From e429d0ac7f19583a79e2525ebd0802c58ac62b5c Mon Sep 17 00:00:00 2001 From: Sylvain COMBRAQUE Date: Mon, 22 Oct 2018 17:34:28 +0200 Subject: [PATCH 1/4] Write documentation for Traefik integration --- deployment/traefik.md | 122 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 deployment/traefik.md diff --git a/deployment/traefik.md b/deployment/traefik.md new file mode 100644 index 00000000000..896c2ea3357 --- /dev/null +++ b/deployment/traefik.md @@ -0,0 +1,122 @@ +# Implement Traefik into API Platform dockerized + +## Basic implementation + +[Traefik](https://traefik.io) is a reverse proxy / load balancer that's easy, dynamic, automatic, fast, full-featured, open source, production proven, providing metrics, and integrating with every major cluster technologie + +This tool will help you to define your own routes for your client, api and more generally for your containers. + +Use this custom API Platform docker-compose.yml file which implements ready-to-use Traefik container configuration. +Override ports and add labels to tell Traefik to listen the routes mentionned and redirect routes to specified container. + + +```--api``` Tell Traefik to generate a browser view to watch containers and IP/DNS associated easier +```--docker``` Tell Traefik to listen docker api +```--docker.domain=localhost``` The main DNS will be on localhost +```labels:``` Key for Traefik configuration into Docker integration +``` +services: + ... + api: + labels: + - "traefik.frontend.rule=Host:api.localhost" +``` +The api DNS will be specified with traefik.frontend.rule=Host:your.host (here api.localhost) + +```--traefik.port=3000``` Port specified to Traefik will be exopsed by container (here React app expose the 3000 port) + + +```yaml +version: '3.4' + +services: + reverse-proxy: + image: traefik + command: --api --docker --docker.domain=localhost + ports: + - "80:80" #All HTTP access will be caught by Traefik + - "8080:8080" #Access Traefik webview + volumes: + - /var/run/docker.sock:/var/run/docker.sock + + php: + image: ${CONTAINER_REGISTRY_BASE}/php + build: + context: ./api + depends_on: + - db + env_file: + - ./api/.env + Comment out these volumes in production + volumes: + - ./api:/srv/api:rw,cached + If you develop on Linux, uncomment the following line to use a bind-mounted host directory instead + - ./api/var:/srv/api/var:rw + + api: + image: ${CONTAINER_REGISTRY_BASE}/nginx + labels: + - "traefik.frontend.rule=Host:api.localhost" + build: + context: ./api + depends_on: + - php + Comment out this volume in production + volumes: + - ./api/public:/srv/api/public:ro + + db: + In production, you may want to use a managed database service + image: postgres:9.6-alpine + labels: + - "traefik.frontend.rule=Host:db.localhost" + environment: + - POSTGRES_DB=api + - POSTGRES_USER=api-platform + You should definitely change the password in production + - POSTGRES_PASSWORD=!ChangeMe! + volumes: + - db-data:/var/lib/postgresql/data:rw + You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data! + - ./docker/db/data:/var/lib/postgresql/data:rw + ports: + - "5432:5432" + + client: + Use a static website hosting service in production + See https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/template/README.mddeployment + image: ${CONTAINER_REGISTRY_BASE}/client + build: + context: ./client + env_file: + - ./client/.env + volumes: + - ./client:/usr/src/client:rw,cached + - /usr/src/client/node_modules + expose: + - 3000 + labels: + - "traefik.port=3000" + - "traefik.frontend.rule=Host:localhost" + +volumes: + db-data: {} +``` + +Don't forget the db-data, then database won't work in this dockerized solution. + +```localhost``` is a reserved domain referred in your ```/etc/hosts```. +If you want to implement custom DNS such as production DNS in local, just put them at the end of your ```/etc/host``` file like that : + +``` +# /etc/hosts +... + +127.0.0.1 your.domain.com +``` + +If you do that, you'll have to update the nelmio part in your```api/.env``` and accept the URL specified + +## Known problems + +Take care of your network, if he's a type B network it may not work because of containers are in type B network and it will be in conflict with Traefik sub-network From fa1af88eee5ad0302ece1408e2a2516d90ff0cec Mon Sep 17 00:00:00 2001 From: Sylvain COMBRAQUE Date: Mon, 22 Oct 2018 17:36:12 +0200 Subject: [PATCH 2/4] Typo fix --- deployment/traefik.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/traefik.md b/deployment/traefik.md index 896c2ea3357..95844231c73 100644 --- a/deployment/traefik.md +++ b/deployment/traefik.md @@ -119,4 +119,4 @@ If you do that, you'll have to update the nelmio part in your```api/.env``` and ## Known problems -Take care of your network, if he's a type B network it may not work because of containers are in type B network and it will be in conflict with Traefik sub-network +Take care of your network, if it's a type B network it may not work because containers are in type B network and it will be in conflict with Traefik sub-network From 4c4fb4240d3bb1c5d032fefccd5b8703e5c80dcd Mon Sep 17 00:00:00 2001 From: Sylvain COMBRAQUE Date: Mon, 22 Oct 2018 22:03:46 +0200 Subject: [PATCH 3/4] technologie > technology --- deployment/traefik.