Can I use configFile with Dynamic Configuration?

In Traefik v1, we can specify a --configFile with Docker labels for general configuration and app-specific configuration respectively.

Could we do this in v2? I tried with --configFile but it ignores all Docker labels in v2.

Any ideas?

My traefik.toml:

[global]
  sendAnonymousUsage = false


[providers.docker]
  endpoint = "unix:///var/run/docker.sock"
  # watch = true
  exposedByDefault = false
  swarmMode = true
  network = "traefik"

[log]

level = "DEBUG"

[entryPoints]
  [entryPoints.web]
    address = ":80"

  [entryPoints.websecure]
    address = ":443"

# [retry]

[certificatesResolvers.le.acme]
  email = "xxx@xxx.com"
  storage = "/etc/traefik/conf/acme.json"
  [certificatesResolvers.le.acme.httpChallenge]
    # used during the challenge
    entryPoint = "web"

[api]
  dashboard = true
  insecure = true

Hello,

Docker labels can only be defined on containers, so I think you mixed some concepts.

--configFile allows (in v1 and v2) to define a path to the static configuration.

With the v2:

Your traefik.toml file is right, but you need to provide more information about how you launch Traefik.

1 Like

Thanks for your help!

I am actually migrating Traefik from v1 to v2 (on swarm).

The docker-compose.yml looks like:

version: "3"

services:
  proxy:
    image: traefik:v2.1 # The official Traefik docker image
    command: --configFile=/etc/traefik/traefik.toml
    # command: # Note: If I use these command flags, it can work.
    #   - --entrypoints.web.address=:80
    #   - --entrypoints.websecure.address=:443
    #   - --providers.docker
    #   - --providers.docker.network=traefik
    #   - --api.insecure # Don't do that in production
    #   - --certificatesresolvers.le.acme.email=my1@email1.com
    #   - --certificatesresolvers.le.acme.storage=/etc/traefik/conf/acme.json
    #   - --certificatesresolvers.le.acme.httpchallenge=true
    ports:
      - "80:80" # The HTTP port
      - "8080:8080"
      - 443:443
      - "5001:443" # Needed for SNI challenge
      - "5002:80" # Needed for HTTP challenge
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /root/traefik/traefik_config/traefik.toml:/etc/traefik/traefik.toml # When use command line flags, I removed this line.
      - /root/traefik/traefik_config/acme.json:/etc/traefik/conf/acme.json:rw
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      traefik: {}
    labels:
      - "traefik.enable=true"
      # Dashboard API
      - "traefik.http.routers.traefik-dashboard-api.entrypoints=web"
      - "traefik.http.routers.traefik-dashboard-api.rule=Host(`somehost.example.com`) && PathPrefix(`/api`)"
      - "traefik.http.routers.traefik-dashboard-api.service=api@internal"
      # Dashboard UI
      - "traefik.http.routers.traefik-dashboard-ui.entrypoints=web"
      - "traefik.http.routers.traefik-dashboard-ui.rule=Host(`somehost.example.com`) && PathPrefix(`/`)"
      - "traefik.http.routers.traefik-dashboard-ui.service=dashboard@internal"
  whoami:
    image: "containous/whoami"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.example.com`)"
      - "traefik.http.routers.whoami.entrypoints=web"
      - "traefik.http.services.whoami2.loadbalancer.server.port=80"
    networks:
      traefik: {}

networks:
  traefik:
    external: true

If I use command line flags rather than a config file, it can work.

As I already said, with v2 you cannot mix CLI flags and file to define your static configuration, you have to choose one source of configuration.

You also don't need to use --configFile= if your traefik.toml file is placed in the right path (see https://docs.traefik.io/v2.1/getting-started/configuration-overview/#configuration-file)
But this don't remove the previous restriction.

