The presentation contains details of how to set up a fully-fledged environment based on Docker Swarm and Traefk. You will see a multi-tier application stack consisting of Edge router running in the first layer, then the frontend application and NodeJS backend. This is a quite common setup used in a microservices architecture. If you are building a high available environment without a single point of failure, it can be interesting for you.
The source code used in the presentation: https://github.com/jakubhajek/traefik-consul-swarm
2. Introduction
• I am the owner and technical consultant working for Cometari
• I have been system admin since 1998.
• Cometari is an agency implementing DevOps culture, providing consultancy,
workshops and software services.
• Our areas of expertise are DevOps, Elastic Stack (log analysis), Cloud
Computing.
• We are very deeply involved in the travel tech industry, however our solutions
go much further than just integrating travel API’s.
3. —
“I strongly believe that implementing DevOps
culture, across the entire organisation, should
provide measurable value and solve the real
issue rather than generate a new one.”
4. What will be presented
• Key features of Traefik working together with Docker Swarm
• Demo of fully fledged environment running on 4 nodes working as Swarm
cluster.
• Three application stacks will be deployed:
• Replicated Traefik instances with Consul cluster (BETA)
• Frontend app with simple NodeJS Backend
6. TRAEFIK key features
• Modern HTTP reverse proxy and load balancer for micro services working with
Docker Swarm and Kubernetes - just need to point Traefik into your
orchestrator
• Continuously update configuration, no restarts required
• Integration with Let’s Encrypt!
• Immutable image deployed on a cluster
• Configuration done via Docker labels on a service level
8. Challenges with HA and SSL
• We need to have more than one instance of Traefik to provide HA
• Each instance needs to have access to certificates which are already generated
• Docker keeps the persistence locally, no easy way to share the data for other
Traefik instances
• Each component should be stateless, so how to deal with persistence
10. TRAEFIK with CONSUL CLUSTER
• Running Consul cluster consisting of 3+1 nodes
• Keeping the persistence data in Consul, Key - value store
• Each Traefik instance can have access to Consul
• Traefik can keep up to 100 SSL certs
• Data are compressed to reduce the size
• We can easily scale horizontally TRAEFIK instances and still have access to our
SSL certs
11. TRAEFIK IMAGE with built in SSL certs
• Custom image with Traefik with added SSL certs into the image
• Works perfectly if you bought certs from a external provider
• Scalability is simple, no need to care about data persistence
17. Demo environment in details
• Running on 4 virtual machines accessible from Internet
• VM’s have already installed the latest version of Docker
• Swarm cluster is already created
• Three stacks are deployed: Traefik with Consul and App stack
• DNS round robin for each domains used in the demo
• Route 53 (AWS) manages health-checks to update DNS records in case of failure of any VMs
• Domains:
• node-app.labs.cometari.eu
• traefik.labs.cometari.eu
• consul.labs.cometari.eu
• viz.labs.cometari.eu
18. • 3 overlay networks
• SSL Certificates issued by Let’s Encrypt and managed via TRAEFIK
• Consul cluster stores SSL certificates in KV store
• TRAEFIK Edge router is connected with Consul cluster
• WEB server with Frontend app connected to NodeJS backend (optional
service: might be responsible for caching static content)
Demo environment in details
23. Summary
• Fully fledged example of multi tier application stack
• Straightforward configuration, everything is code!
• Immutable images, custom configuration managed by injecting environment
variables
• Easy way to scale up / down a service
• Automatically exposed new services thanks to TRAEFIK, no need to prepare
manually a config files
• Managing of SSL certs is managed in easy way!
• Infrastructure as code!
24. Links
• The source code is available at https://github.com/jakubhajek/traefik-consul-
swarm
• The official Traefik documentation: https://docs.traefik.io/v1.7/configuration/
backends/docker/
• The official Docker Swarm documentation: https://docs.docker.com/engine/
swarm/
• Compose file version 3 references: https://docs.docker.com/compose/
compose-file/