Deploy Traefik with TLS on Docker with simplecontainer
All examples are available at the Github.
simplecontainer
Traefik can be used as a traffic router on the Docker daemon. It has a way to handle Entrypoints, Routers and Middlewares.
Deployment process of the Traefik with automatic TLS on the simplecontainer is pretty straightforward.
First we need to create Resource holding static configuration for the Traefik.
kind: resource
meta:
group: traefik
name: static-configuration
spec:
data:
static-configuration: |
providers:
docker:
exposedByDefault: false
entrypoints:
web:
address: :80
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
websecure:
address: :443
certificatesResolvers:
myresolver:
acme:
tlschallenge: true
email: email@example.com
storage: /letsencrypt/acme.json
api:
insecure: true
dashboard: trueAfterwards, we need to create containers definition.
kind: containers
meta:
name: traefik
group: traefik
spec:
traefik:
meta:
name: traefik
group: traefik
spec:
container:
image: "traefik"
tag: "v2.5"
replicas: 1
volumes:
- type: "bind"
hostPath: "/var/run/docker.sock"
mountPoint: "/var/run/docker.sock"
- type: bind
hostPath: ~/letsencrypt
mountPoint: /letsencrypt
ports:
- container: "80"
host: "80"
- container: "443"
host: "443"
resources:
- group: "traefik"
name: "static-configuration"
key: static-configuration
mountPoint: /etc/traefik/traefik.yml
https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/containers.yaml
~/letsencrypt on your host running simplecontainer!Now apply these definitions.
smr apply https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/resource-traefik.yaml
smr apply https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/containers.yaml
GROUP NAME DOCKER NAME IMAGE IP PORTS DEPS DOCKER STATE SMR STATE
traefik traefik traefik-traefik-1 traefik:v2.5 80:80, 443:443 running running (1s)
As you can see Traefik is up and running. Now we will deploy nginx container and expose it via Traefik we just deployed.
kind: containers
meta:
name: nginx
group: examples
spec:
ghost:
meta:
name: nginx
group: examples
labels:
"traefik.enable": "true"
"traefik.http.routers.nginx.rule": "Host(`example.com`)"
"traefik.http.routers.nginx.entrypoints": "websecure"
"traefik.http.routers.nginx.tls.certresolver": "myresolver"
"traefik.http.services.nginx-service.loadbalancer.server.port": "8080"
spec:
container:
image: "nginx"
tag: "latest"
replicas: 1
ports:
- container: "8080"Applying this definition will deploy the Nginx which is exposed via Traefik.
smr apply https://raw.githubusercontent.com/simplecontainer/examples/refs/heads/main/traefik/container-service.yamlsmr ps
GROUP NAME DOCKER NAME IMAGE IP PORTS DEPS DOCKER STATE SMR STATE
examples nginx examples-nginx-1 nginx:latest 8080 running running (12s)
traefik traefik traefik-traefik-1 traefik:v2.5 80:80, 443:443 running running (6m1s)
Afterward, access to the Nginx web server can be made via https://example.com