引言
Traefik 是一个开源的、现代的、易于配置的反向代理和负载均衡器,它支持多种协议和模式,如 HTTP、HTTPS、WebSocket、Mail 等。在本文中,我们将详细介绍如何在 CentOS 上安装和配置 Traefik。
系统要求
在开始之前,请确保您的 CentOS 系统满足以下要求:
- CentOS 7 或更高版本
- 至少 2GB 的 RAM
- 1GB 的磁盘空间
安装步骤
1. 安装 Docker
由于 Traefik 是基于容器的,我们首先需要安装 Docker。
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable docker
2. 添加 Traefik 官方仓库
接下来,我们需要将 Traefik 添加到 Docker 仓库。
sudo mkdir -p /etc/docker/repositories.d
sudo cat <<EOF | sudo tee /etc/docker/repositories.d/traefik.repo
[traefik]
name=traefik
baseurl=https://apt.dockerproject.org/repo/traefik-$(curl -s https://api.github.com/repos/golang/go/tags | grep -Po '"tag_name": "\K.*?(?=")' | head -1)/apt/centos/7/main/x86_64/
EOF
3. 安装 Traefik
现在我们可以使用 Docker 安装 Traefik。
sudo docker pull traefik:latest
4. 创建 Traefik 配置文件
创建一个 Traefik 配置文件,例如 /etc/traefik/traefik.yml,并添加以下内容:
”`yaml version: 2 entryPoints: web:
address: ":80"
admin:
address: ":8080"
smtp:
address: ":25"
protocols:
- smtp
imap:
address: ":143"
protocols:
- imap
pop3:
address: ":110"
protocols:
- pop3
ftp:
address: ":21"
protocols:
- ftp
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
ftps:
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
dns: providers:
- file:
filename: /etc/traefik/dns/resolver.conf
resolvers:
- 8.8.8.8
- 8.8.4.4
- 1.1.1.1
- 1.0.0.1
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
watch:
files:
- /etc/traefik/dns/resolver.conf
directories:
- /etc/traefik/dns
recursive: true
cache:
maxEntries: 100
onStartup: true
onExit: true
entryPoints:
- web
- admin
- smtp
- imap
- pop3
- ftp
default:
resolvers:
- "default"
watch: true
ttl: 300s
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/http.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/https.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
smtp:
entryPoints:
- smtp
rules:
- match: Host(`smtp.example.com`)
service: smtp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
imap:
entryPoints:
- imap
rules:
- match: Host(`imap.example.com`)
service: imap
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
pop3:
entryPoints:
- pop3
rules:
- match: Host(`pop3.example.com`)
service: pop3
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
ftp:
entryPoints:
- ftp
rules:
- match: Host(`ftp.example.com`)
service: ftp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
dns:
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/dns/resolver.conf
resolvers:
- 8.8.8.8
- 8.8.4.4
- 1.1.1.1
- 1.0.0.1
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
watch:
files:
- /etc/traefik/dns/resolver.conf
directories:
- /etc/traefik/dns
recursive: true
cache:
maxEntries: 100
onStartup: true
onExit: true
default:
resolvers:
- "default"
watch: true
ttl: 300s
default:
resolvers:
- "default"
watch: true
ttl: 300s
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/default.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultSMTP:
entryPoints:
- smtp
rules:
- match: Host(`smtp.example.com`)
service: smtp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultIMAP:
entryPoints:
- imap
rules:
- match: Host(`imap.example.com`)
service: imap
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultPOP3:
entryPoints:
- pop3
rules:
- match: Host(`pop3.example.com`)
service: pop3
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultFTP:
entryPoints:
- ftp
rules:
- match: Host(`ftp.example.com`)
service: ftp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
ftps:
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultDNS:
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/dns/resolver.conf
resolvers:
- 8.8.8.8
- 8.8.4.4
- 1.1.1.1
- 1.0.0.1
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
watch:
files:
- /etc/traefik/dns/resolver.conf
directories:
- /etc/traefik/dns
recursive: true
cache:
maxEntries: 100
onStartup: true
onExit: true
default:
resolvers:
- "default"
watch: true
ttl: 300s
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/default.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultHTTPS:
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/https.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultSMTP:
entryPoints:
- smtp
rules:
- match: Host(`smtp.example.com`)
service: smtp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultIMAP:
entryPoints:
- imap
rules:
- match: Host(`imap.example.com`)
service: imap
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultPOP3:
entryPoints:
- pop3
rules:
- match: Host(`pop3.example.com`)
service: pop3
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultFTP:
entryPoints:
- ftp
rules:
- match: Host(`ftp.example.com`)
service: ftp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
ftps:
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultDNS:
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/dns/resolver.conf
resolvers:
- 8.8.8.8
- 8.8.4.4
- 1.1.1.1
- 1.0.0.1
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
watch:
files:
- /etc/traefik/dns/resolver.conf
directories:
- /etc/traefik/dns
recursive: true
cache:
maxEntries: 100
onStartup: true
onExit: true
default:
resolvers:
- "default"
watch: true
ttl: 300s
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/default.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultHTTPS:
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/https.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultSMTP:
entryPoints:
- smtp
rules:
- match: Host(`smtp.example.com`)
service: smtp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultIMAP:
entryPoints:
- imap
rules:
- match: Host(`imap.example.com`)
service: imap
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultPOP3:
entryPoints:
- pop3
rules:
- match: Host(`pop3.example.com`)
service: pop3
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
defaultFTP:
entryPoints:
- ftp
rules:
- match: Host(`ftp.example.com`)
service: ftp
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
ftps:
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
defaultDNS:
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/dns/resolver.conf
resolvers:
- 8.8.8.8
- 8.8.4.4
- 1.1.1.1
- 1.0.0.1
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
watch:
files:
- /etc/traefik/dns/resolver.conf
directories:
- /etc/traefik/dns
recursive: true
cache:
maxEntries: 100
onStartup: true
onExit: true
default:
resolvers:
- "default"
watch: true
ttl: 300s
entryPoints:
- web
providers:
- file:
filename: /etc/traefik/http/services/default.file
rules:
- match: Host(`example.com`)
service: example
- match: Host(`*.example.com`)
service: subdomains
- match: Host(`test.example.com`)
service: test
middlewares:
- rewriter:
replacePath:
prefix: /
target: /
tls:
certResolver: default
domains:
- "example.com"
- "*.example.com"
- "test.example.com"
secret: /etc/traefik/tls/tls.key
ca: /etc/traefik/tls/ca.crt
default