Traefik is a modern HTTP reverse proxy and load balancer for microservices. Traefik makes all microservices deployment easy, integrated with existing infrastructure components such as Docker, Swarm Mode, Kubernetes, Amazon ECS, Rancher, Etcd, Consul etc.if(typeof ez_ad_units!='undefined')ez_ad_units.push([[728,90],'howtoforge_com-box-3','ezslot_9',106,'0','0']);__ez_fad_position('div-gpt-ad-howtoforge_com-box-3-0');Traefik serves as a router for all your microservices applications, routing all client requests to correct microservices destination.var cid='5498581296';var pid='ca-pub-3043223216276099';var slotId='div-gpt-ad-howtoforge_com-medrectangle-3-0';var ffid=1;var alS=1021%1000;var container=document.getElementById(slotId);var ins=document.createElement('ins');ins.id=slotId+'-asloaded';ins.className='adsbygoogle ezasloaded';ins.dataset.adClient=pid;ins.dataset.adChannel=cid;ins.style.display='block';ins.style.minWidth=container.attributes.ezaw.value+'px';ins.style.width='100%';ins.style.height=container.attributes.ezah.value+'px';container.style.maxHeight=container.style.minHeight+'px';container.style.maxWidth=container.style.minWidth+'px';container.appendChild(ins);(adsbygoogle=window.adsbygoogle[]).push();window.ezoSTPixelAdd(slotId,'stat_source_id',44);window.ezoSTPixelAdd(slotId,'adsensetype',1);var lo=new MutationObserver(window.ezaslEvent);lo.observe(document.getElementById(slotId+'-asloaded'),attributes:true);In this tutorial, I will show you step by step how to install and configure Traefik modern reverse proxy as a Docker container on Ubuntu 18.04 LTS (Bionic Beaver).PrerequisitesUbuntu 18.04Root privilegesWhat we will do?Install Docker on Ubuntu 18.04Install Docker ComposeCreate Custom Docker NetworkInstall and Configure TraefikTestingStep 1 - Install Docker on Ubuntu 18.04For this guide, we will be using the latest docker version that can be installed from the official docker repository.Add the docker key and repository using the command below.curl -fsSL sudo apt-key add -sudo add-apt-repository \ "deb [arch=amd64] \ $(lsb_release -cs) \ stable"The 'add-apt-repository' command will automatically update all repositories.(adsbygoogle=window.adsbygoogle[]).push();Now install the latest docker-ce.sudo apt install docker-ceAfter the installation is complete, start the docker service and enable it to launch everytime at system boot.systemctl start dockersystemctl enable dockerThe docker community-edition has been installed on Ubuntu 18.04 system, check the installed docker version.if(typeof ez_ad_units!='undefined')ez_ad_units.push([[580,400],'howtoforge_com-medrectangle-4','ezslot_2',108,'0','0']);__ez_fad_position('div-gpt-ad-howtoforge_com-medrectangle-4-0');docker versionAdditional: Running Docker for non-root userDocker container can be run under the non-root user. We just need to add the user to the docker group.Add 'mohammad' user.useradd -m -s /bin/bash mohammadNow add the 'mohammad' user to the docker group, then restart the docker service.usermod -a -G docker mohammadsystemctl restart dockerTest by running the docker hello-world.if(typeof ez_ad_units!='undefined')ez_ad_units.push([[580,400],'howtoforge_com-box-4','ezslot_7',110,'0','0']);__ez_fad_position('div-gpt-ad-howtoforge_com-box-4-0');docker run -it hello-worldAnd following is the result.Step 2 - Install Docker ComposeDocker-Compose is a command line tool for defining and managing multi-container docker applications.Docker Compose is a python script, it can be installed with the python pip command or with the apt command from Ubuntu repository easily. With compose, we can run multiple Docker containers with a single command.Install docker compose from the repository using the apt command below.sudo apt install docker-composeAfter the installation is complete, check the docker compose version.docker-compose versionThe docker compose 1.17 has been installed on Ubuntu 18.04.Step 3 - Create Custom Docker NetworkIn this tutorial, the traefik container will be running on the docker custom network. So we need to create a new docker custom network on the server.Check the available docker network on the system.docker network lsNow create a new custom network named 'proxy' for the traefik container.docker network create proxyAnd you will get a random string of the network container name. Check again the available network.docker network lsShown below is the result.The custom docker network named 'proxy' for traefik has been created.Step 4 - Install and Configure Traefik Reverse ProxyIn this step, we will create the traefik container with HTTPS letsencrypt enabled (using a domain name 'traefik.hakase-labs.io), and automatically redirect HTTP to HTTPS on traefik.Traefik Pre-InstallationBefore creating all traefik configuration, we need to install 'apache2-utils' for generating the encrypted htpasswd password and creating the new traefik directory.Install 'apache2-utils' using the apt command below.sudo apt install apache2-utils -yNow run the htpasswd command below to generate a new password for traefik dashboard authentication.htpasswd -nb mohammad passwordKeep the result in your note.mohammad:$apr1$hEgpZUN2$OYG3KwpzI3T1FqIg9LIbi.Next, login to the 'mohammad' user.su - mohammadCreate a new directory named 'traefik' for all traefik configuration.mkdir -p traefik/cd traefik/Create Traefik ConfigurationGo to the 'traefik' directory and create a new configuration file 'traefik.toml' using vim editor.cd traefik/vim traefik.tomlPaste the configuration below.