Skip to content

Publish a Service

This document explains how to publish a service (application) with Traefik Hub.

Introduction

Publishing a service is the act of exposing an application to the internet, making it accessible from external networks.

Traefik Hub allows you to expose your service using tunneling technology without having deep knowledge about network security, firewall, port forwarding, and more.

Web Interface

To publish a service in the Traefik Hub UI, find the services page on the navigation menu. Then, search for the service you would like to publish and select it.

Cannot find the service?

You can use the search bar in the top right corner of this page. The search bar filters by service name.

service search filter

On the service details page, select the Publish the service button and fill in the parameters.

Service Port

Required

The port is the EntryPoint to which the tunnel forwards the requests. Most of the time, the Traefik Hub Agent detects the service ports. As a service can have multiple ports defined, you will have to select which one to use.

Service Network

Required

The service network may be required for the Hub Agent Traefik. The application and the Traefik Hub Agent must share the same network in order to communicate. The Traefik Hub Agent detects the available networks, and you need to select one.

Access Control Policy

Access Control Policies (ACP) grant access to users based on the authorization header and authentication method configured. Please have a look at the Access Control Policy documentation for more details.

Finish the process by selecting the Save and Publish button. Wait a few seconds before accessing the service. Once ready, you are redirected to the service details page, and a new section now exposes the details of the published service. You can now see the domain name allocated for your service.

Custom Resource Definition

Custom Resource Definition is only available on Kubernetes.

Service publications can be configured from Kubernetes manifest files containing a Traefik Hub custom resource. Custom Resource Definition contains resources that the Traefik Hub Agent can understand in order to manage the publication of services.

The resource is called EdgeIngress from the hub.traefik.io group.

Here is the minimal working configuration to publish a service.

apiVersion: hub.traefik.io/v1alpha1
kind: EdgeIngress
metadata:
  name: my-whoami
spec:
  service:
    name: whoami
    port: 80

To create the ACP, apply the manifest on the cluster using the Kubernetes CLI tool:

kubectl apply -f basic-edge-ingress.yml

You are now able to see the edge ingress in the Traefik Hub UI, and in your Kubernetes cluster:

kubectl get edgeingress my-whoami

References

Name

Required

metadata.name

This is the name of the resource.

The name should have less than 63 characters. It should contain only letters, numbers, and hyphens.

Example:

metadata:
  name: my-edge-ingress

Service Name

Required

spec.service.name

This is the name of the Kubernetes service.

Example:

spec:
  service:
    name: my-service

Service Port

Required

spec.service.port

The port is the entry point on which the tunnel forwards the requests.

Example:

spec:
  service:
    port: 80

Access Control Policy

spec.acp.name

Name of the Access Control Policy to use. If not present, the service is not protected with credentials.

ACPs grant access to users based on the authorization header and authentication method configured. Please have a look at the Access Control Policy documentation for more details.

Example:

spec:
  acp:
    name: my-acp