Trying dynamic configurations for traefik

JeetDetroja · March 11, 2024, 7:31am

I am trying to set up the dynamic configurations for the traefik with docker compose file, but I am not able to figure out that where i am doing wrong.

//docker-compose.yaml
version: "3.8"

services:
  reverse-proxy:
    image: traefik:v2.10
    command: 
      - "--configfile=/etc/traefik/traefik.yml"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    environment:
      - "CF_API_EMAIL=my@email.com"
      - "CF_DNS_API_TOKEN=xxxxxx"
      - "CF_ZONE_API_TOKEN=xxxxxx"
      - "CF_API_KEY=xxxxxx"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "./traefik.yml:/etc/traefik/traefik.yml:ro"
      - "./dynamic.yml:/etc/traefik/dynamic.yml:ro"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    networks:
      - traefik-network
  bll:
    container_name: "bll"
    build:
      context: ./
      dockerfile: Dockerfile.business-logic
    develop:
      watch:
        - action: rebuild
        - path: .env
    networks:
      - traefik-network

networks:
  traefik-network:
    driver: bridge

//Traefik.yml

api:
  insecure: true
  dashboard: true

providers:
  docker:
    watch: true
    exposedByDefault: false
  file:
    filename: /etc/traefik/dynamic.yml
    watch: true

log:
  level: INFO
  format: common

entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

certificatesResolvers:
  myresolver:
    acme:
      email: my@email.com
      storage: /letsencrypt/acme.json
      dnsChallenge:
        provider: cloudflare

//dynamic.yml

http:
  routers:
    bll:
      entrypoints:
        - "websecure"
      rule: "Host(`my.domain.com`)"
      tls: 
        certResolver: myresolver
      service: bll
  services:
    bll:
      loadBalancer:
        servers:
        - url: "http://192.168.112.2:4000"

bluepuma77 · March 11, 2024, 9:26am

When using containers, you would usually use labels on the target service for Traefik Docker Configuration Discovery.

You can use manual dynamic config files, but the container IPs will always change upon update and re-create.

Check simple Traefik example.

JeetDetroja · March 11, 2024, 9:34am

I want just router configurations in separate files, because I want to make this thing dynamic,

      rule: "Host(`my.domain.com`)"

letter on i will implement logic that can modify the dynamic.yml file and Traefik will detect live changes in that file in real time.

for that I am making separate files, can you help me to achieve this.!!

JeetDetroja · March 11, 2024, 9:49am

btw, I was using only docker compose first then I make separate files for the configurations in there in the labels field I was using this line to reach out my bll service:

    labels:
      - "traefik.http.services.bll.loadbalancer.server.port=4000"

Did I configure wrong url in my dynamic.yml file,

bluepuma77 · March 11, 2024, 10:03am

What do you want to achieve?

Currently you have Traefik and target service in the same Docker compose file. For that situation you probably should use providers.docker and labels - the target IP of the target container is set automatically in that case.

If you instead want to create manual routers and services, you can do that, too. Use providers.file with watch to reload dynamic config file after change.

In both cases you should define a rule with Host() to match.

JeetDetroja · March 11, 2024, 12:37pm

so I am going with the second option!!

I will have 3 files, 1.docker-compose, 2.traefik.yml, 3.dynamic.yml.

I want traefik to detect changes in dynamic.yml file and apply those changes in real time.

for that I am trying some thing like this.

// provider in traefik.yml
providers:
  docker:
    watch: true
    exposedByDefault: false
  file:
    filename: /etc/traefik/dynamic.yml
    watch: true

it was not working and don't know why, if you can help then it would be great.

also tried with the docker compose watch option

//in docker-compose file
    develop:
      watch:
        - action: sync
        - path: ./dynamic.yml

I simply want traefik to read live changes from dynamic.yml.

bluepuma77 · March 11, 2024, 2:49pm

Check with a touch on the dynamic file inside the Traefik container if an update is recognized.

In the general Docker forum I have seen complaints that some file changes are not recognized inside a container. Not sure if a solution was to only share single file or full directory.

crism · March 11, 2024, 4:21pm

Hello,

Having this issue in traefik 2.11.
I'm having exactly the same issue running docker swarm and deploying traefik via Portainer. According to the documentation, it is suggested to use directory instead of the filename property. Any feedback is appreciated.

Just to overcome the issue I manually update the services through Portainer.

This is how my config is:

traefik.yml

providers:
  file:
    directory: /etc/traefik/dynamic
    watch: true

docker-compose.yml

services:
  traefik:
    volumes:
      - /opt/traefik/repo1:/etc/traefik/dynamic
      - /opt/traefik/repo1/traefik.yml:/etc/traefik/traefik.yml:ro
    deploy:
      replicas: 2
      restart_policy:
        condition: any
      update_config:
        parallelism: 1
        delay: 10s
        failure_action: pause
        monitor: 10s
        max_failure_ratio: 0.3
        order: start-first

bluepuma77 · March 11, 2024, 6:31pm

You are sure to update the dynamic config file (like "touch it"), and not just update the referenced TLS cert files?

JeetDetroja · March 12, 2024, 4:56am

yes, changes are getting reflected inside the traefik container, that's the confusing part.

even after that, it is not working as expected.

JeetDetroja · March 12, 2024, 5:41am

btw I tried with both the option, I put only file as well as whole directory on watch, also that changes are getting reflected inside the traefik container. but it will work based on the older configurations not the new one.

is there any reload or any other options that can reload the traefik and make it work according to new changes.!!?

JeetDetroja · March 12, 2024, 6:01am

I resolve the issue by passing whole directory instead of passing particular file in watch.

//docker-compose
    volumes:
      - "./config:/etc/traefik/config:ro"

//traefik.yml
providers:
  file:
    directory: /etc/traefik/config
    watch: true

and my dynamic.yml file is inside the config directory.

Th3Kapa · March 14, 2024, 5:09pm

Well I have a similar problem.
On my end if I go inside the container and change the dynamic config file, traefik will update, but if I try editing the file on the host, in my case its windows server, the file will be updated inside the container but traefik won't recognize this change.

bluepuma77 · March 14, 2024, 5:28pm

As far as I remember Windows can be tricky with watch, so maybe it doesn’t work at all.

system · March 17, 2024, 5:28pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Traefik v2.6 - dynamic configuration Traefik v2 (latest) docker , letsencrypt-acme , cli	4	1694	March 19, 2022
Cannot start the provider *file Traefik v2 (latest) docker-swarm	1	10238	September 30, 2019
Traefik v2 404 page not found for docker compose service Traefik v2 (latest) docker	8	281	November 24, 2023
Noob - Authelia/Traefik sample works, can't get dynamic file provider to work Traefik v2 (latest) docker , file	10	413	November 21, 2023
Traefik config not working Traefik v2 (latest) file	10	1356	June 29, 2023

Trying dynamic configurations for traefik

traefik.yml

docker-compose.yml

Related Topics