Dealing with containers that have separate http/https traefik routers

[Lebowski89]

Hello,

Have set up Traefik-kop, and successfully connected a Redis instance to an existing Traefik v3. But none of the containers on the traefik-kop machine are successfully being registered by Traefik. When I read the logs for Traefik-kop, I see:

time="2025-01-18T10:18:31Z" level=info msg="refreshing traefik-kop configuration"
time="2025-01-18T10:18:31Z" level=info msg="publishing http://172.21.0.4:9000" service=portainer-rtr-secure-svc@docker service-type=http
time="2025-01-18T10:18:31Z" level=info msg="publishing http://172.21.0.4:9000" service=portainer-rtr-svc@docker service-type=http
time="2025-01-18T10:18:31Z" level=warning msg="router portainer-rtr@docker has no TLS cert resolver" service=portainer-rtr-svc@docker service-type=http
time="2025-01-18T10:18:31Z" level=warning msg="router portainer-api-rtr@docker has no TLS cert resolver" service-type=http service=portainer-rtr-svc@docker
time="2025-01-18T10:18:31Z" level=info msg="publishing http://172.21.0.3:8181" service=tautulli-rtr-secure-svc@docker service-type=http
time="2025-01-18T10:18:31Z" level=info msg="publishing http://172.21.0.3:8181" service-type=http service=tautulli-rtr-svc@docker
time="2025-01-18T10:18:31Z" level=warning msg="router tautulli-api-rtr@docker has no TLS cert resolver" service=tautulli-rtr-svc@docker service-type=http
time="2025-01-18T10:18:31Z" level=warning msg="router tautulli-rtr@docker has no TLS cert resolver" service-type=http service=tautulli-rtr-svc@docker
time="2025-01-18T10:18:31Z" level=info msg="publishing http://172.21.0.2:8282" service-type=http service=wrapperr-rtr-secure-svc@docker
time="2025-01-18T10:18:31Z" level=info msg="publishing http://172.21.0.2:8282" service=wrapperr-rtr-svc@docker service-type=http
time="2025-01-18T10:18:31Z" level=warning msg="router wrapperr-rtr@docker has no TLS cert resolver" service=wrapperr-rtr-svc@docker service-type=http

My docker containers (including those on the same machine as Traefik) all have separate routers for http/https, http-api/https-api and so on. For example, my Tautulli:

traefik.docker.network: traefik_proxy
traefik.enable: true

  ## http-router (tautulli-rtr)
traefik.http.routers.tautulli-rtr.entrypoints: http
traefik.http.routers.tautulli-rtr.middlewares: globalHeaders@file,autodetect@docker,gzip@docker,robotHeaders@file,redirect-to-https@docker,cloudflarewarp@docker,authelia@docker
traefik.http.routers.tautulli-rtr.priority: 20
traefik.http.routers.tautulli-rtr.rule: Host(`tautulli.<mydomain>.com`)
traefik.http.routers.tautulli-rtr.service: tautulli-rtr-svc
traefik.http.services.tautulli-rtr-svc.loadbalancer.server.port: 8181

  ## https-router (tautulli-rtr-secure):
traefik.http.routers.tautulli-rtr-secure.entrypoints: https
traefik.http.routers.tautulli-rtr-secure.middlewares: globalHeaders@file,autodetect@docker,gzip@docker,robotHeaders@file,secureHeaders@file,hsts@file,cloudflarewarp@docker,authelia@docker,themepark-tautulli
traefik.http.routers.tautulli-rtr-secure.priority: 20
traefik.http.routers.tautulli-rtr-secure.rule: Host(`tautulli.<mydomain>.com`)
traefik.http.routers.tautulli-rtr-secure.service: tautulli-rtr-secure-svc
traefik.http.routers.tautulli-rtr-secure.tls.certresolver: dns-cloudflare
traefik.http.routers.tautulli-rtr-secure.tls.options: tls-opts@file
traefik.http.services.tautulli-rtr-secure-svc.loadbalancer.server.port: 8181

  ## http-api-router (tautulli-api-rtr):
traefik.http.routers.tautulli-api-rtr.entrypoints: http
traefik.http.routers.tautulli-api-rtr.middlewares: globalHeaders@file,autodetect@docker,gzip@docker,robotHeaders@file,redirect-to-https@docker,cloudflarewarp@docker
traefik.http.routers.tautulli-api-rtr.priority: 30
traefik.http.routers.tautulli-api-rtr.rule | Host(`tautulli.<mydomain>.com`) && (PathPrefix(`/api`) | PathPrefix(`/newsletter`) |  PathPrefix(`/image`) | PathPrefix(`/pms_image_proxy`))
traefik.http.routers.tautulli-api-rtr.service: tautulli-rtr-svc

  ## https-api-router (tautulli-api-rtr-secure):
traefik.http.routers.tautulli-api-rtr-secure.entrypoints: https
traefik.http.routers.tautulli-api-rtr-secure.middlewares: globalHeaders@file,autodetect@docker,gzip@docker,robotHeaders@file,secureHeaders@file,hsts@file,cloudflarewarp@docker
traefik.http.routers.tautulli-api-rtr-secure.priority: 30
traefik.http.routers.tautulli-api-rtr-secure.rule: Host(`tautulli.<mydomain>.com`) && (PathPrefix(`/api`) | PathPrefix(`/newsletter`) |  PathPrefix(`/image`) | PathPrefix(`/pms_image_proxy`))
traefik.http.routers.tautulli-api-rtr-secure.service: tautulli-rtr-secure-svc
traefik.http.routers.tautulli-api-rtr-secure.tls.certresolver: dns-cloudflare
traefik.http.routers.tautulli-api-rtr-secure.tls.options: tls-opts@file

  ## themepark
traefik.http.middlewares.themepark-tautulli.plugin.themepark.app: tautulli
traefik.http.middlewares.themepark-tautulli.plugin.themepark.theme: hotpink

Traefik-Kop is set-up via ansible:

- name: Create traefik-kop container
  community.docker.docker_container:
    name: '{{ traefik_kop_defaults_name }}'
    image: '{{ traefik_kop_defaults_image_repo }}:{{ traefik_kop_defaults_image_tag }}'
    networks:
      - name: '{{ network_backend }}'
      - name: '{{ socket_proxy_network }}'
      - name: '{{ traefik_proxy_network }}'  (there's are separate traefik docker bridge networks on both machines)
    env:
      DOCKER_HOST: '{{ socket_proxy_endpoint }}'
      REDIS_ADDR: '{{ traefik_kop_redis_addr }}'
      REDIS_PASS: '{{ traefik_kop_redis_pass }}'
      BIND_IP: '{{ traefik_kop_bind_ip }}'
    restart_policy: '{{ traefik_kop_defaults_restart_policy }}'

Have a missed some config step? None of the containers on the traefik-kop machine are appearing in the traefik dashboard.

[chetan]

Your config looks good at first. Can you try enabling the debug flag? It will show you what is being written to redis by kop. If you don't see anything then something is amiss.