Setting Up Traefik as a Reverse Proxy with Docker
Welcome to our comprehensive tutorial on integrating Traefik, a modern reverse proxy, with Dockerized applications. This guide is crafted to assist developers in setting up Traefik to manage and route traffic to multiple services seamlessly.
Introduction
Traefik streamlines the deployment of microservices by automatically configuring itself. Its dynamic nature makes it an ideal choice for modern, containerized applications. Here, we'll demonstrate how to set up Traefik as a reverse proxy for various Docker services.
Project Structure
Our setup includes a dedicated Traefik directory and individual directories for each application:
Traefik Directory: Contains Traefik's Docker Compose file, configuration file, and SSL certificate file.
Application Directories: Each service has its own directory with a Docker Compose file.
Part 1: Setting Up Traefik
Step 1: Creating Configuration Files
Navigate to your Traefik directory (/myproject/traefik/
). Here, create the following files:
Docker-Compose File (
docker-compose.yml
):version: '3.8' services: traefik: image: traefik:v2.5 command: - "--log.level=ERROR" - "--entryPoints.web.address=:80" - "--entryPoints.web-secure.address=:443" - "--providers.docker=true" - "--providers.docker.exposedByDefault=false" - "--providers.docker.network=traefik_web" - "--certificatesResolvers.sample.acme.httpChallenge.entryPoint=web" - "--certificatesResolvers.sample.acme.httpChallenge=true" - "--certificatesResolvers.sample.acme.email=youremail@example.com" - "--certificatesResolvers.sample.acme.storage=acme.json" ports: - "80:80" - "443:443" volumes: - "/var/run/docker.sock:/var/run/docker.sock" - "./traefik.toml:/etc/traefik/traefik.toml" - "./acme.json:/acme.json" networks: - web networks: web: driver: bridge
Traefik Configuration File (
traefik.toml
):[log] level = "ERROR" [entryPoints] [entryPoints.web] address = ":80" [entryPoints.web-secure] address = ":443" [providers] [providers.docker] exposedByDefault = false network = "traefik_web" [certificatesResolvers.sample.acme] email = "youremail@example.com" storage = "acme.json" [certificatesResolvers.sample.acme.httpChallenge] entryPoint = "web"
SSL Certificate File (
acme.json
):touch acme.json chmod 600 acme.json
Step 2: Launching Traefik
Run docker-compose up -d
to start Traefik and establish the web
network.
Part 2: Configuring Applications
Step 1: Application Docker Compose Setup
Each application, such as app1
, should have a docker-compose.yml
in its directory (/myproject/app1/
). Here's an example:
version: '3.8'
services:
app1:
image: app1_image
labels:
- "traefik.http.routers.app1.rule=Host(`app1.mydomain.com`)"
- "traefik.enable=true"
- "traefik.http.services.app1.loadbalancer.server.port=3000"
networks:
- web
networks:
web:
external: true
Repeat this for each service, adjusting service names, image sources, Traefik labels, and ports.
Step 2: Networking with Traefik
After deploying Traefik, use docker network ls
to find the Traefik network (traefik_web
). Update each application's Docker Compose file to reference this network.
Step 3: Deploying the Services
Deploy each application by navigating to its directory and running docker-compose up -d
.
Part 3: DNS Configuration and Security
Set up DNS records for each service's subdomain to point to your server. Traefik will manage SSL certificates for each subdomain via Let's Encrypt, ensuring secure connections.
Wrapping Up
You have now successfully configured Traefik to act as a reverse proxy for your Dockerized services. This setup not only enhances your application's performance but also streamlines its scalability and maintainability.
Feel free to adapt and expand upon this setup to suit your specific needs. Happy coding! ๐๐ณ