Openflow - Bad gateway

Hi @Allan_Zimmermann, I am trying to setup latest openflow in one of the new ubuntu server. I’ve used the below docker-compose configuration. But after I pull and up the docker compose, I receive bad gateway when I open openflow url. I checked all the logs and used google and chatgpt to resolve the issue. But no luck. Any assistance would be useful.

version: "3.3"
services:
  mongodb:
    image: mongo
    restart: always
    command: "--bind_ip_all --replSet rs0"
    environment:
      - MONGO_REPLICA_SET_NAME=rs0
    volumes:
      - mongodb_data:/data/db
  mongosetup:
    image: mongo
    depends_on:
      - mongodb
    restart: "no"
    command: >
      mongosh --host mongodb:27017 --eval
      '
      db = (new Mongo("mongodb:27017")).getDB("openflow");
      config = {
      "_id" : "rs0",
      "members" : [
        {
          "_id" : 0,
          "host" : "mongodb:27017"
        }
      ]
      };
      rs.initiate(config);
      '
  mongoexpress:
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.mongoexpress.rule=Host(`express.of.hci.com`)"
      - "traefik.http.routers.mongoexpress.entrypoints=websecure"
      - "traefik.http.routers.mongoexpress.tls.certresolver=myresolver"
      - "traefik.http.services.mongoexpress.loadbalancer.server.port=8081"
    image: "mongo-express"
    restart: always
    environment:
      - ME_CONFIG_MONGODB_SERVER=mongodb
  traefik:
    image: traefik
    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.web.address=:80"

      - --certificatesresolvers.myresolver.acme.dnschallenge.provider=azure
      - --certificatesresolvers.myresolver.acme.email=rajesh.pn@hci.com
      - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json

    environment:
      - AZURE_CLIENT_ID=
      - AZURE_CLIENT_SECRET=
      - AZURE_SUBSCRIPTION_ID=
      - AZURE_TENANT_ID=
      - AZURE_RESOURCE_GROUP=
      - AZURE_POLLING_INTERVAL=5
      - AZURE_PROPAGATION_TIMEOUT=120
      - AZURE_TTL=30

    ports:
      - "80:80"
      - "443:443"
    restart: always
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "//var/run/docker.sock:/var/run/docker.sock:ro"
  rabbitmq:
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.rabbitmq.rule=Host(`mq.of.hci.com`)"
      - "traefik.http.routers.rabbitmq.entrypoints=websecure"
      - "traefik.http.routers.rabbitmq.tls.certresolver=myresolver"
      - "traefik.http.services.rabbitmq.loadbalancer.server.port=15672"
    image: rabbitmq:3-management
    restart: always
  api:
    labels:
      - traefik.enable=true
      - traefik.frontend.passHostHeader=true
      - traefik.http.routers.http-router.entrypoints=websecure
      - traefik.http.routers.http-router.tls.certresolver=myresolver
      - traefik.http.routers.http-router.rule=Host(`of.hci.com`)
      - traefik.http.routers.http-router.service=http-service
      - traefik.http.services.http-service.loadbalancer.server.port=3000
      - traefik.http.routers.grpc-router.rule=Host(`grpc.of.hci.com`)
      - traefik.http.routers.grpc-router.service=grpc-service
      - traefik.http.routers.grpc-router.entrypoints=websecure
      - traefik.http.routers.grpc-router.tls.certresolver=myresolver
      - traefik.http.services.grpc-service.loadbalancer.server.port=50051
      - traefik.http.services.grpc-service.loadbalancer.server.scheme=h2c

    image: openiap/openflow
    deploy:
      replicas: 1
    pull_policy: always
    restart: always
    volumes:
      - "//var/run/docker.sock:/var/run/docker.sock"
    depends_on:
      - rabbitmq
      - mongodb
    environment:
      - auto_create_users=true
      - auto_create_domains=
      - protocol=https
      - domain=of.hci.com
      - multi_tenant=true
      #- allow_personal_nodered=true

      # uncomment below 2 lines, if you have set replicas above 1
      # - enable_openflow_amqp=true
      # - amqp_prefetch=25
      # uncomment to add agents to the same docker compose project ( will breake running docker compose up -d if any agents running )
      # - agent_docker_use_project=true  

      - agent_oidc_userinfo_endpoint=http://api:3000/oidc/me
      - agent_oidc_issuer=https://of.hci.com/oidc
      - agent_oidc_authorization_endpoint=https://of.hci.com/oidc/auth
      - agent_oidc_token_endpoint=http://api:3000/oidc/token
      - agent_docker_entrypoints=web,websecure
      - agent_docker_certresolver=myresolver

      - amqp_url=amqp://guest:guest@rabbitmq
      - mongodb_url=mongodb://mongodb:27017/?replicaSet=rs0
      - mongodb_db=openflow

      - aes_secret=O1itlrmA47WzxPj95YHD2sZs7IchYaQI25mQ
      
volumes:
  mongodb_data:
    driver: local

Below are the logs screenshots.

sudo docker compose -f docker-compose-letsencrypt.yml -p prod logs api -f

image975×487 131 KB

sudo docker compose -f docker-compose-letsencrypt.yml -p prod logs mongosetup -f

image975×74 47.7 KB

sudo docker compose -f docker-compose-letsencrypt.yml -p prod logs mongodb -f

image1904×163 15.2 KB

you already have a replica set config. You need to delete the old replica set config before you can create a new one, or force update it, to change the host names. Or delete the mongodb datadb_data volume and try again

Please use one of my docker compose files, as a starting template and then try changing one thing at the time, till you get go the setup you want. And don’t start with let’s encrypt, make sure you can make it work without the added complexity first.
Lastly, it’s very bad practice to run docker compose as sudo, please consider following the official guide, including the post install steps.

Thanks for the reply @Allan_Zimmermann , as you said I will delete all images and start from scratch with the plain vanilla version.

Thank you so much @Allan_Zimmermann, starting from scratch and adding one by one worked.

Depends on what sdk or client you want to use.
here is an example using nodered

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.