Using TrueNAS SCALE as only Docker Host

[BrianLakstins]

I currently use Ubuntu 20.04 as a docker host. I have Traefik and Portainer as the only command line configured containers. All others go through Portainer and I get SSL access from Traefik + LetsEncrypt pretty much automatically.

I'd like to use TrueNAS SCALE instead. From what I can tell, this is not possible through the GUI at this time. The limit of ports to only those above 9000 rules out using Traefik for SSL directly. The example in the docs of using PiHole on port 9053 for DNS does not seem like a useful example of using a docker container, since all clients would have to change their DNS port, or you'd need a DNS proxy.

Does anyone have a way around the port 9000 limit that I could try to get started with the type of configuration that I want? Secondary ip address binding maybe?

 

[sretalla]

This is how to do what you want:

Separate Linux container?

It's not a very good thread title, but I'm not sure how to better phrase it. I'm continuing to look into migrating from CORE to SCALE, and the major question is migrating jails. I get that it's a manual process, and I'm OK with that. Most of my jails are running things that are available as...

www.truenas.com

Also, you can just use the TrueCharts apps which allow using low ports and Traefik on 80/443 (covered in their tutorials)

 

[BrianLakstins]

Thank you for the response @sretalla .

I see that you set up Portainer on port 9000 and Nginx on port 50443.

I found this web site for TrueCharts - https://truecharts.org/. It looks like there is problem, because all pages show an error for me.

I found this for git repository for TrueCharts - https://github.com/truecharts/apps

The links reference the wiki web site, and all the content is showing an error for me about the content missing.

It looks like Traefik is a plugin I could use. I assume I set it up as a plugin, point it to Portainer through configuration, and then manually configure it for each docker container. Traefik as a container can handle the SSL and auto configure itself based on tags, so it would be easier to manage.

I do wonder if plugins can use lower ports, then why can't docker containers? How does the plugin get around it?

I have a SAMBA container that works like an Active Directory server. I'd like to use it too, but it uses several well-known ports below 9000, so Traefik plugin would not work for it. Maybe there is something like it in TrueCharts.

Guess I really need to wait for the site to show content for me instead of an error.

Thank you again for your response.

 

[BrianLakstins]

I found a page that kind of works:

01 - Adding TrueCharts to SCALE | TrueCharts

Adding the TrueCharts Community App Catalog is relatively straight forward.

truecharts.org

Video guides show broken images, but the documentation seems to be there.

So I was able to make some progress.

 

[DavidinGA]

I'm confused by the Docker instructions as well - the critical step of what OS options are available/necessary seems important.

Since TrueNAS SCALE is Debian - a link to a paint-by-numbers set of instructions (for the OS) might be added at the top here https://www.truenas.com/docs/scale/scaleuireference/apps/docker/

If TrueCharts is necessary - it seems that, also, should be in pre-Docker steps - as part of the instructional links.

If SCALE can get the job done I don't see the need for the ubuntu mess, or raw Debian, to be installed.

Am I missing something, please?

Note: This is my setup ...

sda & sdd 136gb Boot Pool lx4

sde & sdf 136gb StoragePool1 lz4
ix-applications 777gb inherits (lz4)

sdb & sdc 931gb StoragePool2 lz4

sdg & sdh 931gb StoragePool3 lz4

Thanks

 

[sretalla]

This link works for me... but so did the one that you quoted... no idea what's wrong on your side:

Introduction | TrueCharts

This manual contains general information on working with TrueCharts Charts.

truecharts.org

It looks like Traefik is a plugin I could use. I assume I set it up as a plugin, point it to Portainer through configuration, and then manually configure it for each docker container. Traefik as a container can handle the SSL and auto configure itself based on tags, so it would be easier to manage.

I do wonder if plugins can use lower ports, then why can't docker containers? How does the plugin get around it?

I have a SAMBA container that works like an Active Directory server. I'd like to use it too, but it uses several well-known ports below 9000, so Traefik plugin would not work for it. Maybe there is something like it in TrueCharts.

SCALE has no terminology reference to plugins (that's CORE), all you have are apps and catalogs.

By default, you have the Official Catalog (you are probably reading this as plugins... please update your terminology to Official Apps)

You can add the catalog (by following the quick start guides from their site) for TrueCharts.

I hope you're able to figure it out.

