Traefik Enterprise 2.3 Adds Support for GitOps and OpenAPI

IT operations teams aren’t the only ones who need an efficient, secure, easy-to-use application networking layer. Developers, architects, and DevOps pros number among Traefik’s most enthusiastic users.

Cloud-native methods – including containerization, REST APIs, and microservices – have brought networking front and center in modern software delivery. As a result, application developers need tools that give them greater control over network infrastructure, and the team at Traefik Labs is always working to see that their needs are met.

Traefik Enterprise 2.3, the latest version of the commercially supported, production-grade edition of Traefik, includes two new features aimed squarely at developers and DevOps engineers. The first is support for GitOps practices when deploying Traefik, while the second leverages the OpenAPI standard to make service discovery and integration easier. Let’s take a look at each.

Infrastructure Automation with GitOps

Briefly, GitOps is a method of implementing continuous delivery (CD) for cloud-native applications that uses Git repositories as the source of truth. The technique was originally developed at Weaveworks for use with Kubernetes but has since been adapted to other environments. The central idea is to make developers comfortable when operating infrastructure by allowing them to do it using tools with which they are already familiar.

In the past, much of infrastructure configuration relied on command-line tools, and this was true of Traefik Enterprise, as well. It supplied the teectl tool, which eliminates some of the drudgework of configuration and installation, but this approach isn’t well-suited to CD pipelines.

Traefik Enterprise 2.3 introduces a new internal service to further streamline the process for a GitOps flow for Kubernetes. The procedure is as simple as specifying your Traefik Enterprise license in a Kubernetes Secret, creating a ConfigMap with your static configuration, and querying the service via HTTP to generate your installation manifest, like so:

curl "https://install.enterprise.traefik.io/v2.3" --output manifest.yaml

Once you’ve reviewed the manifest and made any necessary modifications, you can store it in a Git repository in the appropriate directory structure, and then integrate it with GitOps tools such as Argo CD.

The advantages of this approach are several. For one thing, Git automatically keeps a version history of your config files, so you can easily roll back to an earlier version if necessary. Also, Traefik Enterprise’s ability to update the static configuration without a restart means you can apply updates with minimal interruption of service. To learn more about GitOps-style installation, consult the documentation.

Service Visibility with OpenAPI

As services proliferate on the network, so do the connections between them. That means APIs, and lots of them. Staying on top of them all can be challenging for any developer, which is why Traefik Enterprise 2.3 incorporates a new API Portal built around the OpenAPI specification.

OpenAPI (initially known as Swagger) is a language-agnostic interface description language for REST APIs. The API descriptions themselves are defined in JSON files. The idea is to make it easier to auto-generate consistent reference documentation for service APIs, no matter who designed and implemented them.

To use OpenAPI descriptions with Traefik Enterprise, simply enable the new API Portal feature by editing the static configuration to include a path (for example, spec.json) to where the JSON files can be found on each service entrypoint. From there, anyone with access can browse the catalog of the services and their accompanying APIs from Traefik Enterprise’s internal web UI:

What’s more, because the API Portal is just another service managed by Traefik, administrators can choose from the full range of access controls provided by Traefik Middlewares, including Traefik Enterprise’s exclusive, enterprise-grade authentication methods.

To view some examples of how to write API descriptions using OpenAPI, consult the project’s public specification repository. More information on how to use OpenAPI with Traefik Enterprise is available in the documentation.

Empowering Developers

These latest features are just two examples of the ways in which Traefik Enterprise helps give developers greater control over the environments where their apps and services run. As cloud-native architectures continue to encourage organizations to adopt methods like DevOps and site reliability engineering (SRE), you can expect Traefik Labs to continue to deliver features that support this new model.

Other examples of developer-centric technologies that are baked into Traefik Enterprise include support for certificate management using HashiCorp Vault; authentication tools including JWT, LDAP, and OpenID Connect; and a service mesh layer that enables fine-grained control over inter-service communication.

To learn more about how Traefik Enterprise can help your organization boost developer productivity and reduce time-to-delivery, contact Traefik Labs to request a demo. Or better yet, sign up for a 30-day free trial  and explore the features of Traefik Enterprise for yourself.


This is a companion discussion topic for the original entry at https://traefik.io/blog/traefik-enterprise-adds-support-for-gitops-and-openapi/