version: "3.8" networks: host-network: name: host external: true traefik-network: external: true services: traefik-service: image: docker.io/traefik:2.9 hostname: traefik-service-host tty: true environment: - DS_NODE_NAME={{.Node.Hostname}} - DS_SERVICE_NAME={{.Service.Name}} - DS_TASK_NAME={{.Task.Name}} volumes: - type: bind source: /var/run/docker.sock target: /var/run/docker.sock # if /etc/traefik direcotry exists, traefik looks for /etc/traefik/traefik.toml # use a different directory(/config) to avoid problems for the lack of traefik.toml - type: bind source: /home/gfs-data/traefik target: /config ports: - target: 80 published: 80 protocol: tcp mode: host - target: 443 published: 443 protocol: tcp mode: host - target: 4444 published: 4444 protocol: tcp mode: host networks: - traefik-network #- host-network deploy: mode: global placement: constraints: [node.role == manager] command: - --log.level=INFO - --accessLog - --api.dashboard=true - --api.insecure=true - --ping=true - --entrypoints.traefik.address=:4444 - --entrypoints.web.address=:80 ##- --entrypoints.web.http.redirections.entryPoint.to=websec ##- --entrypoints.web.http.redirections.entryPoint.scheme=https - --entrypoints.websec.address=:443 - --providers.docker.swarmmode=true - --providers.docker.exposedbydefault=false - --providers.docker.network=traefik-network - --providers.docker.watch=true - --providers.file.filename=/config/traefik-cert.yml - --providers.file.watch=true - --metrics.prometheus=true