253 lines
5.5 KiB
Markdown
253 lines
5.5 KiB
Markdown
# Traefik + Docker Swarm 集成
|
|
|
|
## 📋 概述
|
|
|
|
本项目实现了 Traefik 与 Docker Swarm 的完整集成,提供统一的入口点管理所有 Swarm 服务。
|
|
|
|
## 🏗️ 架构设计
|
|
|
|
```
|
|
Internet
|
|
↓
|
|
Traefik (Load Balancer)
|
|
↓
|
|
Docker Swarm Services
|
|
├── Web App (app.local)
|
|
├── API Service (api.local)
|
|
├── Monitor Service (monitor.local)
|
|
└── Other Services...
|
|
```
|
|
|
|
## 📁 文件结构
|
|
|
|
```
|
|
/root/mgmt/
|
|
├── traefik-swarm-stack.yml # Traefik 主服务配置
|
|
├── demo-services-stack.yml # 示例服务配置
|
|
├── monitoring-stack.yml # 监控服务配置
|
|
├── swarm-traefik-manager.sh # 管理脚本
|
|
└── README-traefik-swarm.md # 说明文档
|
|
```
|
|
|
|
## 🚀 快速开始
|
|
|
|
### 1. 初始化环境
|
|
|
|
```bash
|
|
# 确保 Docker Swarm 已激活
|
|
docker swarm init
|
|
|
|
# 初始化 Traefik 环境
|
|
./swarm-traefik-manager.sh init
|
|
```
|
|
|
|
### 2. 部署所有服务
|
|
|
|
```bash
|
|
# 一键部署所有服务
|
|
./swarm-traefik-manager.sh deploy-all
|
|
|
|
# 或分步部署
|
|
./swarm-traefik-manager.sh deploy # 仅部署 Traefik
|
|
./swarm-traefik-manager.sh deploy-demo # 部署示例服务
|
|
./swarm-traefik-manager.sh deploy-monitoring # 部署监控服务
|
|
```
|
|
|
|
### 3. 更新 hosts 文件
|
|
|
|
```bash
|
|
# 自动更新 hosts 文件
|
|
./swarm-traefik-manager.sh update-hosts
|
|
|
|
# 或手动添加到 /etc/hosts
|
|
echo "127.0.0.1 traefik.local app.local api.local monitor.local prometheus.local grafana.local" >> /etc/hosts
|
|
```
|
|
|
|
## 🌐 访问地址
|
|
|
|
| 服务 | 地址 | 说明 |
|
|
|------|------|------|
|
|
| Traefik Dashboard | http://traefik.local:8080 | 管理界面 |
|
|
| Web App | http://app.local | 示例 Web 应用 |
|
|
| API Service | http://api.local | 示例 API 服务 |
|
|
| Monitor Service | http://monitor.local | 监控服务 |
|
|
| Prometheus | http://prometheus.local | 指标收集 |
|
|
| Grafana | http://grafana.local | 可视化面板 |
|
|
|
|
## 🛠️ 管理命令
|
|
|
|
### 查看服务状态
|
|
```bash
|
|
./swarm-traefik-manager.sh status
|
|
```
|
|
|
|
### 查看服务日志
|
|
```bash
|
|
./swarm-traefik-manager.sh logs traefik_traefik
|
|
./swarm-traefik-manager.sh logs demo_webapp
|
|
```
|
|
|
|
### 扩缩容服务
|
|
```bash
|
|
# 扩容 webapp 到 3 个副本
|
|
./swarm-traefik-manager.sh scale demo webapp 3
|
|
|
|
# 扩容 API 服务到 2 个副本
|
|
./swarm-traefik-manager.sh scale demo api 2
|
|
```
|
|
|
|
### 清理环境
|
|
```bash
|
|
./swarm-traefik-manager.sh cleanup
|
|
```
|
|
|
|
## 📊 监控配置
|
|
|
|
### Prometheus 指标
|
|
- Traefik 指标: http://traefik:8080/metrics
|
|
- Node Exporter: 系统指标
|
|
- cAdvisor: 容器指标
|
|
|
|
### Grafana 配置
|
|
- 默认用户: admin
|
|
- 默认密码: admin123
|
|
- 数据源: Prometheus (http://prometheus:9090)
|
|
|
|
## 🔧 服务配置
|
|
|
|
### 为新服务添加 Traefik 路由
|
|
|
|
在 Docker Compose 文件中添加以下标签:
|
|
|
|
```yaml
|
|
services:
|
|
your-service:
|
|
image: your-image
|
|
networks:
|
|
- traefik-public
|
|
deploy:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.your-service.rule=Host(`your-domain.local`)
|
|
- traefik.http.routers.your-service.entrypoints=web
|
|
- traefik.http.services.your-service.loadbalancer.server.port=80
|
|
```
|
|
|
|
### 高级路由配置
|
|
|
|
```yaml
|
|
# 路径前缀路由
|
|
- traefik.http.routers.api-path.rule=Host(`app.local`) && PathPrefix(`/api`)
|
|
|
|
# HTTPS 重定向
|
|
- traefik.http.routers.your-service.entrypoints=websecure
|
|
- traefik.http.routers.your-service.tls.certresolver=letsencrypt
|
|
|
|
# 中间件配置
|
|
- traefik.http.routers.your-service.middlewares=auth
|
|
- traefik.http.middlewares.auth.basicauth.users=user:password
|
|
```
|
|
|
|
## 🔒 安全配置
|
|
|
|
### 基本认证
|
|
```yaml
|
|
labels:
|
|
- traefik.http.middlewares.auth.basicauth.users=admin:$$2y$$10$$...
