mirror of https://github.com/containous/traefik.git synced 2025-03-25 14:50:11 +03:00

Merge pull request #313 from containous/add-user-guide

Add doc user guide with swarm
This commit is contained in:
Emile Vauge 2016-04-15 19:13:53 +02:00
commit f2320ee648
5 changed files with 317 additions and 113 deletions

View File

@ -40,4 +40,22 @@ h1, h2, h3, H4 {
blockquote p {
font-size: 14px;
.navbar-default .navbar-nav>.open>a, .navbar-default .navbar-nav>.open>a:hover, .navbar-default .navbar-nav>.open>a:focus {
color: #fff;
background-color: #25606F;
.dropdown-menu>li>a:hover, .dropdown-menu>li>a:focus {
color: #fff;
text-decoration: none;
background-color: #25606F;
.dropdown-menu>.active>a, .dropdown-menu>.active>a:hover, .dropdown-menu>.active>a:focus {
color: #fff;
text-decoration: none;
background-color: #25606F;
outline: 0;

View File

@ -89,6 +89,10 @@
# [entryPoints.http.redirect]
# regex = "^http://localhost/(.*)"
# replacement = "http://mydomain/$1"
address = ":80"
## Retry configuration
@ -98,7 +102,7 @@
# Optional
# [retry]
# Number of attempts
@ -122,27 +126,27 @@
# Optional
# [acme]
# Email address used for registration
# Required
# email = "test@traefik.io"
email = "test@traefik.io"
# File used for certificates storage.
# WARNING, if you use Traefik in Docker, don't forget to mount this file as a volume.
# Required
# storageFile = "acme.json"
storageFile = "acme.json"
# Entrypoint to proxy acme challenge to.
# WARNING, must point to an entrypoint on port 443
# Required
# entryPoint = "https"
entryPoint = "https"
# Enable on demand certificate. This will request a certificate from Let's Encrypt during the first TLS handshake for a hostname that does not yet have a certificate.
# WARNING, TLS handshakes will be slow when requesting a hostname certificate for the first time, this can leads to DoS attacks.
@ -175,6 +179,13 @@
# main = "local3.com"
# [[acme.domains]]
# main = "local4.com"
main = "local1.com"
sans = ["test1.local1.com", "test2.local1.com"]
main = "local3.com"
main = "local4.com"
# Configuration backends
@ -716,25 +727,25 @@ Træfɪk can be configured to use Etcd as a backend configuration:
# Optional
# [etcd]
# Etcd server endpoint
# Required
# endpoint = ""
endpoint = ""
# Enable watch Etcd changes
# Optional
# watch = true
watch = true
# Prefix used for KV store.
# Optional
# prefix = "/traefik"
prefix = "/traefik"
# Override default configuration template. For advanced users :)
@ -769,25 +780,25 @@ Træfɪk can be configured to use Zookeeper as a backend configuration:
# Optional
# [zookeeper]
# Zookeeper server endpoint
# Required
# endpoint = ""
endpoint = ""
# Enable watch Zookeeper changes
# Optional
# watch = true
watch = true
# Prefix used for KV store.
# Optional
# prefix = "/traefik"
prefix = "/traefik"
# Override default configuration template. For advanced users :)
@ -811,25 +822,25 @@ Træfɪk can be configured to use BoltDB as a backend configuration:
# Optional
# [boltdb]
# BoltDB file
# Required
# endpoint = "/my.db"
endpoint = "/my.db"
# Enable watch BoltDB changes
# Optional
# watch = true
watch = true
# Prefix used for KV store.
# Optional
# prefix = "/traefik"
prefix = "/traefik"
# Override default configuration template. For advanced users :)
@ -920,99 +931,3 @@ Once the `/traefik/alias` key is updated, the new `/traefik_configurations/2` co
Note that Træfɪk *will not watch for key changes in the `/traefik_configurations` prefix*. It will only watch for changes in the `/traefik` prefix. Further, if the `/traefik/alias` key is set, all other sibling keys with the `/traefik` prefix are ignored.
# Examples
## HTTP only
defaultEntryPoints = ["http"]
address = ":80"
## HTTP + HTTPS (with SNI)
defaultEntryPoints = ["http", "https"]
address = ":80"
address = ":443"
CertFile = "integration/fixtures/https/snitest.com.cert"
KeyFile = "integration/fixtures/https/snitest.com.key"
CertFile = "integration/fixtures/https/snitest.org.cert"
KeyFile = "integration/fixtures/https/snitest.org.key"
## HTTP redirect on HTTPS
defaultEntryPoints = ["http", "https"]
address = ":80"
entryPoint = "https"
address = ":443"
certFile = "tests/traefik.crt"
keyFile = "tests/traefik.key"
## Let's Encrypt support
address = ":443"
# certs used as default certs
certFile = "tests/traefik.crt"
keyFile = "tests/traefik.key"
email = "test@traefik.io"
storageFile = "acme.json"
onDemand = true
caServer = ""
entryPoint = "https"
main = "local1.com"
sans = ["test1.local1.com", "test2.local1.com"]
main = "local2.com"
sans = ["test1.local2.com", "test2x.local2.com"]
main = "local3.com"
main = "local4.com"
## Override entrypoints in frontends
backend = "backend2"
rule = "Host:test.localhost"
backend = "backend1"
passHostHeader = true
entrypoints = ["https"] # overrides defaultEntryPoints
rule = "Host:{subdomain:[a-z]+}.localhost"
entrypoints = ["http", "https"] # overrides defaultEntryPoints
backend = "backend2"
rule = "Path:/test"

