How to install and use Traefik as a reverse proxy via Docker on CentOS 8

How to install and use Traefik as a reverse proxy via Docker on CentOS 8

Traefik is an open source HTTP reverse proxy and load balancer that can help you easily deploy microservices. You can easily integrate it with infrastructure components, including Docker, Kubernetes, Docker Swarm, Rancher, AWS, etc. If you want to run multiple applications on the same Docker host, you can use Traefik as a reverse proxy to expose ports 80 and 443 to the rest of the world.

In this tutorial, we will show you how to install and configure Traefik as a reverse proxy on CentOS 8.

prerequisites

  • Server running CentOS 8.
  • A valid domain name pointing to the server IP.
  • The root password is configured for the server.

Install Docker and Docker Compose

First, you need to install the latest version of Docker and Docker Compose in your system. By default, Docker is not available in the CentOS 8 default repository. Therefore, you will need to add the Docker CE repository to the system. You can add it with the following command:

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

After creating the repository, install Docker CE using the following command:

dnf install docker-ce --nobest -y

After installing Docker, please start the Docker service and use the following command to start it when the system restarts:

systemctl start dockersystemctl enable docker

In order to install Docker Compose, you will need to install Curl and download the Docker Compose binary in your system. You can use the following commands to do so:

dnf install curlcurl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-composechmod +x /usr/local/bin/docker-compose

Create Docker network

Next, you will need to create a new Docker network to run traefik containers. You can create it with the name “web” by running the following command:

docker network create web

Next, verify your network using the following command:

docker network ls

You should get the following output:

NETWORK ID          NAME                DRIVER              SCOPE
76a9475e5ab0        bridge              bridge              local
2a3d79f64747        host                host                local
4c9123229eaa        none                null                local
0b6e010b43d0        web                 bridge              local

Install and configure Traefik agent

Before starting, you will need to install httpd-tools to generate encrypted passwords. You can install this tool with the following command:

dnf install httpd-tools -y

After installation, use the following command to generate an encrypted password:

htpasswd -nb admin my_password

You should get the following output:

admin:$apr1$wpdR.4yZ$UpbjGS7ZFq4pZHalhH1Tl0

Next, create a new Traefik configuration file using the following command:

nano traefik.toml

Add the following line, including your valid domain name, secure password and port:

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.dashboard]
    address = ":8080"
    [entryPoints.dashboard.auth]
      [entryPoints.dashboard.auth.basic]
        users = ["admin:$apr1$wpdR.4yZ$UpbjGS7ZFq4pZHalhH1Tl0"]
  [entryPoints.http]
    address = ":80"
      [entryPoints.http.redirect]
        entryPoint = "https"
  [entryPoints.https]
    address = ":443"
      [entryPoints.https.tls]

[api]
entrypoint="dashboard"

[acme]
email = "[email protected]"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
  [acme.httpChallenge]
  entryPoint = "http"

[docker]
domain = "traefik.linuxbuz.com"
watch = true
network = "web"

When finished, save and close the file. Then, create an empty file to store your “encrypted” information.

touch acme.json

Next, use the following command to grant appropriate permissions to the file:

chmod 600 acme.json

Create a Docker Compose file

Next, you will need to create a new docker-compose.yml file and define your domain, port, network, and volume.

You can create it with the following command:

nano docker-compose.yml

Add the following line:

version: '3'

services:

  traefik:
    image: traefik:1.7.21-alpine
    command: --docker --docker.domain=linuxbuz.com
    ports:
      - 80:80
      - 443:443
    networks:
      - web
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik.toml:/traefik.toml
      - ./acme.json:/acme.json
    labels:
      - "traefik.frontend.rule=Host:traefik.linuxbuz.com"
      - "traefik.port=8080"
    container_name: traefik
    restart: always

networks:
   web:
    external: true

Save and close the file when you are done.

Build Traefik Docker container

At this point, the Traefik and Docker Compose configuration files are ready. Now, use the following command to build the Traefik container:

docker-compose up -d

You should get the following output:

Unable to find image 'traefik:1.7.21-alpine' locally
1.7.21-alpine: Pulling from library/traefik
c9b1b535fdd9: Pull complete 
c141e361698e: Pull complete 
2573c02b6f16: Pull complete 
1619fb3841d1: Pull complete 
Digest: sha256:0e4ac8ae724603898620dbd5eb9cda7ec05f405d25476eb0d32b716b490ba079
Status: Downloaded newer image for traefik:1.7.21-alpine
27e735357bb3b7d2d253ff78ddf6e78896851420eff399e8ade23affc7ff0bf7

Next, use the following command to verify the running container:

docker ps

You should get the following output:

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                                      NAMES
7604696507a5        traefik:1.7.21-alpine   "/entrypoint.sh --do…"   6 seconds ago       Up 4 seconds        0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   traefik

Access Traefik web interface

Now, open your web browser and use the URL https://traefik.linuxbuz.com to access the Traefik web interface. The system will ask you to provide your username and password:

Provide your previously generated username as admin and password, and click Sign in Button. You should see the Traefik dashboard in the following screen:

Traefik dashboard

Click on health label. You should see the health of the Traefik container on the following screen:

Traefik traffic statistics

in conclusion

Congratulations! You have successfully installed Traefik agent on CentOS 8. For more information, please visit Traefik. document.

Sidebar