Ebook Syafi
Koleksi
Admin
← Kembali ke Upgrade Kerjaya Dengan Homelab
Edit Bab
Tajuk Bab
Urutan
Jenis
Syarat & Amaran
Mukadimah
Bab/Chapter
Penutup
Kandungan HTML
<h1 id="bab-7-docker-lanjutan-dan-orkestrasi">Bab 7: Docker Lanjutan dan Orkestrasi</h1> <figure><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 820 450" width="820" height="450"> <defs> <linearGradient id="df-bg" x1="0%" y1="0%" x2="100%" y2="100%"> <stop offset="0%" style="stop-color:#f8fafc"/> <stop offset="100%" style="stop-color:#eff6ff"/> </linearGradient> <filter id="df-shadow"> <feDropShadow dx="0" dy="7" stdDeviation="9" flood-color="#0f172a" flood-opacity="0.12"/> </filter> </defs> <rect width="820" height="450" rx="18" fill="url(#df-bg)"/> <text x="410" y="36" font-family="Arial, Helvetica, sans-serif" font-size="20" font-weight="bold" fill="#1e293b" text-anchor="middle">Aliran Rangkaian Docker Lanjutan</text> <text x="410" y="58" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#64748b" text-anchor="middle">Contoh visual untuk Traefik, rangkaian berbilang, pengesahan, dan lapisan database dalaman</text> <g stroke="#94a3b8" stroke-width="3" stroke-linecap="round" fill="none"> <line x1="140" y1="160" x2="250" y2="160"/> <line x1="390" y1="140" x2="470" y2="110"/> <line x1="390" y1="160" x2="470" y2="160"/> <line x1="390" y1="180" x2="470" y2="210"/> <line x1="310" y1="205" x2="310" y2="280"/> <line x1="510" y1="246" x2="510" y2="290" stroke-dasharray="7,6"/> <line x1="630" y1="246" x2="630" y2="290" stroke-dasharray="7,6"/> <line x1="300" y1="250" x2="470" y2="330"/> </g> <g filter="url(#df-shadow)"> <path d="M55 162c0-22 18-40 40-40 7-21 28-35 52-35 29 0 53 20 59 47 17 3 30 18 30 36 0 20-16 36-36 36H90c-19 0-35-15-35-34z" fill="#cbd5e1"/> <text x="145" y="148" font-family="Arial, Helvetica, sans-serif" font-size="16" font-weight="bold" fill="#1e293b" text-anchor="middle">Internet</text> <text x="145" y="168" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#475569" text-anchor="middle">HTTP, HTTPS, ACME</text> </g> <g filter="url(#df-shadow)"> <rect x="250" y="110" width="140" height="100" rx="18" fill="#0f766e"/> <text x="320" y="144" font-family="Arial, Helvetica, sans-serif" font-size="18" font-weight="bold" fill="#ffffff" text-anchor="middle">Traefik</text> <text x="320" y="166" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#ccfbf1" text-anchor="middle">TLS, routing, labels Docker</text> <text x="320" y="184" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#ccfbf1" text-anchor="middle">Dashboard dan ACME resolver</text> </g> <g filter="url(#df-shadow)"> <rect x="230" y="280" width="160" height="88" rx="18" fill="#7c3aed"/> <text x="310" y="311" font-family="Arial, Helvetica, sans-serif" font-size="16" font-weight="bold" fill="#ffffff" text-anchor="middle">Authelia</text> <text x="310" y="332" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#ede9fe" text-anchor="middle">SSO dan 2FA untuk servis</text> <text x="310" y="350" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#ede9fe" text-anchor="middle">Middleware keselamatan</text> </g> <g filter="url(#df-shadow)"> <rect x="450" y="78" width="320" height="165" rx="18" fill="#dbeafe" stroke="#60a5fa" stroke-width="2"/> <text x="610" y="105" font-family="Arial, Helvetica, sans-serif" font-size="14" font-weight="bold" fill="#1d4ed8" text-anchor="middle">Rangkaian Proxy / Frontend</text> <rect x="470" y="122" width="90" height="82" rx="14" fill="#2563eb"/> <text x="515" y="151" font-family="Arial, Helvetica, sans-serif" font-size="14" font-weight="bold" fill="#ffffff" text-anchor="middle">Nextcloud</text> <text x="515" y="172" font-family="Arial, Helvetica, sans-serif" font-size="10" fill="#dbeafe" text-anchor="middle">cloud.lab.local</text> <rect x="565" y="122" width="90" height="82" rx="14" fill="#4f46e5"/> <text x="610" y="151" font-family="Arial, Helvetica, sans-serif" font-size="14" font-weight="bold" fill="#ffffff" text-anchor="middle">Gitea</text> <text x="610" y="172" font-family="Arial, Helvetica, sans-serif" font-size="10" fill="#e0e7ff" text-anchor="middle">git.lab.local</text> <rect x="660" y="122" width="90" height="82" rx="14" fill="#0f766e"/> <text x="705" y="151" font-family="Arial, Helvetica, sans-serif" font-size="14" font-weight="bold" fill="#ffffff" text-anchor="middle">Vaultwarden</text> <text x="705" y="172" font-family="Arial, Helvetica, sans-serif" font-size="10" fill="#ccfbf1" text-anchor="middle">vault.lab.local</text> </g> <g filter="url(#df-shadow)"> <rect x="450" y="286" width="320" height="120" rx="18" fill="#ede9fe" stroke="#8b5cf6" stroke-width="2"/> <text x="610" y="312" font-family="Arial, Helvetica, sans-serif" font-size="14" font-weight="bold" fill="#6d28d9" text-anchor="middle">Rangkaian Backend / Internal</text> <rect x="485" y="332" width="110" height="46" rx="12" fill="#7c3aed"/> <text x="540" y="360" font-family="Arial, Helvetica, sans-serif" font-size="13" font-weight="bold" fill="#ffffff" text-anchor="middle">MariaDB</text> <rect x="625" y="332" width="110" height="46" rx="12" fill="#334155"/> <text x="680" y="360" font-family="Arial, Helvetica, sans-serif" font-size="13" font-weight="bold" fill="#ffffff" text-anchor="middle">Redis</text> </g> <text x="515" y="274" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#64748b" text-anchor="middle">Akses aplikasi melalui hostname dan labels</text> <text x="635" y="274" font-family="Arial, Helvetica, sans-serif" font-size="11" fill="#64748b" text-anchor="middle">Servis hanya melihat database yang diperlukan</text> </svg> <figcaption>Aliran Rangkaian Docker Lanjutan</figcaption></figure> <p>Anda dah selesa dengan Docker Compose asas? Bagus! Sekarang kita naikkan level sedikit. Bab ni akan tunjukkan macam mana nak buat setup Docker anda lebih profesional — reverse proxy, health check, backup, dan pengurusan berbilang host.</p> <p>Tapi ingat, semua ni optional. Guna bila ada keperluan sebenar, bukan sebab nampak cool.</p> <p><strong>Apa yang anda akan belajar:</strong></p> <ul> <li>Bila patut guna Traefik, Macvlan, Swarm, dan Health Check</li> <li>Cara mengembangkan setup Docker tanpa jadi serabut</li> <li>Cara merancang backup dan migrasi service dengan lebih yakin</li> </ul> <h2 id="cara-ikut-bab-ini">Cara Ikut Bab Ini</h2> <ol type="1"> <li>Pastikan anda benar-benar selesa dengan Docker Compose asas dahulu.</li> <li>Tambah komponen lanjutan satu demi satu, bukan serentak.</li> <li>Uji backup dan restore, bukan sekadar simpan fail config.</li> </ol> <blockquote> <p><strong>Nota Beginner:</strong> Anda tidak perlu Traefik, Macvlan, atau Swarm pada hari pertama. Guna bila ada masalah sebenar yang ia boleh selesaikan. Contohnya, Traefik berguna bila anda dah ada banyak service dan penat taip port number setiap kali.</p> </blockquote> <h3 id="laluan-paling-mudah-untuk-beginner">Laluan Paling Mudah untuk Beginner</h3> <ul> <li>Jika Docker Compose asas pun belum selesa, belum perlu masuk bab ini terlalu dalam.</li> <li>Mulakan dengan reverse proxy atau backup, bukan terus ke Swarm.</li> <li>Pastikan anda tahu restore satu service sebelum anda cuba scale banyak service.