Skip to content
GitHub
  • 53.8k Stars
  • 5.3k Forks

Traefik & Redis

A Story of KV store & Containers

Store your configuration in Redis and let Traefik do the rest!

Dynamic configuration updates

Dynamic configuration updates require Redis keyspace notifications to be enabled. Cloud-managed Redis services (e.g., GCP Memorystore, AWS ElastiCache) may disable this by default due to CPU performance issues. For more information, see the Redis documentation or refer to your cloud provider's documentation for specific configuration steps.

Routing Configuration

See the dedicated section in routing.

Provider Configuration

endpoints

Required, Default="127.0.0.1:6379"

Defines how to access Redis.

providers:
  redis:
    endpoints:
      - "127.0.0.1:6379"
[providers.redis]
  endpoints = ["127.0.0.1:6379"]
--providers.redis.endpoints=127.0.0.1:6379

rootKey

Required, Default="traefik"

Defines the root key of the configuration.

providers:
  redis:
    rootKey: "traefik"
[providers.redis]
  rootKey = "traefik"
--providers.redis.rootkey=traefik

username

Optional, Default=""

Defines a username to connect with Redis.

providers:
  redis:
    # ...
    username: "foo"
[providers.redis]
  # ...
  username = "foo"
--providers.redis.username=foo

password

Optional, Default=""

Defines a password to connect with Redis.

providers:
  redis:
    # ...
    password: "bar"
[providers.redis]
  # ...
  password = "bar"
--providers.redis.password=foo

db

Optional, Default=0

Defines the database to be selected after connecting to the Redis.

providers:
  redis:
    # ...
    db: 0
[providers.redis]
  db = 0
--providers.redis.db=0

tls

Optional

Defines the TLS configuration used for the secure connection to Redis.

ca

Optional

ca is the path to the certificate authority used for the secure connection to Redis, it defaults to the system bundle.

providers:
  redis:
    tls:
      ca: path/to/ca.crt
[providers.redis.tls]
  ca = "path/to/ca.crt"
--providers.redis.tls.ca=path/to/ca.crt

cert

Optional

cert is the path to the public certificate used for the secure connection to Redis. When using this option, setting the key option is required.

providers:
  redis:
    tls:
      cert: path/to/foo.cert
      key: path/to/foo.key
[providers.redis.tls]
  cert = "path/to/foo.cert"
  key = "path/to/foo.key"
--providers.redis.tls.cert=path/to/foo.cert
--providers.redis.tls.key=path/to/foo.key

key

Optional

key is the path to the private key used for the secure connection to Redis. When using this option, setting the cert option is required.

providers:
  redis:
    tls:
      cert: path/to/foo.cert
      key: path/to/foo.key
[providers.redis.tls]
  cert = "path/to/foo.cert"
  key = "path/to/foo.key"
--providers.redis.tls.cert=path/to/foo.cert
--providers.redis.tls.key=path/to/foo.key

insecureSkipVerify

Optional, Default=false

If insecureSkipVerify is true, the TLS connection to Redis accepts any certificate presented by the server regardless of the hostnames it covers.

providers:
  redis:
    tls:
      insecureSkipVerify: true
[providers.redis.tls]
  insecureSkipVerify = true
--providers.redis.tls.insecureSkipVerify=true

sentinel

Optional

Defines the Sentinel configuration used to interact with Redis Sentinel.

masterName

Required

masterName is the name of the Sentinel master.

providers:
  redis:
    sentinel:
      masterName: my-master
[providers.redis.sentinel]
  masterName = "my-master"
--providers.redis.sentinel.masterName=my-master

username

Optional

username is the username for Sentinel authentication.

providers:
  redis:
    sentinel:
      username: user
[providers.redis.sentinel]
  username = "user"
--providers.redis.sentinel.username=user

password

Optional

password is the password for Sentinel authentication.

providers:
  redis:
    sentinel:
      password: password
[providers.redis.sentinel]
  password = "password"
--providers.redis.sentinel.password=password

latencyStrategy

Optional, Default=false

latencyStrategy defines whether to route commands to the closest master or replica nodes (mutually exclusive with RandomStrategy and ReplicaStrategy).

providers:
  redis:
    sentinel:
      latencyStrategy: true
[providers.redis.sentinel]
latencyStrategy = true
--providers.redis.sentinel.latencyStrategy=true

randomStrategy

Optional, Default=false

randomStrategy defines whether to route commands randomly to master or replica nodes (mutually exclusive with LatencyStrategy and ReplicaStrategy).

providers:
  redis:
    sentinel:
      randomStrategy: true
[providers.redis.sentinel]
randomStrategy = true
--providers.redis.sentinel.randomStrategy=true

replicaStrategy

Optional, Default=false

replicaStrategy Defines whether to route all commands to replica nodes (mutually exclusive with LatencyStrategy and RandomStrategy).

providers:
  redis:
    sentinel:
      replicaStrategy: true
[providers.redis.sentinel]
replicaStrategy = true
--providers.redis.sentinel.replicaStrategy=true

useDisconnectedReplicas

Optional, Default=false

useDisconnectedReplicas defines whether to use replicas disconnected with master when cannot get connected replicas.

providers:
  redis:
    sentinel:
      useDisconnectedReplicas: true
[providers.redis.sentinel]
useDisconnectedReplicas = true
--providers.redis.sentinel.useDisconnectedReplicas=true