Use layer 7 routing labels
Estimated reading time: 2 minutesThis topic applies to Docker Enterprise.
The Docker Enterprise platform business, including products, customers, and employees, has been acquired by Mirantis, inc., effective 13-November-2019. For more information on the acquisition and how it may affect you and your business, refer to the Docker Enterprise Customer FAQ.
After you enable the layer 7 routing solution, you can start using it in your swarm services.
Service labels define hostnames that are routed to the service, the applicable ports, and other routing configurations. Applications that publish using Interlock use service labels to configure how they are published.
When you deploy or update a swarm service with service labels, the following actions occur:
- The
ucp-interlockservice monitors the Docker API for events and publishes the events to theucp-interlock-extensionservice. - That service then generates a new configuration for the proxy service, based on the labels you added to your services.
- The
ucp-interlockservice takes the new configuration and reconfigures theucp-interlock-proxyto start using the new configuration.
The previous steps occur in milliseconds and with rolling updates. Even though services are being reconfigured, users won’t notice it.
Service label options
| Label | Description | Example |
|---|---|---|
com.docker.lb.hosts |
Comma separated list of the hosts that the service should serve. | example.com,test.com |
com.docker.lb.port |
Port to use for internal upstream communication. | 8080 |
com.docker.lb.network |
Name of network the proxy service should attach to for upstream connectivity. | app-network-a |
com.docker.lb.context_root |
Context or path to use for the application. | /app |
com.docker.lb.context_root_rewrite |
When set to true, this option changes the path from the value of label com.docker.lb.context_root to /. |
true |
com.docker.lb.ssl_cert |
Docker secret to use for the SSL certificate. | example.com.cert |
com.docker.lb.ssl_key |
Docker secret to use for the SSL key. | example.com.key |
com.docker.lb.websocket_endpoints |
Comma separated list of endpoints to configure to be upgraded for websockets. | /ws,/foo |
com.docker.lb.service_cluster |
Name of the service cluster to use for the application. | us-east |
com.docker.lb.sticky_session_cookie |
Cookie to use for sticky sessions. | app_session |
com.docker.lb.redirects |
Semi-colon separated list of redirects to add in the format of <source>,<target>. |
http://old.example.com,http://new.example.com; |
com.docker.lb.ssl_passthrough |
Enable SSL passthrough. | false |
com.docker.lb.backend_mode |
Select the backend mode that the proxy should use to access the upstreams. Defaults to task. |
vip |