Portainer / Rancher / Traefik

container management

Portainer

$ docker volume create portainer_data
$ docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer

Rancher

https://rancher.com/
docker run -d --restart=always -p 8080:8080 rancher/server

DigitalOcean

install Rancher and Let’s Encrypt

docker run -d --restart=unless-stopped -p 80:80 -p 443:443 -v /host/rancher:/var/lib/rancher rancher/rancher --acme-domain example.com

https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-node-deployments-with-rancher-2-1-kubernetes-and-docker-machine-on-ubuntu-18-04

Rancher2
ตั้งค่า username and password อย่างแรก

Add Host

ใส่ ip แล้ว copy วางใน ssh

Traefik reverse proxy

A reverse proxy / load balancer that’s easy

Docker Network

$ docker network ls
$ docker network create traefik_webgateway
$ docker network ls

ก่อนจะติดตั้งต้อง create this encrypted password

$ sudo apt-get install apache2-utils     /*ติดตั้ง apache2-utils
$ htpasswd -nb admin secure_password     /*generate password
/*หลังจากนั้นจะได้ admin:$apr1$.NcHhFS8$iqi/swrHPmCKAhj9v0C0x/

สร้างไฟล์ Traefik.toml nano traefik.toml

defaultEntryPoints = ["http", "https"]
[web]
address = ":8080"
[web.auth.basic]
users = ["
admin:$apr1$.NcHhFS8$iqi/swrHPmCKAhj9v0C0x/"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "your_email@example.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
onDemand = false

สร้างไฟล์ docker-compose.yml

version: '3'
services:
traefik:
image: traefik:latest
command: --docker --docker.domain=test.io
ports:
- 80:80
- 443:443
networks:
- traefik_webgateway
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik.toml:/traefik.toml
- ./acme.json:/acme.json
labels:
- "traefik.frontend.rule=Host:traefik.test.io"
- "traefik.port=80"
container_name: traefik
restart: always
networks:
traefik_webgateway:
external: true

Letsencrypt ACME Configuration

The acme configuration on ‘traefik.toml’ is used for automatically generate the SSL letsencrypt. And it’s required for the storage file ‘acme.json’.

Create a new JSON file ‘acme.json’ and change the permission to ‘600’.

touch acme.json
chmod 600 acme.json

Build Traefik Container

Now we’re ready to build our own traefik container using the above configuration files.

cd traefik/
ls -lah

Run Docker-compose

docker-compose up -d

GNU nano

https://schemen.me/portainer-with-traefik/

GNU nano

Ubuntu

[root@ns3106050 ~]# lsof -i -P -n | grep LISTEN
sshd 1276 root 3u IPv4 515 0t0 TCP *:22 (LISTEN)
sshd 1276 root 4u IPv6 517 0t0 TCP *:22 (LISTEN)
dockerd 1277 root 6u IPv6 5955 0t0 TCP *:2376 (LISTEN)
docker-pr 5425 root 4u IPv6 24484 0t0 TCP *:5443 (LISTEN)
docker-pr 5436 root 4u IPv6 24492 0t0 TCP *:5000 (LISTEN)
docker-pr 5447 root 4u IPv6 22391 0t0 TCP *:5080 (LISTEN)