I'm sure you can get it working the way you want if you work through it either with TrueCharts alone or with Portainer as I referenced in my other post.

 

[BrianLakstins]

Thank you again for your response. I will try to use the correct terminology. I was not aware it changed between Core and Scale.

The site gave me issues because the home page links to a "TrueNAS SCALE - 5 min" quick start, but the link takes you to a page that say "tbd". The git repository link for "Quick-Start Guides" takes me to a 404 page.

When I use the "Manual" link at the top of the site, I get to some helpful content. It looks like they might just be doing some re-organizing.

I was able to get the Catalog added. It looks like I need to do more reading to understand how the apps work and why they can use ports under 9000, but docker containers can't. Are apps just docker containers that are already configured?

I found a couple of more threads along the same line.

Docker, K3S, Traefik

I would like to expose a Docker (gitlab) into traefik, such git.domain.com or ip 10.x.x.x pushes there. Really struggling with the concepts as not familiar with traefik and k3s. Where the truecharts apps have questions for ingress, docker images do not Truenas GUI is bind to nic1 - 10.8.23.xx...

www.truenas.com

Traefik with docker images (not TrueCharts apps)

I have a few apps I want to run that either aren't in TrueCharts, or are on the TODO list, or I want the latest and greatest and don't want to wait for TrueCharts. These run completely fine and easily by just using the "Launch Docker Image" button. But I need to reverse proxy them for SSL certs...

www.truenas.com

I think I need to do more reading to gain an understanding of how this needs to be set up in order to work and be as easy as possible for me to maintain.

 

[DaSnipe]

Thank you again for your response. I will try to use the correct terminology. I was not aware it changed between Core and Scale.

The site gave me issues because the home page links to a "TrueNAS SCALE - 5 min" quick start, but the link takes you to a page that say "tbd". The git repository link for "Quick-Start Guides" takes me to a 404 page.

When I use the "Manual" link at the top of the site, I get to some helpful content. It looks like they might just be doing some re-organizing.

I was able to get the Catalog added. It looks like I need to do more reading to understand how the apps work and why they can use ports under 9000, but docker containers can't. Are apps just docker containers that are already configured?

I found a couple of more threads along the same line.

Docker, K3S, Traefik

I would like to expose a Docker (gitlab) into traefik, such git.domain.com or ip 10.x.x.x pushes there. Really struggling with the concepts as not familiar with traefik and k3s. Where the truecharts apps have questions for ingress, docker images do not Truenas GUI is bind to nic1 - 10.8.23.xx...

www.truenas.com

Traefik with docker images (not TrueCharts apps)

I have a few apps I want to run that either aren't in TrueCharts, or are on the TODO list, or I want the latest and greatest and don't want to wait for TrueCharts. These run completely fine and easily by just using the "Launch Docker Image" button. But I need to reverse proxy them for SSL certs...

www.truenas.com

I think I need to do more reading to gain an understanding of how this needs to be set up in order to work and be as easy as possible for me to maintain.

Yep the website was relaunched this week with all the old content pushed to the new one but there's still solid foundation with the quick guides

01 - Adding TrueCharts to SCALE | TrueCharts

Adding the TrueCharts Community App Catalog is relatively straight forward.

truecharts.org

I'd spend some time looking at these videos, some are really long and go in depth on things.

https://youtube.com/truecharts

 

[Etorix]

I currently use Ubuntu 20.04 as a docker host. I have Traefik and Portainer as the only command line configured containers. All others go through Portainer and I get SSL access from Traefik + LetsEncrypt pretty much automatically.

I trust you have a storage use case as well, because SCALE is not even intended to be used just for running containers.

I'd like to use TrueNAS SCALE instead. From what I can tell, this is not possible through the GUI at this time. The limit of ports to only those above 9000 rules out using Traefik for SSL directly. The example in the docs of using PiHole on port 9053 for DNS does not seem like a useful example of using a docker container, since all clients would have to change their DNS port, or you'd need a DNS proxy.

Does anyone have a way around the port 9000 limit that I could try to get started with the type of configuration that I want? Secondary ip address binding maybe?

PiHole from TrueChart gets around this limitation by doing some Kubernetes wizardry.
If you do want to consolidate your containers on your NAS, it might be easier to move your whole Ubuntu installation as a VM under CORE.