Traefik 1.0: Modern Reverse Proxy for Cloud-Native Apps

Traefik 1.0: Modern Reverse Proxy for Cloud-Native Apps

Introduction

Traefik 1.0 is a dynamic reverse proxy built for microservices. It discovers backends automatically and supports Let’s Encrypt out of the box—great fit for Kubernetes Ingress scenarios.

Key Ideas

  • Auto‑Discovery via providers (Kubernetes, Docker, etc.).
  • Let’s Encrypt certificate automation.
  • Hot Reloading: Config changes without restarts.

Kubernetes Angle

  • Pair Traefik with Ingress resources to route traffic cleanly.
  • Weighted canaries and path‑based routing ease rollouts.
  • HTTP to HTTPS redirects and sticky sessions are achievable with per-ingress annotations.
  • TCP support is experimental in 1.0—stick to HTTP(S) workloads for now.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: demo
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.frontend.rule.type: PathPrefixStrip
spec:
  tls:
  - hosts:
    - demo.example.com
    secretName: demo-tls
  rules:
  - host: demo.example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: demo-svc
          servicePort: http

Configure Let’s Encrypt via static flags (--acme.email, --acme.storage) for HTTP-01 challenges; DNS-01 support is still incubating, so wildcard certificates require external automation.

Conclusion

A pragmatic ingress/edge choice in 2016, simple, dynamic, and TLS‑friendly.