1. Caddy version (caddy version
):
Docker caddy:2.2.1-alpine
Also tested with v2.4.5
2. How I run Caddy:
Using docker
a. System environment:
Docker system on Ubuntu
b. Command:
docker-compose up
c. compose file:
docker-compose
file:
version: "3.2"
services:
api:
container_name: mapper-api
image: docker-repo-/mapper-api:v1.2.3
volumes:
- /tmp:/host
ports:
- 8008:8008
restart: on-failure
command: serve -dgAddr 172.31.0.2:9080
networks:
- api_net
gw:
container_name: caddy
image: caddy:2.2.1-alpine
volumes:
- /tmp:/host
- ${PWD}/Caddyfile:/etc/caddy/Caddyfile:ro
- ${PWD}/caddy_data:/data
- ${PWD}/caddy_config:/config
ports:
- 443:443
restart: on-failure
networks:
- api_net
networks:
api_net:
driver: bridge
d. My complete Caddyfile or JSON config:
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace the line below with your
# domain name.
grpc.mapper.com
log {
level INFO
}
reverse_proxy {
to h2c://api:8008
transport http {
versions h2c 2
}
}
# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile
3. The problem I’m having:
This configuration worked since Jan 2021.
It listen to port 443 then using h2c
it forward the request to the grpc
server in clear-text.
Last day (Sep 30
) around 5pm GMT grpc
cli started to return error:
{
"error": "14 UNAVAILABLE: failed to connect to all addresses"
}
- I validated the cert and that the port is open (using firefox), and it is open and valid till end of Dec.
- I opened the port to the insecure endpoint (skipping caddy) and the grpc server behaved correctly.
- The dockers was not restarted or changed in the last month
- I wiped the caddy data dir and restarted to get a new cert/reset/whatever. Didn’t helped.
- Restarted other dockers / upgrade caddy to latest. None helped.
4. Error messages and/or full log output:
Reverse proxy to GRPC didn’t yield any logs whatsoever and that’s since I started to use Caddy.
Did tried to change Caddy log level ro DEBUG. nothing changed.
Maybe the log directive in my Caddy is incorrect???
6. Links to relevant resources:
My initial discuss on how to implament h2c
:
Another discussion about h2c
: