Deploying Traefik with TLS using simplecontainer
All examples are available at the Github.
simplecontainer
Traefik can be used as a traffic router on the Docker daemon. It has a way to handle Entrypoints, Routers and Middlewares.
The deployment process of Traefik with automatic TLS on the simplecontainer is pretty straightforward.
First, we need to create a Resource holding a static configuration for Traefik.
kind: resource
meta:
group: traefik
name: static-configuration
spec:
data:
static-configuration: |
providers:
docker:
exposedByDefault: false
entrypoints:
web:
address: :80
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
websecure:
address: :443
certificatesResolvers:
myresolver:
acme:
tlschallenge: true
email: [email protected]
storage: /letsencrypt/acme.json
api:
insecure: true
dashboard: trueAfterwards, we need to create containers definition.
kind: containers
meta:
name: traefik
group: traefik
spec:
traefik:
meta:
name: traefik
group: traefik
spec:
container:
image: "traefik"
tag: "v2.5"
replicas: 1
volumes:
- type: "bind"
hostPath: "/var/run/docker.sock"
mountPoint: "/var/run/docker.sock"
- type: bind
hostPath: ~/letsencrypt
mountPoint: /letsencrypt
ports:
- container: "80"
host: "80"
- container: "443"
host: "443"
resources:
- group: "traefik"
name: "static-configuration"
key: static-configuration
mountPoint: /etc/traefik/traefik.yml
https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/containers.yaml
~/letsencrypt on your host running simplecontainer!Now apply these definitions.
smr apply https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/resource-traefik.yaml
smr apply https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/containers.yaml
GROUP NAME DOCKER NAME IMAGE IP PORTS DEPS DOCKER STATE SMR STATE
traefik traefik traefik-traefik-1 traefik:v2.5 80:80, 443:443 running running (1s)
As you can see Traefik is up and running. Now we will deploy nginx container and expose it via Traefik we just deployed.
kind: containers
meta:
name: nginx
group: examples
spec:
ghost:
meta:
name: nginx
group: examples
labels:
"traefik.enable": "true"
"traefik.http.routers.nginx.rule": "Host(`example.com`)"
"traefik.http.routers.nginx.entrypoints": "websecure"
"traefik.http.routers.nginx.tls.certresolver": "myresolver"
"traefik.http.services.nginx-service.loadbalancer.server.port": "8080"
spec:
container:
image: "nginx"
tag: "latest"
replicas: 1
ports:
- container: "8080"Applying this definition will deploy the Nginx which is exposed via Traefik.
smr apply https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/container-service.yamlsmr ps
GROUP NAME DOCKER NAME IMAGE IP PORTS DEPS DOCKER STATE SMR STATE
examples nginx examples-nginx-1 nginx:latest 8080 running running (12s)
traefik traefik traefik-traefik-1 traefik:v2.5 80:80, 443:443 running running (6m1s)
Afterward, access to the Nginx web server can be made via https://example.com