  • Static configuration from traefik.toml file:
version: "3"

services:
  proxy:
    image: traefik:v2.1
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /root/traefik/traefik_config/traefik.toml:/etc/traefik/traefik.toml
      - /root/traefik/traefik_config/acme.json:/etc/traefik/conf/acme.json:rw
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      traefik: {}
    deploy:
      labels:
        traefik.enable: true
        # Dashboard and API
        traefik.http.routers.traefik-dashboard-api.entrypoints: web
        traefik.http.routers.traefik-dashboard-api.rule: Host(`somehost.example.com`)
        traefik.http.routers.traefik-dashboard-api.service: api@internal

  whoami:
    image: containous/whoami
    deploy:
      labels:
        traefik.enable: true
        traefik.http.routers.whoami.rule: Host(`whoami.example.com`)
        traefik.http.routers.whoami.entrypoints: web
    networks:
      traefik: {}

networks:
  traefik:
    external: true
  • Static configuration from CLI flags:
version: "3"

services:
  proxy:
    image: traefik:v2.1
    command: >
      --api
      --log.level=INFO
      --entryPoints.web.address=:80
      --entryPoints.websecure.address=:443
      --providers.docker.endpoint=unix:///var/run/docker.sock
      --providers.docker.exposedByDefault=false
      --providers.docker.swarmMode
      --providers.docker.network=traefik
      --certificatesResolvers.le.acme.email=xxx@xxx.com
      --certificatesResolvers.le.acme.storage=/etc/traefik/conf/acme.json
      --certificatesResolvers.le.acme.httpChallenge.entryPoint=web
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /root/traefik/traefik_config/acme.json:/etc/traefik/conf/acme.json:rw
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      traefik: {}
    deploy:
      labels:
        traefik.enable: true
        # Dashboard and API
        traefik.http.routers.traefik-dashboard-api.entrypoints: web
        traefik.http.routers.traefik-dashboard-api.rule: Host(`somehost.example.com`)
        traefik.http.routers.traefik-dashboard-api.service: api@internal

  whoami:
    image: containous/whoami
    deploy:
      labels:
        traefik.enable: true
        traefik.http.routers.whoami.rule: Host(`whoami.example.com`)
        traefik.http.routers.whoami.entrypoints: web
    networks:
      traefik: {}

networks:
  traefik:
    external: true
1 Like

Thanks for your kind explanation.

Sorry, I should be clear:
The real question is, if I use CLI flags, everything would work; if I use a config file, every defined routers and services disappear:

My docker version: Docker version 18.06.1-ce, build e68fc7a

In this case, I only have internal routers and services.

I wonder why all the docker labels are ignored while using a config file.

You are using Traefik in swarmMode so the labels must be placed in the deploy section.

Your current CLI flags are not equivalent of your current file.

Take a look to my previous post.

1 Like

Thanks! It should be very close to the root cause. I really appreciate your help!

I tried to put labels under the deploy section but it still does not work for me.

I will keep investigating this issue and post any update here.

Thank you! I eventually found the root cause:

Registers a port. Useful when the container exposes multiples ports.
Mandatory for Docker Swarm (see the section "Port Detection with Docker Swarm").

Reference: https://docs.traefik.io/v2.0/routing/providers/docker/#services

The port is required even if I am referring to a service.

By reading the logs: port is missing.

Sample solution for my case:

    deploy:
      labels:
        traefik.enable: "true"
        # Dashboard API
        traefik.http.routers.traefik-dashboard-api.entrypoints: web
        traefik.http.routers.traefik-dashboard-api.rule: Host(`traefik-dashboard.example.com`) && PathPrefix(`/api`)
        traefik.http.routers.traefik-dashboard-api.service: api@internal
        traefik.http.services.traefik-dashboard-api.loadbalancer.server.port: 8080
        # Dashboard UI
        traefik.http.routers.traefik-dashboard-ui.entrypoints: web
        traefik.http.routers.traefik-dashboard-ui.rule: Host(`traefik-dashboard.example.com`) && PathPrefix(`/`)
        traefik.http.routers.traefik-dashboard-ui.service: dashboard@internal
        traefik.http.services.traefik-dashboard-ui.loadbalancer.server.port: 8080