How to install and use Traefik as a reverse proxy via Docker on CentOS 8
How to install and use Traefik as a reverse proxy via Docker on CentOS 8
Traefik is an open source HTTP reverse proxy and load balancer that can help you easily deploy microservices. You can easily integrate it with infrastructure components, including Docker, Kubernetes, Docker Swarm, Rancher, AWS, etc. If you want to run multiple applications on the same Docker host, you can use Traefik as a reverse proxy to expose ports 80 and 443 to the rest of the world.
In this tutorial, we will show you how to install and configure Traefik as a reverse proxy on CentOS 8.
prerequisites
- Server running CentOS 8.
- A valid domain name pointing to the server IP.
- The root password is configured for the server.
Install Docker and Docker Compose
First, you need to install the latest version of Docker and Docker Compose in your system. By default, Docker is not available in the CentOS 8 default repository. Therefore, you will need to add the Docker CE repository to the system. You can add it with the following command:
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
After creating the repository, install Docker CE using the following command:
dnf install docker-ce --nobest -y
After installing Docker, please start the Docker service and use the following command to start it when the system restarts:
systemctl start dockersystemctl enable docker
In order to install Docker Compose, you will need to install Curl and download the Docker Compose binary in your system. You can use the following commands to do so:
dnf install curlcurl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-composechmod +x /usr/local/bin/docker-compose
Create Docker network
Next, you will need to create a new Docker network to run traefik containers. You can create it with the name “web” by running the following command:
docker network create web
Next, verify your network using the following command:
docker network ls
You should get the following output:
NETWORK ID NAME DRIVER SCOPE 76a9475e5ab0 bridge bridge local 2a3d79f64747 host host local 4c9123229eaa none null local 0b6e010b43d0 web bridge local
Install and configure Traefik agent
Before starting, you will need to install httpd-tools to generate encrypted passwords. You can install this tool with the following command:
dnf install httpd-tools -y
After installation, use the following command to generate an encrypted password:
htpasswd -nb admin my_password
You should get the following output:
admin:$apr1$wpdR.4yZ$UpbjGS7ZFq4pZHalhH1Tl0
Next, create a new Traefik configuration file using the following command:
nano traefik.toml
Add the following line, including your valid domain name, secure password and port:
defaultEntryPoints = ["http", "https"] [entryPoints] [entryPoints.dashboard] address = ":8080" [entryPoints.dashboard.auth] [entryPoints.dashboard.auth.basic] users = ["admin:$apr1$wpdR.4yZ$UpbjGS7ZFq4pZHalhH1Tl0"] [entryPoints.http] address = ":80" [entryPoints.http.redirect] entryPoint = "https" [entryPoints.https] address = ":443" [entryPoints.https.tls] [api] entrypoint="dashboard" [acme] email = "[email protected]" storage = "acme.json" entryPoint = "https" onHostRule = true [acme.httpChallenge] entryPoint = "http" [docker] domain = "traefik.linuxbuz.com" watch = true network = "web"
When finished, save and close the file. Then, create an empty file to store your “encrypted” information.
touch acme.json
Next, use the following command to grant appropriate permissions to the file:
chmod 600 acme.json
Create a Docker Compose file
Next, you will need to create a new docker-compose.yml file and define your domain, port, network, and volume.
You can create it with the following command:
nano docker-compose.yml
Add the following line:
version: '3' services: traefik: image: traefik:1.7.21-alpine command: --docker --docker.domain=linuxbuz.com ports: - 80:80 - 443:443 networks: - web volumes: - /var/run/docker.sock:/var/run/docker.sock - ./traefik.toml:/traefik.toml - ./acme.json:/acme.json labels: - "traefik.frontend.rule=Host:traefik.linuxbuz.com" - "traefik.port=8080" container_name: traefik restart: always networks: web: external: true
Save and close the file when you are done.
Build Traefik Docker container
At this point, the Traefik and Docker Compose configuration files are ready. Now, use the following command to build the Traefik container:
docker-compose up -d
You should get the following output:
Unable to find image 'traefik:1.7.21-alpine' locally 1.7.21-alpine: Pulling from library/traefik c9b1b535fdd9: Pull complete c141e361698e: Pull complete 2573c02b6f16: Pull complete 1619fb3841d1: Pull complete Digest: sha256:0e4ac8ae724603898620dbd5eb9cda7ec05f405d25476eb0d32b716b490ba079 Status: Downloaded newer image for traefik:1.7.21-alpine 27e735357bb3b7d2d253ff78ddf6e78896851420eff399e8ade23affc7ff0bf7
Next, use the following command to verify the running container:
docker ps
You should get the following output:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7604696507a5 traefik:1.7.21-alpine "/entrypoint.sh --do…" 6 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp traefik
Access Traefik web interface
Now, open your web browser and use the URL https://traefik.linuxbuz.com to access the Traefik web interface. The system will ask you to provide your username and password:
Provide your previously generated username as admin and password, and click Sign in Button. You should see the Traefik dashboard in the following screen:
Click on health label. You should see the health of the Traefik container on the following screen:
in conclusion
Congratulations! You have successfully installed Traefik agent on CentOS 8. For more information, please visit Traefik. document.