Using Traefik with a Docker Backend to proxy to Jenkins

  • This is a simple configuration of Traefik that would only be used in a very niche case where the Traefik service and the Docker service were run on the same host.

  • Traefik will be started with a minimal configuration defining entrypoints and the docker backend.

  • Traefik frontends and backends will be configured from the values in Docker labels.

Traefik

Traefik and dynamic configurations

  • It is important to know that Traefik, by design, is intended to take its configuration from some dynamic source.

  • Traefik is intended to be a cloud-friendly proxy where the configuration of frontends and backends comes from a service provider like Docker.

  • Using Traefik means configuring entrypoints, the dashboard, and wiring Traefik up to the service provider.

  • It is possible to have manually configured frontend/backend rules within the configuration file, but in that scenario the config file becomes the service provider.

  • The configuration file as a service provider is not enabled by default and requires the [file] configuration command to enable it.

  • Just like placing [docker] enables the docker service provider, [file] enables the config file service provider for frontend/backend rules.

  • Without the [file] command in the example below, the [frontends] and [backends] configurations within the traefik.toml would be ignored completely.

[file]

[frontends]

  [frontends.jenkinsMaster]
    backend     = "jenkinsMaster"
    entrypoints = ["http80","http8080"]
    
    [frontends.jenkinsMaster.routes.jenkinsMaster]
      rule = "Host:10.10.30.30"

[backends]

  [backends.jenkinsMaster]
    [backends.jenkinsMaster.servers]
      [backends.jenkinsMaster.servers.jenkinsMaster]
        weight = 1
        url    = "http://172.17.0.3:8080"

Create Traefik configuration file

FILE: /etc/traefik.toml

debug              = true
logLevel           = "DEBUG"
defaultEntryPoints = ["http80"]


[entryPoints]
  [entryPoints.http80]
    address = ":80"

  [entryPoints.http8080]
    address = ":8080"

  [entryPoints.traefik]
    address = ":48080"

[api]
  dashboard  = true
  entryPoint = "traefik"

[ping]
  entryPoint = "traefik"

[metrics]
  entryPoint = "traefik"

[docker]
  endpoint    = "unix:///var/run/docker.sock"
  domain      = ""
  watch       = true
  constraints = ["tag==jenkins.gestalts.net"]

Start Traefik Docker Container

docker stop traefik ; docker rm traefik
docker run  -d \
            --name traefik \
            -p 443:443 \
            -p 48080:48080 \
            -p 8080:8080 \
            -p 80:80 \
            \
            -v /var/run/docker.sock:/var/run/docker.sock \
            -v /etc/traefik.toml:/etc/traefik/traefik.toml \
            traefik:latest

Start Jenkins

  • Defining the frontend and backend as Traefik tags in the docker container labels allows the Traefik configuration to be created dynamically based on what Docker containers are running.
  • The traefik.frontend.entryPoints tag is a comma separated list.
  • GOTCHA: Mind the camelCase on the traefik.frontend.entryPoints label.
    Having the entryPoints tag be lowercase instead of camelCased will cause the tag to be ignored.
mkdir /var/jenkins_home
chmod 0777 /var/jenkins_home
docker stop jenkins ; docker rm jenkins
docker run  -d \
            --name jenkins \
            \
            -l traefik.tags=jenkins.gestalts.net \
            -l traefik.port=8080 \
            -l traefik.enable=true \
            -l "traefik.backend=jenkinsMaster" \
            -l "traefik.frontend=jenkinsMaster" \
            -l "traefik.frontend.rule=Host:jenkins.gestalts.net" \
            -l 'traefik.frontend.entryPoints=http8080' \
            \
            -v /var/jenkins_home:/var/jenkins_home \
            jenkins/jenkins:lts

View the Traefik setup in the dashboard after starting the

  • Once both the labeled Docker container and Traefik have been started up, the frontend and backend rules, which take their configuration from the Docker labels, will be viewable within the dashboard.

categories: traefik | jenkins | docker | reverse-proxy | devops |