Some of the services I'm passing through Traeffik use UDP, including DNS. For DNS, I have two server classes running. The internal DNS does recursive lookups and resolves domain lookups to internal IP addresses; the external DNS only serves up my domain to the world.
Because it's UDP traffic, Traefik doesn't support much filtering; I tried and failed to get endpoints to differentiate their routing based on source IP. So my next thought is to just run two distinct Traefik instances; one on the external host (which is part of the swarm) and one on the internal swarm. But I want most services to be visible to both instances; it's only a couple services that will have unique endpoint configurations.
Did I miss a trick? Is there a way to filter endpoints by source IP? Because I'd prefer not to run separate Traefik configs. If I must run two distinct Traefik instances, will there be any issues with them both routing to the same containers?
There seems to be no rule for UDP routers (doc):
there is no criterion that could be used as a rule to match incoming packets in order to route them. So UDP "routers" at this time are pretty much only load-balancers in one form or another.
Not sure if ClientIP() is even reasonably possible for rule, you could try with a feature request on Traefik Github.
"There is no criterion that could be used as a rule" is not factually true; we have all the IP protocol details. There just aren't any HTTP headers.
I found the same docs, which is why I gave up on having two endpoints on the same Traefik instance. But I still need to know if it's possible to have two distinct (different configurations running on different hosts) Traefik instances configured to manage the same services as well as some unique UDP endpoints. They'll share most of their configuration, other than the UDP details.
Is that doable? Are there issues or gotchas I should be aware of?
You can create dynamic config files, one for shared and be for unique services.
If you want to use configuration discovery via labels, check constraints (doc) for shared and unique services.