</li> </ul> <h2 id="langkah-1-docker-networks-lanjutan">Langkah 1: Docker Networks Lanjutan</h2> <h3 id="memahami-jenis-rangkaian-docker">Memahami Jenis Rangkaian Docker</h3> <p>Docker menyokong beberapa pemacu rangkaian. Setiap satu ada tujuan tersendiri.</p> <p><strong>Bridge (Default):</strong></p> <p>Ini rangkaian yang paling biasa. Container dalam rangkaian bridge boleh bercakap antara satu sama lain menggunakan nama container sebagai hostname.</p> <div class="sourceCode" id="cb1"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Rangkaian bridge lalai</span></span> <span id="cb1-2"><a href="#cb1-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> network create <span class="at">--driver</span> bridge my-network</span> <span id="cb1-3"><a href="#cb1-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb1-4"><a href="#cb1-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Container dalam rangkaian bridge boleh berkomunikasi</span></span> <span id="cb1-5"><a href="#cb1-5" aria-hidden="true" tabindex="-1"></a><span class="co"># menggunakan nama container sebagai hostname</span></span></code></pre></div> <p><strong>Host:</strong></p> <p>Container guna rangkaian host terus — macam app biasa yang jalan terus pada server.</p> <div class="sourceCode" id="cb2"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb2-1"><a href="#cb2-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Container berkongsi rangkaian host terus</span></span> <span id="cb2-2"><a href="#cb2-2" aria-hidden="true" tabindex="-1"></a><span class="co"># Tiada pengasingan rangkaian, tetapi prestasi terbaik</span></span> <span id="cb2-3"><a href="#cb2-3" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> run <span class="at">--network</span> host nginx</span></code></pre></div> <p><strong>Macvlan:</strong></p> <p>Setiap container dapat alamat MAC dan IP sendiri. Pada rangkaian, ia nampak macam peranti fizikal yang berasingan.</p> <div class="sourceCode" id="cb3"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Setiap container mendapat alamat MAC dan IP sendiri</span></span> <span id="cb3-2"><a href="#cb3-2" aria-hidden="true" tabindex="-1"></a><span class="co"># Kelihatan seperti peranti fizikal pada rangkaian</span></span> <span id="cb3-3"><a href="#cb3-3" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> network create <span class="at">-d</span> macvlan <span class="dt">\</span></span> <span id="cb3-4"><a href="#cb3-4" aria-hidden="true" tabindex="-1"></a> <span class="at">--subnet</span><span class="op">=</span>10.0.0.0/24 <span class="dt">\</span></span> <span id="cb3-5"><a href="#cb3-5" aria-hidden="true" tabindex="-1"></a> <span class="at">--gateway</span><span class="op">=</span>10.0.0.1 <span class="dt">\</span></span> <span id="cb3-6"><a href="#cb3-6" aria-hidden="true" tabindex="-1"></a> <span class="at">-o</span> parent=eth0 <span class="dt">\</span></span> <span id="cb3-7"><a href="#cb3-7" aria-hidden="true" tabindex="-1"></a> my-macvlan</span></code></pre></div> <p>Macvlan sangat berguna untuk perkhidmatan yang memerlukan kehadiran pada rangkaian fizikal, seperti Pi-hole atau Home Assistant.</p> <blockquote> <p><strong>Nota Beginner:</strong> Untuk kebanyakan kes, rangkaian bridge sudah cukup. Guna Macvlan hanya bila service anda perlu IP tersendiri pada rangkaian rumah — contohnya Pi-hole yang perlu jadi DNS server untuk semua peranti.</p> </blockquote> <p><strong>IPvlan:</strong></p> <div class="sourceCode" id="cb4"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Serupa dengan Macvlan tetapi berkongsi alamat MAC host</span></span> <span id="cb4-2"><a href="#cb4-2" aria-hidden="true" tabindex="-1"></a><span class="co"># Berguna apabila switch mengehadkan MAC per port</span></span> <span id="cb4-3"><a href="#cb4-3" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> network create <span class="at">-d</span> ipvlan <span class="dt">\</span></span> <span id="cb4-4"><a href="#cb4-4" aria-hidden="true" tabindex="-1"></a> <span class="at">--subnet</span><span class="op">=</span>10.0.0.0/24 <span class="dt">\</span></span> <span id="cb4-5"><a href="#cb4-5" aria-hidden="true" tabindex="-1"></a> <span class="at">--gateway</span><span class="op">=</span>10.0.0.1 <span class="dt">\</span></span> <span id="cb4-6"><a href="#cb4-6" aria-hidden="true" tabindex="-1"></a> <span class="at">-o</span> parent=eth0 <span class="dt">\</span></span> <span id="cb4-7"><a href="#cb4-7" aria-hidden="true" tabindex="-1"></a> my-ipvlan</span></code></pre></div> <h3 id="rangkaian-berbilang-dalam-docker-compose">Rangkaian Berbilang dalam Docker Compose</h3> <p>Ini contoh yang sangat praktikal — asingkan traffic antara frontend, backend, dan database.</p> <div class="sourceCode" id="cb5"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb5-2"><a href="#cb5-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">traefik</span><span class="kw">:</span></span> <span id="cb5-3"><a href="#cb5-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> traefik:latest</span></span> <span id="cb5-4"><a href="#cb5-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb5-5"><a href="#cb5-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> frontend</span></span> <span id="cb5-6"><a href="#cb5-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> backend</span></span> <span id="cb5-7"><a href="#cb5-7" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-8"><a href="#cb5-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nextcloud</span><span class="kw">:</span></span> <span id="cb5-9"><a href="#cb5-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> nextcloud:latest</span></span> <span id="cb5-10"><a href="#cb5-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb5-11"><a href="#cb5-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> backend</span></span> <span id="cb5-12"><a href="#cb5-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> database</span></span> <span id="cb5-13"><a href="#cb5-13" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-14"><a href="#cb5-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">db</span><span class="kw">:</span></span> <span id="cb5-15"><a href="#cb5-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> mariadb:latest</span></span> <span id="cb5-16"><a href="#cb5-16" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb5-17"><a href="#cb5-17" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> database</span><span class="co"> # Hanya boleh diakses oleh nextcloud</span></span> <span id="cb5-18"><a href="#cb5-18" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-19"><a href="#cb5-19" aria-hidden="true" tabindex="-1"></a><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb5-20"><a href="#cb5-20" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">frontend</span><span class="kw">:</span></span> <span id="cb5-21"><a href="#cb5-21" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">driver</span><span class="kw">:</span><span class="at"> bridge</span></span> <span id="cb5-22"><a href="#cb5-22" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">backend</span><span class="kw">:</span></span> <span id="cb5-23"><a