Q: Hans Asks: Is 2.6 backward compatible? In other words, can I use a 2.5 configuration and use that with 2.6 without changing anything?
A: Yes, the Traefik 2.6 is backward compatible with the 2.5 version. However, please ensure that all CRD’s are updated before upgrading to the latest version. In the 2.6 releases we have added the new TCP middleware and that the TCP middleware CRD has to be updated. The good practice is to always keep the CRD’s up to date.
Q: Sascha asks: Is secret Management within Deployment with Vault only possible via Kubernetes or is Docker Swarm fully supported?
A: Based on my best knowledge Docker Swarm supports Vault for secret management but personally I don’t have experience with such integration.
Q: Miguel asks: How would we do path prefix strip with Gateway API with Traefik?
A: Currently it is not possible to use middleware CRD together with Traefik Gateway Provider. However, we are working on it and it should be available in the upcoming releases.
Q: Eray Asks: How about http3 on the service definition side? Can Traefik connect to other services with use http3?
A: Traefik proxy uses HTTP/2 while communicating with backend services. HTTP/3 is only available to accept incoming network traffic on the entrypoint.
Q: Don asks: Does Traefik have support for Transit Gateway as well as peering?
A: In the context of Hashicorp Cloud platform and integration between Traefik Proxy there is VPC peering available in order to establish a secure tunnel between two VPC’s. The connectivity is initiated by Hashicorp Cloud Platform, currently there is only VPC peering supported. That’s not related to Traefik Proxy but to the supported network capabilities in HCP.
Q: Traefik does offer a Service Mesh, but states "Traefik Mesh does not use any sidecar container but handles routing through proxy endpoints running on each node. The mesh controller runs in a dedicated pod and handles all the configuration parsing and deployment to the proxy nodes. " I find that a little surprising....
A: That’s correct. Traefik Mesh does not use sidecar to create service mesh. It is based on SMI specification and creates non-invasive routing based on the endpoints deployed on each of the nodes consisting of a Kubernetes cluster.
Q: Is there anything that the GW api provides that can’t be accomplished using traefik’s own CRDs? -Nicolas
A: The Kubernetes Gateway API provider is still available as an experimental feature to keep pace with how fast the Kubernetes ecosystem is evolving. The number of available features is limited and yet not completed since the Gateway API is still evolving.
Q: Could I Download the Record after the session, so that I could share with my Colleague
A: It is already available on Traefik Labs You Tube Channel. Here is the link to the recording: https://youtu.be/jSncjzHNKRU
Q: Do you plan to provide some sort of clicky-bunty configuration webservice or Keep on with external Providers (file, k8s, docker, consul, etc.)?
A: Good question :) Currently we only the configuration can be managed through multiple Traefik Providers. The built-in API provides only READ ONLY capabilities and there is no possibility to modify resources through API call, thus there is no UI to manage that.
Q: Docker swarm has evolved! So the question is vital wether to rely on docker swarm or wether there is the NEED to switch to Kubernetes
A: This is difficult question and give the advise which cluster orchestration solutions should be selected. Traefik Proxy supports a few of them including Docker Swarm as well as Kubernetes. We still see customers and community members who are using Docker and Docker Swarm. However, the majority of them use Kubernetes.
Q: Can you please share git repo URL which has all the demo configuration?
A: Here is the link to the repository that has been used during the presentation. https://github.com/traefik-workshops/traefik-2.6
Q: So is this the end of service type load balancer or do you know if it will make a comeback in the future?
A: I think once HTTP/3 will become a standard the existing Load balancer type service will be revised since the issue was opened in 2016 kubernetes/kubernetes#23880 Currently, the only solution is to switch to Nodeport to have two protocol available on the same port.