Jakub Hajek gave a presentation on routing microservice architectures with Traefik. Traefik is a cloud native edge router that provides automatic discovery, integrates with major cluster technologies, and includes features like TLS termination, load balancing, and request routing. It can be used to implement canary deployments and traffic mirroring to gradually rollout new versions of services. Hajek demonstrated Traefik's capabilities through a demo environment using K3s and Kubernetes custom resource definitions.
2. ▸ I am company owner, technical consultant (SRE)
▸ @_jakubhajek
▸ I work for Cometari
▸ I’ve been system admin since 1998
▸ Traefik Ambassador
▸ Cometari is a solutions company implementing DevOps culture and
providing consultancy, workshops and software services.
▸ Our expertise are DevOps, Elastic Stack - log analysis
INTRODUCTION - JAKUB HAJEK
3. The aim of this presentation is to show how you can easily use
Traefik to publish services in your micro service architectures.
7. TRAEFIK KEY FEATURES
▸ Automatic discovery
▸ Integrates with major cluster technologies
▸ Tracing
▸ Metrics
▸ Lets Encrypt integrated
▸ Route HTTP and TCP/UDP/GRPC requests
▸ Middlewares
8. TRAEFIK 2.X KEY FEATURES
▸ ROUTER= frontend, SERVICE=backend, MIDDLEWARE=rules
▸ Kubernetes CRD
▸ Fully customisable routes via middleware, it can be reused on many
routers
▸ A new dashboard with web UI
▸ Canary deployment with Service Load balancer
▸ Network traffic Mirroring with Service Load balancer
▸ Session Stickiness
16. KUBERNETES CRD AND AVAILABLE CUSTOM RESOURCES
▸ Ingressroute - HTTP routing - http router
▸ Middleware - tweaks the HTTP before they are sent to a
service - HTTP Middleware
▸ TraefikService - abstraction for HTTP LB/mirroring
▸ IngressRouteTCP/IngressRouteUDP - TCP/UDP routing
▸ TLSOptions - TLS connection parameters
https://docs.traefik.io/routing/providers/kubernetes-crd/
https://github.com/containous/traefik/blob/master/docs/content/providers/kubernetes-crd.md
19. CANARY DEPLOYMENT
▸ Deployment vs Release
▸ Instead of switching to new version in one step, we use a phased
approach
▸ We deploy a new app in a small part of the production
infrastructure
▸ Only a few users (1%) are routed to the newest version (Release)
▸ With no errors reported, the new version can be released to the
rest of the infrastructure.
22. MIRRORING OR LIVE TRAFFIC SHADOW
▸ Understand difference between Deployment vs Release
▸ Deployment brings new code to the production, no
production traffic yet!
▸ Run smoke, integration tests to make sure that new deployment has no
impact to your users
▸ Release brings live traffic to a deployment.
▸ We can shadow live traffic to the new deployment and reduce the risk
of failure.
▸ No response send back to the user.
29. DEMO SCENARIOS
▸ Web UI to see how services are deployed
▸ Example of Canary deployment
▸ Example of Mirroring configuration
30. A FEW BENEFITS OF TRAEFIK
▸ Dynamic configuration for dynamic environments
▸ Automatic service discovery
▸ HTTP / TCP / UDP / GRPC
▸ Lets Encrypt, HA with Traefik EE
▸ One single (static) binary
▸ Works also fine with old fashioned environments (VM’s, bare metal)
▸ Tracing, Metrics
▸ Rolling update releases
▸ Custom Middlewares will be added
31. A FEW BENEFITS OF CANARY DEPLOYMENT
▸ Traefik provides flexible way to proceed with canary (K8S, K3S,
Swarm)
▸ Reduce time to market
▸ Canary deployment allows you validate your application in real
production environment
▸ Rolling out releases
▸ No need to maintain a lot of staging / testing environments
32. SOURCE CODE OF CONFIGURATION FILES
▸ https://github.com/jakubhajek/traefik-kubernetescrd
34. “I strongly believe that implementing DevOps culture, across
the entire organisation, should provide measurable value and
solve the real issue rather than generate a new one.”
Jakub Hajek, Cometari