Traefik is an open source reverse proxy and load balancer that allows you to deploy services easy.
In my docker swarm I use traefik (Version 2) as my reverse proxy for all of my services (Even homeassistant which isnt running on my swarm). In this guide I will be teaching you how to install traefik Version 2 so you can use it on your dockerswarm
- The first thing you will need to do is to create the traefik network, In this guide the Directory I have used is /var/data/config/traefik and in this directory I have a file called traefik.yml. The file contains the following
version: "3.2" services: scratch: image: scratch deploy: replicas: 0 networks: - public networks: public: driver: overlay attachable: true ipam: config: - subnet: 172.16.200.0/24
This creates a network that allows traefik to attach itself to.
- You will need to start preparing your traefik files. The directory I have used is /var/data/config/traefikv2/ In this directory I have 2 files.
[global] checkNewVersion = true # Enable the Dashboard [api] dashboard = true # Write out Traefik logs [log] level = "DEBUG" [entryPoints.http] address = ":80" [entryPoints.http.http.redirections.entryPoint] scheme = "https" [entryPoints.https] address = ":443" [entryPoints.https.http.tls] certResolver = "main" # Docker Traefik provider [providers.docker] endpoint = "unix:///var/run/docker.sock" swarmMode = true watch = true exposedbydefault = true network = "traefik_public"
version: "3.8" services: traefik: image: traefik:latest ports: - "80:80" - "8080:8080" # traefik dashboard - "443:443" volumes: - /var/run/docker.sock:/var/run/docker.sock - /var/data/config/traefikv2:/etc/traefik networks: - traefik_public deploy: labels: - "traefik.docker.network=traefik_public" - "traefik.http.routers.api.rule=Host(`traefik.example.com`)" - "traefik.http.routers.api.service=api@internal" - "traefik.http.services.api.loadbalancer.server.port=9999" networks: traefik_public: external: true
So now all you will need to edit is the Host so matches your domain. Then you will need to create an A record in your DNS host for traefik.domain.com and point it at the public IP of the network the device is running on. I must warn you that at this point you do not have any authentication setup so once you deploy the service anyone is able to access your website. In the future I will be publishing a guide on how to protect your services using authelia
- Now it is time to deploy your services. First you will need to deploy the network using
docker stack deploy -c traefik /var/data/config/traefik/traefik.yml, wait until it has deployed then deploy traefikv2 using
docker stack deploy -c traefikv2 /var/data/config/traefikv2/traefikv2. You will be able to view the status of the services by running
docker stack ps traefikv2
If you enjoyed this post and wish to support me you can do so below
Joining my community. Where you can keep updated on future posts and possible ideas
Becoming a Patreon
Making a one time Donation
Support and Donations are greatly appreciated and helps with the costs of this blog + other projects that I create.
Thanks for Reading