Publish a Service
This document explains how to publish a service (application) with Traefik Hub.
Publishing a service is the act of exposing an application to the internet, making it accessible from external networks.
Traefik Hub allows you to expose your service using tunneling technology without having deep knowledge about network security, firewall, port forwarding, and more.
To publish a service in the Traefik Hub UI, find the services page on the navigation menu. Then, search for the service you would like to publish and select it.
Cannot find the service?
You can use the search bar in the top right corner of this page. The search bar filters by service name.
On the service details page, select the Publish the service button and fill in the parameters.
The port is the EntryPoint to which the tunnel forwards the requests. Most of the time, the Traefik Hub Agent detects the service ports. As a service can have multiple ports defined, you will have to select which one to use.
The service network may be required for the Hub Agent Traefik. The application and the Traefik Hub Agent must share the same network in order to communicate. The Traefik Hub Agent detects the available networks, and you need to select one.
Access Control Policy¶
Access Control Policies (ACP) grant access to users based on the authorization header and authentication method configured. Please have a look at the Access Control Policy documentation for more details.
Finish the process by selecting the Save and Publish button. Wait a few seconds before accessing the service. Once ready, you are redirected to the service details page, and a new section now exposes the details of the published service. You can now see the domain name allocated for your service.
Custom Resource Definition¶
Custom Resource Definition is only available on Kubernetes.
Service publications can be configured from Kubernetes manifest files containing a Traefik Hub custom resource. Custom Resource Definition contains resources that the Traefik Hub Agent can understand in order to manage the publication of services.
The resource is called
EdgeIngress from the
Here is the minimal working configuration to publish a service.
apiVersion: hub.traefik.io/v1alpha1 kind: EdgeIngress metadata: name: my-whoami spec: service: name: whoami port: 80
To create the ACP, apply the manifest on the cluster using the Kubernetes CLI tool:
kubectl apply -f basic-edge-ingress.yml
You are now able to see the edge ingress in the Traefik Hub UI, and in your Kubernetes cluster:
kubectl get edgeingress my-whoami
This is the name of the resource.
The name should have less than 63 characters. It should contain only letters, numbers, and hyphens.
metadata: name: my-edge-ingress
This is the name of the Kubernetes service.
spec: service: name: my-service
The port is the entry point on which the tunnel forwards the requests.
spec: service: port: 80
Access Control Policy¶
Name of the Access Control Policy to use. If not present, the service is not protected with credentials.
ACPs grant access to users based on the authorization header and authentication method configured. Please have a look at the Access Control Policy documentation for more details.
spec: acp: name: my-acp