Traefik v2 作为没有 docker 的反向代理
Traefik v2 as a reverse proxy without docker
我已经阅读了文档,但我无法弄清楚如何在不涉及 Docker 的情况下配置 Traefik v2 以取代 Nginx 作为网站(虚拟主机)的反向代理。理想情况下也会有 let'sencrypt https。
我在 http://127.0.0.1:4000 which I would like to reverse proxy to from http://myhost.com:80
有一项服务 运行
这是我到目前为止提出的配置:
[Global]
checkNewVersion = true
[log]
level = "DEBUG"
filePath = "log-file.log"
[accessLog]
filePath = "log-access.log"
bufferingSize = 100
[entrypoints]
[entrypoints.http]
address = ":80"
[http]
[http.routers]
[http.routers.my-router]
rule = "Host(`www.myhost.com`)"
service = "http"
entrypoint=["http"]
[http.services]
[http.services.http.loadbalancer]
[[http.services.http.loadbalancer.servers]]
url = "http://127.0.0.1:4000"
我想通了,
首先要注意的是,在 traefik v2 中有两种类型的配置,静态和动态。所以我创建了两个文件,traefik.toml 和 traefik-dynamic.toml.
traefik.toml的内容:
[log]
level = "DEBUG"
filePath = "log-file.log"
[accessLog]
filePath = "log-access.log"
bufferingSize = 100
[providers]
[providers.file]
filename = "traefik-dynamic.toml"
[api]
dashboard = true
debug = true
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web-secure]
address = ":443"
[entryPoints.dashboard]
address = ":8080"
[certificatesResolvers.sample.acme]
email = "myemail@example.com"
storage = "acme.json"
[certificatesResolvers.sample.acme.httpChallenge]
# used during the challenge
entryPoint = "web"
traefik-dynamic.toml:
[http]
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
[http.routers]
[http.routers.my-router]
rule = "Host(`www.example.com`)"
service = "phx"
entryPoints = ["web-secure"]
[http.routers.my-router.tls]
certResolver = "sample"
[http.services]
[http.services.phx.loadbalancer]
[[http.services.phx.loadbalancer.servers]]
url = "http://127.0.0.1:4000"
您还可以使用 Traefik v2 反向代理到本地主机上的服务 运行,而无需使用 Nginx,如此处所述,使用 File(而不是 Docker 提供者)为 Traefik。
首先,通过更新 /etc/hosts 将呼叫路由到 myhost.com 通过 localhost 像:
127.0.0.1 myhost.com
创建一个最小的 docker-compose.yml 比如:
version: "3.7"
services:
proxy:
image: traefik:2.0
command:
- "--providers.file.filename=/etc/traefik/proxy-config.toml"
- "--entrypoints.web.address=:80"
ports:
- "80:80"
volumes:
- ./proxy-config.toml:/etc/traefik/proxy-config.toml:ro
此 Compose 文件创建一个只读卷,其中包含根据请求代表 Nginx 的 Traefik 反向代理的动态配置。它使用 Traefik 的 File 提供程序而不是 Docker 和映射到端口 80 的空白 HTTP 地址作为入口点.这本身就是一个完整的 Compose 文件。除此之外,所有需要的是 Traefik 的反向代理配置。
在同一目录下配置Traefik反向代理proxy-config.toml:
[http.routers.test-streamrouter]
rule = "Host(`myhost.com`)"
service = "test-loadbalancer"
entryPoints = ["web"]
[[http.services.test-loadbalancer.loadBalancer.servers]]
url = "http://host.docker.internal:4000"
这是一个完整的示例反向代理。它可以通过中间件进行增强,以执行 URL 重写、更新域名甚至重定向用户(如果这是您的目标)。如 . And host.docker.internal is used to return the host's .
所示,使用单个负载均衡器
注意: 在撰写本文时,"host.docker.internal" 仅适用于 Docker 用于 Mac,并且将在 Linux 上失败。但是,您可以改用 Compose 服务名称(即 "proxy")。
完成此工作后,您可以设置 Let's Encrypt 内容或使用 TRAEFIK_PROVIDERS_FILE_FILENAME 环境变量在开发和生产配置之间交换。
你可以
- 在同一个桥接网络中使用容器名称而不是本地主机
- link没有@file后缀的中间件和服务
请注意,在yaml和toml文件中,需要注意lower-uppercase的属性。而在 docker 中是 loadbalancer,您需要在配置文件中写入 loadBalencer。
http:
middlewares:
docs:
stripPrefix:
prefixes:
- "/docs"
restapi:
stripPrefix:
prefixes:
- "/api/v1"
routers:
restapi:
rule: "PathPrefix(`/api/v1`)"
middlewares:
- "restapi"
service: "restapi"
entryPoints:
- http
docs:
rule: "PathPrefix(`/docs`)"
middlewares:
- "docs"
service: "docs"
entryPoints:
- http
client:
rule: "PathPrefix(`/`)"
service: "client"
entryPoints:
- http
help:
rule: "PathPrefix(`/server/sicon/help`)"
services:
restapi:
loadBalancer:
servers:
- url: "http://sicon_backend:1881"
docs:
loadBalancer:
servers:
- url: "http://sicon_backend:1882"
client:
loadBalancer:
servers:
- url: "http://sicon_client"
我已经阅读了文档,但我无法弄清楚如何在不涉及 Docker 的情况下配置 Traefik v2 以取代 Nginx 作为网站(虚拟主机)的反向代理。理想情况下也会有 let'sencrypt https。
我在 http://127.0.0.1:4000 which I would like to reverse proxy to from http://myhost.com:80
有一项服务 运行这是我到目前为止提出的配置:
[Global]
checkNewVersion = true
[log]
level = "DEBUG"
filePath = "log-file.log"
[accessLog]
filePath = "log-access.log"
bufferingSize = 100
[entrypoints]
[entrypoints.http]
address = ":80"
[http]
[http.routers]
[http.routers.my-router]
rule = "Host(`www.myhost.com`)"
service = "http"
entrypoint=["http"]
[http.services]
[http.services.http.loadbalancer]
[[http.services.http.loadbalancer.servers]]
url = "http://127.0.0.1:4000"
我想通了, 首先要注意的是,在 traefik v2 中有两种类型的配置,静态和动态。所以我创建了两个文件,traefik.toml 和 traefik-dynamic.toml.
