Docker Traefik Event Forwarder
- Free software: BSD license
- Documentation: https://docker-traefik-prism.readthedocs.io.
- Pulls config from one Traefik instance to another to avoid exposing orchestrators (mainly Docker socket) in internet facing containers
Configured via env variables;
- Pulls config from /api on endpoint defined in SRC_TRAEFIK
- Extracts backend config from a comma-separated list of providers in PROVIDERS
- Pushes config based on DEST_TRAEFIK TO /api/providers/rest
To integrate, extend the 'config generator' pattern seen in https://docs.traefik.io/user-guide/cluster-docker-consul/;
- create a treafik container with the REST provider enabled (--rest), but not bound to docker socket (this will become your frontend)
- another which is (which the only purpose is to generate config based on orchestrator events).
Example Compose;
version: "3.6" services: traefik_dockerinit: image: traefik:1.6 command: - "storeconfig" - "--loglevel=debug" - "--api" - "--entrypoints=Name:http Address::80 Redirect.EntryPoint:https" - "--entrypoints=Name:https Address::443 TLS TLS.SniStrict:true TLS.MinVersion:VersionTLS12" - "--defaultentrypoints=http,https" - "--acme" - "--acme.storage=traefik/acme/account" - "--acme.entryPoint=https" - "--acme.httpChallenge.entryPoint=http" - "--acme.onHostRule=true" - "--acme.onDemand=false" - "[email protected]" - "--docker" - "--docker.swarmMode" - "--docker.domain=test.example.com" - "--docker.watch" - "--consul" - "--consul.endpoint=consul:8500" - "--consul.prefix=traefikdocker" - "--rest" networks: - traefik deploy: restart_policy: condition: on-failure depends_on: - consul traefik_init: image: traefik:1.6 command: - "storeconfig" - "--loglevel=debug" - "--api" - "--entrypoints=Name:http Address::80 Redirect.EntryPoint:https" - "--entrypoints=Name:https Address::443 TLS TLS.SniStrict:true TLS.MinVersion:VersionTLS12" - "--defaultentrypoints=http,https" - "--acme" - "--acme.storage=traefik/acme/account" - "--acme.entryPoint=https" - "--acme.httpChallenge.entryPoint=http" - "--acme.onHostRule=true" - "--acme.onDemand=false" - "[email protected] - "--consul" - "--consul.endpoint=consul:8500" - "--consul.prefix=traefik" - "--rest" networks: - traefik deploy: restart_policy: condition: on-failure depends_on: - consul traefikgen: image: traefik:1.6 depends_on: - traefik_dockerinit - consul command: - "--consul" - "--consul.endpoint=consul:8500" - "--consul.prefix=traefikdocker" volumes: - /var/run/docker.sock:/var/run/docker.sock networks: - traefik deploy: restart_policy: condition: on-failure traefik: image: traefik:1.6 depends_on: - traefik_init - consul command: - "--consul" - "--consul.endpoint=consul:8500" - "--consul.prefix=traefik" networks: - traefik ports: - target: 80 published: 80 mode: host - target: 443 published: 443 mode: host - target: 8080 published: 8080 mode: host deploy: mode: global placement: constraints: - node.role == manager update_config: parallelism: 1 delay: 10s restart_policy: condition: on-failure consul: image: consul command: agent -server -bootstrap-expect=1 -ui volumes: - consul-data:/consul/data environment: - CONSUL_LOCAL_CONFIG={"datacenter":"us_east2","server":true} - CONSUL_BIND_INTERFACE=eth0 - CONSUL_CLIENT_INTERFACE=eth0 ports: - target: 8500 published: 8539 mode: host deploy: replicas: 1 placement: constraints: - node.role == manager restart_policy: condition: on-failure networks: - traefik traefik_config_prism: image: tomwerneruk/traefik-prism:latest environment: - PYTHONUNBUFFERED=1 - BACKENDS=docker - SRC_TRAEFIK=http://traefikgen:8080/ - DEST_TRAEFIK=http://traefik:8080/ volumes: - /var/run/docker.sock:/var/run/docker.sock networks: - traefik networks: traefik: driver: overlay volumes: consul-data: driver: local
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.