I started to use docker in the corporate environment in Switzerland since 2014. In the meantime I built multiple platforms for swiss banking services, all running today on swarm mode and one of them on Docker EE.
From the beginning I used to deploy haproxy as incoming component, matching the hostname eg. the sni in case of TLS and thanks to the brilliant docker-gen lib of jwilder I was able to generate the haproxy backend config continuously. In the meantime multiple projects exists that do the same, like Traefik, gobetween, fabio, flow proxy etc…
Beside of those projects felt a little over-engineered to me, imho there are two main drawbacks when using them:
- Exposing the docker deamon to the container to catch events (even when using a listner like flow-proxy)
- Golang based projects do not support zero-copy, resulting in much more cpu-utilisation
Both drawbacks are now resolved in the new haproxy based tiny swarm-router project below:
This fresh approach does not need labels, env variables or mounting a socket. It simply asks the embedded dns if a service endpoint was registered, so that a request can be legitimated and forwarded to the according container. At the same time the haproxy configuration will be updated and seamless reloaded using socket transfer.
I would be very happy to learn from the community opinion. Github contributions are also welcome.