Skip to content

Use traefik 2 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Use traefik 2 #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b431f21
Use traefik 2
adrienbrault Apr 11, 2020
4a422d0
remove debug logs
adrienbrault Apr 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
/ssl/*
13 changes: 13 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
.DEFAULT_GOAL := all

ifeq (, $(shell which mkcert))
$(error "No mkcert in $(PATH). Please install mkcert, see https://github.com/FiloSottile/mkcert#installation")
endif

ssl/test.key:
mkdir -p ./ssl
mkcert --key-file ./ssl/test.key --cert-file ./ssl/test.crt "*.docker.test" 127.0.0.1 ::1

all: ssl/test.key
docker network inspect traefik-docker > /dev/null 2>&1 || docker network create traefik-docker
docker-compose up -d --remove-orphans
50 changes: 19 additions & 31 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,47 +1,35 @@
# Local load balancer for docker-compose projects

This project allows to access individual docker compose containers through `http://(.+\.)?<service>.<compose-project>.docker`.

This is how it works:
- A docker container runs a dns server that always returns 127.0.0.1 (exposed to localhost:10053)
- The system needs to be configured to resolve any .docker hostname with localhost:10053
- A docker container runs an nginx load balancer exposed on localhost:80 that proxies `*<service>.<compose-project>.docker`
http requests to `<compose-project>_<service>_1`. This container is attached to all the docker networks.

The containers will start when docker starts since they are configured with `restart: always`.

## Installation

```
# Start load balancer and dns
docker-compose up -d

# Give load balancer access to all the compose networks
docker network ls --filter driver=bridge --filter scope=local -q \
| xargs -I {} docker network connect {} "$(docker-compose ps -q lb)"
# Generate ssl certificates using mkcert and start traefik, dns
make

# Configure system to resolve all .docker domains using the spun up dns server
sudo mkdir -p /etc/resolver
sudo tee /etc/resolver/docker > /dev/null <<EOF
domain docker
sudo tee /etc/resolver/test > /dev/null <<EOF
domain test
port 10053
nameserver 127.0.0.1
EOF
```

## Adding networks
## Containers configuration

Whenever you've started a new docker compose project or added networks, run the same command that you ran during installation:
### docker-compose

```
docker network ls --filter driver=bridge --filter scope=local -q \
| xargs -I {} docker network connect {} "$(docker-compose ps -q lb)"
```
```yaml
version: '3'

## Removing networks
networks:
traefik-docker:
external: true

If you need to disconnect the load balancer from a network, for example when running `docker-compose down` for that network/project:

```
docker network disconnect -f <compose-project>_default "$(docker-compose ps -q lb)"
services:
webserver:
# image, volumes, etc
networks:
- traefik-docker
labels:
traefik.enable: true
traefik.http.routers.webserver.rule: 'Host(`my-webserver.docker.test`)'
```
32 changes: 26 additions & 6 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,33 @@
version: "3"
version: '3'

networks:
traefik-docker:
external: true

services:
lb:
image: nginx:1.15-alpine
traefik:
image: traefik:v2.2
restart: always
command:
#- '--log.level=DEBUG'
- '--api.insecure=true'
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--providers.docker.network=traefik-docker'
- '--entrypoints.http.address=:80'
- '--entrypoints.https.address=:443'
- '--entrypoints.https.http.tls=true'
- '--providers.file.filename=/etc/traefik/traefik-ssl.toml'
ports:
- 80:80
- '80:80'
- '443:443'
- '8080:8080'
networks:
- traefik-docker
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
restart: always
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './traefik-ssl.toml:/etc/traefik/traefik-ssl.toml'
- './ssl/:/etc/traefik/ssl/:ro'
logging: &logging
options:
max-size: '10k'
Expand Down
11 changes: 0 additions & 11 deletions nginx.conf
View file
Open in desktop

This file was deleted.

5 changes: 5 additions & 0 deletions traefik-ssl.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/etc/traefik/ssl/test.crt"
keyFile = "/etc/traefik/ssl/test.key"