我的书签
添加书签
移除书签Traefik & Rancher
Attach labels to your services and let Traefik do the rest!
This provider is specific to Rancher 1.x.
Rancher 2.x requires Kubernetes and does not have a metadata endpoint of its own for Traefik to query. As such, Rancher 2.x users should utilize the Kubernetes provider directly.
Labels
- Labels are case insensitive.
- The complete list of labels can be found in .
Traefik creates, for each rancher service, a corresponding service and .
The Service automatically gets a server per container in this rancher service, and the router gets a default rule attached to it, based on the service name.
Service definition
In general when configuring a Traefik provider, a service assigned to one (or several) router(s) must be defined as well for the routing to be functional.
There are, however, exceptions when using label-based configurations:
- If a label defines a router (e.g. through a router Rule) and a label defines a service (e.g. implicitly through a loadbalancer server port value), but the router does not specify any service, then that service is automatically assigned to the router.
- If a label defines a router (e.g. through a router Rule) but no service is defined, then a service is automatically created and assigned to the router.
As one would expect, in either of these cases, if in addition a service is specified for the router, then that service is the one assigned, regardless of whether it actually is defined or whatever else other services are defined.
Automatic service assignment with labels
With labels in a compose file
Automatic service creation and assignment with labels
With labels in a compose file
labels:# no service specified or defined and yet one gets automatically created# and assigned to router myproxy.- "traefik.http.routers.myproxy.rule=Host(`example.net`)"
Routers
To update the configuration of the Router automatically attached to the container, add labels starting with traefik.routers.{name-of-your-choice}. and followed by the option you want to change.
For example, to change the rule, you could add the label traefik.http.routers.my-container.rule=Host(`example.com`).
The character @ is not authorized in the router name <router_name>.
traefik.http.routers.<router_name>.rule
See rule for more information.
- "traefik.http.routers.myrouter.rule=Host(`example.com`)"
traefik.http.routers.<router_name>.entrypoints
See for more information.
- "traefik.http.routers.myrouter.entrypoints=ep1,ep2"
traefik.http.routers.<router_name>.middlewares
See middlewares and for more information.
- "traefik.http.routers.myrouter.middlewares=auth,prefix,cb"
traefik.http.routers.<router_name>.service
See rule for more information.
- "traefik.http.routers.myrouter.service=myservice"
traefik.http.routers.<router_name>.tls
See for more information.
traefik.http.routers.<router_name>.tls.certresolver
See certResolver for more information.
- "traefik.http.routers.myrouter.tls.certresolver=myresolver"
traefik.http.routers.<router_name>.tls.domains[n].main
See for more information.
- "traefik.http.routers.myrouter.tls.domains[0].main=example.org"
traefik.http.routers.<router_name>.tls.domains[n].sans
See domains for more information.
- "traefik.http.routers.myrouter.tls.domains[0].sans=test.example.org,dev.example.org"
traefik.http.routers.<router_name>.tls.options
See for more information.
- "traefik.http.routers.myrouter.tls.options=foobar"
traefik.http.routers.<router_name>.priority
See priority for more information.
- "traefik.http.routers.myrouter.priority=42"
To update the configuration of the Service automatically attached to the container, add labels starting with traefik.http.services.{name-of-your-choice}., followed by the option you want to change.
For example, to change the passHostHeader behavior, you’d add the label traefik.http.services.{name-of-your-choice}.loadbalancer.passhostheader=false.
The character @ is not authorized in the service name <service_name>.
Registers a port. Useful when the container exposes multiples ports.
- "traefik.http.services.myservice.loadbalancer.server.port=8080"
traefik.http.services.<service_name>.loadbalancer.server.scheme
Overrides the default scheme.
- "traefik.http.services.myservice.loadbalancer.server.scheme=http"
traefik.http.services.<service_name>.loadbalancer.passhostheader
See for more information.
- "traefik.http.services.myservice.loadbalancer.passhostheader=true"
traefik.http.services.<service_name>.loadbalancer.healthcheck.headers.<header_name>
See health check for more information.
traefik.http.services.<service_name>.loadbalancer.healthcheck.hostname
See for more information.
traefik.http.services.<service_name>.loadbalancer.healthcheck.interval
See health check for more information.
- "traefik.http.services.myservice.loadbalancer.healthcheck.interval=10"
traefik.http.services.<service_name>.loadbalancer.healthcheck.path
See for more information.
- "traefik.http.services.myservice.loadbalancer.healthcheck.path=/foo"
traefik.http.services.<service_name>.loadbalancer.healthcheck.port
See health check for more information.
- "traefik.http.services.myservice.loadbalancer.healthcheck.port=42"
traefik.http.services.<service_name>.loadbalancer.healthcheck.scheme
See for more information.
- "traefik.http.services.myservice.loadbalancer.healthcheck.scheme=http"
traefik.http.services.<service_name>.loadbalancer.healthcheck.timeout
See health check for more information.
- "traefik.http.services.myservice.loadbalancer.healthcheck.timeout=10"
traefik.http.services.<service_name>.loadbalancer.healthcheck.followredirects
See for more information.
