Is traefik installed inside or outside of Docker Swarm

I am new to traefik and reverse proxy so this question may seem to be a bit basic. Let say i buld a docker swarm setup taht looks like this:

Now my containers are spawned randomly between my 3 managers. And if one of my managers breaks down(power outage, network failure, attacked by gremlings...) the containers are spawned on one of the other managers. So to try to solve this issue I want to use a Traefik. But is traefik installed in the swarm or on a host outside of the swarm. And if it should be installed in the swarm do I install it on a certaion node with node.hostname==<hostname> and just route all trafik to my swarm to that node?

We use Docker Swarm and have Traefik running on all 3 manager nodes. Traefik needs to run on the manager to be able to use Traefik Docker Configuration Discovery. Furthermore we have servers for the apps/services and the DB.

You should make sure to run Traefik on a manager node, you can use a placement constraint for that. If you want it running on a single dedicated machine, you can use another constraint for that.

Having a single Traefik instance makes it easier with DNS. You just point your domain to the single IP of your Traefik server. LetsEncrypt works very well that way.

The issue is high availability. When the Traefik node dies, everything is offline. We have a managed load balancer in front of our 3 Traefik instances to ensure high availability. We use purchased TLS certs, as LetsEncrypt is a bit problematic with distributed Traefik.

So it really depends on your setup and what you want to achieve, if high availability is important to you.

1 Like

If a node dies, it is easy the re-schedule an app container to a different node. But how do you handle your databases? Are the files on a separate file share?

Yes I mapped files/static_folders and databse volumes to our main file-share.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.