Overview

Traefik’s Many Friends

Providers

Configuration discovery in Traefik is achieved through Providers.

The providers are existing infrastructure components, whether orchestrators, container engines, cloud providers, or key-value stores. The idea is that Traefik will query the providers’ API in order to find relevant information about routing, and each time Traefik detects a change, it dynamically updates the routes.

Deploy and forget is Traefik’s credo.

Orchestrators

Even if each provider is different, we can categorize them in four groups:

  • Label based (each deployed container has a set of labels attached to it)
  • Key-Value based (each deployed container updates a key-value store with relevant information)
  • Annotation based (a separate object, with annotations, defines the characteristics of the container)
  • File based (the good old configuration file)

Provider Namespace

When you declare certain objects, in Traefik dynamic configuration, such as middleware, service, TLS options or servers transport, they live in its provider’s namespace. For example, if you declare a middleware using a Docker label, under the hoods, it will reside in the docker provider namespace.

If you use multiple providers and wish to reference such an object declared in another provider (aka referencing a cross-provider object, e.g. middleware), then you’ll have to append the @ separator, followed by the provider name to the object name.

  1. <resource-name>@<provider-name>

Kubernetes Namespace

As Kubernetes also has its own notion of namespace, one should not confuse the “provider namespace” with the “kubernetes namespace” of a resource when in the context of a cross-provider usage.
In this case, since the definition of a traefik dynamic configuration object is not in kubernetes, specifying a “kubernetes namespace” when referring to the resource does not make any sense, and therefore this specification would be ignored even if present.
On the other hand, if you, say, declare a middleware as a Custom Resource in Kubernetes and use the non-crd Ingress objects, you’ll have to add the Kubernetes namespace of the middleware to the annotation like this <middleware-namespace>-<middleware-name>@kubernetescrd.

Referencing a Traefik dynamic configuration object from Another Provider

Declaring the add-foo-prefix in the file provider.

File (TOML)

  1. [http.middlewares]
  2. [http.middlewares.add-foo-prefix.addPrefix]
  3. prefix = "/foo"

File (YAML)

  1. http:
  2. middlewares:
  3. add-foo-prefix:
  4. addPrefix:
  5. prefix: "/foo"

Using the add-foo-prefix middleware from other providers:

Docker

  1. your-container: #
  2. image: your-docker-image
  3. labels:
  4. # Attach add-foo-prefix@file middleware (declared in file)
  5. - "traefik.http.routers.my-container.middlewares=add-foo-prefix@file"

Kubernetes Ingress Route

  1. apiVersion: traefik.containo.us/v1alpha1
  2. kind: IngressRoute
  3. metadata:
  4. name: ingressroutestripprefix
  5. spec:
  6. entryPoints:
  7. - web
  8. routes:
  9. - match: Host(`example.com`)
  10. kind: Rule
  11. services:
  12. - name: whoami
  13. port: 80
  14. middlewares:
  15. - name: add-foo-prefix@file
  16. # namespace: bar
  17. # A namespace specification such as above is ignored
  18. # when the cross-provider syntax is used.

Kubernetes Ingress

  1. apiVersion: traefik.containo.us/v1alpha1
  2. kind: Middleware
  3. metadata:
  4. name: stripprefix
  5. namespace: appspace
  6. spec:
  7. stripPrefix:
  8. prefixes:
  9. - /stripit
  10. ---
  11. apiVersion: networking.k8s.io/v1
  12. kind: Ingress
  13. metadata:
  14. name: ingress
  15. namespace: appspace
  16. annotations:
  17. # referencing a middleware from Kubernetes CRD provider:
  18. # <middleware-namespace>-<middleware-name>@kubernetescrd
  19. "traefik.ingress.kubernetes.io/router.middlewares": appspace-stripprefix@kubernetescrd
  20. spec:
  21. # ... regular ingress definition

Supported Providers

Below is the list of the currently supported providers in Traefik.

ProviderTypeConfiguration Type
DockerOrchestratorLabel
KubernetesOrchestratorCustom Resource or Ingress
Consul CatalogOrchestratorLabel
ECSOrchestratorLabel
MarathonOrchestratorLabel
RancherOrchestratorLabel
FileManualTOML/YAML format
ConsulKVKV
EtcdKVKV
ZooKeeperKVKV
RedisKVKV
HTTPManualJSON format

More Providers

The current version of Traefik doesn’t support (yet) every provider. See the previous version (v1.7) for more providers.

Configuration reload frequency

In some cases, some providers might undergo a sudden burst of changes, which would generate a lot of configuration change events. If Traefik took them all into account, that would trigger a lot more configuration reloads than what is necessary, or even useful.

In order to mitigate that, the providers.providersThrottleDuration option can be set. It is the duration that Traefik waits for, after a configuration reload, before taking into account any new configuration refresh event. If any event arrives during that duration, only the most recent one is taken into account, and all the previous others are dropped.

This option cannot be set per provider, but the throttling algorithm applies independently to each of them. It defaults to 2 seconds.

File (TOML)

  1. [providers]
  2. providers.providersThrottleDuration = 10s

File (YAML)

  1. providers:
  2. providersThrottleDuration: 10s

CLI

  1. --providers.providersThrottleDuration=10s

Restrict the Scope of Service Discovery

By default Traefik will create routes for all detected containers.

If you want to limit the scope of Traefik’s service discovery, i.e. disallow route creation for some containers, you can do so in two different ways: either with the generic configuration option exposedByDefault, or with a finer granularity mechanism based on constraints.

exposedByDefault and traefik.enable

List of providers that support that feature:

Constraints

List of providers that support constraints: