Traefik:让我们encryption+其他证书
我有3个节点群,我希望使用TRAEFIK与Let'sEncryp和我自己的证书由公司www.tbs-internet.com生成。 可能吗? 目前它与Let's Encrypt一起使用,但不与我的其他证书一起使用。 使用configuration文件,我在Traefik的日志中有以下错误:
time="2017-07-05T12:07:57Z" level=info msg="Preparing server http &{Network: Address::80 TLS:<nil> Redirect:<nil> Auth:0xc420339360 Compress:false}" time="2017-07-05T12:07:57Z" level=info msg="Preparing server https &{Network: Address::443 TLS:0xc4204fe600 Redirect:<nil> Auth:0xc4203396c0 Compress:false}" time="2017-07-05T12:07:57Z" level=info msg="Starting server on :80" time="2017-07-05T12:07:57Z" level=error msg="Error creating TLS config: tls: failed to parse private key" time="2017-07-05T12:07:57Z" level=fatal msg="Error preparing server: tls: failed to parse private key" traefik.toml
defaultEntryPoints = ["http", "https"] [entryPoints] [entryPoints.http] address = ":80" [entryPoints.https] address = ":443" [entryPoints.https.tls] [[entryPoints.https.tls.certificates]] CertFile = "/tls/fs/preprod.appx.mydomainA.com.cert" KeyFile = "/tls/fs/preprod.appx.mydomainA.com.key" [acme] email = "xxxxxxxxxxxxxxxxxxx" storage = "acme.json" entryPoint = "https" onDemand = true [[acme.domains]] main = "admin.mydomainC.com" [web] address = ":8080"
docker-compose.yml for Traefik
version: '3' services: proxy-prod: image: traefik:v1.3.1-alpine command: --web --docker --docker.swarmmode --docker.domain=traefik.admin.mydomainC.com --docker.watch --logLevel=DEBUG networks: - net-prod ports: - "80:80" - "443:443" - "8080:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock - $PWD/traefik.toml:/traefik.toml - "/home/swarm/ssl:/tls" deploy: mode: global networks: net-prod: driver: overlay external: name: net-prod
docker-compose.yml for app1
version: '3' networks: net-prod: driver: overlay external: name: net-prod services: app1: image: private/app1 networks: - net-prod deploy: labels: - "traefik.backend=app1" - "traefik.frontend.rule=Host:app1.app.mydomainC.com,preprod.appx.mydomainA.com" - "traefik.docker.network=net-prod" - "traefik.port=9001" replicas: 1
你有好主意吗 ?
app1服务有两个url:
- app1.app.mydomainC.com:让我们来encryption
- preprod.appx.mydomainA.com:我自己的证书由公司www.tbs-internet.com生成