href="#cb5-23" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">driver</span><span class="kw">:</span><span class="at"> bridge</span></span> <span id="cb5-24"><a href="#cb5-24" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">database</span><span class="kw">:</span></span> <span id="cb5-25"><a href="#cb5-25" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">driver</span><span class="kw">:</span><span class="at"> bridge</span></span> <span id="cb5-26"><a href="#cb5-26" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">internal</span><span class="kw">:</span><span class="at"> </span><span class="ch">true</span><span class="co"> # Tiada akses ke internet</span></span></code></pre></div> <p>Dengan konfigurasi ini: - Traefik boleh berkomunikasi dengan Nextcloud (melalui <code>backend</code>) - Nextcloud boleh berkomunikasi dengan MariaDB (melalui <code>database</code>) - MariaDB TIDAK boleh diakses terus dari luar (rangkaian <code>internal</code>)</p> <p>Tip dari saya — walaupun dalam homelab, asingkan database dari internet. Ini amalan keselamatan yang baik dan senang nak buat.</p> <h2 id="langkah-2-reverse-proxy-dengan-traefik">Langkah 2: Reverse Proxy dengan Traefik</h2> <h3 id="mengapa-traefik">Mengapa Traefik?</h3> <p>Bayangkan anda ada 10 service Docker. Tanpa reverse proxy, anda kena ingat port setiap satu — <code>server:8080</code> untuk Nextcloud, <code>server:3000</code> untuk Gitea, <code>server:8096</code> untuk Jellyfin… penat kan?</p> <p>Dengan Traefik, anda boleh guna nama domain: <code>cloud.lab.local</code>, <code>git.lab.local</code>, <code>media.lab.local</code>. Lebih kemas dan mudah diingat.</p> <p>Traefik ialah reverse proxy moden yang menawarkan: - Pengesanan automatik container Docker (tiada konfigurasi manual) - Sijil SSL automatik (Let’s Encrypt) - Dashboard masa nyata - Middleware (pengesahan, rate limiting, dll.)</p> <h3 id="konfigurasi-traefik-lengkap">Konfigurasi Traefik Lengkap</h3> <div class="sourceCode" id="cb6"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb6-1"><a href="#cb6-1" aria-hidden="true" tabindex="-1"></a><span class="co"># docker-compose.yml</span></span> <span id="cb6-2"><a href="#cb6-2" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb6-3"><a href="#cb6-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">traefik</span><span class="kw">:</span></span> <span id="cb6-4"><a href="#cb6-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> traefik:latest</span></span> <span id="cb6-5"><a href="#cb6-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> traefik</span></span> <span id="cb6-6"><a href="#cb6-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb6-7"><a href="#cb6-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"80:80"</span></span> <span id="cb6-8"><a href="#cb6-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"443:443"</span></span> <span id="cb6-9"><a href="#cb6-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"8080:8080"</span><span class="co"> # Dashboard</span></span> <span id="cb6-10"><a href="#cb6-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb6-11"><a href="#cb6-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /var/run/docker.sock:/var/run/docker.sock:ro</span></span> <span id="cb6-12"><a href="#cb6-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./traefik/traefik.yml:/etc/traefik/traefik.yml</span></span> <span id="cb6-13"><a href="#cb6-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./traefik/acme.json:/acme.json</span></span> <span id="cb6-14"><a href="#cb6-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb6-15"><a href="#cb6-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> proxy</span></span> <span id="cb6-16"><a href="#cb6-16" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb6-17"><a href="#cb6-17" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">labels</span><span class="kw">:</span></span> <span id="cb6-18"><a href="#cb6-18" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.enable=true"</span></span> <span id="cb6-19"><a href="#cb6-19" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.dashboard.rule=Host(`traefik.lab.local`)"</span></span> <span id="cb6-20"><a href="#cb6-20" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.dashboard.service=api@internal"</span></span> <span id="cb6-21"><a href="#cb6-21" aria-hidden="true" tabindex="-1"></a></span> <span id="cb6-22"><a href="#cb6-22" aria-hidden="true" tabindex="-1"></a><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb6-23"><a href="#cb6-23" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">proxy</span><span class="kw">:</span></span> <span id="cb6-24"><a href="#cb6-24" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">external</span><span class="kw">:</span><span class="at"> </span><span class="ch">true</span></span></code></pre></div> <div class="sourceCode" id="cb7"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="co"># traefik/traefik.yml</span></span> <span id="cb7-2"><a href="#cb7-2" aria-hidden="true" tabindex="-1"></a><span class="fu">api</span><span class="kw">:</span></span> <span id="cb7-3"><a href="#cb7-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">dashboard</span><span class="kw">:</span><span class="at"> </span><span class="ch">true</span></span> <span id="cb7-4"><a href="#cb7-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">insecure</span><span class="kw">:</span><span class="at"> </span><span class="ch">true</span></span> <span id="cb7-5"><a href="#cb7-5" aria-hidden="true" tabindex="-1"></a></span> <span id="cb7-6"><a href="#cb7-6" aria-hidden="true" tabindex="-1"></a><span class="fu">entryPoints</span><span class="kw">:</span></span> <span id="cb7-7"><a href="#cb7-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">web</span><span class="kw">:</span></span> <span id="cb7-8"><a href="#cb7-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">address</span><span class="kw">:</span><span class="at"> </span><span class="st">":80"</span></span> <span id="cb7-9"><a href="#cb7-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">http</span><span class="kw">:</span></span> <span id="cb7-10"><a href="#cb7-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">redirections</span><span class="kw">:</span></span> <span id="cb7-11"><a href="#cb7-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">entryPoint</span><span class="kw">:</span></span> <span id="cb7-12"><a href="#cb7-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">to</span><span class="kw">:</span><span class="at"> websecure</span></span> <span id="cb7-13"><a href="#cb7-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">scheme</span><span class="kw">:</span><span class="at"> https</span></span> <span id="cb7-14"><a href="#cb7-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">websecure</span><span class="kw">:</span></span> <span id="cb7-15"><a href="#cb7-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">address</span><span class="kw">:</span><span class="at"> </span><span class="st">":443"</span></span> <span id="cb7-16"><a href="#cb7-16" aria-hidden="true" tabindex="-1"></a></span> <span