The leading modern reverse proxy and load balancer that makes deploying microservices easy. Developers #1 API Gateway. Easy Traffic Management. API Gateway + Ingress. GitOps Automation. Cloud Native Solution. Easy Access Control. Service Mesh. Ingress.
Traefik is designed to be as simple as possible to operate, but capable of handling large, highly-complex deployments across a wide range of environments and protocols in public, private, and hybrid clouds. It also comes with a powerful set of middlewares that enhance its capabilities to include load balancing, API gateway, orchestrator ingress, as well as east-west service communication and more.
Run Traefik and let it do the work for you!
Traefik Architecture Overview
Traefik intercepts and routes every incoming request to the corresponding backend services.
Unlike a traditional, statically configured reverse proxy, Traefik uses service discovery to configure itself dynamically from the services themselves. All major protocols are supported and can be flexibly managed with a rich set of configurable middlewares for load balancing, rate-limiting, circuit-breakers, mirroring, authentication, and more.
Traefik also supports SSL termination and can be used with an ACME provider (like Let’s Encrypt) for automatic certificate generation.
Traefik’s extensive features and capabilities stack up to make it the comprehensive gateway to all of your applications.
Traefik Use Cases
Load Balancing
Control load to upstream services with flexible layer 4 and layer 7 routing and load balancing capabilities plus a large middlewares toolkit that enables dynamic scaling, zero-downtime blue-green, and canary deployments, mirroring, and more.
API Gateway
Use Traefik as a reverse proxy in front of API services and Treafik’s expanding middlewares toolkit for offloading of cross-cutting concerns including authentication, rate limiting, and SSL termination. Additional API gateway capabilities and tooling are available for enterprises in Traefik Enterprise.
Kubernetes Ingress
Deploy Traefik as your Kubernetes Ingress Controller to bring Traefik’s power, flexibility, and ease of use to your Kubernetes deployments as well as the rest of your network infrastructure.
Certificate Management
Traefik provides built-in support for Let’s Encrypt (ACME) automatic certificate management as well as dynamically-updatable, user-defined certificates. For Kubernetes and other high-availability deployments, Traefik Enterprise offers distributed Let’s Encrypt support.
Features
Traefik offers a full, production-hardened feature set to meet the requirements of modern, cloud-native applications in any environment and can integrate with legacy systems across multi-cloud, hybrid-cloud, and on-premises deployments.
Routing & load balancing
- Flexible layer 4 and layer 7 routing
- HTTP, HTTP/2, TCP, UDP, Websockets, gRPC
- Mirroring
- Blue-green and canary deployments
- Stickiness
- Active health checks
Security
- Automatic HTTPS
- Let’s Encrypt support
- Custom certificates
- Authentication
Dynamic Configuration
- Services auto-discovery (Kubernetes, Docker Swarm, Red Hat OpenShift, Rancher, Amazon ECS, key-value stores)
- Middlewares (circuit breakers, automatic retries, buffering, response compression, headers, rate limiting)
Observability
- Built-in dashboard
- Distributed tracing (Jaeger, Open Tracing, Zipkin)
- Real-time traffic metrics (Datadog, Grafana, InfluxDB, Prometheus, StatsD)
Traefik Ecosystem
Traefik integrates with every major cluster technology and includes built-in support for the top distributed tracing and metrics providers.
Find out more here.