TraefikEE

Install and set up a TraefikEE cluster on your own servers.

Role Variables

Here are the main settings used in installation (for more detailed options like installation path, service name, and startup commands, check the defaults file):

# Names of groups in the inventory for controllers and proxies
traefikee_controller_group: traefikee_controller
traefikee_proxy_group: traefikee_proxy

# These are set to true only during cluster installation.
traefikee_install: false  # Set to true to install TraefikEE binaries
traefikee_configure: false  # Set to true to configure and start systemd services

# Dynamic configuration
# Each entry here represents a configuration file. If the config is false,
# that config file will be deleted.
#
# example:

# traefikee_cluster_dynamic_config:
#   my_site:
#     http:
#       routers:
#         my-site-router:
#           rule: "Host('www.example.org')"
#           entryPoints:
#             - https
#           service: site
#       services:
#         site:
#           loadBalancer:
#             servers:
#               - url: "http://10.0.0.42:8000"
#   my_old_site: null

traefikee_cluster_dynamic_config: {}

# Get a license key by contacting the Containous sales team
traefikee_license_key: ""

# Information for downloading binaries
traefikee_version: 2.0.2
traefikee_arch: linux_amd64

# At startup, TraefikEE will check the license. This is added as
# environment variables for systemd service.
traefikee_http_proxy: ""
traefikee_https_proxy: "{{ traefikee_http_proxy }}"

# Add extra environment variables here.
# For example, for Lego configuration (https://docs.traefik.io/https/acme/):
# traefikee_environment_extra: |
#   OVH_ENDPOINT=ovh-eu
#   OVH_APPLICATION_KEY=123456
#   OVH_APPLICATION_SECRET=123456
#   OVH_CONSUMER_KEY=abcdef1234
traefikee_environment_extra: ""

# The static configuration matches this mapping exactly.
traefikee_cluster_config:
  entryPoints:
    http:
      address: ":80"
    https:
      address: ":443"
  providers:
    # This provider is needed to use the traefikee_cluster_dynamic_config
    file:
      directory: "{{ traefikee_cluster_dynamic_config_dir }}"
      watch: true

Example Playbook

Here’s how to set up the inventory:

all:
  children:
    traefikee:
      vars:
        # TODO: This is hard-coded for now; ideally, we need to get this from the system facts 
        traefikee_controller_listen_address: 10.108.0.18
        # This should be kept secure
        traefikee_license_key: !vault |
           **********
        traefikee_http_proxy: http://mysquid:3128
      children:
        traefikee_controller:
          hosts:
            traefik-ctl-01.example.net:
        traefikee_proxy:
          hosts:
            traefik-proxy-01.example.net:
            traefik-proxy-02.example.net:

Install and Set Up the Cluster

- hosts: traefikee
  become: yes
  environment:
    # These are required since the installation process needs internet access
    http_proxy: http://mysquid:3128
    https_proxy: http://mysquid:3128
  vars:
    traefikee_install: yes
    traefikee_configure: yes
  roles:
    - traefikee

Update Dynamic Configuration

In this example, the old remove_me configuration is deleted, and my_site is created or updated.

- hosts: traefikee
  become: yes
  vars:
    traefikee_cluster_dynamic_config:
      remove_me: null
      my_site:
        http:
          routers:
            my-site-router:
              rule: "Host('www.example.org')"
              entryPoints:
                - http
              service: site
          services:
            site:
              loadBalancer:
                servers:
                  - url: "http://10.0.0.42:8000"

  roles:
    - traefikee

License

© 2020 – Kosc Telecom

Distributed under GPLV3 terms.