For the past year I’ve moved my personal blog (and a couple other websites I’m hosting) on to traefik. I’ve been slowly removing myself from NginX’s grip (using Haproxy whenever possible) and looking to something I could easily setup.
Since I’m a Docker fan and keep my personal projects in docker-compose stacks, I’ve been looking at solutions that would make the pain of exposing ports and then reverse-proxying through NginX, all the while making sure to have valid Letsencrypt certificates and also get good usage stats.
Enter Traefik. Why?
- It automatically load balances containers. You run it in a container, which you point to your docker service socket and it just detects containers as they start stop. Then you add some labels which Traefik reads (which domain connects to what container) and voila! Run it as a Kubernetes ingress and things become more interesting.
- It automatically handles SSL certificates (via Letsencrypt). Yep, you just list your domains which are already pointing to your Traefik setup and on the first request to HTTPS it sets up your certificates automagically and ensures they are updated. No crons, nothing else needed (at the expense of one single very slow request).
- It can handle both external and internal load balancing. It’s not just websites that get balanced but also fpm as well as databases.
- It exposes nice metrics.
Nice! (nevermind the traffic on my test setup)