    The only explanation I come to is that Traefik is not binding to the Windows machine and is remaining bound to the WSL VM (but I have no idea why no logs are produced).

    If anyone has any ideas or sees something wrong, any help would be greatly appreciated.

    I've been trying to get a dev setup up revolving around Nomad/Consul with a Traefik reverse proxy, and while Nomad and Consul run fine in dev mode on WSL (Ubuntu 22.04), I'm having issues getting Traefik to work. The job runs, deployes, it gets successfully registered in Consul, but it's producing no logs whatsoever and I can't access the dashboard at all (Connection reset, connection refused, etc.) whatsoever. I'm not super familiar with WSL and I'm assuming it's a networking issue, but I have literally ran out of options. Below are my configs/commands and what I've tried so far.

    nomad-setup.sh (ran this on the WSL VM)

    #!/bin/bash

set -e

exec > >(sudo tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1

HOME_DIR="ubuntu"

# Config bridge and firewall --------------------------------
sudo modprobe bridge
sudo ufw disable || echo "ufw not installed"

# Install common deps ---------------------------------------
sudo apt-get update
sudo apt-get install -y apt-transport-https gpg wget curl coreutils ca-certificates

# Install nomad ---------------------------------------------
sudo wget -O- https://apt.releases.hashicorp/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install nomad

# Install consul --------------------------------------------
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install -y consul

# Install CNI -----------------------------------------------
export ARCH_CNI=$( [ $(uname -m) = aarch64 ] && echo arm64 || echo amd64)
export CNI_PLUGIN_VERSION=v1.6.2
sudo curl -L -o cni-plugins.tgz "https://github/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/cni-plugins-linux-${ARCH_CNI}-${CNI_PLUGIN_VERSION}".tgz
sudo mkdir -p /opt/cni/bin
sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
sudo apt-get update && sudo apt-get install -y consul-cni

# Install Docker
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done

sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker/linux/ubuntu $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update && sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# Install Temurin ------------------------------------------
sudo wget -qO - https://packages.adoptium/artifactory/api/gpg/key/public | gpg --dearmor | tee /etc/apt/trusted.gpg.d/adoptium.gpg > /dev/null
sudo echo "deb https://packages.adoptium/artifactory/deb $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main" | sudo tee /etc/apt/sources.list.d/adoptium.list
sudo apt-get update && sudo apt-get install -y temurin-21-jdk

# Set ENV variables ------------------------------------------
export NOMAD_ADDR=http://localhost:4646
export JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64

# Install phase finish ---------------------------------------

sudo apt-get clean
echo "Install complete"
sudo systemctl start docker

sleep 3

# Set configs ------------------------------------------------
echo "127.0.0.1 $(hostname)" | sudo tee --append /etc/hosts
DOCKER_BRIDGE_IP_ADDRESS=$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')

if [[ "$(uname -r)" == *"microsoft"* ]]; then
    echo "Detected WSL: Preventing /etc/resolv.conf from being reset..."
    sudo sh -c 'echo "[network]" > /etc/wsl.conf'
    sudo sh -c 'echo "generateResolvConf = false" >> /etc/wsl.conf'
    sudo chattr -i /etc/resolv.conf 2>/dev/null || true
fi

echo "nameserver $DOCKER_BRIDGE_IP_ADDRESS" | sudo tee /etc/resolv.conf.new
cat /etc/resolv.conf | sudo tee --append /etc/resolv.conf.new
sudo mv /etc/resolv.conf.new /etc/resolv.conf

if [[ "$(uname -r)" == *"microsoft"* ]]; then
    sudo chattr +i /etc/resolv.conf
fi

# Set env vars
echo "export NOMAD_ADDR=http://localhost:4646" | sudo tee --append /home/$HOME_DIR/.bashrc
echo "export JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64"  | sudo tee --append /home/$HOME_DIR/.bashrc

# Server setup phase finish -----------------------------------

    Then I run Nomad and Consul with (these work OK and are available on localhost on the Windows environment):

    sudo consul agent -dev -bind 0.0.0.0

    sudo nomad agent -dev -bind 0.0.0.0 -network-interface='{{ GetDefaultInterfaces | attr "name" }}''