id="cb7-17"><a href="#cb7-17" aria-hidden="true" tabindex="-1"></a><span class="fu">providers</span><span class="kw">:</span></span> <span id="cb7-18"><a href="#cb7-18" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">docker</span><span class="kw">:</span></span> <span id="cb7-19"><a href="#cb7-19" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">endpoint</span><span class="kw">:</span><span class="at"> </span><span class="st">"unix:///var/run/docker.sock"</span></span> <span id="cb7-20"><a href="#cb7-20" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">exposedByDefault</span><span class="kw">:</span><span class="at"> </span><span class="ch">false</span></span> <span id="cb7-21"><a href="#cb7-21" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">network</span><span class="kw">:</span><span class="at"> proxy</span></span> <span id="cb7-22"><a href="#cb7-22" aria-hidden="true" tabindex="-1"></a></span> <span id="cb7-23"><a href="#cb7-23" aria-hidden="true" tabindex="-1"></a><span class="fu">certificatesResolvers</span><span class="kw">:</span></span> <span id="cb7-24"><a href="#cb7-24" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">letsencrypt</span><span class="kw">:</span></span> <span id="cb7-25"><a href="#cb7-25" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">acme</span><span class="kw">:</span></span> <span id="cb7-26"><a href="#cb7-26" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">email</span><span class="kw">:</span><span class="at"> admin@domain.com</span></span> <span id="cb7-27"><a href="#cb7-27" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">storage</span><span class="kw">:</span><span class="at"> /acme.json</span></span> <span id="cb7-28"><a href="#cb7-28" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">httpChallenge</span><span class="kw">:</span></span> <span id="cb7-29"><a href="#cb7-29" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">entryPoint</span><span class="kw">:</span><span class="at"> web</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> Jangan risau kalau config Traefik nampak panjang. Anda hanya perlu setup sekali, dan selepas tu menambah service baru sangat mudah — cuma tambah beberapa baris label sahaja.</p> </blockquote> <p><strong>Menambah perkhidmatan ke Traefik:</strong></p> <p>Nampak tak betapa mudahnya? Cuma tambah <code>labels</code> pada service dan Traefik akan auto-detect.</p> <div class="sourceCode" id="cb8"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb8-2"><a href="#cb8-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nextcloud</span><span class="kw">:</span></span> <span id="cb8-3"><a href="#cb8-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> nextcloud:latest</span></span> <span id="cb8-4"><a href="#cb8-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> nextcloud</span></span> <span id="cb8-5"><a href="#cb8-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb8-6"><a href="#cb8-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> proxy</span></span> <span id="cb8-7"><a href="#cb8-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">labels</span><span class="kw">:</span></span> <span id="cb8-8"><a href="#cb8-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.enable=true"</span></span> <span id="cb8-9"><a href="#cb8-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.nextcloud.rule=Host(`cloud.lab.local`)"</span></span> <span id="cb8-10"><a href="#cb8-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.nextcloud.tls=true"</span></span> <span id="cb8-11"><a href="#cb8-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.nextcloud.tls.certresolver=letsencrypt"</span></span> <span id="cb8-12"><a href="#cb8-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.services.nextcloud.loadbalancer.server.port=80"</span></span> <span id="cb8-13"><a href="#cb8-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span></code></pre></div> <h3 id="middleware-traefik">Middleware Traefik</h3> <p><strong>Basic Auth:</strong></p> <div class="sourceCode" id="cb9"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb9-1"><a href="#cb9-1" aria-hidden="true" tabindex="-1"></a><span class="fu">labels</span><span class="kw">:</span></span> <span id="cb9-2"><a href="#cb9-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$hash"</span></span> <span id="cb9-3"><a href="#cb9-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.app.middlewares=auth"</span></span></code></pre></div> <p><strong>Rate Limiting:</strong></p> <div class="sourceCode" id="cb10"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb10-1"><a href="#cb10-1" aria-hidden="true" tabindex="-1"></a><span class="fu">labels</span><span class="kw">:</span></span> <span id="cb10-2"><a href="#cb10-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.middlewares.ratelimit.ratelimit.average=100"</span></span> <span id="cb10-3"><a href="#cb10-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.middlewares.ratelimit.ratelimit.burst=50"</span></span></code></pre></div> <p><strong>Authelia — SSO untuk Homelab:</strong></p> <p>Authelia menyediakan Single Sign-On (SSO) dan pengesahan dua faktor untuk semua service anda. Satu login untuk semua — macam Google account tapi untuk homelab anda sendiri.</p> <div class="sourceCode" id="cb11"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb11-1"><a href="#cb11-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb11-2"><a href="#cb11-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">authelia</span><span class="kw">:</span></span> <span id="cb11-3"><a href="#cb11-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> authelia/authelia:latest</span></span> <span id="cb11-4"><a href="#cb11-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> authelia</span></span> <span id="cb11-5"><a href="#cb11-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb11-6"><a href="#cb11-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./authelia/config:/config</span></span> <span id="cb11-7"><a href="#cb11-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb11-8"><a href="#cb11-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> proxy</span></span> <span id="cb11-9"><a href="#cb11-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">labels</span><span class="kw">:</span></span> <span id="cb11-10"><a href="#cb11-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.enable=true"</span></span> <span id="cb11-11"><a href="#cb11-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.authelia.rule=Host(`auth.lab.local`)"</span></span> <span id="cb11-12"><a href="#cb11-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"traefik.http.routers.authelia.tls=true"</span></span> <span id="cb11-13"><a href="#cb11-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span></code></pre></div> <div class="sourceCode" id="cb12"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb12-1"><a href="#cb12-1" aria-hidden="true" tabindex="-1"></a><span class="co"># authelia/config/configuration.yml</span></span> <span id="cb12-2"><a href="#cb12-2" aria-hidden="true" tabindex="-1"></a><span class="fu">server</span><span