HTTPS (& TCP over TLS) for everyone!

Image for post
Image for post

There are hundreds of reasons why I love being a developer (besides memories of sleepless nights trying to fix a video game that nobody except myself would ever play).

Being a developer gives you superpowers — you can solve any kind of problems. Yes, especially if they don’t involve real-life practical situations.

But these superpowers are sometimes hindered by tedious configuration work that expects you to master yet another arcane language assembled with heaps of words you’ve never seen before. Such a barrier can be encountered when dealing with HTTPS and its certificates.

Luckily for us, Traefik tends to lower this kind of hurdle and makes sure that there are easy ways of securely connecting your developments to the outside world. …

Tips & Tricks the Documentation Doesn’t Tell You

Image for post
Image for post

co-authored with Ludovic Fernandez (@ldez)

Docker friends — Welcome!

Today we decided to dedicate some time to walk you through the 2.0 changes using practical & common scenarios. Hopefully, after having read this article, you’ll understand every concept there is to know, and you’ll keep learning by yourself, discovering tips & tricks to share with the community.

Before we go further, I’ll assume for this article that you already have a docker setup using Traefik 2.0. Since I like to use docker-compose files for basic demonstrations, I’ll use the following base compose file:

version: "3.3"services:
traefik:
image: "traefik:v2.0.0"
command:
- --entrypoints.web.address=:80
- --providers.docker=true
ports:
- "80:80"
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro" …

The Wait Is Over!

Image for post
Image for post

When we started our journey toward 2.0, we had high expectations (since you had high expectations), and huddled around the whiteboard.

We designed Version 2 as if there were no constraints: we forgot our codebase, put aside technical challenges, and developed a new configuration structure that would welcome everything we had ever dreamed of for Traefik.

We forgot what was impossible so we could build it!

A year later, we proudly present to you Traefik 2.0. …

The Answer Lies in the Question

Image for post
Image for post

If you’re here reading (at last!) the official answer to the infamous question, “How do you pronounce Traefik?”, then chances are you’re a Traefik user who has had passionate debates with your colleagues around this weird looking character (æ) which shares the lines between an a and an e. (And chances are you already chose a distinct way to pronounce “Træfik” that avoids confusion when talking about how you handle traffic in Traefik … but that’s a different story.)

Danish, Norwegian, Icelandic, or Faroese?

Of course, if you speak Danish, Norwegian, Icelandic, or Faroese, then you’re familiar with the æsc grapheme. If so, you’re probably ready to bet a coffee on the answer. On the other hand, the question still lingering in your mind has drifted to, “Why did they use the Danish character in Traefik? …

… Comes Great Responsibility

Image for post
Image for post

There is not a single day when we aren’t proud of our community and inspired by the many people using Traefik. One of our greatest accomplishments with Traefik is its simplicity: making it possible for everyone to run microservices architecture with ease.

But, with so many people using Traefik, we realized that it’s not only important to make sure that best practices are well documented, but that the time has come to think about ways to enforce best practices.

Recently, we were made aware that some users had misconfigured instances of Traefik, which could have exposed sensitive data: Traefik embeds a dashboard that lets administrators see the existing routes (and, their parameters). And, if this dashboard (and its APIs) was enabled and was made public (no protection, and accessible from the outside), then potential attackers would have been able to access sensitive configuration data. …

Now Available on YouTube!

Image for post
Image for post

What a week, everyone! Just after the Traefik 2.0 announcement, driven by the relentless enthusiasm of our Head of Community (who did quite the show introducing the team), we aired an Online Meetup to talk about our treasured features in the next iteration of our favorite reverse-proxy/edge-router.

I know this is a question we haven’t been asked (but, we’ll answer it anyway) — Yes, we (the developer team) were a bit nervous. Because, even though we often talk to the community In Real Life, we were unfamiliar with the we-don’t-see-you-while-we-talk format of the online Meetup. …

The Story of the Configuration Structure

Image for post
Image for post

Hi everyone! Today is a very special day: we’re here to talk about changes.

Yes, the changes we’ve been playing around with, the changes we talked about in the latest release note, the changes we’re looking forward to bringing to the next version of Traefik.

But like in every spoiler undertaking, we won’t disclose everything (where would be the fun in that?).

Today we’re going to discuss the configuration structure — the infamous entrypoints, frontends, and backends and how they interact together.

Note: In the article, we’ll use the file provider to talk about the changes. This provider best exposes the structure of the configuration and is the foundation for the other label / annotation-driven providers. Of course, everything that applies to the file provider should apply to the label/annotation based providers.

And Say It with Stickers :-)

Image for post
Image for post
Our Beloved Gopher

Hi everyone! I hope you’re enjoying Traefik as much as we enjoy building it with you.

Today, while browsing the web (even though I had better things to do), I realized how many of you have shown love by giving talks (or by writing blog posts) which show how you leverage Traefik to enable dazzling architectures.

Then, as I was staring into space (thinking about how that cat video would have been much cooler with a gopher), I saw my colleagues’ laptops … covered with stickers … and it clicked.

We should help our fans spread the word with swag to distribute! …

Image for post
Image for post
Traefik Maroilles

Releases keep rolling! After three months of development and five release candidates, we are proud to announce the release of Traefik 1.7, codename “maroilles.

We’ve merged more pull requests than ever from our ever-growing community of contributors that has reached more than 300 individuals. Thanks go to every one of you; we are in awe before your enthusiasm at improving Traefik.

The full changelog is available here, but we wanted to highlight our favorite features.

Let’s Encrypt & The New TLS Challenge in Town

Image for post
Image for post

Let’s Encrypt integration is one of the most praised features of Traefik, so when Let’s Encrypt faced the TLS-SNI-01 challenge incident, some of our users were left with few (yet satisfactory) alternatives. But when they introduced the TLS ALPN Challenge, Ludovic Fernandez was pleased to make it available right away so the community could once again pick a TLS based challenge. …

The tutorial that would have spared me hours of struggling with my keyboard

Image for post
Image for post

Have you ever been in a situation that started with …

Someone at work: “Look, it’s super simple, let me explain how it works …”

… that continued with …

[ … agony of arcane jargon …]

Same enthusiastic colleague: “See, did you get it?”

You (poker face): “Sure, gotcha, aha, no problem, whoo, super simple indeed, aha … ”

… but that ended up with you sneaking into the bathroom to babble chunks of keywords you barely remember.

“Ok Google, what is a cluster of Ingress in a cube of nodes? … Please please please help me.”

Nope. Hasn’t happened to me. Not even once. No Sir! …

About

Gérald Croës

Tech Enthusiast, Software Architect, Chief Enterprise Architect, CTO, Developer…pick your favorite.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store