When and Why to use Traefik?
Why use Traefik? #
If you have seen me around in chats, I have been a heavy advocate of traefik over any other reverse proxy. I want you to use it as well for your deployments, if its suitable. Lemme dive into the pros of traefik over other reverse proxies first:
- Traefik is fully docker-native, can pick configuration directly when you attach a few docker labels to your containers
- No sort of reload or restart is required for it to pick your newly put config
- No need to mess with files for 99% of your configuration. Almost everything can be handled from labels.
- Automatic SSL, though Caddy does offer it, this is a one-up over NGINX
- Hassle-free redirections from HTTP to HTTPS
When to deploy Traefik in your infra? #
As listed above, traefik shines only when it is in a full docker infrastructure. Some people might find it really hard to move their infrastructure to full docker from a traditional server deployments. I have seen multiple people have issues when traefik was deployed into a traditional server deployment. Traefik can easily turn into a nightmare if you are not very familar with docker-based deployments.
I would suggest deploying Traefik only if you are fully comfortable with moving your infrastructure to docker, or you already have it like that.
NGINX vs Traefik vs Caddy Performance #
Lets put these webservers on a head-on with a NodeJS webserver, and use bombardier to measure the requests they can handle per second. All of these were run on dockernet to provide an fair playing field.
This was all plotted to figure out how these webservers stand.
Data used with permission from raphielscape
You might be expecting NGINX to lead the front, but its request processing rate is pretty abyssmal compared to what people might think of it.
Traefik, Caddy and Apache lead the front with 8000rps each, and NGINX holds a mere 2000rps.
You might be as well surprised how apache held almost equal to traefik and caddy. Infact better than NGINX, while the outside world thinks otherwise. These graphs are only taking 4000 concurrent connections into consideration. Apache crashed when we tried to load it with anything more than 4000 :)
Closing Thoughts #
You should deploy traefik or caddy depending on your workload. Do note, while caddy and traefik and doing almost head-on with nearly equivalent scores, Caddy still does not have support for DNS validation or certain other features like forward auth, which traefik excels in.
Also another issue with traefik being, it cannot serve static files, or serve php. So with traefik, you will need to have caddy bridging you with these needs.
Avoid NGINX as much as possible, unless your workload needs a feature that isn’t there on both of these, due to how well it performs.