class="kw">:</span></span> <span id="cb12-3"><a href="#cb12-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">address</span><span class="kw">:</span><span class="at"> </span><span class="st">'tcp://0.0.0.0:9091/'</span></span> <span id="cb12-4"><a href="#cb12-4" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-5"><a href="#cb12-5" aria-hidden="true" tabindex="-1"></a><span class="fu">log</span><span class="kw">:</span></span> <span id="cb12-6"><a href="#cb12-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">level</span><span class="kw">:</span><span class="at"> info</span></span> <span id="cb12-7"><a href="#cb12-7" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-8"><a href="#cb12-8" aria-hidden="true" tabindex="-1"></a><span class="fu">authentication_backend</span><span class="kw">:</span></span> <span id="cb12-9"><a href="#cb12-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">file</span><span class="kw">:</span></span> <span id="cb12-10"><a href="#cb12-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">path</span><span class="kw">:</span><span class="at"> /config/users_database.yml</span></span> <span id="cb12-11"><a href="#cb12-11" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-12"><a href="#cb12-12" aria-hidden="true" tabindex="-1"></a><span class="fu">access_control</span><span class="kw">:</span></span> <span id="cb12-13"><a href="#cb12-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">default_policy</span><span class="kw">:</span><span class="at"> deny</span></span> <span id="cb12-14"><a href="#cb12-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">rules</span><span class="kw">:</span></span> <span id="cb12-15"><a href="#cb12-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="fu">domain</span><span class="kw">:</span><span class="at"> </span><span class="st">"*.lab.local"</span></span> <span id="cb12-16"><a href="#cb12-16" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">policy</span><span class="kw">:</span><span class="at"> two_factor</span></span> <span id="cb12-17"><a href="#cb12-17" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-18"><a href="#cb12-18" aria-hidden="true" tabindex="-1"></a><span class="fu">session</span><span class="kw">:</span></span> <span id="cb12-19"><a href="#cb12-19" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> authelia_session</span></span> <span id="cb12-20"><a href="#cb12-20" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">domain</span><span class="kw">:</span><span class="at"> lab.local</span></span> <span id="cb12-21"><a href="#cb12-21" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">expiration</span><span class="kw">:</span><span class="at"> 1h</span></span> <span id="cb12-22"><a href="#cb12-22" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">inactivity</span><span class="kw">:</span><span class="at"> 5m</span></span> <span id="cb12-23"><a href="#cb12-23" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-24"><a href="#cb12-24" aria-hidden="true" tabindex="-1"></a><span class="fu">storage</span><span class="kw">:</span></span> <span id="cb12-25"><a href="#cb12-25" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">local</span><span class="kw">:</span></span> <span id="cb12-26"><a href="#cb12-26" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">path</span><span class="kw">:</span><span class="at"> /config/db.sqlite3</span></span> <span id="cb12-27"><a href="#cb12-27" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-28"><a href="#cb12-28" aria-hidden="true" tabindex="-1"></a><span class="fu">notifier</span><span class="kw">:</span></span> <span id="cb12-29"><a href="#cb12-29" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">filesystem</span><span class="kw">:</span></span> <span id="cb12-30"><a href="#cb12-30" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">filename</span><span class="kw">:</span><span class="at"> /config/notification.txt</span></span></code></pre></div> <h2 id="langkah-3-docker-health-checks">Langkah 3: Docker Health Checks</h2> <p>Health check memastikan container bukan sahaja berjalan, tetapi juga benar-benar berfungsi dengan betul. Ada perbezaan besar antara “container is running” dan “service is actually working”.</p> <p>Dari pengalaman saya, health check sangat berguna untuk container yang kadang-kadang hang tapi masih nampak “up” dalam <code>docker ps</code>.</p> <div class="sourceCode" id="cb13"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb13-1"><a href="#cb13-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb13-2"><a href="#cb13-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nextcloud</span><span class="kw">:</span></span> <span id="cb13-3"><a href="#cb13-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> nextcloud:latest</span></span> <span id="cb13-4"><a href="#cb13-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">healthcheck</span><span class="kw">:</span></span> <span id="cb13-5"><a href="#cb13-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">test</span><span class="kw">:</span><span class="at"> </span><span class="kw">[</span><span class="st">"CMD"</span><span class="kw">,</span><span class="at"> </span><span class="st">"curl"</span><span class="kw">,</span><span class="at"> </span><span class="st">"-f"</span><span class="kw">,</span><span class="at"> </span><span class="st">"http://localhost/status.php"</span><span class="kw">]</span></span> <span id="cb13-6"><a href="#cb13-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">interval</span><span class="kw">:</span><span class="at"> 30s</span></span> <span id="cb13-7"><a href="#cb13-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">timeout</span><span class="kw">:</span><span class="at"> 10s</span></span> <span id="cb13-8"><a href="#cb13-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">retries</span><span class="kw">:</span><span class="at"> </span><span class="dv">3</span></span> <span id="cb13-9"><a href="#cb13-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">start_period</span><span class="kw">:</span><span class="at"> 60s</span></span> <span id="cb13-10"><a href="#cb13-10" aria-hidden="true" tabindex="-1"></a></span> <span id="cb13-11"><a href="#cb13-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">mariadb</span><span class="kw">:</span></span> <span id="cb13-12"><a href="#cb13-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> mariadb:latest</span></span> <span id="cb13-13"><a href="#cb13-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">healthcheck</span><span class="kw">:</span></span> <span id="cb13-14"><a href="#cb13-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">test</span><span class="kw">:</span><span class="at"> </span><span class="kw">[</span><span class="st">"CMD"</span><span class="kw">,</span><span class="at"> </span><span class="st">"healthcheck.sh"</span><span class="kw">,</span><span class="at"> </span><span class="st">"--connect"</span><span class="kw">,</span><span class="at"> </span><span class="st">"--innodb_initialized"</span><span class="kw">]</span></span> <span id="cb13-15"><a href="#cb13-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">interval</span><span class="kw">:</span><span class="at"> 30s</span></span> <span id="cb13-16"><a href="#cb13-16" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">timeout</span><span class="kw">:</span><span class="at"> 10s</span></span> <span id="cb13-17"><a href="#cb13-17" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">retries</span><span class="kw">:</span><span class="at"> </span><span class="dv">3</span></span></code></pre></div> <p><strong>Kebergantungan berdasarkan kesihatan:</strong></p> <p>Ini sangat berguna — pastikan database dah siap sebelum app cuba connect.