View File

@ -0,0 +1,98 @@
# Examples
You will find here some configuration examples of Træfɪk.
## HTTP only
defaultEntryPoints = ["http"]
address = ":80"
## HTTP + HTTPS (with SNI)
defaultEntryPoints = ["http", "https"]
address = ":80"
address = ":443"
CertFile = "integration/fixtures/https/snitest.com.cert"
KeyFile = "integration/fixtures/https/snitest.com.key"
CertFile = "integration/fixtures/https/snitest.org.cert"
KeyFile = "integration/fixtures/https/snitest.org.key"
## HTTP redirect on HTTPS
defaultEntryPoints = ["http", "https"]
address = ":80"
entryPoint = "https"
address = ":443"
certFile = "tests/traefik.crt"
keyFile = "tests/traefik.key"
## Let's Encrypt support
address = ":443"
# certs used as default certs
certFile = "tests/traefik.crt"
keyFile = "tests/traefik.key"
email = "test@traefik.io"
storageFile = "acme.json"
onDemand = true
caServer = ""
entryPoint = "https"
main = "local1.com"
sans = ["test1.local1.com", "test2.local1.com"]
main = "local2.com"
sans = ["test1.local2.com", "test2x.local2.com"]
main = "local3.com"
main = "local4.com"
## Override entrypoints in frontends
backend = "backend2"
rule = "Host:test.localhost"
backend = "backend1"
passHostHeader = true
entrypoints = ["https"] # overrides defaultEntryPoints
rule = "Host:{subdomain:[a-z]+}.localhost"
entrypoints = ["http", "https"] # overrides defaultEntryPoints
backend = "backend2"
rule = "Path:/test"