    I then run the Traefik job:

    job "traefik" {
  region      = "global"
  datacenters = ["dc1"]
  type        = "service"

  group "traefik" {
    count = 1

    network {
      port  "http"{
        static = 8080
      }
      port  "admin"{
        static = 48080
      }
    }

    service {
      name = "traefik"

      check {
        name     = "alive"
        type     = "tcp"
        port     = "http"
        interval = "10s"
        timeout  = "2s"
      }
    }

    task "server" {
      driver = "docker"
      config {
        image = "traefik:3.3"
        ports = ["http", "admin"]
      }
      artifact {
        source      = "[redacted]traefik/traefik.yml"
        destination = "etc/traefik"
        options {
          filename = "traefik.yml"
        }
      }

      artifact {
        source      = "[redacted]traefik/dynamic.yml"
        destination = "etc/traefik"
        options {
          filename = "dynamic.yml"
        }
      }
    }
  }
}

    At this point Traefik gets discovered by Consul, the health check is successful and it points to the IP address of my WSL VM (e.g. XXX.XXX.XXX.XXX:8080). Accessing it on localhost, however on :48080/dashboard/ gives a connection reset and I see no logs whatsoever in the Nomad allocation (no failures, files are mounted successfully).

    I also tried the below commands to attempt to forward the traffic (since I have no idea at this point):

    sudo netsh interface portproxy add v4tov4 listenport=8080 listenaddress=0.0.0.0 connectport=8080 connectaddress=172.28.199.159

    sudo netsh interface portproxy add v4tov4 listenport=48080 listenaddress=0.0.0.0 connectport=48080 connectaddress=172.28.199.159

    and I added a rule in the firewall for WSL:

    New-NetFirewallRule -DisplayName "WSL" -Direction Inbound  -InterfaceAlias "vEthernet (WSL)"  -Action Allow

    I have also tried setting network_mode = "host" on the Traefik job, but that shows the docker container without ports (so I assume it's incorrect). Bridge network mode doesn't seem to change anything. Docker Desktop is updated/functional and it's running Linux containers.

    This is Traefik's static config:

    api:
    dashboard: true
    insecure: true

accessLog: {}

entryPoints:
    web:
        address: ':8080'
    dashboard:
        address: ':48080'

providers:
    consulCatalog:
        exposedByDefault: false
        connectAware: true
        connectByDefault: true
        endpoint:
            address: 'host.docker.internal:8500'
            scheme: http
    file:
        filename: '/etc/traefik/dynamic.yml'

log:
    level: DEBUG

    The only explanation I come to is that Traefik is not binding to the Windows machine and is remaining bound to the WSL VM (but I have no idea why no logs are produced).

    If anyone has any ideas or sees something wrong, any help would be greatly appreciated.

    • docker
    • windows-subsystem-for-linux
    • traefik
    • consul
    • nomad
    Share Improve this question asked Feb 17 at 19:20 Emil AvramovEmil Avramov 476 bronze badges 2
    • Windows, WSL, Nomad, Consul and Traefik. Trying to run a bunch of Linux server tools on Window and WSL will probably not work without inflicting a lot of developer pain. Why would you try to do this? Why not use a Linux machine directly? – bluepuma77 Commented 2 days ago
    • I'm planning to deploy a nomad cluster with consul and java microservices in a cloud setup, and just want to have a setup close to that for dev purposes. If we take Traefik out of the picture (since I have no idea how to get it working), everything else seems to be working properly locally. – Emil Avramov Commented 2 days ago
    Add a comment  | 

    1 Answer 1

    Reset to default 1

    So apparently it was a WSL networking issue and a Nomad/Traefik issue, two in one.

    I had to mount the traefik config files from Nomad to Docker like:

            volumes = [
          "etc/traefik/traefik.yml:/etc/traefik/traefik.yml",
          "etc/traefik/dynamic.yml:/etc/traefik/dynamic.yml"
        ]

    Then I had to remove the port forwarding since Nomad does automatic NAT translation when bound to 0.0.0.0, then bind the ports in the hcl setup so that Nomad can handle that: ports = ["admin", "http"]

    That results in Traefik being available on the WSL IP address (not localhost, as it's not found to 0.0.0.0) and is able to handle incoming traffic.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论