- "traefik.http.services.myservice.loadbalancer.healthcheck.followredirects=true"
traefik.http.services.<service_name>.loadbalancer.sticky.cookie
See sticky sessions for more information.
- "traefik.http.services.myservice.loadbalancer.sticky.cookie=true"
traefik.http.services.<service_name>.loadbalancer.sticky.cookie.httponly
See for more information.
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.httponly=true"
traefik.http.services.<service_name>.loadbalancer.sticky.cookie.name
See sticky sessions for more information.
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.name=foobar"
traefik.http.services.<service_name>.loadbalancer.sticky.cookie.secure
See for more information.
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.secure=true"
traefik.http.services.<service_name>.loadbalancer.sticky.cookie.samesite
See sticky sessions for more information.
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.samesite=none"
traefik.http.services.<service_name>.loadbalancer.responseforwarding.flushinterval
See for more information.
- "traefik.http.services.myservice.loadbalancer.responseforwarding.flushinterval=10"
Middleware
You can declare pieces of middleware using labels starting with traefik.http.middlewares.{name-of-your-choice}., followed by the middleware type/options.
For example, to declare a middleware named my-redirect, you’d write traefik.http.middlewares.my-redirect.redirectscheme.scheme: https.
More information about available middlewares in the dedicated middlewares section.
The character @ is not authorized in the middleware name.
Declaring and Referencing a Middleware
# ...labels:# Declaring a middleware- traefik.http.middlewares.my-redirect.redirectscheme.scheme=https# Referencing a middleware- traefik.http.routers.my-container.middlewares=my-redirect
Conflicts in Declaration
If you declare multiple middleware with the same name but with different parameters, the middleware fails to be declared.
Declaring TCP Routers and Services
my-container:# ...labels:- "traefik.tcp.routers.my-router.tls=true"- "traefik.tcp.services.my-service.loadbalancer.server.port=4123"
TCP and HTTP
If you declare a TCP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (like it does by default if no TCP Router/Service is defined). You can declare both a TCP Router/Service and an HTTP Router/Service for the same container (but you have to do so manually).
TCP Routers
traefik.tcp.routers.<router_name>.entrypoints
See entry points for more information.
- "traefik.tcp.routers.mytcprouter.entrypoints=ep1,ep2"
traefik.tcp.routers.<router_name>.rule
See for more information.
traefik.tcp.routers.<router_name>.service
See service for more information.
- "traefik.tcp.routers.mytcprouter.service=myservice"
traefik.tcp.routers.<router_name>.tls
See for more information.
- "traefik.tcp.routers.mytcprouter.tls=true"
traefik.tcp.routers.<router_name>.tls.certresolver
See certResolver for more information.
- "traefik.tcp.routers.mytcprouter.tls.certresolver=myresolver"
traefik.tcp.routers.<router_name>.tls.domains[n].main
See for more information.
- "traefik.tcp.routers.mytcprouter.tls.domains[0].main=example.org"
traefik.tcp.routers.<router_name>.tls.domains[n].sans
See domains for more information.
- "traefik.tcp.routers.mytcprouter.tls.domains[0].sans=test.example.org,dev.example.org"
traefik.tcp.routers.<router_name>.tls.options
See for more information.
- "traefik.tcp.routers.mytcprouter.tls.options=mysoptions"
traefik.tcp.routers.<router_name>.tls.passthrough
See TLS for more information.
- "traefik.tcp.routers.mytcprouter.tls.passthrough=true"
TCP Services
traefik.tcp.services.<service_name>.loadbalancer.server.port
Registers a port of the application.
- "traefik.tcp.services.mytcpservice.loadbalancer.server.port=423"
traefik.tcp.services.<service_name>.loadbalancer.terminationdelay
See termination delay for more information.
- "traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100"
traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version
See for more information.
- "traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1"
UDP
You can declare UDP Routers and/or Services using labels.
Declaring UDP Routers and Services
services:my-container:# ...labels:- "traefik.udp.routers.my-router.entrypoints=udp"- "traefik.udp.services.my-service.loadbalancer.server.port=4123"
UDP and HTTP
If you declare a UDP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (like it does by default if no UDP Router/Service is defined). You can declare both a UDP Router/Service and an HTTP Router/Service for the same container (but you have to do so manually).
UDP Routers
traefik.udp.routers.<router_name>.entrypoints
See entry points for more information.
- "traefik.udp.routers.myudprouter.entrypoints=ep1,ep2"
traefik.udp.routers.<router_name>.service
See for more information.
- "traefik.udp.routers.myudprouter.service=myservice"
UDP Services
traefik.udp.services.<service_name>.loadbalancer.server.port
Registers a port of the application.
- "traefik.udp.services.myudpservice.loadbalancer.server.port=423"
traefik.enable
- "traefik.enable=true"
You can tell Traefik to consider (or not) the container by setting traefik.enable to true or false.
This option overrides the value of .
Port Lookup
Traefik is capable of detecting the port to use, by following the default rancher flow. That means, if you just expose lets say port :1337 on the rancher ui, traefik will pick up this port and use it.
