How to set up Traefik on docker-swarm

Posted on Views:
如何架設 Traefik 在 docker-swarm mode

Traefik

Prerequisite

Docker swarm

1
2
3
docker swarm init

docker network create -d overlay endpoint

Installation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# stack.yml
version: "3"

services:
  traefik:
    image: traefik
    networks:
      - endpoint
    ports:
      # The http port
      - "80:80"
      # The https port
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./traefik.yml:/etc/traefik/traefik.yml
      - ./certs:/certs:ro
    deploy:
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.dashboard.rule=Host(`traefik.h365.asia`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
        - "traefik.http.routers.dashboard.tls=false"
        - "traefik.http.routers.dashboard.service=api@internal"
        - "[email protected]=8080"

networks:
  endpoint:
    external: true

run with docker

1
docker stack deploy -c stack.yml http

Configuration

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

api:
  insecure: false
  # enable dashboard
  dashboard: true
  debug: false

entryPoints:
  web:
    address: ":80"

  websecure:
    address: ":443"
    proxyProtocol:
      insecure: true
    forwardedHeaders:
      insecure: true

providers:
  # turn on listen docker container and enabled swarm mode
  docker:
    watch: true
    exposedByDefault: false
    swarmMode: true

# set up traefik's logs, you can change log level
log:
  level: INFO
  format: json

# set up traefik's received all request logs writes to console
accessLog:
  format: json
  fields:
    defaultMode: keep
    names:
      ClientUsername: drop
    headers:
      defaultMode: keep
      names:
        # drop Authorization, it is sensitive data
        Authorization: drop

Examples

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# stack.yml
version: "3"

services:
  whoami:
    image: containous/whoami
    networks:
      - endpoint
    deploy:
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.whoami.service=whoami@docker"
        - "traefik.http.services.whoami.loadbalancer.server.port=80"
        - "traefik.http.routers.whoami.rule=Host(`whoami`)"

networks:
  endpoint:
    external: true

Run

1
docker stack deploy -c stack.yml test

Test

1
curl -H 'Host: whoami' localhost