Provider for Traefik to use Apache Mesos



Traefik is an HTTP, TCP and UDP reverse proxy and LoadBalancer for Microservice environments. Officially Traefik 2.x does not support Apache Mesos but only Marathon. To have a good and flexible LoadBalancer, which does not only work for certain Mesos frameworks, we have developed a developed an appropriate provider.

How to use the Docker image?

Using our Traefik Docker image is relatively simple. The only difference to the original is that the directory in which the traefik.toml file is located is passed as a volume. This has the advantage that (if ACME SSL providers are used) ACME state files are also stored persistently.

docker run -p 80:80 -p 443:433 -p 9000:9000 -v <config_toml_directory>:/data:rw avhost/traefik_mesos:<version>

How to add Mesos to the Traefik configuration?

To use Apache Mesos as a provider, the following configuration must be adapted and adopted.

[providers.mesos]
endpoint = "<your_mesos_master>"
principal = "<mesos_usernname>"
secret = "<mesos_password>"
SSL = false

How are Traefik routes and services used in Mesos?

In order for Traefik to know the services to which corresponding routes are to be generated, these must be added in the form of labels to the respective Mesos tasks (or Marathon Apps). to the respective Mesos Tasks (or Marathon Apps).

As example:

    "traefik.enable": "true",
    "traefik.http.routers.homepage-ssl.tls": "true",
    "traefik.http.routers.homepage.entrypoints": "web",

    "traefik.http.middlewares.homepage.redirectscheme.scheme": "https",

    # The service object with the name "homepage-web" and "homepage-web-ssl" will be generated from the name of the Mesos Task (or Marathon) PortMapping object.
    "traefik.http.routers.homepage-ssl.service": "homepage-web",
    "traefik.http.routers.homepage.service": "homepage-web",

    "traefik.http.routers.homepage.rule": "Host(`your.example.com`)",
    "traefik.http.routers.homepage-ssl.rule": "Host(`your.example.com`)",
    "traefik.http.routers.homepage-ssl.tls.certresolver": "sslcert",
    "traefik.http.routers.homepage-ssl.entrypoints": "websecure",

    "traefik.http.services.homepage.loadBalancer.healthCheck.path": "/index.html"
    "traefik.http.services.homepage.loadBalancer.healthCheck.interval": "10s"
    "traefik.http.services.homepage.loadBalancer.healthCheck.timeout": "3s"    

After that, the services and routers will be visible in the Traefik environment accordingly.

The new “Healthcheck” feature is also supported.