Traefik
Traefik overview
Traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease.
It can route HTTP requests like Zuul, so it has some overlap with a JHipster gateway, but it works on a lower level than an API Gateway: it only routes HTTP requests and does not provide rate limiting, security or Swagger documentation aggregation.
One of the benefits of Traefik is that is can work with many different service discovery solutions: with JHipster, however, it only works with Consul by default.
It can be used in two different architecture styles, described below.
Architecture diagram 1: default configuration
As Traefik is a reverse proxy and load balancer, it supercedes Zuul, and it routes directly all HTTP requests to the correct service.
In that architecture, a JHipster “gateway” is not a real gateway anymore, it is mostly here to serve the Angular application.
This is our default configuration.
Architecture diagram 2: Traefik and Zuul
Traefik can also work with Zuul: in that case, an HTTP request to a microservice goes through Traefik and then through Zuul before reaching its destination.
This makes one more network request, and thus is less efficient than the previous architecture. However, this allows to use a JHipster gateway to its full potential: it can handle rate limiting or Swagger documentation aggregation.
As a result, Traefik can be used as an edge service, which allows to scale JHipster gateways.
This configuration works out-of-the-box with JHipster: the only issue is that client-side applications use an absolute URL, so for example, for “microservice1”:
- The default URL is “/services/microservice1”, which goes only through Traefik (this is the “default configuration” above).
- The “/services/gateway/microservice1” URL would use the “gateway” application configured in Traefik, which would then use Zuul to reach the “microservice1” application.
Getting started
Please note that Traefik only works with Consul, so this cannot work if you use a JHipster Registry.
To use Traefik in a microservice architecture, run the docker-compose sub-generator and select Traefik when you have the question asking you which gateway you want to use.
This will generate a traefik.yml
configuration for running Traefik in Docker, as well as a traefik/traefik.toml
file, which is Traefik’s configuration file.
This configuration file is set up so that:
- Traefik runs on port
80
, so if you have an application calledgateway
, you can reach it by going to http://localhost/services/gateway/. - The Traefik administration UI is available on port
28080
, so you can visit it at http://localhost:28080.
As Traefik is using Consul, it will also be useful to check the Consul administration UI, which is available on port 8500
: http://localhost:8500.
Configure your Base HREF
Before building the gateway’s Docker image, you will need to configure the base
attribute value in the webpack.common.js
to match the gateway base name. For example, if the gateway base name is gateway
, the base
attribute value should be /services/gateway/
.
Configure for OAuth 2.0
If you have separated the frontend and the api, you don’t need to perform additional configuration locally.
Use npm start
and go to http://localhost:9000
Before building the gateway’s Docker image, it is necessary to Configure your Base HREF and update various files.
Server
In src/main/java/.../config/SecurityConfiguration.java
, you have to change the defaultSuccessUrl
in spring.
For example, if the gateway base name is gateway
, under .oauth2Login()
you have to add .defaultSuccessUrl("/services/gateway/")
.
To handle oauth2 redirection, you need to change default spring.security.oauth2.client.registration.oidc.redirect-uri
in spring application.yml
configuration file.
For example, if the gateway base name is gateway
, you have to add redirect-uri
as below :
oauth2:
client:
registration:
oidc:
# replace 'gateway' by the gateway base name
redirect-uri: "{baseUrl}/services/gateway/login/oauth2/code/{registrationId}"
You can now launch all your infrastructure by running docker-compose up -d
.