Blog
April 1, 2019

Back to Traefik 2.0, the Online Meetup

Now Available on YouTube!

What a week, everyone! Just after the Traefik 2.0 announcement, driven by the relentless enthusiasm of our Head of Community (who did quite the show introducing the team), we aired an Online Meetup to talk about our treasured features in the next iteration of our favorite reverse-proxy/edge-router.

I know this is a question we haven’t been asked (but, we’ll answer it anyway) — Yes, we (the developer team) were a bit nervous. Because, even though we often talk to the community In Real Life, we were unfamiliar with the we-don’t-see-you-while-we-talk format of the online Meetup. And, here is another answer to a question you didn’t ask, but, again, we’ll answer — Yes, we enjoyed this moment with you, and would do it again.

Chances are you’re here for the video only, and not the story behind the movie, so let’s proceed!

The slides are available here, and code for the demos is available on Github.

“Q&A Time (Excerpts)”

About TCP (and UDP)

Can the TCP entry point use Let’s Encrypt? Could you have HTTP and TCP endpoints using the same hostname? Is it ready for UDP?

We loved bringing TCP support to Traefik, and we wanted it to come along with features our users would expect — one of them being Let’s Encrypt support (so yes, TCP in Traefik supports Let’s Encrypt for automatic certificates, like with HTTP).

We also wanted Traefik to be able to route TCP and HTTP requests on the same entry points, which was quite a challenge. This was made possible with a simple trick — the use of the SNI in TLS connections. But this comes with a limitation: you won’t be able to route both HTTP and TCP requests on the same host+port combination. If for the same domain you’d like to route TCP and HTTP requests, we encourage you to use two different ports.

TCP was made possible by the re-architectured core. This new core also enables us to bring UDP support, and even if it is not written yet, it’s a matter of weeks before it’s out.

About Middleware

Do middleware always applied from left to right? Can a service be a middleware Can custom middlewares be created? Can we use middlewares on TCP endpoints? Can we use middleware on the response? Is middleware for ingress only?

So middleware is a concept we introduced to enable you to fine-tune the life cycle of the requests. They will often act before the request is forwarded to the services, and can also operate on the response you get from the services (like the headers middleware does). Pieces of middleware are applied from left to right on the request, and from right to left on the response. Since you define the order, and since you can define as many chains or attach as many pieces of middleware to your routers as you want, you have total control. There are currently no available middleware for TCP routers, but it’s something we’re looking into (if you have ideas, let us know!). And regarding custom middleware, even though we know our user base is looking for it, it won’t fit in the 2.0 scope (which is already big!).

About KV Stores & Distributed Let’s Encrypt

Current (pre-2.0) traefik can store ACME certificates in a file or a KV store. The latter helps with running a cluster of traefik, but the storage is restricted to 512kb of certificate information when using Consul. Will this improve? (storing in a key per certificate instead of a single key for all, for example)

While working on 2.0, we decided it was time to rework this part. Sticking with the Unix Philosophy, “Make each program do one thing well,” Traefik is getting back to be a good old single-instance pure data plane. At the same time, clustering has been redesigned from scratch using a production-proven rock-solid raft-based implementation, shipped with Traefik Enterprise Edition (see how). Distributed features (like Let’s Encrypt) can now rely on this advanced cluster technology for these use cases. But hey! You can still use multiple Traefik instances with your favorite KV store, we only removed the unstable and experimental part :)

About the Final Release

When will the final 2.0 be available?

Short answer: When it’s ready!

Real answer: We wish we could tell. Even though we can estimate how much time we will need to develop the missing features, we don’t know fore sure how much feedback you’ll provide, or how many features contributors will be tackling (and, as Damien pointed out — we’re ready to help any [new/returning/existing] contributors eager to participate in the project!). Anyways, all we can say is, “stay tuned for updates!”

About Other Things…

You’ll find other (more specific) questions (and answers) here!


Don’t Miss the Next Meet-Ups!

If you enjoyed the meet-up and would like to be notified of upcoming online events and receive the videos from our previous sessions, sign up here!

About the Author

Latest from Traefik Labs

How Traefik Labs is Pioneering the Kubernetes Gateway API Revolution
Blog

How Traefik Labs is Pioneering the Kubernetes Gateway API Revolution

Read more
Traefik Proxy v3.2 - A Munster Release
Blog

Traefik Proxy v3.2 - A Munster Release

Read more
GitOps-Driven Runtime API Governance: The Secret Sauce for Scale
Webinar

GitOps-Driven Runtime API Governance: The Secret Sauce for Scale

Watch now

Traefik Labs uses cookies to improve your experience. By continuing to browse the site you are agreeing to our use of cookies. Find out more in the Cookie Policy.