Deploying Tempo Distributed Tracing Backend on Ubuntu 24.04
Step-by-step guide to deploy Grafana Tempo with Docker Compose and Traefik on Ubuntu 24.04, with persistent trace storage and automatic HTTPS for a production-grade distributed tracing backend.
Tempo is an open-source, high-scale distributed tracing backend from Grafana Labs that ingests trace spans over Jaeger, OpenTelemetry, and Zipkin protocols. It requires only object storage and pairs natively with Grafana for trace visualization. This guide deploys Tempo using Docker Compose with Traefik handling automatic HTTPS, and verifies the backend through its status endpoints, following distributed tracing deployment practices documented in Vultr Docs.
Set Up the Directory Structure
1. Create the project directory structure:
$ mkdir -p ~/tempo-tracing/{tempo-data,tempo-config}
$ cd ~/tempo-tracing
2. Set ownership for the Tempo data directory:
$ sudo chown -R 10001:10001 tempo-data
3. Create the environment file:
$ nano .env
DOMAIN=tempo.example.com
LETSENCRYPT_EMAIL=admin@example.com
4. Create the Tempo configuration file:
$ nano tempo-config/tempo-config.yaml
server:
http_listen_port: 3200
distributor:
receivers:
jaeger:
protocols:
thrift_http:
grpc:
otlp:
protocols:
http:
grpc:
storage:
trace:
backend: local
local:
path: /var/tempo/traces
wal:
path: /var/tempo/wal
compactor:
compaction:
block_retention: 168h
Deploy with Docker Compose
1. Create the Docker Compose manifest:
$ nano docker-compose.yaml
services:
traefik:
image: traefik:v3.6
container_name: traefik
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
restart: unless-stopped
tempo:
image: grafana/tempo:latest
container_name: tempo
hostname: tempo
expose:
- "3200"
- "4317"
- "4318"
- "14250"
- "14268"
volumes:
- "./tempo-config/tempo-config.yaml:/etc/tempo/tempo.yaml"
- "./tempo-data:/var/tempo"
command: -config.file=/etc/tempo/tempo.yaml
labels:
- "traefik.enable=true"
- "traefik.http.routers.tempo.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.tempo.entrypoints=websecure"
- "traefik.http.routers.tempo.tls.certresolver=letsencrypt"
- "traefik.http.services.tempo.loadbalancer.server.port=3200"
restart: unless-stopped
volumes:
letsencrypt:
2. Start the services:
$ docker compose up -d
3. Verify the services are running:
$ docker compose ps
4. View the logs:
$ docker compose logs
Access Tempo
1. Check the readiness endpoint:
$ curl https://tempo.example.com/ready
A ready response confirms the backend is up.
2. Query the service status:
$ curl https://tempo.example.com/status
3. Check the build information:
$ curl https://tempo.example.com/api/status/buildinfo
{"version":"v2.9.0","revision":"032d47627","branch":"main","buildUser":"","buildDate":"","goVersion":"go1.25.1"}
Next Steps
Tempo is running and accepting distributed trace spans over HTTPS. From here you can:
Add Tempo as a data source in Grafana for trace visualization
Point OpenTelemetry, Jaeger, or Zipkin exporters at your domain
Swap the local storage backend for S3-compatible object storage at scale
For the full guide with additional tips, visit the original article on Vultr Docs.
