0

I am trying to deploy Wordpress application on docker swarm stack, behind Traefik reverse proxy, I wanted to use Nginx for reverse proxying but as the the Wordpress is deployed with 2 replicas I am facing session time out issue, therefore I am trying the use Traefik instaed to configure sticky session later.

I have deployed the Traefik service successfully and can access the dashboard, but the Wordpress is not being proxied and it is not showing in the services list on the dashboard.

Traefik Dashboard Screenshot

Traefik Dashboard 2

Traefik Proxy yaml File:


version: '3.3'

services:

  traefik:
  
    image: traefik:v2.2
    ports:
      - 80:80
      - 443:443
    deploy:
      placement:
        constraints:
          # Make the traefik service run only on the node with this label
          # as the node with it has the volume for the certificates

          - node.labels.traefik-public.traefik-public-certificates == true

      labels:
       
        - traefik.enable=true
        - traefik.docker.network=traefik-public
        - traefik.constraint-label=traefik-public
        - traefik.http.middlewares.admin-auth.basicauth.users=${USERNAME?Variable not set}:${HASHED_PASSWORD?Variable not set}
        - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
        - traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
        - traefik.http.routers.traefik-public-http.rule=Host(`${DOMAIN?Variable not set}`)
        - traefik.http.routers.traefik-public-http.entrypoints=http
        - traefik.http.routers.traefik-public-http.middlewares=https-redirect
        - traefik.http.routers.traefik-public-https.rule=Host(`${DOMAIN?Variable not set}`)
        - traefik.http.routers.traefik-public-https.entrypoints=https
        - traefik.http.routers.traefik-public-https.tls=true
        - traefik.http.routers.traefik-public-https.service=api@internal
        - traefik.http.routers.traefik-public-https.tls.certresolver=le
        - traefik.http.routers.traefik-public-https.middlewares=admin-auth
        - traefik.http.services.traefik-public.loadbalancer.server.port=8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - traefik-public-certificates:/certificates
    command:
      - --providers.docker
      - --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`)
      - --providers.docker.exposedbydefault=false
      - --providers.docker.swarmmode
      - --entrypoints.http.address=:80
      - --entrypoints.https.address=:443
      - --certificatesresolvers.le.acme.email=${EMAIL?Variable not set}
      - --certificatesresolvers.le.acme.storage=/certificates/acme.json
      - --certificatesresolvers.le.acme.tlschallenge=true
      - --accesslog
      - --log
      - --api

    networks:
      - traefik-public

volumes:
  traefik-public-certificates:

networks:
  traefik-public:
    external: true

Wordpress yaml File:


version: "3.4"
services:
  
  db:
    image:  mariadb
    secrets:
      - db_user
      - db_pass     
    environment:
        MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_pass
        MYSQL_USER_FILE: /run/secrets/db_user
        MYSQL_PASSWORD_FILE: /run/secrets/db_pass
        MYSQL_DATABASE_NAME: wpdb  
    ports:
      - 3306:3306      
    networks:
      - backend
    volumes:
      - db-data:/var/lib/mysql
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
        window: 60s  
  wp:
    image: wordpress
    secrets:
      - db_user
      - db_pass
    depends_on: 
      - db
    labels:
      - traefik.enable=true
      - traefik.constraint-label=traefik-public
      - traefik.docker.network=traefik-public
      - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
      - traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
      - traefik.http.routers.wp.rule=Host(`example.com`)
      - traefik.http.routers.wp.entrypoints=http
      - traefik.http.routers.wp.middlewares=https-redirect
      - traefik.http.routers.wp-secured.rule=Host(`example.com`)
      - traefik.http.routers.wp-secured.entrypoints=https
      - traefik.http.routers.wp-secured.tls=true
      - traefik.http.routers.wp-secured.tls.certresolver=le
      - traefik.http.services.wp.loadbalancer.server.port=8080
     
    environment:
      WORDPRESS_DB_HOST: 192.168.20.30:3306 # node IP 
      WORDPRESS_DB_USER_FILE: /run/secrets/db_user
      WORDPRESS_DB_PASSWORD_FILE: /run/secrets/db_pass
      WORDPRESS_DB_NAME: wpdb
    networks:
      - backend
      - traefik-public
    volumes:
      - wp-data:/var/www/html  
    deploy:
      replicas: 2
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
        window: 60s

networks:
  backend:
    external: false
  traefik-public:
    external: true 
volumes:
  wp-data:
  db-data:        

secrets:
  db_user:
    file: ./db_user.txt    
  db_pass:
    file: ./db_pass.txt


```
Noor Muradi
  • 13
  • 6

0 Answers0