Hello,

In my docker-compose file where I published a sql image I added this:
labels:
- “traefik.enable=true”
- “traefik.http.routers.trading.rule=Host(host1.domain1.org)”
- “traefik.http.routers.trading.tls=true”
- “traefik.http.routers.trading.tls.certresolver=lets-encrypt”
- “traefik.http.routers.trading.entrypoints=websecure”
ports:
- “1403:1433”

After this I added a new image with
labels:
- “traefik.enable=true”
- “traefik.http.routers.trading1.rule=Host(host2.domain1.org)”
- “traefik.http.routers.trading1.tls=true”
- “traefik.http.routers.trading1.tls.certresolver=lets-encrypt”
- “traefik.http.routers.trading1.entrypoints=websecure”
ports:
- “1402:1433”

Now with this configuration I expect to be able to connect to host2.domain1.org on port 1402
and to host1.domain1.org on port 1403, but connection to host2 on port 1403 should be refused.
Unfortunately host2 on port 1403 is responding. Any idea what I’m doing wrong? Thank you.

Hello,

with the ports-configuration within the docker-compose.yml you are able to access the containers directly without using traefik. Therefore the rules are not applicable in this case.
Therefore you have to access you server using traefik’s ports - as I don’t know the docker-compose.yml for your traefik-contaienr I don’t know which ports you have to use.
And I guess you have to add labels to your application-containers specifying which port traefik should forward the traffic to (1433 in your case).

Your database is probably not using http, so you need a tcp router and service.

You should not use compose ports as that exposed the service on the host, circumventing any potential Traefik security middlewares. Instead use Docker Network, ports are reachable within, set loadbalancer.server.port to indicate the internal port to use.

Compare to simple Traefik example.

PS: use 3 backticks before and after config/code to improve readability.