Coding In Medicine

"Creating and Managing Scalable Application Environments with Traefik and Docker: A Comprehensive Tutorial"

Gyasi Sutton, MD, MPH -

Traefik is an open-source reverse proxy and load balancer that enables you to define your own route rules, SSL certificates, and more for your applications. It integrates perfectly with containerized environments such as Docker, Kubernetes, etc.

In this series, we are going to cover how to set up Traefik in a Docker environment, how to route and balance traffic, and how to secure your applications.

Setting Up the Environment

First, make sure that you have Docker and Docker Compose installed on your machine. If not, you can follow the official Docker documentation to install it.

Creating a Traefik Configuration

Let's begin by creating a configuration file for Traefik. We're going to use YAML for this:

Create a file named traefik.yml and add the following content:


entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    watch: true
    exposedByDefault: false

In this configuration, we have defined two entry points: web for HTTP (port 80) and websecure for HTTPS (port 443), comparable to the body's pain pathways.  These pathways, much like their biological counterparts, serve unique purposes. The "web" pathway handles standard, non-secure communication, while the "websecure" pathway is designed for encrypted, secure communication. Their functionalities parallel how acute pain warns the body of immediate harm, and chronic pain indicates ongoing issues.

We introduce a Docker provider into this setup, which mirrors the role of the nervous system. This provider monitors changes in the Docker environment, regulating data flow and adapting as needed, akin to how the nervous system modulates and responds to body signals.

We can extend the analogy by comparing these networks to specific regions in the brain, each fulfilling a unique function. Much like the frontal lobe's role in decision making and the occipital lobe's in visual processing, each network caters to a particular type of web service or application.

To ensure precise communication—similar to how nerve signals are directed to the right part of the brain—we implement routing rules in Traefik. These rules guide incoming requests, much as the nervous system routes signals to the appropriate brain regions for processing.

The flexibility of this system is its main strength, allowing us to establish as many networks as necessary. This mirrors how the body manages different kinds of pain signals, directing them through various channels based on their unique characteristics. In doing so, we optimize our system's functionality and responsiveness, leading to an efficient environment for our applications.

Creating the Docker Compose File

Next, create a docker-compose.yml file in the same directory with the following content:

version: '3'

services:
  traefik:
    image: traefik:v2.4
    command:
      - "--api.insecure=true"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik.yml:/etc/traefik/traefik.yml
    networks:
      - web

networks:
  web:
    external: true

Here, we define a service named traefik that uses the Traefik image from Docker Hub. We expose ports 80 (HTTP), 443 (HTTPS), and 8080 (Traefik's dashboard). We mount the Docker socket and our Traefik configuration file into the container.

Starting Traefik

You can start Traefik by running this command:

docker-compose up -d

This command will pull the necessary images and start the Traefik service in the background.

You should now be able to access Traefik's dashboard by going to http://localhost:8080/dashboard.

Creating and Deploying an Example Application

Now, let's create an example application and deploy it with Docker Compose.

Create a new docker-compose.yml file in a different directory with the following content:

version: '3'

services:
  app:
    image: nginx
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.app.rule=Host(`app.localhost`)"
    networks:
      - web

networks:
  web:
    external: true

This configuration defines an application named app that uses the Nginx image from Docker Hub.  The labels given to the service instruct Traefik to create a route rule for this application. It tells Traefik that the application can be accessed by going to http://app.localhost.

Note: In a real-world scenario, you would replace localhost with your domain name.

Now, let's run this application by using the following command:

docker-compose up -d

Testing the Application

If you have configured everything correctly, you should now be able to access your application by going to http://app.localhost in your web browser. Note that you may need to add a mapping in your hosts file if your operating system doesn't automatically resolve *.localhost addresses.

The Nginx start page should be displayed.

Inspecting the Traefik Dashboard

If you go back to the Traefik dashboard (http://localhost:8080/dashboard), you should see your app service listed there. You can inspect the route rules and other configuration details.

This was a basic tutorial to set up Traefik in a Docker environment and deploy a simple application.

In further parts of this series, we will discuss more advanced topics such as:

  • Load balancing between multiple instances of an application
  • Adding SSL certificates with Let's Encrypt
  • Redirecting HTTP traffic to HTTPS
  • Routing based on path or headers

Conclusion

By using Traefik with Docker, we can create flexible and scalable environments for our applications. Traefik's integration with Docker makes it easy to define route rules, load balance traffic, and add SSL, giving us full control over the networking of our containerized applications.