Hi,
I’ve been trying to get Graylog 3 (in Docker Swarm) to run behind a reverse proxy, but I keep getting 502 Bad Gateway response.
I can see request in the Traefik access log: 172.18.0.1 - - [15/Apr/2020:01:33:55 +0000] "GET / HTTP/1.1" 502 11 "-" "-" 176 "graylog@docker" "http://10.0.0.10:9000" 21031ms
Graylog works ok if I set GRAYLOG_HTTP_EXTERNAL_URI=http://localhost:9000 and bypass Traefik.
You should be able to replicate this issue using my configuration on your local swarm.
Traefik and Graylog communicate on external overlay network called proxy. You can create it with: docker network create -d overlay --attachable proxy
Traefik docker compose file
version: "3.7"
services:
reverse-proxy:
image: traefik:v2.2.0
networks:
- proxy
- traefik-docker
deploy:
labels:
# dashboard login admin/admin
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`proxy.localhost`)"
- "traefik.http.routers.api.entrypoints=web"
- "traefik.http.routers.api.service=api@internal"
- "traefik.http.routers.api.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=admin:$$2y$$05$$lHKn.9m1Ga4nMHssU0ihteUv8KrTywiULJwpD/Kq3mvvG9rAFwa6e"
# Dummy service for Swarm port detection. The port can be any valid integer value.
- "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"
ports:
- target: 80
published: 80
protocol: tcp
mode: host
volumes:
- ".:/opt/traefik/"
- "./conf/traefik.yml:/etc/traefik/traefik.yml"
dockersocket:
image: tecnativa/docker-socket-proxy
networks:
- traefik-docker
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- NETWORKS=1
- SERVICES=1
- TASKS=1
networks:
proxy:
external: true
name: proxy
traefik-docker:
driver: overlay
driver_opts:
encrypted: 'true'
Traefik static config conf/traefik.yml
entryPoints:
web:
address: ":80"
api:
dashboard: true
providers:
docker:
swarmMode: true
exposedByDefault: false
endpoint: 'http://dockersocket:2375'
log:
level: INFO
filePath: /opt/traefik/logs/traefik.log
accessLog:
filePath: /opt/traefik/logs/access.log
Graylog docker-compose file.
version: '3.7'
services:
# MongoDB: https://hub.docker.com/_/mongo/
mongo:
image: mongo:3
networks:
- graylog
volumes:
- mongo_data:/data/db
# Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/6.x/docker.html
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.5
volumes:
- es_data:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=localhost
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Xms512m -Xmx1024m"
deploy:
resources:
limits:
memory: 1g
networks:
- graylog
# Graylog: https://hub.docker.com/r/graylog/graylog/
graylog:
image: graylog/graylog:3.2
volumes:
- graylog_journal:/usr/share/graylog/data/journal
environment:
- GRAYLOG_PASSWORD_SECRET:y98bRV3eKwYRFij8gEO9qROITGrJyzij3fJWWWqXDObkmCuFkJuPWeD0FlbRIxwkhcVFrhrnLt4cw1tri5I9bqcMeJOa43LL
# Graylog login admin/password
- GRAYLOG_ROOT_PASSWORD_SHA2=5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
- GRAYLOG_HTTP_EXTERNAL_URI=http://logs.localhost/
- GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:9000
networks:
- graylog
- proxy
depends_on:
- mongo
- elasticsearch
deploy:
labels:
- "traefik.enable=true"
- "traefik.http.routers.graylog.rule=Host(`logs.localhost`)"
- "traefik.http.routers.graylog.entrypoints=web"
- "traefik.http.routers.graylog.service=graylog"
- "traefik.http.services.graylog.loadbalancer.server.port=9000"
- "traefik.http.routers.graylog.middlewares=graylog-header"
- "traefik.http.middlewares.graylog-header.headers.customresponseheaders.X-Graylog-Server-URL=http://logs.localhost/"
ports:
# Graylog web interface and REST API
- 9000:9000
# Syslog TCP
- 1514:1514
# Beats TCP
- 5044:5044
# Syslog UDP
- 1514:1514/udp
# GELF TCP
- 12201:12201
# GELF UDP
- 12201:12201/udp
networks:
proxy:
external: true
name: proxy
graylog:
driver: overlay
volumes:
mongo_data:
driver: local
es_data:
driver: local
graylog_journal:
driver: local
Any suggestions would be greatly appreciated.