我正在为我的 influxdb 设置使用以下 docker compose 文件:
version: '3'
services:
influxdb:
image: influxdb:latest
container_name: influxdb2.0
ports:
- "8083:8083"
- "8086:8086"
volumes:
- ./influxdb/data:/var/lib/influxdb2:rw
- /etc/letsencrypt/live/MY.DOMAIN/fullchain.pem:/etc/ssl/fullchain.pem
- /etc/letsencrypt/live/MY.DOMAIN/privkey.pem:/etc/ssl/privkey.pem
environment:
- INFLUXDB_HTTP_HTTPS_ENABLED=true
- INFLUXDB_HTTP_HTTPS_CERTIFICATE=/etc/ssl/fullchain.pem
- INFLUXDB_HTTP_HTTPS_PRIVATE_KEY=/etc/ssl/privkey.pem
- INFLUXDB_HTTP_LOG_ENABLED=true
但是,当我连接到 influxdb 时,https 未启用。我使用的证书与我的 nginx 网站(在同一台计算机上运行的 MY.DOMAIN)相同的证书,其中证书按预期工作。
docker logs influxdb2.0 | grep http
给我看看那些台词
2023-09-28T10:19:06.570793587Z info found existing boltdb file, skipping setup wrapper {"system": "docker", "bolt_path": "/var/lib/influxdb2/influxd.bolt"}
2023-09-28T10:19:06.607712579Z info found existing boltdb file, skipping setup wrapper {"system": "docker", "bolt_path": "/var/lib/influxdb2/influxd.bolt"}
ts=2023-09-28T10:19:06.726261Z lvl=info msg=Listening log_id=0kYpd4MW000 service=tcp-listener transport=http addr=:8086 port=8086
在这种情况下,应该
transport=http
是 transport=https
吗?我在 influxdb 日志中没有找到任何有关 http 的信息/错误/等。
我应该为我的 influxdb 容器创建一个单独的证书吗?
我认为您只是使用了无效的配置。查看当前文档,看起来您需要设置
tls-cert
和 tls-key
选项。
使用此配置:
volumes:
influxdb_data:
services:
influxdb:
image: docker.io/influxdb:latest
ports:
- "8083:8083"
- "8086:8086"
volumes:
- influxdb_data:/var/lib/influxdb2:rw
- ./certs/fullchain.pem:/etc/ssl/fullchain.pem
- ./certs/privkey.pem:/etc/ssl/privkey.pem
environment:
- INFLUXD_TLS_CERT=/etc/ssl/fullchain.pem
- INFLUXD_TLS_KEY=/etc/ssl/privkey.pem
当我
docker compose up
堆栈时,我看到以下输出:
.
.
.
container-influxdb-1 | ts=2023-09-28T11:54:52.248973Z lvl=info msg=Starting log_id=0kYv6kh0000 service=telemetry interval=8h
container-influxdb-1 | ts=2023-09-28T11:54:52.250707Z lvl=info msg=Listening log_id=0kYv6kh0000 service=tcp-listener transport=https addr=:8086 port=8086
我可以通过运行
curl -k https://localhost:8086
来确认 influxdb 正在使用 TLS:
$ curl -k https://localhost:8086
<!doctype html><html lang="en">
...