Traefik & Consul
A Story of KV store & Containers
Store your configuration in Consul and let Traefik do the rest!
Routing Configuration
See the dedicated section in routing.
Provider Configuration
endpoints
Required, Default=”127.0.0.1:8500”
Defines how to access to Consul.
File (TOML)
[providers.consul]
endpoints = ["127.0.0.1:8500"]
File (YAML)
providers:
consul:
endpoints:
- "127.0.0.1:8500"
CLI
--providers.consul.endpoints=127.0.0.1:8500
rootKey
Defines the root key of the configuration.
Required, Default=”traefik”
File (TOML)
[providers.consul]
rootKey = "traefik"
File (YAML)
providers:
consul:
rootKey: "traefik"
CLI
--providers.consul.rootkey=traefik
username
Defines a username to connect with Consul.
Optional, Default=””
File (TOML)
[providers.consul]
# ...
username = "foo"
File (YAML)
providers:
consul:
# ...
usename: "foo"
CLI
--providers.consul.username=foo
password
Optional, Default=””
Defines a password to connect with Consul.
File (TOML)
[providers.consul]
# ...
password = "bar"
File (YAML)
providers:
consul:
# ...
password: "bar"
CLI
--providers.consul.password=foo
tls
Optional
tls.ca
Certificate Authority used for the secured connection to Consul.
File (TOML)
[providers.consul.tls]
ca = "path/to/ca.crt"
File (YAML)
providers:
consul:
tls:
ca: path/to/ca.crt
CLI
--providers.consul.tls.ca=path/to/ca.crt
tls.caOptional
Policy followed for the secured connection with TLS Client Authentication to Consul. Requires tls.ca
to be defined.
true
: VerifyClientCertIfGivenfalse
: RequireAndVerifyClientCert- if
tls.ca
is undefined NoClientCert
File (TOML)
[providers.consul.tls]
caOptional = true
File (YAML)
providers:
consul:
tls:
caOptional: true
CLI
--providers.consul.tls.caOptional=true
tls.cert
Public certificate used for the secured connection to Consul.
File (TOML)
[providers.consul.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
File (YAML)
providers:
consul:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
CLI
--providers.consul.tls.cert=path/to/foo.cert
--providers.consul.tls.key=path/to/foo.key
tls.key
Private certificate used for the secured connection to Consul.
File (TOML)
[providers.consul.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
File (YAML)
providers:
consul:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
CLI
--providers.consul.tls.cert=path/to/foo.cert
--providers.consul.tls.key=path/to/foo.key
tls.insecureSkipVerify
If insecureSkipVerify
is true
, TLS for the connection to Consul accepts any certificate presented by the server and any host name in that certificate.
File (TOML)
[providers.consul.tls]
insecureSkipVerify = true
File (YAML)
providers:
consul:
tls:
insecureSkipVerify: true
CLI
--providers.consul.tls.insecureSkipVerify=true