traefik_stack5

What is this?

Using a one-liner, this docker stack will run many services (Traefik (with auth), Socat, Portainer, Nginx, Caddy, Whoami) in a straightforward copy-paste command.

You may also refer the README at the root of this repo.

Start here

1. Go to http://labs.play-with-docker.com/
2. Create one instance
3. Copy-paste this one-liner:

Stable setup (recommended)

ENV_BRANCH="master"
ENV_MONOREPO="traefik_stack5"

# On play-with-docker, install common apps
apk update && apk upgrade && apk add --no-cache               \
    nano bash git curl wget unzip openssl tar ca-certificates && \
rm -rf /var/cache/apk/* /tmp*                                 && \
docker swarm init --advertise-addr $(hostname -i)             && \
git clone https://github.com/pascalandy/docker-stack-this.git && \
cd docker-stack-this                                          && \
git checkout ${ENV_BRANCH}                                    && \
cd ${ENV_MONOREPO}                                            && \
./runup.sh;

Edge setup (NOT recommended)

ENV_BRANCH="edge"
ENV_MONOREPO="traefik_stack5"

# On play-with-docker, install common apps
apk update && apk upgrade && apk add --no-cache               \
    nano bash git curl wget unzip openssl tar ca-certificates && \
rm -rf /var/cache/apk/* /tmp*                                 && \
docker swarm init --advertise-addr $(hostname -i)             && \
git clone https://github.com/pascalandy/docker-stack-this.git && \
cd docker-stack-this                                          && \
git checkout ${ENV_BRANCH}                                    && \
cd ${ENV_MONOREPO}                                            && \
./runup.sh;

These scripts will do the hard of deploying the stacks for us.

example

See your stacks

$ docker stack ls

NAME                SERVICES            ORCHESTRATOR
toolgui             2                   Swarm
toolproxy           2                   Swarm
toolwebapp          4                   Swarm

See your services

$ docker service ls

ID                  NAME                MODE                REPLICAS            IMAGE                   PORTS
xjdsq3gxd59y        toolgui_agent       global              1/1                 portainer/agent:latest
0h375hmmnelo        toolgui_portainer   replicated          1/1                 portainer/portainer:latest
xim07ahqctsp        toolproxy_socat     replicated          1/1                 devmtl/socatproxy:1.2
y249kaecel8e        toolproxy_traefik   replicated          1/1                 traefik:1.7.12          *:80->80/tcp, *:443->443/tcp, *:8080->8080/tcp
s0061fdhvv6o        toolwebapp_home     replicated          1/1                 abiosoft/caddy:1.0.1-no-stats
ocpk5l6yg2gt        toolwebapp_who1     replicated          1/1                 nginx:1.15-alpine
raq5czrlhrmb        toolwebapp_who2     replicated          1/1                 emilevauge/whoami:latest
66b1rduru5k9        toolwebapp_who3     replicated          1/1                 emilevauge/whoami:latest

Confirm that your services (containers) are running

1. When you see that all services are deployed, click on 80 to see the static landing page.
2. From the same URL generated by play-with-docker, in the address bar of your browser, add /who1 or /who2 or /who3 or /portainer to access other services.

Full URL example

http://pwd10-0-7-3-80.host1.labs.play-with-docker.com/
http://pwd10-0-7-3-80.host1.labs.play-with-docker.com/who1
http://pwd10-0-7-3-80.host1.labs.play-with-docker.com/who2
http://pwd10-0-7-3-80.host1.labs.play-with-docker.com/who3
http://pwd10-0-7-3-80.host1.labs.play-with-docker.com/portainer

The container for the first URL is named home.

Web apps details:

• / = caddy
• /who1 = caddy
• /who2 = whoami
• /portainer = portainer

For /who1 and /who2 you will see the container's Ids (5fe91baf7a3a & 78a0c7287df1) in this example

$ docker ps | grep whoami
5fe91baf7a3a        emilevauge/whoami:latest         "/whoamI"                About a minute ago   Up About a minute   80/tcp                      toolwebapp_who3.1.9zk09prm85gnl0ieuuncynhxh
78a0c7287df1        emilevauge/whoami:latest         "/whoamI"                About a minute ago   Up About a minute   80/tcp                      toolwebapp_who2.1.wj7vf83ag91ft7jgdy3gwejp4

How to access Traefik

Traefik password

user: admin / pass: changethispass

This password is encrypted in our configs .configs/traefik.toml

Generate your user/pass:

Here is a script you can run:

command -v docker >/dev/null 2>&1 || { echo >&2 "I require Docker but it's not installed. Aborting."; exit 1; }

echo "Basic auth generator:"
read -p "User: "  USER
read -p "Password: "  PW

# Generate strings
clear && echo

echo "------- A) Use the result with basicauth.usersfile: --------"
docker run ctr.run/github.com/firepress-org/alpine:master sh -c \
    "htpasswd -nbB ${USER} ${PW}"

echo "------- B) use the result within your compose file."
echo "This double the $ sign (else the $ sign is interpreted as a variable: --------"
docker run ctr.run/github.com/firepress-org/alpine:master sh -c \
    "htpasswd -nbB ${USER} ${PW}" | sed -e s/\\$/\\$\\$/g

Insert this string in your .configs/traefik.toml.

What is Traefik?

Traefik is a powerful layer 7 reverse proxy. Once running, the proxy will give you access to many web apps. I think this is a substantial use case to understand how this reverse-proxy works.

Traefik version

In toolproxy.yml look for something like traefik:1.7.19.

Other stuff to know?

• This stack does not use ACME (https://). ACME is a pain while developing … reaching limits, etc.
• If you don’t want to use socat, check out the monorepo traefik-manager-noacme

Screenshots

All commands

In the active path, just execute those bash-scripts:

• ./runup.sh
• ./rundown.sh

Bonus! ./runctop.sh is not a stack but a simple docker run to see the memory consumed by each container.