SwarmMode when enabled does not pick up the containers ran

Traefik Traefik v2
,
1

Hi I have gotten a issue with traefik. The issue is that after I enable swarmmode without changing anything else so only adding --providers.docker.swarmMode=true will break picking up the containers.


version: "3.8"

networks:

  traefik-public:
    external: true

services:

  main:

    image: traefik:v2.10.3

    ports:
      - 80:80
      - 8081:8080

    networks:
      - traefik-public

    deploy:
      placement:
        constraints:
          - node.role == manager


    labels:
      # traefik
      - traefik.enable=true
      - traefik.docker.network=default
      - traefik.http.routers.traefik.rule=Host(`traefik.hexidev.nl`)
      - traefik.http.services.traefik.loadbalancer.server.port=8080

    restart: unless-stopped

    command:
      - --providers.docker=true
      - --providers.docker.exposedbydefault=false
      - --api.insecure=true
      - --entryPoints.web.address=:80
      # allow ping
      - --ping=true
#      - --providers.docker.swarmmode=true
#      - --providers.docker.swarmMode=true
      - --providers.docker.watch=true
#      - --providers.docker.domain=traefik
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

    healthcheck:
    # Run traefik healthcheck command
    # https://doc.traefik.io/traefik/operations/cli/#healthcheck
    # ! depends on: ping=true
      test: traefik healthcheck --ping
      timeout: 5s
      interval: 15s
      start_period: 10s
      retries: 3
2

Under here is the yml for the container aswell:

version: "3"

networks:
  traefik-public:
    external: true

services:
  hexpredictor:
    image: ghcr.io/hexidevs/hexpredictor:prod
    ports:
      - "3004:3000"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hexpredictor.rule=Host(`hexpredictor.com`)"
      - "traefik.http.routers.hexpredictor.entrypoints=web"
      - "traefik.docker.network=traefik-public"
      - "traefik.port=3004"
    networks:
      - traefik-public
    environment:
      - DEBUG=1
      - NEXTAUTH_URL=https://hexpredictor.com
    deploy:
      placement:
        constraints:
          - "node.role==manager"
3

For Docker Swarm the labels need to go inside deploy section. (Doc)

Furthermore I would set traefik.docker.network to the Docker Swarm overlay network name used. Note that inside compose you need to set network name to not be automatically prefixed by the project name.

4

I have tried this but with no luck:

version: "3"

networks:
  traefik-public:
    external: true

services:
  hexpredictor:
    image: ghcr.io/hexidevs/hexpredictor:prod
    ports:
      - "3004:3000"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hexpredictor.rule=Host(`hexpredictor.com`)"
      - "traefik.http.routers.hexpredictor.entrypoints=web"
      - "traefik.docker.network=traefik-public"
      - "traefik.port=3004"
    networks:
      - traefik-public
    environment:
      - DEBUG=1
      - NEXTAUTH_URL=https://hexpredictor.com
    deploy:
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.hexpredictor.rule=Host(`hexpredictor.com`)"
        - "traefik.http.routers.hexpredictor.entrypoints=web"
        - "traefik.docker.network=traefik-public"
        - "traefik.port=3004"
      placement:
        constraints:
          - "node.role==manager"
5

You need to use docker stack deploy.

This example assumes you only have a single manager node, otherwise LetsEncrypt certificate validation will not work.

version: '3'

services:
  traefik:
    image: traefik:v2.10
    hostname: '{{.Node.Hostname}}'
    ports:
      # listen on host ports without ingress network
      - target: 80
        published: 80
        protocol: tcp
        mode: host
      - target: 443
        published: 443
        protocol: tcp
        mode: host
    networks:
      - proxy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /var/log:/var/log
      - letsencrypt:/letsencrypt
    deploy:
      mode: global
      placement:
        constraints:
          - node.role==manager
      labels:
        - traefik.enable=true
        - traefik.http.routers.mydashboard.rule=Host(`traefik.example.com`)
        - traefik.http.routers.mydashboard.service=api@internal
        - traefik.http.routers.mydashboard.middlewares=myauth
        - traefik.http.services.mydashboard.loadbalancer.server.port=1337
        - traefik.http.middlewares.myauth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/
    command:
      - --api.dashboard=true
      - --log.level=INFO
      #- --log.filepath=/var/log/traefik.log
      - --accesslog=true
      #- --accesslog.filepath=/var/log/traefik-access.log
      - --providers.docker.exposedByDefault=false
      - --providers.docker.network=proxy
      - --providers.docker.swarmMode=true
      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entryPoints.web.http.redirections.entrypoint.scheme=https
      - --entrypoints.websecure.address=:443
      - --entrypoints.websecure.http.tls.certresolver=myresolver
      - --certificatesresolvers.myresolver.acme.email=mail@example.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
      - --certificatesresolvers.myresolver.acme.tlschallenge=true

  whoami:
    image: traefik/whoami:v1.10
    hostname: '{{.Node.Hostname}}'
    networks:
      - proxy
    deploy:
      mode: global
      labels:
        - 'traefik.enable=true'
        - 'traefik.http.routers.whoami.rule=Host(`whoami.example.com`) || PathPrefix(`/whoami`)'
        - 'traefik.http.services.whoami.loadbalancer.server.port=80'

networks:
  proxy:
    name: proxy
    driver: overlay
    attachable: true

volumes:
  letsencrypt:
    name: letsencrypt