Giters

joshuaalewis / traefik-fips

Home Page:https://store.docker.com/images/traefik

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Traefik FIPS

Træfɪk is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Træfik integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ...) and configures itself automatically and dynamically. Telling Træfik where your orchestrator is could be the only configuration step you need to do.

The Dockerfile builds the FIPS canister per the requirements in "OpenSSL FIPS 140-2 Security Policy Version 2.0.16." It also verifies the SHA256 hash and PGP signatures of the OpenSSL and FIPS Module source based on OpenSSL's best practices recommendations. Finally, it builds and runs a simple C test program to verify that toggling FIPS mode actually works. This test program is only used in the Docker image build process and does not appear in the final image.

Example usage

Grab a sample configuration file and rename it to traefik.toml. Enable docker provider and web UI:

################################################################
# API and dashboard configuration
################################################################
[api]
################################################################
# Docker configuration backend
################################################################
[docker]
domain = "docker.local"
watch = true

Start Træfɪk:

docker run -d -p 8080:8080 -p 80:80 \
-v $PWD/traefik.toml:/etc/traefik/traefik.toml \
-v /var/run/docker.sock:/var/run/docker.sock \
traefik

Start a backend server, named test:

docker run -d --name test emilevauge/whoami

And finally, you can access to your whoami server throught Træfɪk, on the domain name {containerName}.{configuredDomain}:

curl --header 'Host: test.docker.local' 'http://localhost:80/'
Hostname: 117c5530934d
IP: 127.0.0.1
IP: ::1
IP: 172.17.0.3
IP: fe80::42:acff:fe11:3
GET / HTTP/1.1
Host: 172.17.0.3:80
User-Agent: curl/7.35.0
Accept: */*
Accept-Encoding: gzip
X-Forwarded-For: 172.17.0.1
X-Forwarded-Host: 172.17.0.3:80
X-Forwarded-Proto: http
X-Forwarded-Server: f2e05c433120

The web UI http://localhost:8080 will give you an overview of the frontends/backends and also a health dashboard.

Web UI Providers

Documentation

You can find the complete documentation at https://docs.traefik.io. A collection of contributions around Træfik can be found at https://awesome.traefik.io.

About

https://store.docker.com/images/traefik

License:Apache License 2.0

Languages

Language:Dockerfile 52.5%Language:Shell 47.5%