Setup Traefik

  1. Unraid Traefik Setup
  2. Setup Traefik Minecraft

Set up a traefik container to manage traffic for Business Central containers. Description: Set up a traefik container to manage traffic for Business Central containers. Parameter PublicDnsName: The externally reachable FQDN of your Docker host. Parameter ContactEMailForLetsEncrypt: The eMail address to use when requesting an SSL cert from Let's. Setting up Traefik with Cloudflare. I am trying to setup traefik using a combination of this guide, and the code found here. I am using docker-compose with Unraid, so far I have the following code: debug = false logLevel = 'ERROR' defaultEntryPoints = 'https','http' entryPoints entryPoints.http address = ':80' entryPoints.http.redirect. The following are the steps to follow for the set up: 1. Configuring Traefik. First, we need to create a configuration file and set up an encrypted password so we can access the monitoring dashboard. We will use the htpasswd utility to create this encrypted password. Install the utility with the following command.

Overview

Container Orchestration, Kubernetes and load balancing are all things most home clusters, or even hobby workloads will never require.Nevertheless, it’s still pretty cool to boast about how complex and scalable your home cluster architecture is.

Unraid Traefik Setup

This guide will show you how to set up such a single node home cluster using, k3s and traefik.The general goal here will be to get you up and going to quickly be able to deploy and host most applications with a basic CI/CD workflow.

Preparation

Nessicary prerequisite is a public server running some type of linux distribution.Important to note here is how not all distros will are compatible with k3s.For example many RHEL-based distros (such as CentOS, Alma, Fedora, etc.) come with SELINUX, which messes up networking.

So when chosing your system, make sure it doesn’t have any networking/firewall configuration that messes with k3s and supports legacy cgroups (which k3s depeds on).In this example, Debian minimal was chosen, but feel free to experiment with whatever you prefer.

3, 2, 1, Kubernetes

Installing k3s pretty much boils down to running a single command:

The disable traefik flag might seem counterintuitive at first, however since we want to use a modern version of traefik, we’ll have to reinstall it ourselves anyhow.

Now check if everything is up and running by calling:

If you get some type of permission error just run:

Furthermore, if you prefer to run kubectl from a local machine you can also copy the aformentioned file at /etc/rancher/k3s/k3s.yaml, change its adress to the adress of your server and use it locally as your kubeconfig.

But yeah, congrats, you now have a self-managed kubernetes cluster!

Setup traefik

Setup Traefik

Now let’s try to get something published in our k3s-cluster.Traefik will be used as the ingress for kubernetes, it’s pretty neat as it allows for inbuilt letsencrypt certificate generation, without cert-manager and the sorts.

To install traefik apply the following file with kubectl apply -f crd.yml

Then alter the following file with your email and details and apply it in the same manner:

If all pods are sucessfully running, you now have an ingress controller with support for tls!Don’t belive me? Let’s put it to the test.Using the following ingress configuration, we’ll spin up an whoami app and access it through the specified domain (here obviously please use yours…).

If we were to now go to https://ultraman.com, we can see it’s verified using a letsencrypt certificate.Congrats, you can now publish applications in kubernetes and have other people access them!

Registry

From time to time however, it might get boring to just publish other peoples apps. We want to be able to publish our own.This is where hosting a private docker registry comes into play.Obviously building or importing images on your remote machine is also an option, but it’s less clean.

First things first, you have to generate a password for your registry:

Then create a docker-compose file as follows:

Now simply start said docker container using docker-compose up -d.The docker registry is now running.

Since we might be moving sensitive data, it’ll be best to also secure our registry using the tls setup we have in traefik.This can be done by applying the following file:

If no errors come, you should now have a working docker registry you can login, push and pull from.

To intigrate it into k3s, create a file named /etc/rancher/k3s/registries.yaml and add the following content:

After you restart k3s, you should now be able to create pods based on the custom images in you registry.

Summary

And that’s pretty much it.You’ve sucessfully created a single node home cluster, can access it with tls certificates from letsencrypt and can even publish custom imaes in your kubernetes cluster.

So, in summary, good job and have fun experimenting in your very own kubernetes cluster!

Sources

Setup Traefik Minecraft

  • k3s and traefik installation: https://medium.com/@fache.loic/k3s-traefik-2-9b4646393a1c
  • docker registry: https://docs.docker.com/registry/deploying/
  • k3s private registry: https://rancher.com/docs/k3s/latest/en/installation/private-registry/