Table of Contents
Docker swarm init
docker swarm init --advertise-addr 10.0.0.3
Create a traefik network
docker network create --driver overlay traefik-public
Create a htpasswd password
docker run --rm httpd:2.4-alpine htpasswd -nbB admin <password> | cut -d ":" -f 2
Escape the
Create folders
for Traefik
create a folder and set 600 as permission.
mkdir /home/docker-login/data/traefik
touch /home/docker-login/data/traefik/acme.json
chmod 600 /home/docker-login/data/traefik/acme.json
for Swarmpit
mkdir /home/docker-login/data/db-data
mkdir /home/docker-login/data/influx-data
for Portainer
mkdir /mnt/volume2/portainer
Traefik docker compose yml
Sample yml
version: '3.3'
services:
traefik:
image: 'traefik:v2.1.4'
command:
- --log.level=INFO
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.swarmmode=true
- --providers.docker.network=traefik-public
- --api
- --api.dashboard=true
- --certificatesresolvers.leresolver.acme.caserver=https://acme-v02.api.letsencrypt.org/directory
# update your email here
- --certificatesresolvers.leresolver.acme.email=youremail@test.com
# Make sure the this file is available and permission is set correctly
- --certificatesresolvers.leresolver.acme.storage=/le/acme.json
- --certificatesresolvers.leresolver.acme.tlschallenge=true
ports:
- '80:80'
- '443:443'
networks:
- traefik-public
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
# Make sure the volume folder is created
- '/home/docker-login/data/traefik/acme.json:/le/acme.json'
deploy:
labels:
# Dashboard
- 'traefik.enable=true'
# Change the host url here
- 'traefik.http.routers.traefik.rule=Host(`traefik.example.com`)'
- 'traefik.http.routers.traefik.service=api@internal'
- 'traefik.http.services.traefik.loadbalancer.server.port=8080'
- 'traefik.http.routers.traefik.tls.certresolver=leresolver'
- 'traefik.http.routers.traefik.entrypoints=websecure'
- 'traefik.http.routers.traefik.middlewares=authtraefik'
# Change the auth password here
- 'traefik.http.middlewares.authtraefik.basicauth.users=admin:yournewpassword' # user/password
# global redirect to https
- 'traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)'
- 'traefik.http.routers.http-catchall.entrypoints=web'
- 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
# middleware redirect
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
my-app:
image: containous/whoami:v1.3.0
networks:
- traefik-public
command:
- --port=8082 # Our service listens on 8082
deploy:
labels:
- 'traefik.enable=true'
# Change the host url here
- 'traefik.http.routers.my-app.rule=Host(`whoami.example.com`)'
- 'traefik.http.services.my-app.loadbalancer.server.port=8082'
- 'traefik.http.routers.my-app.middlewares=auth'
- 'traefik.http.routers.my-app.entrypoints=websecure'
- 'traefik.http.routers.my-app.tls=true'
- 'traefik.http.routers.my-app.tls.certresolver=leresolver'
# Change the password here
- 'traefik.http.middlewares.auth.basicauth.users=admin:changeme' # user/password
networks:
traefik-public:
external: true
Swarmpit Docker compose
Make sure the service name for swarmpit is "app"
version: '3.3'
services:
app:
image: swarmpit/swarmpit:latest
environment:
- SWARMPIT_DB=http://db:5984
- SWARMPIT_INFLUXDB=http://influxdb:8086
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- traefik-public
deploy:
labels:
- 'traefik.enable=true'
# change the host name here
- 'traefik.http.routers.app.rule=Host(`swarm.example.com`)'
- 'traefik.http.services.app.loadbalancer.server.port=8080'
- 'traefik.http.routers.app.tls=true'
- 'traefik.http.routers.app.tls.certresolver=leresolver'
- 'traefik.docker.network=traefik-public'
resources:
limits:
cpus: '0.50'
memory: 1024M
reservations:
cpus: '0.25'
memory: 512M
placement:
constraints:
- node.role == manager
db:
image: couchdb:2.3.0
volumes:
# make sure the folder is available
- /home/docker-login/data/db-data:/opt/couchdb/data
networks:
- traefik-public
deploy:
resources:
limits:
cpus: '0.30'
memory: 256M
reservations:
cpus: '0.15'
memory: 128M
influxdb:
image: influxdb:1.7
volumes:
# make sure the folder is available
- /home/docker-login/data/influx-data:/var/lib/influxdb
networks:
- traefik-public
deploy:
resources:
limits:
cpus: '0.60'
memory: 512M
reservations:
cpus: '0.30'
memory: 128M
agent:
image: swarmpit/agent:latest
environment:
- DOCKER_API_VERSION=1.35
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- traefik-public
deploy:
mode: global
labels:
swarmpit.agent: 'true'
resources:
limits:
cpus: '0.10'
memory: 64M
reservations:
cpus: '0.05'
memory: 32M
networks:
traefik-public:
external: true
Portainer
version: '3.2'
services:
agent:
image: portainer/agent
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
networks:
- traefik-public
deploy:
mode: global
placement:
constraints: [node.platform.os == linux]
portainer:
image: portainer/portainer
command: -H tcp://tasks.agent:9001 --tlsskipverify
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# make sure the folder is available
- /mnt/volume2/portainer:/data
networks:
- traefik-public
deploy:
labels:
- 'traefik.enable=true'
# change the host here
- 'traefik.http.routers.portainer.rule=Host(`admin.example.com`)'
- 'traefik.http.services.portainer.loadbalancer.server.port=9000'
- 'traefik.http.routers.portainer.entrypoints=websecure'
- 'traefik.http.routers.portainer.tls=true'
- 'traefik.http.routers.portainer.tls.certresolver=leresolver'
mode: replicated
placement:
constraints: [node.role == manager]
networks:
traefik-public:
external: true
Related Posts
Automating Image Cleanup in Azure Container Registry with ACR Tasks
Learn how to automate image cleanup in Azure Container Registry using ACR Tasks and implement best practices for container image management.
1/16/2025
Azure Deployment for .Net - Introduction - Prerequisites
This is the introduction to the Azure Deployment for .Net series.
8/14/2023
Abp Dockerfile
In this post we will see how to create proper docker file for your abp application.
3/19/2023