</p> <div class="sourceCode" id="cb14"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb14-1"><a href="#cb14-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb14-2"><a href="#cb14-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nextcloud</span><span class="kw">:</span></span> <span id="cb14-3"><a href="#cb14-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">depends_on</span><span class="kw">:</span></span> <span id="cb14-4"><a href="#cb14-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">mariadb</span><span class="kw">:</span></span> <span id="cb14-5"><a href="#cb14-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">condition</span><span class="kw">:</span><span class="at"> service_healthy</span></span> <span id="cb14-6"><a href="#cb14-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">redis</span><span class="kw">:</span></span> <span id="cb14-7"><a href="#cb14-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">condition</span><span class="kw">:</span><span class="at"> service_started</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> <code>start_period</code> memberi masa untuk container “warm up” sebelum health check mula berjalan. Contohnya, database mungkin ambil 30-60 saat untuk sedia. Tanpa start_period, health check akan report “unhealthy” padahal container tu sedang start.</p> </blockquote> <h2 id="langkah-4-pengurusan-berbilang-host">Langkah 4: Pengurusan Berbilang Host</h2> <h3 id="docker-swarm">Docker Swarm</h3> <p>Docker Swarm membolehkan anda menjalankan container merentasi berbilang server. Kalau satu server down, container boleh dipindahkan ke server lain secara automatik.</p> <p>Saya cadangkan Swarm hanya kalau anda dah ada 2-3 server dan benar-benar perlu HA (High Availability). Untuk satu server, Docker Compose sahaja dah cukup.</p> <div class="sourceCode" id="cb15"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb15-1"><a href="#cb15-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Inisialisasi Swarm pada node pengurus</span></span> <span id="cb15-2"><a href="#cb15-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> swarm init <span class="at">--advertise-addr</span> 10.0.20.20</span> <span id="cb15-3"><a href="#cb15-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb15-4"><a href="#cb15-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Tambah node pekerja</span></span> <span id="cb15-5"><a href="#cb15-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> swarm join <span class="at">--token</span> TOKEN 10.0.20.20:2377</span> <span id="cb15-6"><a href="#cb15-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb15-7"><a href="#cb15-7" aria-hidden="true" tabindex="-1"></a><span class="co"># Deploy stack</span></span> <span id="cb15-8"><a href="#cb15-8" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> stack deploy <span class="at">-c</span> docker-compose.yml homelab</span> <span id="cb15-9"><a href="#cb15-9" aria-hidden="true" tabindex="-1"></a></span> <span id="cb15-10"><a href="#cb15-10" aria-hidden="true" tabindex="-1"></a><span class="co"># Senarai perkhidmatan</span></span> <span id="cb15-11"><a href="#cb15-11" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> service ls</span></code></pre></div> <h3 id="portainer-untuk-pengurusan-visual">Portainer untuk Pengurusan Visual</h3> <p>Portainer menyediakan antara muka web untuk mengurus Docker. Kalau anda lebih selesa dengan GUI, ini wajib ada.</p> <div class="sourceCode" id="cb16"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb16-1"><a href="#cb16-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb16-2"><a href="#cb16-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">portainer</span><span class="kw">:</span></span> <span id="cb16-3"><a href="#cb16-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> portainer/portainer-ce:latest</span></span> <span id="cb16-4"><a href="#cb16-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> portainer</span></span> <span id="cb16-5"><a href="#cb16-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb16-6"><a href="#cb16-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"9443:9443"</span></span> <span id="cb16-7"><a href="#cb16-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb16-8"><a href="#cb16-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /var/run/docker.sock:/var/run/docker.sock</span></span> <span id="cb16-9"><a href="#cb16-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> portainer_data:/data</span></span> <span id="cb16-10"><a href="#cb16-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb16-11"><a href="#cb16-11" aria-hidden="true" tabindex="-1"></a></span> <span id="cb16-12"><a href="#cb16-12" aria-hidden="true" tabindex="-1"></a><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb16-13"><a href="#cb16-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">portainer_data</span><span class="kw">:</span></span></code></pre></div> <p><strong>Ciri Portainer:</strong> - Pengurusan container visual - Melihat log dan statistik - Terminal web ke dalam container - Pengurusan imej dan rangkaian - Sokongan Docker Swarm dan Kubernetes - Template aplikasi (deploy 1 klik)</p> <blockquote> <p><strong>Nota Beginner:</strong> Portainer sangat membantu untuk visualize apa yang berlaku dalam Docker anda. Tapi belajar CLI juga ya — nanti dalam kerja sebenar, tak semua environment ada GUI.</p> </blockquote> <h2 id="langkah-5-membina-imej-docker-sendiri">Langkah 5: Membina Imej Docker Sendiri</h2> <p>Kadang-kadang, imej yang ada di Docker Hub tak cukup untuk keperluan anda. Jadi anda perlu bina sendiri.</p> <h3 id="dockerfile-asas">Dockerfile Asas</h3> <div class="sourceCode" id="cb17"><pre class="sourceCode dockerfile"><code class="sourceCode dockerfile"><span id="cb17-1"><a href="#cb17-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Contoh: Aplikasi Python</span></span> <span id="cb17-2"><a href="#cb17-2" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> python:3.12-slim</span> <span id="cb17-3"><a href="#cb17-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-4"><a href="#cb17-4" aria-hidden="true" tabindex="-1"></a><span class="kw">WORKDIR</span> /app</span> <span id="cb17-5"><a href="#cb17-5" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-6"><a href="#cb17-6" aria-hidden="true" tabindex="-1"></a><span class="kw">COPY</span> requirements.txt .