docs/user-guide/swarm.md Normal file
View File

@ -0,0 +1,170 @@
# Swarm cluster
This section explains how to create a multi-host [swarm](https://docs.docker.com/swarm) cluster using [docker-machine](https://docs.docker.com/machine/) and how to deploy Træfɪk on it.
The cluster will be made of:
- 2 servers
- 1 swarm master
- 2 swarm nodes
- 1 [overlay](https://docs.docker.com/engine/userguide/networking/dockernetworks/#an-overlay-network) network (multi-host networking)
## Prerequisites
1. You will need to install [docker-machine](https://docs.docker.com/machine/)
2. You will need the latest [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
## Cluster provisioning
We will first follow [this guide](https://docs.docker.com/engine/userguide/networking/get-started-overlay/) to create the cluster.
### Create machine `mh-keystore`
This machine will be the service registry of our cluster.
docker-machine create -d virtualbox mh-keystore
Then we install the service registry [Consul](https://consul.io) on this machine:
eval "$(docker-machine env mh-keystore)"
docker run -d \
-p "8500:8500" \
-h "consul" \
progrium/consul -server -bootstrap
### Create machine `mhs-demo0`
This machine will have a swarm master and a swarm agent on it.
docker-machine create -d virtualbox \
--swarm --swarm-master \
--swarm-discovery="consul://$(docker-machine ip mh-keystore):8500" \
--engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \
--engine-opt="cluster-advertise=eth1:2376" \
### Create machine `mhs-demo1`
This machine will have a swarm agent on it.
docker-machine create -d virtualbox \
--swarm \
--swarm-discovery="consul://$(docker-machine ip mh-keystore):8500" \
--engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \
--engine-opt="cluster-advertise=eth1:2376" \
### Create the overlay Network
Create the overlay network on the swarm master:
eval $(docker-machine env --swarm mhs-demo0)
docker network create --driver overlay --subnet= my-net
## Deploy Træfɪk
Deploy Træfɪk:
docker $(docker-machine config mhs-demo0) run \
-d \
-p 80:80 -p 8080:8080 \
--net=my-net \
-v /var/lib/boot2docker/:/ssl \
traefik \
-l DEBUG \
-c /dev/null \
--docker \
--docker.domain traefik \
--docker.endpoint tcp://$(docker-machine ip mhs-demo0):3376 \
--docker.tls \
--docker.tls.ca /ssl/ca.pem \
--docker.tls.cert /ssl/server.pem \
--docker.tls.key /ssl/server-key.pem \
--docker.tls.insecureSkipVerify \
--docker.watch \
Let's explain this command:
- `-p 80:80 -p 8080:8080`: we bind ports 80 and 8080
- `--net=my-net`: run the container on the network my-net
- `-v /var/lib/boot2docker/:/ssl`: mount the ssl keys generated by docker-machine
- `-c /dev/null`: empty config file
- `--docker`: enable docker backend
- `--docker.endpoint tcp://`: connect to the swarm master using the docker_gwbridge network
- `--docker.tls`: enable TLS using the docker-machine keys
- `--web`: activate the webUI on port 8080
## Deploy your apps
We can now deploy our app on the cluster, here [whoami](https://github.com/emilevauge/whoami), a simple web server in GO, on the network `my-net`:
eval $(docker-machine env --swarm mhs-demo0)
docker run -d --name=whoami0 --net=my-net --env="constraint:node==mhs-demo0" emilevauge/whoami
docker run -d --name=whoami1 --net=my-net --env="constraint:node==mhs-demo1" emilevauge/whoami
Check that everything is started:
docker ps
ba2c21488299 emilevauge/whoami "/whoamI" 8 seconds ago Up 9 seconds 80/tcp mhs-demo1/whoami1
8147a7746e7a emilevauge/whoami "/whoamI" 19 seconds ago Up 20 seconds 80/tcp mhs-demo0/whoami0
8fbc39271b4c traefik "/traefik -l DEBUG -c" 36 seconds ago Up 37 seconds>80/tcp,>8080/tcp mhs-demo0/serene_bhabha
## Access to your apps through Træfɪk
curl -H Host:whoami0.traefik http://$(docker-machine ip mhs-demo0)
Hostname: 8147a7746e7a
IP: ::1
IP: fe80::42:aff:fe00:903
IP: fe80::42:acff:fe12:3
GET / HTTP/1.1
User-Agent: curl/7.35.0
Accept: */*
Accept-Encoding: gzip
X-Forwarded-Proto: http
X-Forwarded-Server: 8fbc39271b4c
curl -H Host:whoami1.traefik http://$(docker-machine ip mhs-demo0)
Hostname: ba2c21488299
IP: ::1
IP: fe80::42:aff:fe00:904
IP: fe80::42:acff:fe12:2
GET / HTTP/1.1
User-Agent: curl/7.35.0
Accept: */*
Accept-Encoding: gzip
X-Forwarded-Proto: http
X-Forwarded-Server: 8fbc39271b4c

View File

@ -46,4 +46,7 @@ pages:
- Getting Started: index.md
- Basics: basics.md
- traefik.toml: toml.md
- User Guide:
- 'Configuration examples': 'user-guide/examples.md'
- 'Swarm cluster': 'user-guide/swarm.md'
- Benchmarks: benchmarks.md