#Traefik Global Configurationdebug = falsecheckNewVersion = truelogLevel = "ERROR"#Define the EntryPoint for HTTP and HTTPSdefaultEntryPoints = ["https","http"]#Enable Traefik Dashboard on port 8080#with basic authentication method#mohammad and password[web]address = ":8080"[web.auth.basic]users = ["mohammad:$apr1$hEgpZUN2$OYG3KwpzI3T1FqIg9LIbi."]#Define the HTTP port 80 and#HTTPS port 443 EntryPoint#Enable automatically redirect HTTP to HTTPS[entryPoints][entryPoints.http]address = ":80"[entryPoints.http.redirect]entryPoint = "https"[entryPoints.https]address = ":443"[entryPoints.https.tls]#Enable retry sending a request if the network error[retry]#Define Docker Backend Configuration[docker]endpoint = "unix:///var/run/docker.sock"domain = "traefik.hakase-labs.io"watch = trueexposedbydefault = false#Letsencrypt Registration#Define the Letsencrypt ACME HTTP challenge[acme]email = "[email protected]"storage = "acme.json"entryPoint = "https"OnHostRule = true [acme.httpChallenge] entryPoint = "http"Save and exit.Note:All information about the configuration is in the comment section '#...'.Create Traefik Docker Compose ScriptNow create the docker-compose yml script.vim docker-compose.ymlPaste the configuration below.version: '3'services: traefik: image: traefik:latest command: --docker --docker.domain=hakase-labs.io ports: - 80:80 - 443:443 networks: - proxy volumes: - /var/run/docker.sock:/var/run/docker.sock - ./traefik.toml:/traefik.toml - ./acme.json:/acme.json labels: - "traefik.frontend.rule=Host:traefik.hakase-labs.io" - "traefik.port=8080" container_name: traefik restart: alwaysnetworks: proxy: external: trueSave and exit.Note:We're creating a new container named 'traefik' based on the 'traefik:latest' docker image.The 'traefik' container will be running on the custom docker network named 'proxy' and expose external ports HTTP 80 and HTTPS 443.The container will mount traefik configuration 'traefik.toml' and 'acme.json', including the docker sock file.Label configuration for traefik, the frontend domain name, and the traefik port.Letsencrypt ACME ConfigurationThe acme configuration on 'traefik.toml' is used for automatically generate the SSL letsencrypt. And it's required for the storage file 'acme.json'.Create a new JSON file 'acme.json' and change the permission to '600'.touch acme.jsonchmod 600 acme.jsonAll logs about SSL letsencrypt info will be saved in the file.Build Traefik ContainerNow we're ready to build our own traefik container using the above configuration files.cd traefik/ls -lahAll configuration 'traefik.toml', 'docker-compose.yml', and 'acme.json' files.Build the container using docker compose command below.docker-compose up -dWhen it's complete, check the running container.docker-compose psAnd you will get the Traefik container up and running, expose the external ports HTTP and HTTPS.Step 5 - TestingOpen your web browser and type the traefik domain name on the address bar. Mine is: -labs.io/You will be redirected to the HTTPS connection and will be asked for the username and password authentication.Log in with the user 'mohammad' and password is 'password'.And you will get the Traefik dashboard as below.Traefik Health status page.Traefik modern HTTP reverse-proxy has been installed as a Docker container on Ubuntu 18.04.Reference About Muhammad ArulMuhammad Arul is a freelance system administrator and technical writer. He is working with Linux Environments for more than 5 years, an Open Source enthusiast and highly motivated on Linux installation and troubleshooting. Mostly working with RedHat/CentOS Linux and Ubuntu/Debian, Nginx and Apache web server, Proxmox, Zimbra Administration, and Website Optimization. Currently learning about OpenStack and Container Technology. view as pdf printShare this page:Suggested articles5 Comment(s)Add commentName *Email *tinymce.init( bold italic link",);CommentsBy: Magnus Reply Thanks for showing how to do the admin ui auth thing, I mean:
Docker Guide: Installing Traefik – a Modern Reverse Proxy for Microservices
Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy.Traefik integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ...) and configures itself automatically and dynamically.Pointing Traefik at your orchestrator should be the only configuration step you need. 2ff7e9595c
Comments