Before I start configuring docker swarm I wanted to make sure I’m doing the right thing. So, containers in docker swarm can be deployed locally or to the swarm. If Traefik is configured for docker swarm will is “see” the local containers (containers not deployed to the swarm)?
Containers can be deployed independently or in docker swarm.
Once again thank you so much for your help. Not what I wanted to hear but it saved me a ton of time
If the swarm mode cannot be a separate provider, so it could co-exist with a regular docker mode then maybe there could be a workaround with a distributed deployment? Have one traefik instance run in docker provider mode to pick up container labels. Have another one in swarm mode for service labels. And then build a dynamic routing config for the actual reverse proxy instance.
a) directly by expose config via internal debug API or
b) middleware - API to generate a dynamic routing config json from the different treaefik instances
Maybe this fails into the Enterprise product category though, but the API middleware should be a couple hours of work if someone might find it useful.
Thanks odt. This is way over my head but the distributed deployment seems interesting. Will have to read about it a little more.
Basically I have two hosts. Each of them is running docker. I wanted to have few services accessible from outside but some of them are on host A and some on Host B. You can call it manual load balancing
I thought about swarm but looks like docker swarm is going away in a year or two so deploying it probably doesn’t make sense right now. Kubernetes looks like a decent solution too but it will take some time to figure it out.
Seems there is no easy and quick solution that would fit my case.
You're welcome. I think in the end it's about doing what makes the most sense vs. effort. As we already have attached labels to our containers for traefik I don't think it is very efficient to go for another KV store or Kubernetes altogether for solving this fairly common use-case of having several independent nodes behind the same reverse proxy.
I have a compose which is mostly self contained with only one container publishing ports. I was able to include this in my swarm + traefik in this manner:
- In the swarm stack create an overlay network that is attachable.
- Do the usual things in this stack.
- Connect the standalone container to the network.
- Update traefik to use a file-provider to access the standalone container.
Here is a representative configuration:
version: "3.8" networks: traefik: attachable: true name: traefik configs: dynamic-file.yaml: file: ./dynamic-file.yaml services: traefik-r: image: "traefik:v2.3" command: - --entrypoints.web.address=:80 - --entrypoints.web.http.redirections.entryPoint.to=websecure - --entrypoints.web.http.redirections.entryPoint.scheme=https - --entrypoints.web.http.redirections.entrypoint.permanent=true - --entrypoints.websecure.address=:443 - --entrypoints.websecure.http.tls=true - --providers.file=true - --providers.file.filename=/dynamic-file.yaml - --providers.docker=true - --providers.docker.swarmMode=true - --providers.docker.exposedbydefault=false - --api - --accesslog=true - --accesslog.format=json configs: - dynamic-file.yaml deploy: placement: constraints: - node.id == s4oymnon9yc06ldxvzo2lzxgi labels: traefik.enable: "true" traefik.http.routers.api.rule: Host(`traefik.example.com`) traefik.http.routers.api.service: api@internal traefik.http.routers.api.middlewares: dashboard-auth traefik.http.services.dummy.loadBalancer.server.port: 65535 traefik.http.middlewares.dashboard-auth.basicauth.users: test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/ networks: - traefik ports: - "80:80" - "443:443" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" whoami: image: containous/whoami command: --name swarm deploy: replicas: 2 labels: traefik.enable: "true" traefik.http.routers.whoami.rule: PathPrefix(`/`) traefik.http.services.whoami.loadBalancer.server.port: 80 networks: - traefik
http: routers: some-name: rule: Host(`standalone.example.com`) service: some-name services: some-name: loadBalancer: servers: - url: http://standalone
version: "3.8" networks: traefik: external: true services: standalone: image: containous/whoami command: --name standalone networks: - traefik
08:33 $ docker stack deploy --compose-file stack.yaml mytraefikstack Creating network traefik Creating config mytraefikstack_dynamic-file.yaml Creating service mytraefikstack_traefik-r Creating service mytraefikstack_whoami 08:33 $ docker-compose up -d WARNING: The Docker Engine you're using is running in swarm mode. Compose does not use swarm mode to deploy services to multiple nodes in a swarm. All containers will be scheduled on the current node. To deploy your application across the swarm, use `docker stack deploy`. Creating swarmtraefik_standalone_1 ... done
test swarm whoami
curl -k https://localhost Name: swarm Hostname: 3fa79f4758ab IP: 127.0.0.1 IP: 10.0.4.7 IP: 172.19.0.4 RemoteAddr: 10.0.4.3:34808 GET / HTTP/1.1 Host: localhost User-Agent: curl/7.68.0 Accept: */* Accept-Encoding: gzip X-Forwarded-For: 10.0.0.2 X-Forwarded-Host: localhost X-Forwarded-Port: 443 X-Forwarded-Proto: https X-Forwarded-Server: f1926a7d8160 X-Real-Ip: 10.0.0.2 09:10 $ curl -k https://localhost Name: swarm Hostname: 24781fcb0866 IP: 127.0.0.1 IP: 10.0.4.6 IP: 172.19.0.5 RemoteAddr: 10.0.4.3:33332 GET / HTTP/1.1 Host: localhost User-Agent: curl/7.68.0 Accept: */* Accept-Encoding: gzip X-Forwarded-For: 10.0.0.2 X-Forwarded-Host: localhost X-Forwarded-Port: 443 X-Forwarded-Proto: https X-Forwarded-Server: f1926a7d8160 X-Real-Ip: 10.0.0.2
09:10 $ curl -k https://standalone.example.com --resolve standalone.example.com:443:127.0.0.1 Name: standalone Hostname: 6e539b86e69d IP: 127.0.0.1 IP: 10.0.4.8 IP: 172.19.0.6 RemoteAddr: 10.0.4.3:39500 GET / HTTP/1.1 Host: standalone.example.com User-Agent: curl/7.68.0 Accept: */* Accept-Encoding: gzip X-Forwarded-For: 10.0.0.2 X-Forwarded-Host: standalone.example.com X-Forwarded-Port: 443 X-Forwarded-Proto: https X-Forwarded-Server: f1926a7d8160 X-Real-Ip: 10.0.0.2
Not sure where you are seeing this. Mirantis in 2020 have committed to continue developing swarm.
I just started reading up on the distributed deployment and if I understand it correctly it will do exactly what I need. Just to verify my take on the idea. I install Traefik on Host A and Host B than create the KV store, configure it and that’s it? Since I’m still new to Traefik I will have to find some sample configs to wrap my head around it but it really seems like a perfect solution.
I watched this video (Is Docker Swarm Dead 💀 - 2020 - YouTube). Looked legit so I didn't investigate further.
Awesome, thank you so much for sharing this. Sample configs is what I understand Let me see if I can figure this out.
You're welcome. I'll answer any question if you have them.
Swarm will continue.
link to the official source