Hello!
I followed the Traefik Swarm tutorial from dockerswarm.rocks (https://dockerswarm.rocks/traefik/).
I have my Traefik proxies and my apps set as global deployments (1 proxy and 1 app per node).
However, my cluster lies in multiple zones for HA reasons (One node in SF, another in NYC and another in London).
The problem is that each Traefik proxy routes to any of the app backends, independently of whether they're hosted on the same node or 5000kms away.
I'd like Traefik to route to the app backend on the same node and possibly to the app backend on another node if the one on the same node is down. Is it possible to do so in a simple manner?
Here's my traefik config:
version: '3.3'
services:
consul-leader:
image: consul
command: agent -server -client=0.0.0.0 -bootstrap -ui
volumes:
- consul-data-leader:/consul/data
environment:
- CONSUL_BIND_INTERFACE=eth0
- 'CONSUL_LOCAL_CONFIG={"leave_on_terminate": true}'
networks:
- default
- traefik-public
deploy:
labels:
- traefik.frontend.rule=Host:consul.mydomain.com
- traefik.enable=true
- traefik.port=8500
- traefik.tags=${TRAEFIK_PUBLIC_TAG:-traefik-public}
- traefik.docker.network=traefik-public
# Traefik service that listens to HTTP
- traefik.redirectorservice.frontend.entryPoints=http
- traefik.redirectorservice.frontend.redirect.entryPoint=https
# Traefik service that listens to HTTPS
- traefik.webservice.frontend.entryPoints=https
- traefik.frontend.auth.basic.users=${USERNAME?Variable USERNAME not set}:${HASHED_PASSWORD?Variable HASHED_PASSWORD not set}
consul-replica:
image: consul
command: agent -server -client=0.0.0.0 -retry-join="consul-leader"
volumes:
- consul-data-replica:/consul/data
environment:
- CONSUL_BIND_INTERFACE=eth0
- 'CONSUL_LOCAL_CONFIG={"leave_on_terminate": true}'
networks:
- default
- traefik-public
deploy:
replicas: 3
placement:
preferences:
- spread: node.id
traefik:
image: traefik:v1.7
ports:
- target: 80
published: 80
mode: host
- target: 443
published: 443
mode: host
deploy:
mode: global
placement:
constraints:
- node.role == manager
labels:
- traefik.frontend.rule=Host:traefik.mydomain.com
- traefik.enable=true
- traefik.port=8080
- traefik.tags=traefik-public
- traefik.docker.network=traefik-public
# Traefik service that listens to HTTP
- traefik.redirectorservice.frontend.entryPoints=http
- traefik.redirectorservice.frontend.redirect.entryPoint=https
# Traefik service that listens to HTTPS
- traefik.webservice.frontend.entryPoints=https
- traefik.frontend.auth.basic.users=${USERNAME?Variable USERNAME not set}:${HASHED_PASSWORD?Variable HASHED_PASSWORD not set}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: >
--docker
--docker.swarmmode
--docker.watch
--docker.exposedbydefault=false
--constraints=tag==traefik-public
--entrypoints='Name:http Address::80'
--entrypoints='Name:https Address::443 TLS'
--consul
--consul.endpoint="consul-leader:8500"
--acme
--acme.email=${EMAIL?Variable EMAIL not set}
--acme.storage="traefik/acme/account"
--acme.entryPoint=https
--acme.httpChallenge.entryPoint=http
--acme.onhostrule=true
--acme.acmelogging=true
--logLevel=INFO
--accessLog
--api
networks:
- default
- traefik-public
depends_on:
- consul-leader
volumes:
consul-data-leader:
consul-data-replica:
networks:
traefik-public:
external: true
and here's my app config
version: '3.3'
networks:
apps:
external: true
traefik-public:
external: true
services:
frontend:
image: registry.gitlab.com/myfrontendimage
deploy:
mode: global
labels:
- traefik.backend=frontend
- traefik.frontend.rule=Host:stagingfrontend.mydomain.com
- traefik.enable=true
- traefik.port=80
- traefik.docker.network=traefik-public
# Traefik service that listens to HTTP
- traefik.redirectorservice.frontend.entryPoints=http
- traefik.redirectorservice.frontend.redirect.entryPoint=https
# Traefik service that listens to HTTPS
- traefik.webservice.frontend.entryPoints=https
- traefik.tags=${TRAEFIK_PUBLIC_TAG:-traefik-public}
networks:
- apps
- traefik-public
Thank you!