Traefik & Etcd¶
A Story of KV store & Containers
Store your configuration in etcd and let Traefik do the rest!
Routing Configuration¶
See the dedicated section in routing.
Provider Configuration¶
endpoints
¶
Required, Default="127.0.0.1:2379"
Defines how to access etcd.
providers:
etcd:
endpoints:
- "127.0.0.1:2379"
[providers.etcd]
endpoints = ["127.0.0.1:2379"]
--providers.etcd.endpoints=127.0.0.1:2379
rootKey
¶
Required, Default="traefik"
Defines the root key of the configuration.
providers:
etcd:
rootKey: "traefik"
[providers.etcd]
rootKey = "traefik"
--providers.etcd.rootkey=traefik
username
¶
Optional, Default=""
Defines a username with which to connect to etcd.
providers:
etcd:
# ...
username: "foo"
[providers.etcd]
# ...
username = "foo"
--providers.etcd.username=foo
password
¶
Optional, Default=""
Defines a password with which to connect to etcd.
providers:
etcd:
# ...
password: "bar"
[providers.etcd]
# ...
password = "bar"
--providers.etcd.password=foo
tls
¶
Optional
Defines the TLS configuration used for the secure connection to etcd.
ca
¶
Optional
ca
is the path to the certificate authority used for the secure connection to etcd,
it defaults to the system bundle.
providers:
etcd:
tls:
ca: path/to/ca.crt
[providers.etcd.tls]
ca = "path/to/ca.crt"
--providers.etcd.tls.ca=path/to/ca.crt
cert
¶
Optional
cert
is the path to the public certificate used for the secure connection to etcd.
When using this option, setting the key
option is required.
providers:
etcd:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
[providers.etcd.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
--providers.etcd.tls.cert=path/to/foo.cert
--providers.etcd.tls.key=path/to/foo.key
key
¶
Optional
key
is the path to the private key used for the secure connection to etcd.
When using this option, setting the cert
option is required.
providers:
etcd:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
[providers.etcd.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
--providers.etcd.tls.cert=path/to/foo.cert
--providers.etcd.tls.key=path/to/foo.key
insecureSkipVerify
¶
Optional, Default=false
If insecureSkipVerify
is true
, the TLS connection to etcd accepts any certificate presented by the server regardless of the hostnames it covers.
providers:
etcd:
tls:
insecureSkipVerify: true
[providers.etcd.tls]
insecureSkipVerify = true
--providers.etcd.tls.insecureSkipVerify=true