Cannot proxy to docker containers

1. Caddy version (caddy version):

v2.0.0 h1:pQSaIJGFluFvu8KDGDODV8u4/QRED/OPyIR+MWYYse8=

2. What I want to do and what does not work:

Summary: I would like to use caddy (running in a docker container) as a proxy to other docker containers. All containers run in their own network srv.

I started a test container which responds to a HTTP call:

docker run -ti --rm --name hello --network srv vad1mo/hello-world-rest
(...)
[main] INFO ratpack.server.RatpackServer - Ratpack started (development) for http://localhost:5050

I started Caddy in its container, on the same network

~ # docker run -ti --rm --name proxy --network srv -v $PWD/Caddyfile-new:/etc/caddy/Caddyfile -p 1400:80 caddy
2020/06/29 11:59:47.765 INFO    using provided configuration    {"config_file": "/etc/caddy/Caddyfile", "config_adapter": "caddyfile"}
2020/06/29 11:59:47.772 INFO    admin   admin endpoint started  {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2020/06/29 11:59:47 [INFO][cache:0xc0002b5ae0] Started certificate maintenance routine
2020/06/29 11:59:47.774 INFO    http    server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server {"server_name": "srv0", "http_port": 80}
2020/06/29 11:59:47.776 INFO    tls     cleaned up storage units
2020/06/29 11:59:47.788 DEBUG   http    starting server loop    {"address": "0.0.0.0:80", "http3": false, "tls": false}
2020/06/29 11:59:47.790 INFO    autosaved config        {"file": "/config/caddy/autosave.json"}
2020/06/29 11:59:47.790 INFO    serving initial configuration

The configuration file is

{
  debug
}

http://hello.mumu.mimi {
  reverse_proxy hello:5050
}

I then tried, from the host (192.168.10.2, this is the place where I am doing all the tests and which holds the docker daemon), to call the test container:

~ # curl -H http://hello.mumu.mimi 192.168.10.2:1400
~ #    

The response is empty, there is no other line added to the log (i.e. the log is like the one above, with 2020/06/29 11:59:47.790 INFO serving initial configuration as the last line).

Debugging

I connected to the caddy container to see how things look like from its perspective:

~ # docker exec -it proxy sh
/srv # apk add curl
(...)
OK: 7 MiB in 19 packages
/srv # curl hello:5050
/ - Hello World! Host:f787755091d1/172.19.0.2/srv #

I also checked that Caddy indeed sees my config file (still from within the container):

/srv # cat /etc/caddy/Caddyfile
{
  debug
}

http://hello.mumu.mimi {
  reverse_proxy hello:5050
}

The loaded config also seems OK:

/srv # curl localhost:2019/config/ | jq
{
  "apps": {
    "http": {
      "servers": {
        "srv0": {
          "automatic_https": {
            "skip": [
              "hello.mumu.mimi"
            ]
          },
          "listen": [
            ":80"
          ],
          "routes": [
            {
              "handle": [
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "handler": "reverse_proxy",
                          "upstreams": [
                            {
                              "dial": "hello:5050"
                            }
                          ]
                        }
                      ],
                      "match": [
                        {
                          "path": [
                            "/"
                          ]
                        }
                      ]
                    }
                  ]
                }
              ],
              "match": [
                {
                  "host": [
                    "hello.mumu.mimi"
                  ]
                }
              ],
              "terminal": true
            }
          ]
        }
      }
    }
  },
  "logging": {
    "logs": {
      "default": {
        "level": "DEBUG"
      }
    }
  }
}

The proxy does not work either from within the container:

/srv # curl -H http://hello.mumu.mimi localhost
/srv # curl -H http://hello.mumu.mimi localhost:80
/srv #

So caddy sees hello, has it configured, and hello responds to a HTTP call.

I am lost at that point because there are no even logs in Caddy showing the incoming call.

You can add the log directive to your site block to enable access logs.

How does it look with curl -v?

What if you remove http:// from your -H curl option? I think Caddy might not expect the scheme in the hostname (when not part of the URL)

2 Likes

Look, I do not know how this happens - but every time you reply to a question of mine I have a oh shit eureka moment when I realize I my mistake.

So yes, passing the correct header ("Host:hello.mumu.mimi") helps… :neutral_face:

~ # curl -H "Host:hello.mumu.mimi" 192.168.10.2:1400 -v                                                                root@srv
* Rebuilt URL to: 192.168.10.2:1400/
*   Trying 192.168.10.2...
* TCP_NODELAY set
* Connected to 192.168.10.2 (192.168.10.2) port 1400 (#0)
> GET / HTTP/1.1
> Host:hello.mumu.mimi
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: text/plain;charset=UTF-8
< Server: Caddy
< Date: Mon, 29 Jun 2020 13:48:43 GMT
< Content-Length: 45
<
* Connection #0 to host 192.168.10.2 left intact
/ - Hello World! Host:f787755091d1/172.19.0.2#                      

I swear that I already explained loud the problem to my cat but it was apparently not enough

THANK YOU

2 Likes

2 Likes

In my case that would be rather

20200629_161901

but yes, that’s the idea :slightly_smiling_face:

3 Likes