</span> <span id="cb17-7"><a href="#cb17-7" aria-hidden="true" tabindex="-1"></a><span class="kw">RUN</span> <span class="ex">pip</span> install <span class="at">--no-cache-dir</span> <span class="at">-r</span> requirements.txt</span> <span id="cb17-8"><a href="#cb17-8" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-9"><a href="#cb17-9" aria-hidden="true" tabindex="-1"></a><span class="kw">COPY</span> . .</span> <span id="cb17-10"><a href="#cb17-10" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-11"><a href="#cb17-11" aria-hidden="true" tabindex="-1"></a><span class="kw">EXPOSE</span> 8000</span> <span id="cb17-12"><a href="#cb17-12" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-13"><a href="#cb17-13" aria-hidden="true" tabindex="-1"></a><span class="kw">HEALTHCHECK</span> <span class="op">--interval=30s</span> <span class="op">--timeout=10s</span> <span class="op">--retries=3</span> \</span> <span id="cb17-14"><a href="#cb17-14" aria-hidden="true" tabindex="-1"></a> <span class="kw">CMD</span> <span class="ex">curl</span> <span class="at">-f</span> http://localhost:8000/health <span class="kw">||</span> <span class="bu">exit</span> 1</span> <span id="cb17-15"><a href="#cb17-15" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-16"><a href="#cb17-16" aria-hidden="true" tabindex="-1"></a><span class="kw">USER</span> 1000:1000</span> <span id="cb17-17"><a href="#cb17-17" aria-hidden="true" tabindex="-1"></a></span> <span id="cb17-18"><a href="#cb17-18" aria-hidden="true" tabindex="-1"></a><span class="kw">CMD</span> [<span class="st">"python"</span>, <span class="st">"app.py"</span>]</span></code></pre></div> <h3 id="amalan-terbaik-dockerfile">Amalan Terbaik Dockerfile</h3> <div class="sourceCode" id="cb18"><pre class="sourceCode dockerfile"><code class="sourceCode dockerfile"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="co"># 1. Gunakan imej asas yang kecil</span></span> <span id="cb18-2"><a href="#cb18-2" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> alpine:3.19 <span class="co"># ~5MB</span></span> <span id="cb18-3"><a href="#cb18-3" aria-hidden="true" tabindex="-1"></a><span class="co"># bukan</span></span> <span id="cb18-4"><a href="#cb18-4" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> ubuntu:24.04 <span class="co"># ~77MB</span></span> <span id="cb18-5"><a href="#cb18-5" aria-hidden="true" tabindex="-1"></a></span> <span id="cb18-6"><a href="#cb18-6" aria-hidden="true" tabindex="-1"></a><span class="co"># 2. Gabungkan arahan RUN untuk kurangkan layer</span></span> <span id="cb18-7"><a href="#cb18-7" aria-hidden="true" tabindex="-1"></a><span class="kw">RUN</span> <span class="ex">apt-get</span> update <span class="kw">&&</span> <span class="dt">\</span></span> <span id="cb18-8"><a href="#cb18-8" aria-hidden="true" tabindex="-1"></a> <span class="ex">apt-get</span> install <span class="at">-y</span> curl wget <span class="kw">&&</span> <span class="dt">\</span></span> <span id="cb18-9"><a href="#cb18-9" aria-hidden="true" tabindex="-1"></a> <span class="fu">rm</span> <span class="at">-rf</span> /var/lib/apt/lists/<span class="pp">*</span></span> <span id="cb18-10"><a href="#cb18-10" aria-hidden="true" tabindex="-1"></a></span> <span id="cb18-11"><a href="#cb18-11" aria-hidden="true" tabindex="-1"></a><span class="co"># 3. Gunakan .dockerignore</span></span> <span id="cb18-12"><a href="#cb18-12" aria-hidden="true" tabindex="-1"></a><span class="co"># .dockerignore</span></span> <span id="cb18-13"><a href="#cb18-13" aria-hidden="true" tabindex="-1"></a>.git</span> <span id="cb18-14"><a href="#cb18-14" aria-hidden="true" tabindex="-1"></a>node_modules</span> <span id="cb18-15"><a href="#cb18-15" aria-hidden="true" tabindex="-1"></a>*.md</span> <span id="cb18-16"><a href="#cb18-16" aria-hidden="true" tabindex="-1"></a>docker-compose*.yml</span> <span id="cb18-17"><a href="#cb18-17" aria-hidden="true" tabindex="-1"></a></span> <span id="cb18-18"><a href="#cb18-18" aria-hidden="true" tabindex="-1"></a><span class="co"># 4. Gunakan multi-stage build</span></span> <span id="cb18-19"><a href="#cb18-19" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> node:20 <span class="kw">AS</span> builder</span> <span id="cb18-20"><a href="#cb18-20" aria-hidden="true" tabindex="-1"></a><span class="kw">WORKDIR</span> /app</span> <span id="cb18-21"><a href="#cb18-21" aria-hidden="true" tabindex="-1"></a><span class="kw">COPY</span> . .</span> <span id="cb18-22"><a href="#cb18-22" aria-hidden="true" tabindex="-1"></a><span class="kw">RUN</span> <span class="ex">npm</span> ci <span class="kw">&&</span> <span class="ex">npm</span> run build</span> <span id="cb18-23"><a href="#cb18-23" aria-hidden="true" tabindex="-1"></a></span> <span id="cb18-24"><a href="#cb18-24" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> nginx:alpine</span> <span id="cb18-25"><a href="#cb18-25" aria-hidden="true" tabindex="-1"></a><span class="kw">COPY</span> <span class="op">--from=builder</span> /app/dist /usr/share/nginx/html</span> <span id="cb18-26"><a href="#cb18-26" aria-hidden="true" tabindex="-1"></a></span> <span id="cb18-27"><a href="#cb18-27" aria-hidden="true" tabindex="-1"></a><span class="co"># 5. Jangan jalankan sebagai root</span></span> <span id="cb18-28"><a href="#cb18-28" aria-hidden="true" tabindex="-1"></a><span class="kw">RUN</span> <span class="ex">adduser</span> <span class="at">-D</span> appuser</span> <span id="cb18-29"><a href="#cb18-29" aria-hidden="true" tabindex="-1"></a><span class="kw">USER</span> appuser</span></code></pre></div> <p>Tip dari saya — multi-stage build tu sangat berguna. Anda boleh build app dalam satu stage, dan copy hasil build sahaja ke stage akhir. Imej jadi sangat kecil.</p> <h2 id="langkah-6-sandaran-docker">Langkah 6: Sandaran Docker</h2> <h3 id="menyandaran-data-container">Menyandaran Data Container</h3> <p>Backup adalah perkara yang ramai orang abaikan sehingga terlambat. Saya dah pernah kena, dan percayalah — rasa dia tak best. Jadi setup backup dari awal.</p> <div class="sourceCode" id="cb19"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb19-1"><a href="#cb19-1" aria-hidden="true" tabindex="-1"></a><span class="co">#!