在群模式下的Traefik，conf文件可用吗？

如何解决在群模式下的Traefik，conf文件可用吗？

我只有一个小问题，但是我在文档中找不到明确的答案。 我们可以在swarm模式为ON的情况下通过配置文件配置traefik吗？ 我没有成功，所以我认为这是不可能的，但是不必像这样放置不清晰的标签真是太好了。

stack.yml

version: "3.8"

networks:
  traefik:
    name: "dmz"
    driver: overlay
    attachable: true

services:

  traefik:
    image: "traefik:v2.2"
    networks:
      - traefik
    ports:
      - "8080:8080"
      - "443:443"
      - "80:80"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./traefik.yml:/etc/traefik/traefik.yml:ro"
      - "./conf/:/etc/traefik/conf"
      
  whoami:
    image: "containous/whoami"
    networks:
      - traefik
    deploy:  
      labels:
        - "traefik.enable=true"
        - "traefik.docker.lbswarm=true"
        - "traefik.http.services.whoami.loadbalancer.server.port=80"

traefik.yml

global:
  sendAnonymousUsage: false
  checkNewVersion: false
# API and dashboard configuration
api:
  insecure: true
log:
  level: DEBUG
providers:
  docker:
    endpoint: 'unix:///var/run/docker.sock'
    exposedByDefault: false
    swarmMode: true
  file:
    directory= "/etc/traefik/conf"
    watch = true
entryPoints:
  web:
    address: ':80'
  websecure:
    address: ':443'
certificatesResolvers:
  letsencrypt:
    acme:
      email: my@email.com
      caServer: 'https://acme-v02.api.letsencrypt.org/directory'
      storage: acme.json
      keyType: EC384
      httpChallenge:
        entryPoint: web

./ conf / traefik_dynamic.yml

tls:
  options:
    default:
      minVersion: VersionTLS12
      sniStrict: true
      cipherSuites:
        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
        - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
        - TLS_AES_128_GCM_SHA256
        - TLS_AES_256_GCM_SHA384
        - TLS_CHACHA20_POLY1305_SHA256
      curvePreferences:
        - CurveP521
        - CurveP384
http:
  middlewares:
    compression:
      compress:
        excludedContentTypes:
          - text/event-stream
    https-redirect:
      redirectScheme:
        scheme: https
        permanent: true
    security:
      headers:
        accessControlAllowMethods:
          - GET
          - OPTIONS
          - PUT
        accessControlAllowOrigin: origin-list-or-null
        accessControlMaxAge: 100
        addVaryHeader: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        frameDeny: true
        stsIncludeSubdomains: true
        stsPreload: true
        customFrameOptionsValue: SAMEORIGIN
        referrerPolicy: same-origin
        featurePolicy: vibrate 'self'
        stsSeconds: 315360000

./ conf / whoami.yml

docker:
  network: dmz     
  lbswarm: true
http:
  routers:
    reverse_proxy_whoami_insecure:
      rule: Host(`whoami.example.com`)
      service: whoami@docker
      middlewares: http-redirect@docker
    reverse_proxy_whoami:
      entrypoints: websecure
      tls:
        certresolver: letsencrypt-rsa2048
      rule: Host(`whoami.example.com`)
      service: whoami@docker
      loadbalancer:
        passhostheader: true
        server:
          scheme: http

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。