Traefik (https://traefik.io/) is a reverse proxy software written in Google's GO language. If you have no idea what that means, that's OK - all you really need to know is that like it's namesake, Traefik is responsible for well, routing network traffic. More specifically, it's used for routing traffic between the internet and various applications and containers hosted on one or more servers.
We use Traefik as a reverse proxy / ingress controller for our containers at Perfect Leap Technology Inc because it's fast (placing a very close second to NGINX, which is one of the top-performing web servers), and it just works.
While there are a few mainstream features that are not yet integrated into Traefik (hey Traefik folks, if you're reading this we would really like to see server-side caching), overall it is a very capable proxy solution that allows us to provide incredibly reliable uptime for our customers.
The magic of labels
What exactly are labels? This is something that is discussed frequently among those who are familiar with Docker. Without getting into too much detail (if you've read this far you probably know what Docker is), each container has the ability to add metadata - bits and pieces of information that, while they don't really affect the operation of the container itself, they can be useful in some ways. Metadata can contain almost anything really - it is quite arbitrary by nature. Remember MP3's? (I am showing my age as a 90s kid here) - well, think of the "Artist" and "Genre" tags - those are examples of metadata.
So you're probably wondering what all of this has to do with Traefik? Well this is where things get really interesting. Traefik uses metadata to decide how it will treat containers.
This is particularly interesting to me because I am not a programmer. That's right - I know very little about coding in general. I find the idea of using labels to be both
- Robust, and
- Extremely powerful
Now most programmers I know like things to be decidedly explicit - sure, there are plenty of weird exceptions to this rule and any programmer can talk for hours about these exceptions. But in general, they like things to be well defined. Traefik on the other hand, throws these rules out the window and does things in a decidedly nonexplicit sort of way. This opens up all kinds of possibilities for the system administrator (whose role is often very different than that of the developer) to define oddly specific rules!
Here's how: Using traditional reverse proxies was always fairly complicated - it falls under one of those things that a lot of system admins don't like to touch because although it is actually quite simple on paper, always ends up feeling more complicated when you try to configure it. Traefik removes most of the configuration aspects from the proxy itself, and allows you to define rules based on the labels you apply to each frontend. For example:
So what's going on in this diagram? Well, let's say we want to people to be able access blog.perfectleap.com - that sounds like a fairly simple request, but wait a minute! Our blog is hosted at perfectleap.com/blog - that will never do! We need a way to be able to rewrite requests at blog to point to the correct location - perfectleap.com/blog.
In a traditional proxy setup, this can become quite complicated because trying to have multiple re-write rules creates a mess where it's hard to separate out the rules from each other - we wouldn't want all requests going to perfectleap.com to point to the blog! So you can see, Traefik allows us to create separate rules with ease, through the use of it's lovely front-ends and the ubiquitousness of labels!