in our setup we use the latest traefik as reverse-proxy which has routes to a demo confluence and a keycloak server.
traefik
| |
confluence keycloak
Each application has it's own docker-compose file and is started separately.
Traefik defines a virtual network, confluence and keycloak are also in this network. With the correct DNS settings it is possible for a user to access traefik, confluence and keycloak. It works as expected.
To use the keycloak web SSO system it is necessary the confluence system is able to access keycloak and vice versa using the FQDN and HTTPS using traefik. This does not work.
It is possible to connect to the services directly (we suppose that's due to the shared network), but if we i.e. connect to the keycloak container and do something like
curl -k https://confluence.our.domain -v
we can see a connection to the docker-host is done (the IP matches) but traefik seems not to do any routing.
If we connect to the keycloak container and do
curl -k -v -H 'Host: confluence.our.domain' https://traefik
the routing is done.
Any suggestions, what we are doing wrong or what we should check out?
Any help is appreciated, Christoph