Public | Automated Build

Last pushed: 23 days ago
Short Description
This image is the traefik base. It comes from rawmind/alpine-monit.
Full Description

alpine-traefik

This image is the traefik base. It comes from alpine-monit.

Build

docker build -t rawmind/alpine-traefik:<version> .

Versionsv

Configuration

This image runs traefik with monit. It is started with traefik user/group with 10001 uid/gid.

Besides, you can customize the configuration in several ways:

Default Configuration

Traefic is installed with the default configuration and some parameters can be overrided with env variables:

  • TRAEFIK_HTTP_PORT=8080 # http port > 1024 due to run as non privileged user
  • TRAEFIK_HTTPS_ENABLE="false" # "true" enables https and http endpoints. "Only" enables https endpoints and redirect http to https.
  • TRAEFIK_HTTPS_PORT=8443 # https port > 1024 due to run as non privileged user
  • TRAEFIK_ADMIN_PORT=8000 # admin port > 1024 due to run as non privileged user
  • TRAEFIK_LOG_LEVEL="INFO" # Log level
  • TRAEFIK_DEBUG="false" # Enable/disable debug mode
  • TRAEFIK_INSECURE_SKIP="false" # Enable/disable InsecureSkipVerify parameter
  • TRAEFIK_LOG_FILE="/opt/traefik/log/traefik.log"} # Log file. Redirected to docker stdout.
  • TRAEFIK_ACCESS_FILE="/opt/traefik/log/access.log"} # Access file. Redirected to docker stdout.
  • TRAEFIK_SSL_PATH="/opt/traefik/certs" # Path to search .key and .crt files
  • TRAEFIK_ACME_ENABLE="false" # Enable/disable traefik ACME feature
  • TRAEFIK_ACME_EMAIL="test@traefik.io" # Default email
  • TRAEFIK_ACME_ONDEMAND="true" # ACME ondemand parameter
  • TRAEFIK_ACME_ONHOSTRULE="true" # ACME OnHostRule parameter
  • TRAEFIK_K8S_ENABLE="false" # Enable/disable traefik K8S integration
  • TRAEFIK_RANCHER_ENABLE="false" # Enable/disable traefik RANCHER integration
  • TRAEFIK_RANCHER_REFRESH=15 # Rancher poll refresh seconds
  • TRAEFIK_RANCHER_MODE="api" # Rancher integration mode. api | metadata
  • TRAEFIK_RANCHER_DOMAIN="rancher.internal" # Rancher domain
  • TRAEFIK_RANCHER_EXPOSED="false" # Rancher ExposedByDefault
  • TRAEFIK_RANCHER_HEALTHCHEK="false" # Rancher EnableServiceHealthFilter
  • CATTLE_URL="" # Rancher API url
  • CATTLE_ACCESS_KEY="" # Rancher access key
  • CATTLE_SECRET_KEY="" # Rancher secret key

Custom Configuration

Traefik is installed under /opt/traefik and make use of /opt/traefik/etc/traefik.toml and /opt/traefik/etc/rules.toml.

You can edit or overwrite this files in order to customize your own configuration or certificates.

You could also include FROM rawmind/alpine-traefik at the top of your Dockerfile, and add your custom config.

SSL Configuration

Added SSL configuration. Set TRAEFIK_HTTPS_ENABLE="< true || only >" to enable it.

SSL certificates are located by default in /opt/traefik/certs. You need to provide .key AND .crt files to that directory, in order traefik gets automatically configured with ssl.

If you put more that one key/crt files in the certs directory, traefik gets sni enabled and configured. You also could map you cert storage volume to traefik and mount it in $TRAEFIK_SSL_PATH value.

You could also include FROM rawmind/alpine-traefik at the top of your Dockerfile, and add your custom ssl files.

Letsencrypt Configuration

If you enable SSL configuration, you could enable traefik letsencrypt support as well (ACME). To do it, set TRAEFIK_ACME_ENABLE="true".

Rancher

If you are running it in rancher, you could use in 2 ways:

  • Traefik built rancher integration. Add env TRAEFIK_RANCHER_ENABLE=true
  • You could run rancher-traefik as a sidekick to get dynamic configuration.

Example

See rancher-example, that run a traefik lb in all infrastructure servers and publish ${TRAEFIK_HTTP_PORT}, ${TRAEFIK_HTTPS_PORT} and ${TRAEFIK_ADMIN_PORT} throught them.

TODO

Add sni automation to the traefik.

Docker Pull Command
Owner
rawmind
Source Repository

Comments (0)