Closed ssspeq closed 4 years ago
This weekend I had the same issue and came to a solution. Still working on HTTPS details, env varibles and a few things. It should be a good starting point.
version: '3.5'
volumes:
volume_traefik:
volume_api:
volume_db:
volume_pgadmin:
volume_rabbitmq:
volume_frontend:
networks:
web:
name: web
backend:
name: backend
services:
traefik:
image: traefik:v2.2
container_name: traefik
hostname: traefik
restart: unless-stopped
command:
- --api.insecure=false # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
- --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc...
- --api.debug=true # <== Enabling additional endpoints for debugging and profiling
- --log.level=DEBUG
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=web
- --entrypoints.web.address=:80
- --entrypoints.web-secured.address=:443
- --certificatesresolvers.tls-challenge.acme.tlschallenge=true
- --certificatesresolvers.tls-challenge.acme.email=fake@email.com
- --certificatesresolvers.tls-challenge.acme.storage=/letsencrypt/acme.json
depends_on:
- api
- db
- pgadmin
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- volume_traefik:/letsencrypt
networks:
- web
ports:
- 80:80
- 443:443
labels:
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
# redirect all HTTP requests to HTTPS
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
#- "traefik.http.routers.http-catchall.middlewares=https-redirect@docker"
- "traefik.http.routers.traefik.rule=Host(`traefik.localhost`)"
- "traefik.http.routers.traefik.entrypoints=web" #-secured"
#- "traefik.http.routers.traefik.tls.certresolver=tls-challenge"
- "traefik.http.routers.traefik.middlewares=auth"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.middlewares.auth.digestauth.realm=traefik"
- "traefik.http.middlewares.auth.digestauth.users=admin:traefik:817374111f31cc282162486425ee5e9e"
#- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
api:
image: api:latest
container_name: api
hostname: api
restart: unless-stopped
build:
context: ./backend
dockerfile: api.dockerfile
depends_on:
- db
env_file:
- .env
volumes:
- volume_api:/api
- ./backend/api/alembic:/api/alembic:rw
- ./backend/api/app:/api/app:rw
- ./backend/api/scripts:/api/scripts:rw
- ./backend/api/alembic.ini:/api/alembic.ini:rw
- ./backend/api/gunicorn_conf.py:/api/gunicorn_conf.py:rw
networks:
- web
- backend
labels:
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.http.services.api.loadbalancer.server.port=8001"
- "traefik.http.routers.api.rule=Host(`localhost`) && PathPrefix(`/api`,`/docs`,`/redoc`)"
- "traefik.http.routers.api.entrypoints=web" #-secured"
#- "traefik.http.routers.api.tls.certresolver=tls-challenge"
#- "traefik.http.routers.api.tls.domains[0].main=localhost."
#- "traefik.http.routers.api.tls.domains[0].sans=*.localhost."
db:
image: postgres:11.5-alpine
container_name: db
hostname: db
restart: unless-stopped
env_file:
- .env
volumes:
- volume_db:/var/lib/postgresql/data:rw
networks:
- backend
pgadmin:
image: dpage/pgadmin4:4
container_name: pgadmin
hostname: pgadmin
restart: unless-stopped
depends_on:
- db
env_file:
- .env
volumes:
- volume_pgadmin:/var/lib/pgadmin:rw
networks:
- web
- backend
labels:
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.http.services.pgadmin.loadbalancer.server.port=5050"
- "traefik.http.routers.pgadmin.rule=Host(`pgadmin.localhost`)"
- "traefik.http.routers.pgadmin.entrypoints=web" #-secured"
#- "traefik.http.routers.pgadmin.tls.certresolver=tls-challenge"
#- "traefik.http.routers.pgadmin.tls.domains[0].main=pgadmin.localhost."
#- "traefik.http.routers.pgadmin.tls.domains[0].sans=*.pgadmin.localhost."
# celeryworker:
# image: celeryworker:latest
# container_name: celeryworker
# hostname: celeryworker
# restart: unless-stopped
# build:
# context: ./backend
# dockerfile: celeryworker.dockerfile
# depends_on:
# - api
# - db
# - rabbitmq
# env_file:
# - .env
# volumes:
# - ./backend/api/app:/api/app:rw
# networks:
# - backend
rabbitmq:
image: rabbitmq:3
container_name: rabbitmq
hostname: rabbitmq
restart: unless-stopped
networks:
- backend
volumes:
- volume_rabbitmq:/var/lib/rabbitmq
# frontend:
# image: frontend:latest
# container_name: frontend
# hostname: frontend
# restart: unless-stopped
# build:
# context: ./frontend
# dockerfile: app.dockerfile
# networks:
# - web
# - backend
# volumes:
# - volume_frontend:/serve
# labels:
# - "traefik.enable=true"
# - "traefik.docker.network=web"
# - "traefik.http.services.frontend.loadbalancer.server.port=80"
# - "traefik.http.routers.frontend.rule=Host(`localhost`)"
# - "traefik.http.routers.frontend.entrypoints=web" #-secured"
# #- "traefik.http.routers.frontend.tls.certresolver=tls-challenge"
# #- "traefik.http.routers.frontend.tls.domains[0].main=localhost."
# #- "traefik.http.routers.frontend.tls.domains[0].sans=*.localhost."
It creates a proxy with Traefik v2 with the following routes:
Also, I use networks to isolate containers. web
for the traefik stuff and backend
for the internal, non exposed stuff. Note that the api itself is exposed to web
and to the backend
networks. This is to allow access to it from outside. Also, if made a router in fastapi to set a prefix to every request in the form of /api/v1/...
Let me know if you have any doubts.
this will be implemented ?
Yep. I want to update this project to use Traefik 2, but I have to first update dockerswarm.rocks to use Traefik 2 by default, then update here and the sibling project generators, and do it all in one batch to make sure nothing is broken in the middle of the process, so it will take a bit.
@tiangolo - could you please provide any help / solution? @bgottsch - Thank you so much! Your example was great help. However its only working for one backedn API, I've one morer separate backedn API. Any idea how I can achieve that? OR what I'm missing in below code - `version: '3.5'
networks: web: name: web backend: name: backend
services:
traefik: image: traefik:v2.2 container_name: traefik hostname: traefik restart: unless-stopped command:
{host:.+}
)"my_mahcine_ip_Address
)"volumes:
"/var/run/docker.sock:/var/run/docker.sock:ro"
users: image: mlstudio_users:latest container_name: users hostname: users ports:
my_mahcine_ip_Address
) && PathPrefix(/api
,/docs
,/redoc
)""traefik.http.routers.users.entrypoints=web" #-secured"
test: image: mlstudio_test:latest container_name: test hostname: test ports:
my_mahcine_ip_Address
) && PathPrefix(/test/api
,/test/docs
,/test/redoc
)"Hey everyone! I just finished migrating DockerSwarm.rocks and this project generator to Traefik v2, you can check the new code :tada: :rocket:
Assuming the original issue was solved, it will be automatically closed now. But feel free to add more comments or create new issues.
I am trying to adapt this to use traefik v2 but I cant get it to work. Has anyone tried this?
Also, how would I use this if I already have a docker swarm with traefik v2 that I want to deploy to?