Read this post before upgrading Traefik to v2

Tram Ho

Hello everyone, this article I mentioned a little bit about Traefik – an opensource software that I have introduced on Viblo. At that time, the latest version of Traefik was version v1.7 . After a long time of development, in October 2019, Traefik was released v2 version with a lot of changes and improvements. Let us also explore whether Traefik v2 is better than this article!

Traefik v1.7 – Score through

A bit back and forth! Traefik is a reverse-proxy, friendly to the micro services architecture – making it easier to deploy system services. Used in combination with Docker, K8s … Traefik configuration to publish a web service with Docker through docker label so deployment is quite simple:

You can build a simple stack above:

In Traefik v1.7, we know there are three main concepts: Entrypoint , Frontend and Backend :

  • Entrypoint: Are connection points between Traefik and “the world” such as entrypoint name, how many listen ports, ssl or not? …
  • Frontend: Contains rules declarations for determining how to route to backend properly.
  • Backend: Mapping corresponds to the service, supports loadbalancing.

Traefik v2.x

Traefik v2 now has support for static configuration files in TOML format, and also adds YAML. If you are a fan of YAML then congratulations!

In the next section we will explore new things on v2 and migrate the small stack above to v2.


Although Traefik v1 also supports a lot of Infrastructure such as: Docker, Kubernetes, Amazon ECS … but the configurations are still quite discrete. In v2, it was all referred to as a provider . The idea is that Traefik will query the provider’s APIs to find information for routing. Supported providers include:

ProviderTypeConfiguration Type
KubernetesOrchestratorCustom Resource
Consul CatalogOrchestratorLabel
FileManualTOML / YAML format

In this article, I use Traefik + Docker so I will use the provider, Docker. In addition, some providers are not yet supported but will probably be provided in the near future:

firstAzure Service Fabric

Therefore, please consider carefully if you plan to upgrade Traefik to v2! 😉

Frontend, Backend are dead?

In addition to the above Provider, Traefik also rewrote and reorganized a number of components including Frontend and Backend – They were all dead . And the replacement will be new components including routers, services and middleware.

  • Router: Similar to Frontend in v1 helps detect whether the request will need to navigate to which “Service” each router will target a corresponding service.
  • Service: takes the same role as Backend in v1, only way to incomming the request will reach the actual service as desired by the Router . And it still comes with the same load balancer configuration as v1.
  • Middleware: The same role in Laravel: v It is used to refine requests before the router sends them to the service, or before the response from the services returned to the client.

Because of this big change, all the configs for routing have been changed. Details of the rules / matcher will be changed at . Some matcher changes to check basic requests include:

Headers (key, value)If the header contains key=value
HeadersRegexp (key, regexp)If the header has a key with value satisfying regex regexp
Host (domain-1, …)Request to one of domain-1 , …
HostRegexp (, {subdomain: [az] +}., ...)The request to the domain is satisfied by the regex
Method (GET, ...)Check the HTTP method
Path (/ path, / articles / {category} / {id: [0-9] +} , ...)Checks if the unarchived URL matches /path or regex
PathPrefix (/ products /, / articles / {category} / {id: [0-9] +})Check URLs with paths starting with /products/ or regex
Query (foo = bar, bar = baz)If the request has a matching query string ?foo=bar or ?bar=baz

Traefik v2 "makeover"

Also because of the refactoring as above, v2 has a lot of breaking change with v1. Now I will convert Traefik v1 configuration to v2 to see if it is any different!


Instead of using the label , we will now use traefik.http.routers.ctf.rule=Host(`) . It is a breaking change in routing. We can see the new labels at the Docker Provider and Routing with Docker pages.

Some commonly used docker labels remain the same as v1:

  • traefik.enable = true // override again config exposedByDefault
  • = traefik-net // specify docker network

In addition, Traefik v2 has also changed with a new modern coat, clear layout and eye-catching:

Traefik Dashboard

Traefik Routers

Traefik Service Detail, load lablancer with 5 servers

HTTPS redirection

Config to redirect from HTTP to HTTPS is removed from entryPoints . Instead, it will be applied in the Router using one of the middleware: RedirectRegex or RedirectScheme . Example of using RedirectScheme with docker:

ACME (Let’s Encrypt)

ACME is a config to use Let’s Encrypt to automatically generate a cert key for https free. This version will replace config key acme with certificatesResolvers .

Traefik Logs

There is a small change to the logs configuration of Traefik. Note, there are many types of logs configuration such as Traefik log, access log, metric logs … and this part I am referring to is Traefik log. In version 2, all of the configs for the traefik log are now in [log] ; logLevel will shorten to level , which looks like this:


Traefik still implement complies with OpenTracing . V2 will support more distributed tracing systems:

Distributed SystemVersion 1Version 2

Along with that is a small change in the config. The backend key will no longer be available on version 2:


Metrics in version 2 will support services. In addition, Traefik still supports the same metric for entry points as version 1. As for config, it is still the same as v1.

Version 2 still supports 4 systems including:

Backend SystemVersion 1Version 2

No more config at Root Level

If you notice the config changes above, you will realize that the root level key have been moved into a certain group. Actually, this version removed all the root level keys in the config file. Such as:

Share the news now

Source : Viblo