如何解决在群模式下的Traefik,conf文件可用吗?
我只有一个小问题,但是我在文档中找不到明确的答案。 我们可以在swarm模式为ON的情况下通过配置文件配置traefik吗? 我没有成功,所以我认为这是不可能的,但是不必像这样放置不清晰的标签真是太好了。
stack.yml
version: "3.8"
networks:
traefik:
name: "dmz"
driver: overlay
attachable: true
services:
traefik:
image: "traefik:v2.2"
networks:
- traefik
ports:
- "8080:8080"
- "443:443"
- "80:80"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik.yml:/etc/traefik/traefik.yml:ro"
- "./conf/:/etc/traefik/conf"
whoami:
image: "containous/whoami"
networks:
- traefik
deploy:
labels:
- "traefik.enable=true"
- "traefik.docker.lbswarm=true"
- "traefik.http.services.whoami.loadbalancer.server.port=80"
traefik.yml
global:
sendAnonymousUsage: false
checkNewVersion: false
# API and dashboard configuration
api:
insecure: true
log:
level: DEBUG
providers:
docker:
endpoint: 'unix:///var/run/docker.sock'
exposedByDefault: false
swarmMode: true
file:
directory= "/etc/traefik/conf"
watch = true
entryPoints:
web:
address: ':80'
websecure:
address: ':443'
certificatesResolvers:
letsencrypt:
acme:
email: my@email.com
caServer: 'https://acme-v02.api.letsencrypt.org/directory'
storage: acme.json
keyType: EC384
httpChallenge:
entryPoint: web
./ conf / traefik_dynamic.yml
tls:
options:
default:
minVersion: VersionTLS12
sniStrict: true
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
curvePreferences:
- CurveP521
- CurveP384
http:
middlewares:
compression:
compress:
excludedContentTypes:
- text/event-stream
https-redirect:
redirectScheme:
scheme: https
permanent: true
security:
headers:
accessControlAllowMethods:
- GET
- OPTIONS
- PUT
accessControlAllowOrigin: origin-list-or-null
accessControlMaxAge: 100
addVaryHeader: true
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
frameDeny: true
stsIncludeSubdomains: true
stsPreload: true
customFrameOptionsValue: SAMEORIGIN
referrerPolicy: same-origin
featurePolicy: vibrate 'self'
stsSeconds: 315360000
./ conf / whoami.yml
docker:
network: dmz
lbswarm: true
http:
routers:
reverse_proxy_whoami_insecure:
rule: Host(`whoami.example.com`)
service: whoami@docker
middlewares: http-redirect@docker
reverse_proxy_whoami:
entrypoints: websecure
tls:
certresolver: letsencrypt-rsa2048
rule: Host(`whoami.example.com`)
service: whoami@docker
loadbalancer:
passhostheader: true
server:
scheme: http
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。