Traefik: A Dynamic Reverse Proxy for Kubernetes and Microservices
An open source edge router with automated reconfigurability is finding a home in the world of Kubernetes-driven cloud native operations.
Emile Vauge had created Traefik three years ago as a side project while developing for a Mesosphere-based microservices platform. He was frustrated with the existing options for edge routing. “Traditional reverse proxies were not well-suited for these dynamic environments,” he told The New Stack.
Unlike traditional edge routers, Traefik reconfigures itself on the fly, without going offline. This dynamic and automated reconfigurability can be essential for an architecture of containerized microservices, which can be moved around and scaled up on the fly by an orchestrator such as Docker Swarm or Kubernetes.
Traefik connects to the APIs for these orchestrators, updating its routing automatically as the orchestrators move their microservices around. “Each time something changes on the orchestrator, for example, if you deploy a new application, Traefik is notified and changes its configuration automatically,” said Vauge, who created a company around the technology, Containous.
This week, the company has introduced an enterprise version of the software, Traefik Enterprise Edition (TraefikEE), which can provide a scalable highly-available platform for business-critical deployments. The Beta of this package debuted at the KubeCon + CloudNativeCon, being held this week in Seattle.
The software has been picked up and used in production by a number of large organizations moving to microservices. It has collected more than 19,000 stars of appreciation on Github and has been downloaded more than 10 million times from DockerHub.
TraefikEE offers a way to easily install distributed Traefik instances across a cluster, spread across multiple nodes using the Raft consensus. TraefikEE can safely store and replicate configurations and TLS certificates across the nodes, and communication across nodes is encrypted.
“This is the first reverse proxy that is able to be deployed in a cluster natively, without any third-party software,” Vauge said.
The control plane monitors the platform and services, stores topology changes, reconfiguring the data plane, managed separately, to update ingress routing dynamically.
Traefik itself also offers many of the standard features found on other edge routers, such as SSL termination.