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/traefik.md b/deployment/traefik.md index 95844231c73..b6aa678188e 100644 --- a/deployment/traefik.md +++ b/deployment/traefik.md @@ -2,7 +2,7 @@ ## Basic implementation -[Traefik](https://traefik.io) is a reverse proxy / load balancer that's easy, dynamic, automatic, fast, full-featured, open source, production proven, providing metrics, and integrating with every major cluster technologie +[Traefik](https://traefik.io) is a reverse proxy / load balancer that's easy, dynamic, automatic, fast, full-featured, open source, production proven, providing metrics, and integrating with every major cluster technology This tool will help you to define your own routes for your client, api and more generally for your containers. From 96521e8c70fcf283bdef268d9087d6104e00e9f7 Mon Sep 17 00:00:00 2001 From: Sylvain COMBRAQUE Date: Mon, 22 Oct 2018 23:58:29 +0200 Subject: [PATCH 4/4] Fix according to @dunglas review --- deployment/traefik.md | 56 +++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/deployment/traefik.md b/deployment/traefik.md index b6aa678188e..4fc93d39320 100644 --- a/deployment/traefik.md +++ b/deployment/traefik.md @@ -1,29 +1,29 @@ -# Implement Traefik into API Platform dockerized +# Implement Traefik Into API Platform Dockerized -## Basic implementation +## Basic Implementation -[Traefik](https://traefik.io) is a reverse proxy / load balancer that's easy, dynamic, automatic, fast, full-featured, open source, production proven, providing metrics, and integrating with every major cluster technology +[Traefik](https://traefik.io) is a reverse proxy / load balancer that's easy, dynamic, automatic, fast, full-featured, open source, production proven, providing metrics, and integrating with every major cluster technology. This tool will help you to define your own routes for your client, api and more generally for your containers. -Use this custom API Platform docker-compose.yml file which implements ready-to-use Traefik container configuration. +Use this custom API Platform `docker-compose.yml` file which implements ready-to-use Traefik container configuration. Override ports and add labels to tell Traefik to listen the routes mentionned and redirect routes to specified container. -```--api``` Tell Traefik to generate a browser view to watch containers and IP/DNS associated easier -```--docker``` Tell Traefik to listen docker api -```--docker.domain=localhost``` The main DNS will be on localhost -```labels:``` Key for Traefik configuration into Docker integration -``` +`--api` Tell Traefik to generate a browser view to watch containers and IP/DNS associated easier +`--docker` Tell Traefik to listen docker api +`--docker.domain=localhost` The main DNS will be on localhost +`labels:` Key for Traefik configuration into Docker integration +```yaml services: - ... +# ... api: labels: - "traefik.frontend.rule=Host:api.localhost" ``` -The api DNS will be specified with traefik.frontend.rule=Host:your.host (here api.localhost) +The api DNS will be specified with `traefik.frontend.rule=Host:your.host` (here api.localhost) -```--traefik.port=3000``` Port specified to Traefik will be exopsed by container (here React app expose the 3000 port) +`--traefik.port=3000` Port specified to Traefik will be exopsed by container (here React app expose the 3000 port) ```yaml @@ -47,11 +47,11 @@ services: - db env_file: - ./api/.env - Comment out these volumes in production + # Comment out these volumes in production volumes: - ./api:/srv/api:rw,cached - If you develop on Linux, uncomment the following line to use a bind-mounted host directory instead - - ./api/var:/srv/api/var:rw + # If you develop on Linux, uncomment the following line to use a bind-mounted host directory instead + # - ./api/var:/srv/api/var:rw api: image: ${CONTAINER_REGISTRY_BASE}/nginx @@ -61,30 +61,30 @@ services: context: ./api depends_on: - php - Comment out this volume in production + # Comment out this volume in production volumes: - ./api/public:/srv/api/public:ro db: - In production, you may want to use a managed database service + # In production, you may want to use a managed database service image: postgres:9.6-alpine labels: - "traefik.frontend.rule=Host:db.localhost" environment: - POSTGRES_DB=api - POSTGRES_USER=api-platform - You should definitely change the password in production + # You should definitely change the password in production - POSTGRES_PASSWORD=!ChangeMe! volumes: - db-data:/var/lib/postgresql/data:rw - You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data! - - ./docker/db/data:/var/lib/postgresql/data:rw + # You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data! + # - ./docker/db/data:/var/lib/postgresql/data:rw ports: - "5432:5432" client: - Use a static website hosting service in production - See https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/template/README.mddeployment + # Use a static website hosting service in production + # See https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/template/README.mddeployment image: ${CONTAINER_REGISTRY_BASE}/client build: context: ./client @@ -105,18 +105,18 @@ volumes: Don't forget the db-data, then database won't work in this dockerized solution. -```localhost``` is a reserved domain referred in your ```/etc/hosts```. -If you want to implement custom DNS such as production DNS in local, just put them at the end of your ```/etc/host``` file like that : +`localhost` is a reserved domain referred in your `/etc/hosts`. +If you want to implement custom DNS such as production DNS in local, just put them at the end of your `/etc/host` file like that: ``` # /etc/hosts -... +# ... 127.0.0.1 your.domain.com ``` -If you do that, you'll have to update the nelmio part in your```api/.env``` and accept the URL specified +If you do that, you'll have to update the `CORS_ALLOW_ORIGIN` environment variable `api/.env` to accept the specified URL. -## Known problems +## Known Issues -Take care of your network, if it's a type B network it may not work because containers are in type B network and it will be in conflict with Traefik sub-network +If your network is of type B, it may conflict with the traefik sub-network.