I’m migrating my server to a new server and wanna try something new. I’ve been using nginx to reverse proxy my stuff and I recently heard about traefik being able to read labels off docker containers. I’ve been googling around but I can’t for the life of me figure out how to get the access to the dashboard without having insecure mode on.

  • saddlebag@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Personally I’ve used traefik, Nginx and caddy. They’re all interesting in their own ways. My little docker setup is currently using caddy-docker-proxy. It’s been set and forget for me. You might need some adjustments based on your TLS requirements etc.

    • StillOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      ah ok, I got it working now, guess I have to use an nginx container anyway to host static stuff tho, the config being attached to a container is def a nice thing

  • NewDataEngineer@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    For those using traefik I would recommend the dynamic file config. You don’t have to take down your containers just to change a proxy setting.

    • Kangie@lemmy.srcfiles.zip
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      With labels you just update the service definition by redeploying the stack; the dynamic file provider adds nothing in most circumstances.

      You certainly don’t need to take down your container except to change things that are part of the Traefik static configuration.

      • NewDataEngineer@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        by redeploying the stack

        That’s the point. With dynamic files you can add new Middleware or even route already exposed ports all on the fly. You’re telling me you can change a docker label and keep your service running with 0 downtime?

        If you’ve figured that out please share a link because my experience has been otherwise.

        • Kangie@lemmy.srcfiles.zip
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Close enough to 0 downtime that it doesn’t matter.

          1. Deploy updated stack file to existing stack
          2. existing services are updated
          3. Traefik polls the docker socket and notices updated labels
          4. ???
          5. Profit!

          Seriously, you shouldn’t need to put anything (outside of rules that you want to re-use [e.g. http->https middleware]) in the traefik dynamic configuration because each container/service in a docker stack will bring with it its own configuration. Your only ‘dead time’ is how long it takes Traefik to pick up the new dynamic configuration via either the docker or swarm providers, which is configurable but I’ve never had to touch because, even on production systems, it’s been fine.