jakubhajek

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: app-tls
  namespace: app
spec:
  entryPoints:
    - websecure
  routes:

jakubhajek

Audience Questions from the 2.6 Webinar

Q: Hans Asks: Is 2.6 backward compatible? In other words, can I use a 2.5 configuration and use that with 2.6 without changing anything?

A: Yes, the Traefik 2.6 is backward compatible with the 2.5 version. However, please ensure that all CRD’s are updated before upgrading to the latest version. In the 2.6 releases we have added the new TCP middleware and that the TCP middleware CRD has to be updated. The good practice is to always keep the CRD’s up to date.

---

Q: Sascha asks: Is secret Management within Deployment with Vault only possible via Kubernetes or is Docker Swarm fully supported?

A: Based on my best knowledge Docker Swarm supports Vault for secret management but personally I don’t have experience with such integration.

jakubhajek

Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl genrsa -des3 -out rootCA.key 4096

jakubhajek

Advanced Load Balancing with Traefik 2.5

Traefik Workshop #2, Q&A. September 30, 2021

In the case of Canary or Mirroring, what if the two apps were in different clusters instead?

Progressive deployment that might be also called Canary deployment can be achieved between two separate clusters. I would recommend using that with Weighted Round Robin Load Balancing with Nested Health Checks. Please note that it is available as a dynamic configuration provided via File provider.

---

Is the Traefik Proxy running inside or outside k8s? And how can you scale this if needed (for a huge amount of incoming traffic for instance)?

jakubhajek

Getting started with Traefik on Kubernetes, Traefik Workshop #1

1. I am interested in monitoring traefik with Datadog. Is this workshop with this topic?

There is no dedicated workshop with the monitoring Traefik by using Datadog. I’ve found in Datadog docs how to configure DataDog Agent and tune Traefik configuration to collect the data. However, I’ve not tested that setup.

2. In terms of Capabilities, how would Traefik provide a value add over some in-built services such as Azure LB or App Gateway?

Here are just a few of advantages by using Traefik:

jakubhajek

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: harbor-portal
  namespace: harbor
spec:
  entryPoints:
    - webs-int
  routes:

jakubhajek

apiVersion: v1
data:
  dav.conf: |
    location /upload {
      alias     upload/data;
      client_body_temp_path  upload/client_tmp;

      dav_methods  PUT DELETE MKCOL COPY MOVE;

      client_max_body_size 1500m;

jakubhajek

log:
  level: info
  format: json

accessLog:
  format: json
  bufferingSize: 5

providers:
  docker:

jakubhajek

http:
  services:
    canary:
      weighted:
        services:
          # Load balancing between Traefik services
          - name: app1_svc@docker
            weight: 1
          - name: app2_svc@docker
            weight: 5

jakubhajek

# docker stack deploy -c stack-canary.yml canary --with-registry-auth --prune
version: "3.7"

services:
  app1:
    image: jakubhajek/app1-node:v1
    healthcheck:
      test: wget --quiet --tries=1 --spider http://localhost:3000/ || exit 1
      interval: 3s
      timeout: 1s