Traefik #

Traefik is a modern, dynamic, and feature-rich reverse proxy and load balancer designed to handle containerized applications. It simplifies the process of managing and routing incoming network traffic to various services running in containers. Traefik supports multiple backends, including Docker, Kubernetes, and more, making it a versatile choice for a wide range of environments.

In this section, we’ll explore how Traefik can help manage multiple applications running on the same instance and how to use its monitoring features with the Traefik dashboard. We’ll continue using our LAMP stack as an example.

Using Traefik as a Reverse Proxy #

A common scenario when running multiple applications on a single instance is that you need to route incoming traffic to the correct container based on the requested domain or path. Traefik can automatically discover and configure these routes for you, based on container labels.

First, we need to add Traefik as a service in our docker-compose.yml file:

services:
  ...
  traefik:
    image: traefik:v2.9
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.dashboard.rule=Host(`traefik.example.com`)"
      - "traefik.http.routers.dashboard.service=api@internal"
    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--api.insecure=true"
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

This configuration sets up Traefik to listen on port 80 and use Docker as its provider. It also disables exposing services by default, so we’ll need to add labels to the containers we want to be managed by Traefik.

The labels configure a new route for the dashboard, accessible at traefik.example.com.

Now, let’s update our web service to include the necessary labels:

services:
  web:
    image: php:8.1-apache
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.web.rule=Host(`example.com`)"
      - "traefik.http.routers.web.entrypoints=web"
    ...

  phpmyadmin:
    image: phpmyadmin/phpmyadmin
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.phpmyadmin.rule=Host(`pma.example.com`)"
      - "traefik.http.routers.phpmyadmin.entrypoints=web"
    ...

These labels tell Traefik to enable routing for the web service and to route traffic with the host example.com to this container.

Make sure to replace all example.com placeholders with your actual domain and to create records for subdomains, if needed, then run docker-compose up -d again.

Monitoring with the Traefik Dashboard #

Traefik includes a built-in dashboard for monitoring your services and the state of the reverse proxy. In the traefik service configuration, we already enabled the dashboard by setting --api.insecure=true.

To access the dashboard, navigate to the assigned host address in your browser. You’ll see an overview of your services, routers, and middlewares managed by Traefik.

For a production environment, you should secure the dashboard using authentication and HTTPS. You can find more information on securing the Traefik dashboard in the official documentation.

By using Traefik as a reverse proxy and load balancer, you can simplify the process of managing multiple containerized applications running on a single instance. Its dynamic configuration and automatic service discovery make it easy to route incoming traffic to the appropriate container based on domain or path. Additionally, the built-in Traefik dashboard provides a convenient way to monitor your services and the state of your reverse proxy.