NGINX vs Traefik vs HAProxy

Disclaimer 1: This is a rant. I like to rant.

Disclaimer 2: This is a personal opinion. There’s no extensive research beyond Google and StackOverflow and ServerFault plus my own experience.

I like NginX. It came like a breath of fresh air during my PHP heydays to stave off the Apache juggernaut that was crapping all over my beloved webapps. As a web server there’s little to fault: it’s fast, it can cache, easy to configure and deploy. When your needs go a little further on, you can see stuff between the cracks: its status stub is a joke, it won’t monitor per ‘server’ (or virtualhost for Apache pagans), it has limited load balancing strategies, conditional proxying from the same frontend to different backends smells, and so on.

I can see why. After all NginX is trying to sell its Nginx+ product. So, it cripples its free tool in a way that’s merely giving a taste to small projects in the hope that once they grow (together with their needs), they’ll stay hooked and buy into the system. NginX+ comes with plenty of dedicated modules, like its full blown status mod or the newer status api mod, which provides loads of integration possibilities. More load balancing options? Check. Rate limiting per backend node? Check.

On the other hand, HAProxy offers all that for free. Per backend stats? More load balancing options? Rate limiting? On the fly reconfiguration? Most of what NginX+ offers, HAProxy has it. There’s a whole other rant available with bonus comments on the same theme. Why even look at NginX when there’s HAProxy?

But a different kind of change is in the air. Both haproxy and nginx have competition from a different direction.

Traefik is a rather young project squarely aimed at those running their applications in orchestrated containers. It’s a load balancer that goes hand in hand with service discovery methods and tools, reload-less reconfiguration, modern metrics and monitoring, all the goodies that are essential when behind a nice frontend may hide hundreds of small (should I say micro?) services.

Not the fastest of the bunch, Traefik takes to catering different needs. Either standalone or as a Kubernetes ingress controller, Traefik taps into your container configuration to expose what you want exposed and load balance what you need load balanced. It has a nice stats page, it integrates with tools like Consul or etcd for your configuration and discovery needs.

Sure, if you’re a performance die-hard you may want to leverage something like Consul templates to make your discovery compatible with Haproxy or Nginx but you’re not dumping reloads, you’re just handing them over to a Consul agent. It’s nice, but not perfect and perhaps not even good enough.

Of course, there are alternatives.

Kong is a particularly appealing one, though suffering from the same crippling strategy like Nginx (well, it is built on top of it), but we shouldn’t forget Caddy or Zuul … speaking of which here’s a comparison of popularity.

It doesn’t bode well for feature incomplete and crippled half-solutions like NginX anymore. There are plenty of proxies/balancers in the proverbial sea and charging thousands for what others offer by default isn’t good in the long term.