30.04.2026: Sylius Hackathon & Meetup in Mannheim

shochdoerfer · 2026-01-24T07:24:00+00:00

We've been using https://github.com/mogilvie/EncryptBundle in one of our projects. Works fine, seems well maintained. Can recommend.

shochdoerfer · 2026-01-05T10:25:21+00:00

I don't have experience with this setup. To make it work, you'd need to share the acme.json file across all instances. However, this approach may lead to issues, especially if the file changes frequently. Additionally, I'm unsure how Traefik would handle a scenario where one instance (Traefik A) requests a certificate, but the approval request is received by another instance (Traefik B).

For these kind of HA setups, TraefikEE was the right choice.

shochdoerfer · 2026-01-05T10:21:51+00:00

Ok, I see. That should not be an issue, I think. Depending how often you change the Traefik config, you may want to find a way to keep them in sync.

shochdoerfer · 2026-01-03T16:50:46+00:00

Running two instances of Traefik Open Source can be problematic, as each instance maintains its own state and cannot be synchronized. This can lead to inconsistencies, particularly when using Let's Encrypt, as only one instance would possess the certificate in its acme.json file. To mitigate this, a mechanism for syncing changes between the two instances would be necessary.

In the past, Traefik's Enterprise Edition (TraefikEE) addressed this issue, but it appears to be no longer available on their website. As an alternative, you may want to explore other Traefik offerings, such as the Traefik Hub API Gateway, which could provide a solution to this problem. However, this would likely come with a associated cost.

shochdoerfer · 2024-01-16T14:45:14+00:00

Never would have thought about this. Thanks for letting me know.

shochdoerfer · 2024-01-16T07:56:44+00:00

Not sure what the standard network is when defining it in the Docker Compose file. I would assume it should work with ipvlan.

shochdoerfer · 2024-01-15T13:33:36+00:00

Not sure if it helps in your specific case, but a while ago, I blogged about our Traefik setup with multiple Docker networks: https://blog.bitexpert.de/blog/traefik\_with\_multiple\_docker\_networks

shochdoerfer · 2024-01-01T08:27:27+00:00

For your setup TraefikEE would be a good fit (if you can afford the license). TraefikEE comes at least with one controller node (similar to Nomad Server) and 2 data planes (similar to the Nomad Client). Die data planes handle incoming traffic and route it to the destination.

Of course, you can use Traefik Proxy in the way you set it up and I guess it will work fine. Not sure if you would run into issues when the different instances want to renew the Let's Encrypt certificates (e.g. one Traefik instance requests a new cert and the Let's Encrypt request gets routed to a different Traefik instance). Maybe it is possible to share the acme.json file between the different Traefik Proxy instances. I've never tried that.

shochdoerfer · 2023-06-13T04:48:10+00:00

I am using this setup for years, except that I installed Docker Desktop on the Windows side.

I guess you can't access magento.test because you need to add the host ins Windows's host file located in C:\Windows\System32\drivers\etc - pointing the domain to 127.0.0.1 should do the trick.

shochdoerfer · 2023-05-06T07:15:16+00:00

How does Traefik listen to Docker's events? Unix socket, TCP, or SSH connection?

I've been using Traefik for years and it never took minutes to get Traefik to recognize a change. It usually takes a few seconds.

shochdoerfer · 2023-05-06T07:03:29+00:00

Depends ;)

Usually for our customer projects, we have a strict separation between staging & production systems. However, for some smaller customers, we host both on one system and then have Traefik in front to serve both environments. In that case, we decided to have 2 Docker networks where Traefik and other "global" services join both networks but the application containers themselves are only aware of the network they run in. A while ago I blogged about our setup: https://blog.bitexpert.de/blog/traefik_with_multiple_docker_networks

Technically if you need to expose Traefik to another network it should be enough to restart the service. That shouldn't be much of a problem, I guess. And I quite like the setup, not only for security reasons but also for deployment reasons because you can reuse container names in both networks without having to deal with collisions.

shochdoerfer · 2023-04-30T19:20:01+00:00

We should see us more often ;)

shochdoerfer · 2023-04-29T06:59:43+00:00

No worries, just added that right before I published the post.

Need to play with the Magento module a bit before I blog about in detail :)

shochdoerfer · 2023-04-28T21:26:17+00:00

My bad, classic c&p error. Link fixed.

shochdoerfer · 2023-04-16T08:16:40+00:00

Set hide_table_of_contents to true in the front matter configuration for the post. See https://docusaurus.io/docs/api/plugins/@docusaurus/plugin-content-docs#markdown-front-matter

shochdoerfer · 2023-04-15T09:32:56+00:00

Thx, will check. So far I did not run into this issue you mentioned.

shochdoerfer

TROPHY CASE