Traefik: Dynamic Load Balancer For ContainersMarcelo Pinheiro

@salizzar

$ whoami• Fireman / Problem Solver /

Programmer since 2000

• Ruby, Python, Golang, Java, C#, Classic ASP, PHP, Node.js, Erlang and others

• Fought, made coffee, negotiated deadlines

• DevOps Engineer @ Work & Co

Load Balancing For MicroservicesA brief introduction.

Load Balancing For Microservices• Load balancing: a technique to

equally distribute traffic between servers (duh.)

• Most popular options runs on Layer 4 or Layer 7 (OSI: Open Systems Interconnection Model)

• Layer 4: operates at the intermediate transport layer (TCP/IP)

• Layer 7: operates at the high-level application layer (user namespace)

Load Balancing For Microservices• L4 options:

• LVM

• L7 options:

• NGINX

• Apache HTTP Server

• HAProxy

• Most public / private clouds have their solutions inside-the-box

Load Balancing For Microservices• In a microservices environment where

one service runs in one instance as a standard and scaling is manual, L4 / L7 load balancing options are good enough

• And about containers?

• AWS ELB supports ECS

• Microsoft Azure supports ACS (but requires DC/OS)

• GCE uses GKE

• OpenStack uses neutron-lbaas

Traditional HTTP Servers and Containers:A not-so-simple path.

Traditional HTTP Servers and Containers• HAProxy, Apache HTTP Server and

NGINX are created before of Microservices / Containers boom

• Based on static vhost configuration

• You need to previously know the number of upstreams to configure

• But how to dynamically discover new servers / containers and discard old ones?

Traditional HTTP Servers and Containers• A solution: Service Discovery

• Automate discover of new servers / containers in a cluster

• A very good explanation: https://www.nginx.com/blog/service-discovery-in-a-microservices-architecture/

• Available options:

• Consul

• etcd

• Apache ZooKeeper

Traditional HTTP Servers and Containers• Most famous solution to Apache

HTTPD, NGINX and HAProxy: consul-template

• Uses Consul as service registry database to discover new instances / containers running

• Dynamically generate vhost files and sends a SIGHUP signal to nginx / httpd daemon reload configurations and apply changes (hot-reload)

Traditional HTTP Servers and Containers• It works? Yes.

• But you need to create a Consul infrastructure

• A Consul master

• Pool of Consul agents

• Dockerized Consul isn’t a good idea

• Obviously, more one dependency

Traefik: Dynamic Load Balancer For ContainersCheese As A Service.

Traefik: Dynamic Load Balancing For Containers• Created by Emile Vauge

• Written in Go

• Focused on microservices

• HTTP/2 Support

• Websockets

• Let’s Encrypt

• Docker, Swarm, Kubernetes, Marathon, Mesos, Consul, Etcd and others

Traefik: Dynamic Load Balancing For Containers

• How it works?

• Traefik listens to backend / orchestrator API’s and detects any changes, applying it

• Routes are dynamically managed

• You can create / update / destroy routes at any time

Traefik: Dynamic Load Balancing For Containers• How it works internally?

• Traefik reads service metadata on Docker / Kubernetes / etcd / etc

• Hosts, ports, load balancing algorithm etc

• You can persist configuration using Consul, BoltDB, Amazon ECS and other backends

• Let’s Encrypt integration requires a key-value storage

Traefik: Dynamic Load Balancing For Containers

• Traefik main concepts:

• Entrypoints: network entry points (HTTP, HTTPS, SSL etc)

• Backends: a load-balancing method to receive requests

• Frontends: set of rules that maps entrypoints to backends

Yes.Live Demo time! Running in a Docker Swarm cluster.

Questions? Is free.About benchmarks, visit https://docs.traefik.io/benchmarks/

Thank you! :)