I’m migrating my server to a new server and wanna try something new. I’ve been using nginx to reverse proxy my stuff and I recently heard about traefik being able to read labels off docker containers. I’ve been googling around but I can’t for the life of me figure out how to get the access to the dashboard without having insecure mode on.

  • Kangie@lemmy.srcfiles.zip
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 years ago

    With labels you just update the service definition by redeploying the stack; the dynamic file provider adds nothing in most circumstances.

    You certainly don’t need to take down your container except to change things that are part of the Traefik static configuration.

    • NewDataEngineer@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      by redeploying the stack

      That’s the point. With dynamic files you can add new Middleware or even route already exposed ports all on the fly. You’re telling me you can change a docker label and keep your service running with 0 downtime?

      If you’ve figured that out please share a link because my experience has been otherwise.

      • Kangie@lemmy.srcfiles.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        2 years ago

        Close enough to 0 downtime that it doesn’t matter.

        1. Deploy updated stack file to existing stack
        2. existing services are updated
        3. Traefik polls the docker socket and notices updated labels
        4. ???
        5. Profit!

        Seriously, you shouldn’t need to put anything (outside of rules that you want to re-use [e.g. http->https middleware]) in the traefik dynamic configuration because each container/service in a docker stack will bring with it its own configuration. Your only ‘dead time’ is how long it takes Traefik to pick up the new dynamic configuration via either the docker or swarm providers, which is configurable but I’ve never had to touch because, even on production systems, it’s been fine.