Hi @qnlbnsl ! Sorry for the delay here.
Looks like I was finally able to tame this
Here is what I got:
---
version: '3.4'
services:
weaviate:
command:
- --host
- 0.0.0.0
- --port
- '8080'
- --scheme
- http
image: semitechnologies/weaviate:1.23.5
#ports:
# - 8081:8080 # unsafe http
# - 50052:50051 # unsafe grpc
volumes:
- weaviate_data:/var/lib/weaviate
restart: on-failure:0
environment:
QUERY_DEFAULTS_LIMIT: 25
AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: 'true'
PERSISTENCE_DATA_PATH: '/var/lib/weaviate'
DEFAULT_VECTORIZER_MODULE: 'none'
ENABLE_MODULES: 'text2vec-cohere,text2vec-huggingface,text2vec-palm,text2vec-openai,generative-openai,generative-cohere,generative-palm,ref2vec-centroid,reranker-cohere,qna-openai'
CLUSTER_HOSTNAME: 'node1'
labels:
- "traefik.enable=true"
# http
- "traefik.http.services.weaviate_http_service.loadbalancer.server.port=8080"
- "traefik.http.routers.weaviate_http_router.rule=Host(`weaviate.mydomain.com`)"
- "traefik.http.routers.weaviate_http_router.entrypoints=websecure"
- "traefik.http.routers.weaviate_http_router.service=weaviate_http_service"
- "traefik.http.routers.weaviate_http_router.tls.certresolver=myresolver"
# grpc
- "traefik.http.services.weaviate_grpc_service.loadbalancer.server.scheme=h2c"
- "traefik.http.services.weaviate_grpc_service.loadbalancer.server.port=50051"
- "traefik.http.routers.weaviate_grpc_router.rule=Host(`grpc.weaviate.mydomain.com`)"
- "traefik.http.routers.weaviate_grpc_router.entrypoints=grpc"
- "traefik.http.routers.weaviate_grpc_router.service=weaviate_grpc_service"
- "traefik.http.routers.weaviate_grpc_router.tls.certresolver=myresolver"
traefik:
image: "traefik:v2.11"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.grpc.address=:50051"
- "--providers.docker"
- "--api"
# - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.email=your@mydomain.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "50051:50051"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
volumes:
weaviate_data:
...
and her how you can test your connections:
# it should be listening http in port 80, redirecting to 443
❯ curl http://weaviate.mydomain.com/v1/nodes
Moved Permanently%
# -L will follow redirects
❯ curl -L http://weaviate.mydomain.com/v1/nodes
{"nodes":[{"batchStats":{"queueLength":0,"ratePerSecond":0},"gitHash":"6aeae65","name":"node1","shards":null,"stats":{"objectCount":0,"shardCount":0},"status":"HEALTHY","version":"1.23.5"}]}
# also directly in https:
❯ curl https://weaviate. mydomain.com/v1/nodes
{"nodes":[{"batchStats":{"queueLength":0,"ratePerSecond":0},"gitHash":"6aeae65","name":"node1","shards":null,"stats":{"objectCount":1,"shardCount":1},"status":"HEALTHY","version":"1.23.5"}]}
# lets test our grpc connection
❯ wget https://raw.githubusercontent.com/grpc/grpc/master/src/proto/grpc/health/v1/health.proto
❯ grpcurl -d '{"service": "Weaviate"}' -proto health.proto grpc.weaviate.mydomain.com:50051 grpc.health.v1.Health/Check
{
"status": "SERVING"
}
Let me know if that helps 