We are using traefik in docker swarm mode. Our goal is now to restrict service access from several networks.
We have 3 master nodes, on which
keepalived service is running to provide a HAProxy for the solution. The cluster is so reachable over a Virtual IP adress which is redirected to a master node via VRRP. We would like to create more virtual IPs, and bind it to specific entrypoints in traefik. The services then are defining over which enrtypoint are they accessable. The idea is that the access from separate DMZ will be controlled and restricted in a firewall before the cluster (before the HAProxy), where the access to the specific Virtual IPs are set.
We tried to bind IP adresses directly to entrypoints in the toml file, but traefik sais that those external IP adresses are not reachable / bindable.
Our question would be: How to bind external IP adresses to traefik entrypoints hosted in a swarm cluster, so that the services can be restricted and bound to these IPs / entrypoints.
Thank you in advance