|
|
- traefik.http.routers.service.middlewares=auth
|
|
```
|
|
|
|
### HTTPS 配置
|
|
```yaml
|
|
labels:
|
|
- traefik.http.routers.service.tls.certresolver=letsencrypt
|
|
- traefik.http.routers.service.entrypoints=websecure
|
|
```
|
|
|
|
## 🐛 故障排除
|
|
|
|
### 常见问题
|
|
|
|
1. **服务无法访问**
|
|
```bash
|
|
# 检查服务状态
|
|
docker stack services traefik
|
|
|
|
# 检查网络连接
|
|
docker network ls | grep traefik-public
|
|
```
|
|
|
|
2. **路由不生效**
|
|
```bash
|
|
# 查看 Traefik 日志
|
|
./swarm-traefik-manager.sh logs traefik_traefik
|
|
|
|
# 检查服务标签
|
|
docker service inspect demo_webapp
|
|
```
|
|
|
|
3. **DNS 解析问题**
|
|
```bash
|
|
# 检查 hosts 文件
|
|
cat /etc/hosts | grep local
|
|
|
|
# 更新 hosts 文件
|
|
./swarm-traefik-manager.sh update-hosts
|
|
```
|
|
|
|
### 调试命令
|
|
|
|
```bash
|
|
# 查看所有 Swarm 服务
|
|
docker service ls
|
|
|
|
# 查看特定服务详情
|
|
docker service inspect traefik_traefik
|
|
|
|
# 查看服务任务
|
|
docker service ps traefik_traefik
|
|
|
|
# 进入容器调试
|
|
docker exec -it $(docker ps -q -f name=traefik) sh
|
|
```
|
|
|
|
## 📈 性能优化
|
|
|
|
### 负载均衡配置
|
|
```yaml
|
|
labels:
|
|
- traefik.http.services.service.loadbalancer.sticky.cookie=true
|
|
- traefik.http.services.service.loadbalancer.healthcheck.path=/health
|
|
```
|
|
|
|
### 缓存配置
|
|
```yaml
|
|
labels:
|
|
- traefik.http.middlewares.cache.headers.customrequestheaders.Cache-Control=max-age=3600
|
|
```
|
|
|
|
## 🔄 备份与恢复
|
|
|
|
### 备份配置
|
|
```bash
|
|
# 备份 Docker 配置
|
|
docker config ls
|
|
docker config inspect config_name
|
|
|
|
# 备份 Swarm 状态
|
|
docker node ls
|
|
docker service ls
|
|
```
|
|
|
|
### 恢复服务
|
|
```bash
|
|
# 重新部署服务
|
|
./swarm-traefik-manager.sh deploy-all
|
|
```
|
|
|
|
## 📚 参考资料
|
|
|
|
- [Traefik 官方文档](https://doc.traefik.io/traefik/)
|
|
- [Docker Swarm 文档](https://docs.docker.com/engine/swarm/)
|
|
- [Prometheus 配置](https://prometheus.io/docs/prometheus/latest/configuration/configuration/)
|
|
- [Grafana 文档](https://grafana.com/docs/) |