Contents
Install portainer + traefik on Ubuntu 16.04
1. Install docker
https://docs.docker.com/install/linux/docker-ce/ubuntu/
2. Install docker-compose
https://docs.docker.com/compose/install/
3. Install traefik
3.1 First, create a directory for our containers:
mkdir -p /opt/containers/{traefik,portainer}
3.2 Create the data folder and config files for Traefik:
mkdir -p /opt/containers/traefik/data
touch /opt/containers/traefik/data/acme.json
chmod 600 /opt/containers/traefik/data/acme.json
touch /opt/containers/traefik/data/traefik.yml
3.3 Create the basic Traefik configuration file:
location: /opt/containers/traefik/data/traefik.yml
api:
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
certificatesResolvers:
http:
acme:
email: email@example.com
storage: acme.json
httpChallenge:
entryPoint: http
3.4 Setup Traefik
Create traefik network
docker network create proxy
Generate traefik basic auth information (1)
sudo apt-get install apache2-utils
echo $(htpasswd -nbB yourUserName yourPassword) | sed -e s/\\$/\\$\\$/g
Create Traefik Docker Compose file: replace USER:PASSWORD with generated value above (1)
location: /opt/containers/traefik/docker-compose.yml
version: '3'
services:
traefik:
image: traefik:v2.0
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.traefik.entrypoints=http'
- 'traefik.http.routers.traefik.rule=Host(`traefikdomain.local`)'
- 'traefik.http.middlewares.traefik-auth.basicauth.users=USER:PASSWORD'
- 'traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https'
- 'traefik.http.routers.traefik.middlewares=traefik-https-redirect'
- 'traefik.http.routers.traefik-secure.entrypoints=https'
- 'traefik.http.routers.traefik-secure.rule=Host(`traefikdomain.local`)'
- 'traefik.http.routers.traefik-secure.middlewares=traefik-auth'
- 'traefik.http.routers.traefik-secure.tls=true'
- 'traefik.http.routers.traefik-secure.tls.certresolver=http'
- 'traefik.http.routers.traefik-secure.service=api@internal'
networks:
proxy:
external: true
replace traefikdomain.local with your domain for traefik
Start traefik
cd /opt/containers/traefik
docker-compose up -d
browse traefikdomain.local to check the traefik manage page
4. Install portainer
Create portainer docker-compose file
location: /opt/containers/portainer/docker-compose.yml
version: '3'
services:
portainer:
image: portainer/portainer:latest
container_name: portainer
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer.entrypoints=http"
- "traefik.http.routers.portainer.rule=Host(`portainerdomain.local`)"
- "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.portainer.middlewares=portainer-https-redirect"
- "traefik.http.routers.portainer-secure.entrypoints=https"
- "traefik.http.routers.portainer-secure.rule=Host(`portainerdomain.local`)"
- "traefik.http.routers.portainer-secure.tls=true"
- "traefik.http.routers.portainer-secure.tls.certresolver=http"
- "traefik.http.routers.portainer-secure.service=portainer"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
- "traefik.docker.network=proxy"
networks:
proxy:
external: true
replace portainerdomain.local with your domain for portainer
Start portainer
cd /opt/containers/portainer
docker-compose up -d
browse portainerdomain.local for portainer web control panel
Discussion about this post