Haproxy based swarm-router on CE edition

Dear Community

I started to use docker in the corporate environment in Switzerland since 2014. In the meantime I built multiple platforms for swiss banking services, all running today on swarm mode and one of them on Docker EE.

From the beginning I used to deploy haproxy as incoming component, matching the hostname eg. the sni in case of TLS and thanks to the brilliant docker-gen lib of jwilder I was able to generate the haproxy backend config continuously. In the meantime multiple projects exists that do the same, like Traefik, gobetween, fabio, flow proxy etc…

Beside of those projects felt a little over-engineered to me, imho there are two main drawbacks when using them:

  1. Exposing the docker deamon to the container to catch events (even when using a listner like flow-proxy)
  2. Golang based projects do not support zero-copy, resulting in much more cpu-utilisation

Both drawbacks are now resolved in the new haproxy based tiny swarm-router project below:

This fresh approach does not need labels, env variables or mounting a socket. It simply asks the embedded dns if a service endpoint was registered, so that a request can be legitimated and forwarded to the according container. At the same time the haproxy configuration will be updated and seamless reloaded using socket transfer.

I would be very happy to learn from the community opinion. Github contributions are also welcome.

Best, Flavio

I took a quick look at the projectproject, way off the deep end for me :slight_smile: I am not sure what use case it is for, but I think I can guess it’s for the fact that the normal “ingress” network that comes with swarm mode does not pass the source IP address correctly unless you do some weird things (which I actually have done so I can get the source IP for one of my services that actually require it, not just for analytics).