/bin/bash</span></span> <span id="cb19-2"><a href="#cb19-2" aria-hidden="true" tabindex="-1"></a><span class="co"># backup-docker.sh</span></span> <span id="cb19-3"><a href="#cb19-3" aria-hidden="true" tabindex="-1"></a><span class="va">BACKUP_DIR</span><span class="op">=</span><span class="st">"/mnt/backup/docker"</span></span> <span id="cb19-4"><a href="#cb19-4" aria-hidden="true" tabindex="-1"></a><span class="va">DATE</span><span class="op">=</span><span class="va">$(</span><span class="fu">date</span> +%Y%m%d_%H%M%S<span class="va">)</span></span> <span id="cb19-5"><a href="#cb19-5" aria-hidden="true" tabindex="-1"></a><span class="va">COMPOSE_DIR</span><span class="op">=</span><span class="st">"/opt/docker"</span></span> <span id="cb19-6"><a href="#cb19-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-7"><a href="#cb19-7" aria-hidden="true" tabindex="-1"></a><span class="co"># Hentikan perkhidmatan (pilihan - untuk konsistensi)</span></span> <span id="cb19-8"><a href="#cb19-8" aria-hidden="true" tabindex="-1"></a><span class="co"># cd $COMPOSE_DIR && docker compose stop</span></span> <span id="cb19-9"><a href="#cb19-9" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-10"><a href="#cb19-10" aria-hidden="true" tabindex="-1"></a><span class="co"># Sandaran volume dan konfigurasi</span></span> <span id="cb19-11"><a href="#cb19-11" aria-hidden="true" tabindex="-1"></a><span class="fu">tar</span> czf <span class="st">"</span><span class="va">$BACKUP_DIR</span><span class="st">/docker-backup-</span><span class="va">$DATE</span><span class="st">.tar.gz"</span> <span class="dt">\</span></span> <span id="cb19-12"><a href="#cb19-12" aria-hidden="true" tabindex="-1"></a> <span class="at">-C</span> <span class="st">"</span><span class="va">$COMPOSE_DIR</span><span class="st">"</span> <span class="dt">\</span></span> <span id="cb19-13"><a href="#cb19-13" aria-hidden="true" tabindex="-1"></a> <span class="at">--exclude</span><span class="op">=</span><span class="st">'*/cache/*'</span> <span class="dt">\</span></span> <span id="cb19-14"><a href="#cb19-14" aria-hidden="true" tabindex="-1"></a> <span class="at">--exclude</span><span class="op">=</span><span class="st">'*/logs/*'</span> <span class="dt">\</span></span> <span id="cb19-15"><a href="#cb19-15" aria-hidden="true" tabindex="-1"></a> .</span> <span id="cb19-16"><a href="#cb19-16" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-17"><a href="#cb19-17" aria-hidden="true" tabindex="-1"></a><span class="co"># Sandaran senarai imej</span></span> <span id="cb19-18"><a href="#cb19-18" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> images <span class="at">--format</span> <span class="st">"{{.Repository}}:{{.Tag}}"</span> <span class="op">></span> <span class="dt">\</span></span> <span id="cb19-19"><a href="#cb19-19" aria-hidden="true" tabindex="-1"></a> <span class="st">"</span><span class="va">$BACKUP_DIR</span><span class="st">/docker-images-</span><span class="va">$DATE</span><span class="st">.txt"</span></span> <span id="cb19-20"><a href="#cb19-20" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-21"><a href="#cb19-21" aria-hidden="true" tabindex="-1"></a><span class="co"># Mulakan semula perkhidmatan</span></span> <span id="cb19-22"><a href="#cb19-22" aria-hidden="true" tabindex="-1"></a><span class="co"># cd $COMPOSE_DIR && docker compose up -d</span></span> <span id="cb19-23"><a href="#cb19-23" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-24"><a href="#cb19-24" aria-hidden="true" tabindex="-1"></a><span class="co"># Buang sandaran lama (simpan 7 hari)</span></span> <span id="cb19-25"><a href="#cb19-25" aria-hidden="true" tabindex="-1"></a><span class="fu">find</span> <span class="st">"</span><span class="va">$BACKUP_DIR</span><span class="st">"</span> <span class="at">-name</span> <span class="st">"docker-backup-*.tar.gz"</span> <span class="at">-mtime</span> +7 <span class="at">-delete</span></span> <span id="cb19-26"><a href="#cb19-26" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-27"><a href="#cb19-27" aria-hidden="true" tabindex="-1"></a><span class="bu">echo</span> <span class="st">"Sandaran Docker selesai: </span><span class="va">$DATE</span><span class="st">"</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> Script di atas boleh dijadualkan menggunakan <code>cron</code> supaya backup berjalan secara automatik setiap malam. Satu baris cron job, dan anda boleh tidur lena tanpa risau kehilangan data.</p> </blockquote> <h3 id="migrasi-docker-ke-server-baru">Migrasi Docker ke Server Baru</h3> <p>Salah satu kelebihan Docker ialah migrasi yang mudah. Kalau anda beli server baru, pindahkan service dalam beberapa minit sahaja.</p> <div class="sourceCode" id="cb20"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb20-1"><a href="#cb20-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Pada server lama:</span></span> <span id="cb20-2"><a href="#cb20-2" aria-hidden="true" tabindex="-1"></a><span class="co"># 1. Eksport konfigurasi</span></span> <span id="cb20-3"><a href="#cb20-3" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> /opt/docker</span> <span id="cb20-4"><a href="#cb20-4" aria-hidden="true" tabindex="-1"></a><span class="fu">tar</span> czf docker-configs.tar.gz .</span> <span id="cb20-5"><a href="#cb20-5" aria-hidden="true" tabindex="-1"></a></span> <span id="cb20-6"><a href="#cb20-6" aria-hidden="true" tabindex="-1"></a><span class="co"># 2. Salin ke server baru</span></span> <span id="cb20-7"><a href="#cb20-7" aria-hidden="true" tabindex="-1"></a><span class="fu">scp</span> docker-configs.tar.gz admin@pelayan-baru:/opt/docker/</span> <span id="cb20-8"><a href="#cb20-8" aria-hidden="true" tabindex="-1"></a></span> <span id="cb20-9"><a href="#cb20-9" aria-hidden="true" tabindex="-1"></a><span class="co"># Pada server baru:</span></span> <span id="cb20-10"><a href="#cb20-10" aria-hidden="true" tabindex="-1"></a><span class="co"># 3. Ekstrak</span></span> <span id="cb20-11"><a href="#cb20-11" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> /opt/docker</span> <span id="cb20-12"><a href="#cb20-12" aria-hidden="true" tabindex="-1"></a><span class="fu">tar</span> xzf docker-configs.tar.gz</span> <span id="cb20-13"><a href="#cb20-13" aria-hidden="true" tabindex="-1"></a></span> <span id="cb20-14"><a href="#cb20-14" aria-hidden="true" tabindex="-1"></a><span class="co"># 4. Mulakan perkhidmatan</span></span> <span id="cb20-15"><a href="#cb20-15" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose pull</span> <span id="cb20-16"><a href="#cb20-16" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose up <span class="at">-d</span></span></code></pre></div> <p>Nampak tak betapa mudahnya? Itulah keindahan Docker — semuanya portable.</p> <h3 id="checklist-siap-bab-ini">Checklist Siap Bab Ini</h3> <ul class="task-list"> <li><label><input type="checkbox" />Saya tahu komponen lanjutan mana yang benar-benar saya perlukan.</label></li> <li><label><input type="checkbox" />Saya sudah ada pelan backup untuk service Docker penting.</label></li> <li><label><input type="checkbox" />Saya tahu bagaimana hendak menambah komponen baru tanpa merosakkan stack sedia ada.</label></li> </ul> <h2 id="ringkasan">Ringkasan</h2> <p>Dalam bab lanjutan ini, kita telah belajar tentang:</p> <ul> <li>Jenis rangkaian Docker (bridge, host, macvlan, ipvlan)</li> <li>Reverse proxy dengan Traefik untuk akses yang lebih kemas</li> <li>Pengesahan SSO dengan Authelia</li> <li>Health checks untuk meningkatkan kebolehpercayaan</li> <li>Pengurusan berbilang host (Docker Swarm)</li> <li>Portainer untuk pengurusan visual</li> <li>Membina imej Docker sendiri</li> <li>Sandaran dan migrasi Docker</li> </ul> <p>Pengetahuan lanjutan ini membolehkan anda membina infrastruktur container yang lebih kukuh dan profesional. Tapi seperti biasa — anda tak perlu guna semua sekali gus. Pilih yang anda perlukan, kuasai ia, dan tambah yang lain bila tiba masanya.</p> <p>Tahniah kerana sampai ke penghujung bahagian Docker! Anda sekarang ada asas yang kukuh untuk deploy dan urus service dalam homelab. Seterusnya, kita akan belajar tentang pengurusan storan dan NAS — satu langkah pada satu masa!</p>
💾 Kemaskini
Batal