02.18.21

Spotlight on Traefik v2.0

By Mariano Defanti

Introduction

Working with microservices is the very definition of complicated. And such complexity only increases as the microservices architecture scales up. Predominantly, the main concern lies in the location of the services. Admittedly, there is a range of tools that can solve this problem, but every tool comes with its own level of complexity in implementation and management. All such tools tend to use YAML to write the configurations, which is very complex and also static.

The Traefik tool is here to solve these concerns. By optimizing the use of Traefik, you can stop wasting time writing YAML configurations. The tool is an open-source project under MIT license that deals with your application in the backend system, writes the configuration code for you, and deploys the production code.

With the major success of Traefik 1.x after 1 billion downloads from Docker Hub, Containous, a leading cloud-native company, released Traefik 2.0 with a lot of significant updates and features, which is what we will be covering in this article.

What is Traefik 2.0?

Traefik 2.0 is an open-source reverse proxy written in Golang and used as a scalable and highly available edge router. An edge router is a specialized router used for connecting the internal networks to external networks. Traefik supports automatic TLS and HTTP2 by default and other cloud-native features.

Fundamentally Traefik 2.0 comprises three components – Entrypoints, Routers, and Services.

  • Entrypoints: These are the ports and interfaces on which the Traefik can listen to the traffic. Usually, it’s typical to leverage ports 80 and 443 for this purpose. Entrypoints can listen to all the traffic coming from HTTP, HTTPS, TCP, and UDP.
  • Routers: These are responsible for connecting the requests coming from the entrypoints to the services that will handle them.
  • Services: These are responsible for connecting and passing on the requests to the actual service to handle the requests. Services can be a single container or multiple containers with load-balancing architecture.

Now let’s discuss the major new features in Traefik 2.0.

New Features and Breaking Changes in Traefik 2.0

No Frontend and Backend Anymore

The most significant difference between Traefik 1.0 and Traefik 2.0 is that the routers, middlewares, and services in Traefik 2.0 replace the frontend and backend environments in Traefik 1.0. In the previous iteration of the service, the frontend used to receive the requests, and the backend used to modify and send the requests to the service handling them. 

Now, in Traefik version 2.0, there is a concept of middleware for further separation of concerns. Once the request comes to the router, middleware modifies the request before sending it on to the service for processing. Traefik has introduced middleware to reuse the middleware configuration by different routers through a single modification step. You can also have a chain of middlewares in a router.

#Traefikmiddleware
Source: https://traefik.io/blog/traefik-2-0-6531ec5196c2/

Canary Deployments

Traefik 2.0 also provides better ways to achieve mirroring for Canary deployments. Using this feature, instead of releasing the new version of an application or a service on the production environment in a single go, you can release your canary deployments in phases. For example, you can release the new version of an app to 20% of your total audience and leave 80% on the old version. If the latest version performs well without any errors or bugs, you can deploy the newer version to the whole audience. This way, you will not risk releasing a broken application or a service to the entire audience.

Traefikcanarydeployments
Source: https://traefik.io/blog/traefik-2-0-6531ec5196c2/

Mirroring

With the mirroring feature, you can shadow the live traffic and duplicate the service requests. It is also possible to send these requests to different services simultaneously and apply this approach to new deployments to reduce the risk of failure. If a new request gets lost, the duplicate request will still be served.

Traefikmirroring
Source: https://traefik.io/blog/traefik-2-0-6531ec5196c2/

Traefik Dashboard

The Traefik team has reworked the web UI, the dashboard. Traefik 2.0 provides a new dashboard with an excellent web UI. Just by looking at the dashboard for a few seconds, you can quickly and easily visualize a wealth of information about what is happening in the cluster. The new dashboard also provides you the option of enabling and disabling certain features as you prefer.

#Traefiknewdashboard
Source: https://traefik.io/blog/traefik-2-0-6531ec5196c2/

With the introduction of routers, middleware, and services, the request’s workflow has changed in Traefik 2.0. The new dashboard can show every detail of the complete workflow: from the requests coming into the entrypoint to the requests getting served by a service. You can fully visualize every phase in the Traefik 2.0 dashboard.

#Traefik2.0dashboard.
Source: https://traefik.io/blog/traefik-2-0-6531ec5196c2/

TCP Support

Traefik 1.x provided only HTTP routing, but Traefik 2.0 provides TCP routing also. And the new version can now support both HTTP and TCP routings on the same port. The entrypoints in Traefik decide which port (HTTP port or TCP port) will serve the requests. This is good news for devs who need to route API calls to broader application support like databases and other TCP-based applications.

Providers

Providers is another new concept introduced in Traefik 2.0 which allows the use of providers for configuration discovery. Providers are existing infrastructure components such as cloud providers, container engines, orchestrators, etc. Traefik leverages the provider’s APIs to find routing information on the incoming requests. 

In addition, the provider feeds information to the Traefik about where your applications are. A few commonly supported providers in Traefik are Docker, Kubernetes, ECS, Rancher, Consul, and many more. For example, you can connect Traefik to a Kubernetes provider and then Traefik will know which service comes in and out of the cluster and which cluster is scaling up or down.

Advantages of Traefik 2.0 as your Kubernetes Ingress Controller

The purpose of using an Ingress controller is to expose the HTTP and HTTPS routes from outside the cluster to the services inside the cluster. You can use the ingress controller to control the external traffic and as a traffic load balancer. By default, Kubernetes uses NGINX as an ingress controller. But below are the advantages of using Traefik 2.0 as a Kubernetes ingress controller:

  • Continuous configuration update in real-time
  • Canary deployment support
  • Supports multiple load balancing algorithms
  • Automatic certificate generation using Let’s Encrypt provider
  • Excellent Web UI for better visualization
  • Supports traffic mirroring
  • Supports for TCP and UDP traffic through the same ports

Conclusion

Traefik 2.0 is an all in one toolkit solution to many problems that come with managing complex microservices architecture. Just set up Traefik 2.0 in your environment and optimize the tool to take care of all the configuration creation workloads. We can firmly say that Traefik 2.0 is one of the best reverse proxies out there.


Caylent provides a critical DevOps-as-a-Service function to high growth companies looking for expert support with Kubernetes, cloud security, cloud infrastructure, and CI/CD pipelines. Our managed and consulting services are a more cost-effective option than hiring in-house, and we scale as your team and company grow. Check out some of the use cases, learn how we work with clients, and read more about our DevOps-as-a-Service offering.

References

https://traefik.io/blog/traefik-2-0-6531ec5196c2/

https://www.infoq.com/news/2019/11/traefik-routing-release/

https://www.globenewswire.com/news-release/2019/09/17/1916641/0/en/Containous-Releases-Traefik-2-0-as-the-Cloud-Native-Edge-Router-Tops-1-Billion-Downloads.html

https://doc.traefik.io/traefik/v2.0/