Add guide for Docker, Traefik & Letsencrypt #1923
Conversation
ldez
added
area/documentation
kind/enhancement
|
@mvdstam Thanks! Could fix the build?
|
|
@ldez Done! |
| In this use case, we want to use Traefik as a *layer-7* load balancer with SSL termination for a set of microservices used to run a webapplication. We also want to automatically *discover any services* on the Docker host and let Traefik reconfigure itself automatically when containers get created (or shut down) so HTTP traffic can be routed accordingly. In addition, we want to use Let's Encrypt to automatically generate and renew SSL certificates per hostname. | ||
|
|
||
| ## Setting up | ||
| In order for this to work, you'll need a server with a public IP address, with Docker installed on it. In this example, we're using the fictitious domain *my-awesome-app.org". In real-life, you'll want to use your own domain and have the DNS configured accordingly so the hostname records you'll want to use point to the aforementioned public IP address. |
There was a problem hiding this comment.
The character " has to be replaced by a character * to terminate the italic section.
|
|
||
| ```sh | ||
| $ touch /opt/traefik/docker-compose.yml | ||
| $ touch /opt/traefik/acme.json |
There was a problem hiding this comment.
The acme.json file must only be accessed in read/wrie by the owner that why it should be better to set these commands :
touch /opt/traefik/acme.json && chmod 600 /opt/traefik/acme.json
| - Log `ERROR`-level messages (or more severe) to the console, but silence `DEBUG`-level messagse | ||
| - Check for new versions of Traefik periodically | ||
| - Create two entrypoints, namely an `HTTP` endpoint on port `80`, and an `HTTPS` endpoint on port `443` where all incoming traffic on port `80` will immediately get redirected to `HTTPS`. | ||
| - Enable the Docker configuration backend and listen for container events on the Docker unix socket we've mounted earlier. However, **new containers will not be exposed by Traefik by default, we'll get into this in a bit!* |
There was a problem hiding this comment.
A * character is missing at the end of the line to terminate the bold section.
|
@nmengin I've updated the PR with your requested changes. The remark you made regarding the |
|
@mvdstam It was just a suggestion. Of course, for a user guide, the type of restart policy is not really important. I should say |
traefiker
added
status/4-merge-in-progress
bot/need-human-merge
and removed
status/4-merge-in-progress
labels
traefiker
added
status/4-merge-in-progress
bot/need-human-merge
and removed
status/4-merge-in-progress
labels
|
@mvdstam could you authorize us to modify your PR (rebase)? |
ldez
added
contributor/waiting-for-corrections
and removed
status/4-merge-in-progress
labels
|
@ldez Done! |
As requested by @idez in #1922. I hope to contribute more in the future regarding documenting Traefik. 👍