etcd VS traefik

“etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines.” etcd etcd provides a way to store data across a distributed cluster of machines and make sure the data is synchronized across all machines. You can find more information, as well as the etcd source code, in the etcd GitHub repository etcd

They have an open issue for it and looks like no blockers, and a PR bumping the otel version, so it looks like it's moving.

etcd is a strongly consistent, distributed key-value store that provides a reliable way to store data that needs to be accessed by a distributed system or cluster of machines. It gracefully handles leader elections during network partitions and can tolerate machine failure, even in the leader node.

You can see the etcd implementation of Raft in here: https://github.com/etcd-io/etcd/tree/main/raft

I found this issue https://github.com/etcd-io/etcd/issues/11949

If you want to get into all the details, you can look at Raft and other consensus algorithms; or the code for (relativel) simple implementations, like etcd.io.

Running Docker Container: AdGuard Home, HomeAssistant, Authelia, Traefik, Cloudflare-Tunnel, Flame

Currently I'm using Traefik as reverse proxy, directing web traffic via SNI. This suggests I wil run into problems having an automatically self-configuring reverse proxy the way docker allows.

I'm not sure if Traefik supports this. I see there's an issue here, but I can't find any PR.

Also, using nginx as a reverse proxy + letsencrypt is totally valid. I moved towards Traefik (https://github.com/traefik/traefik) which neatly integrates with containers and does all letsencrypt management for you (no need to maintain a separate letsencrypt service).

This is my first attempt at self-hosting. I currently own a Raspberry Pi 4 Model B and I would like to use that in order to self-host some software like Portainer, FireflyIII, Vikunja, Gitea etc. I intent to use Docker swarm in order to be able to spin up these software as I have a lot of experience with it and adding new nodes to the cluster is pretty straightforward. ## Use case RPi is going to keep running in my home network and I would like to be able to access it from any other network, not just my local one, from my mobile phone and my laptop. However, I am aware that this introduces a lot of security risks that I would like to properly defend against. ## Architecture Users (a handful of people, mainly myself and family members) will hit the IP of my house at 443. Home Router is going to forward the request to [Traefik](https://github.com/traefik/traefik), that is running on the RPi in Docker Swarm mode. Then, based on host rules, Traefik is going to forward the request to the appropriate Docker Swarm service that will handle the request. I have attached a diagram with the above architecture.

Traefik is a self-maintaining HTTP reverse proxy and load balancer that makes deploying microservices as simple as pointing it at your orchestrator. Integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ...) and configures itself automatically and dynamically. A shout out to R8nbowhorse for the suggestion.

Look into external-dns, cert-manager and traefik or istio for ingress/service mesh to expose services from your cluster in a automated way.

But, when I discovered traefik, everything changed. As it has yaml supported configuration, easy to start-with behavior and fully docker support: it became my favorite service discovery tool.

K3s comes by default with traefik as the ingress controller. I heard great things about it, but I prefer to use ingress-nginx. This is simply because I'm more familiar with it. You can choose pretty much any ingress controller you want for Kubernetes, so pick one according to your own preferences.