I wrote a compose file, below, to host a traefik instance for my docker swarm. For monitoring, I would like to have best practices from you. As you can see, I set jaeger and prometheus for metrics and tracing, but I am not sure how can I use the data. I thank in advance!
services:
traefik:
image: traefik:v2.11.2
command:
- "--api.dashboard=true"
- "--providers.docker.swarmMode=true"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.network=mynetwork"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.transport.respondingTimeouts.idleTimeout=3600"
- "--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true"
- "--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencryptresolver.acme.storage=/etc/traefik/letsencrypt/acme.json"
- "--certificatesresolvers.letsencryptresolver.acme.email=brunolnetto@gmail.com"
- "--certificatesresolvers.letsencryptresolver.acme.dnschallenge=true"
- "--log.level=DEBUG"
- "--log.format=common"
- "--log.filePath=/var/log/traefik/traefik.log"
- "--accesslog=true"
- "--accesslog.filepath=/var/log/traefik/access-log"
- "--metrics.prometheus=true" # Enable Prometheus metrics
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
- "--tracing.jaeger=true" # Enable Jaeger tracing
- "--tracing.jaeger.samplingType=const"
- "--tracing.jaeger.samplingParam=1"
- "--tracing.jaeger.localAgentHostPort=jaeger:6831"
volumes:
- "vol_certificates:/etc/traefik/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- mynetwork
ports:
- target: 80
published: 80
mode: host
- target: 443
published: 443
mode: host
- target: 8082 # Expose Prometheus metrics
published: 8082
mode: host
deploy:
placement:
constraints:
- node.role == manager
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=Host(`traefik.example.com`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls.certresolver=letsencryptresolver"
- "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"
- "traefik.http.routers.dashboard.middlewares=myauth"
- "traefik.http.middlewares.myauth.basicauth.users=test:$$2y$$05$v6a8xMtNFcXLVdbFHJKXEu6snabo96X2vqNAdoDi3L9kqpfVQNj.u"
volumes:
vol_shared:
external: true
name: volume_swarm_shared
vol_certificates:
external: true
name: volume_swarm_certificates
networks:
mynetwork:
external: true
attachable: true