traefik.toml的内容:
[log]
level = "DEBUG"
filePath = "log-file.log"
[accessLog]
filePath = "log-access.log"
bufferingSize = 100
[providers]
[providers.file]
filename = "traefik-dynamic.toml"
[api]
dashboard = true
debug = true
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web-secure]
address = ":443"
[entryPoints.dashboard]
address = ":8080"
[certificatesResolvers.sample.acme]
email = "myemail@example.com"
storage = "acme.json"
[certificatesResolvers.sample.acme.httpChallenge]
# used during the challenge
entryPoint = "web"
traefik-dynamic.toml:
[http]
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
[http.routers]
[http.routers.my-router]
rule = "Host(`www.example.com`)"
service = "phx"
entryPoints = ["web-secure"]
[http.routers.my-router.tls]
certResolver = "sample"
[http.services]
[http.services.phx.loadbalancer]
[[http.services.phx.loadbalancer.servers]]
url = "http://127.0.0.1:4000"
您还可以使用 Traefik v2 反向代理到本地主机上的服务 运行,而无需使用 Nginx,如此处所述,使用 File(而不是 Docker 提供者)为 Traefik。
首先,通过更新 /etc/hosts 将呼叫路由到 myhost.com 通过 localhost 像:
127.0.0.1 myhost.com
创建一个最小的 docker-compose.yml 比如:
version: "3.7"
services:
proxy:
image: traefik:2.0
command:
- "--providers.file.filename=/etc/traefik/proxy-config.toml"
- "--entrypoints.web.address=:80"
ports:
- "80:80"
volumes:
- ./proxy-config.toml:/etc/traefik/proxy-config.toml:ro
此 Compose 文件创建一个只读卷,其中包含根据请求代表 Nginx 的 Traefik 反向代理的动态配置。它使用 Traefik 的 File 提供程序而不是 Docker 和映射到端口 80 的空白 HTTP 地址作为入口点.这本身就是一个完整的 Compose 文件。除此之外,所有需要的是 Traefik 的反向代理配置。
在同一目录下配置Traefik反向代理proxy-config.toml:
[http.routers.test-streamrouter]
rule = "Host(`myhost.com`)"
service = "test-loadbalancer"
entryPoints = ["web"]
[[http.services.test-loadbalancer.loadBalancer.servers]]
url = "http://host.docker.internal:4000"
这是一个完整的示例反向代理。它可以通过中间件进行增强,以执行 URL 重写、更新域名甚至重定向用户(如果这是您的目标)。如 host.docker.internal is used to return the host's
注意: 在撰写本文时,"host.docker.internal" 仅适用于 Docker 用于 Mac,并且将在 Linux 上失败。但是,您可以改用 Compose 服务名称(即 "proxy")。
完成此工作后,您可以设置 Let's Encrypt 内容或使用 TRAEFIK_PROVIDERS_FILE_FILENAME 环境变量在开发和生产配置之间交换。
你可以
- 在同一个桥接网络中使用容器名称而不是本地主机
- link没有@file后缀的中间件和服务
请注意,在yaml和toml文件中,需要注意lower-uppercase的属性。而在 docker 中是 loadbalancer,您需要在配置文件中写入 loadBalencer。
http:
middlewares:
docs:
stripPrefix:
prefixes:
- "/docs"
restapi:
stripPrefix:
prefixes:
- "/api/v1"
routers:
restapi:
rule: "PathPrefix(`/api/v1`)"
middlewares:
- "restapi"
service: "restapi"
entryPoints:
- http
docs:
rule: "PathPrefix(`/docs`)"
middlewares:
- "docs"
service: "docs"
entryPoints:
- http
client:
rule: "PathPrefix(`/`)"
service: "client"
entryPoints:
- http
help:
rule: "PathPrefix(`/server/sicon/help`)"
services:
restapi:
loadBalancer:
servers:
- url: "http://sicon_backend:1881"
docs:
loadBalancer:
servers:
- url: "http://sicon_backend:1882"
client:
loadBalancer:
servers:
- url: "http://sicon_client"