Traefik, a well-known name in cloud-native open-source proxies, released version 3.4, “Chaource,” which brings some significant enhancements, resulting in smoother operations and increased efficiency.
One of the standout additions is distributed rate-limiting through Redis integration, which ensures consistent traffic management across multiple Traefik instances.
By centrally enforcing rules, distributed rate-limiting prevents scenarios where certain services monopolize resources, providing fair usage across clusters and mitigating API abuse or traffic spikes risks.
Another release’s highlight is an intelligent load-balancing method, “Power of Two Choices” (P2C). This strategy smartly routes incoming requests by assessing the load of two random backend servers, ultimately choosing the least busy.
As you can expect, this technique reduces server overload, enhancing traffic distribution and stability, especially under heavy load conditions.
It’s worth noting also the new feature related to the ability to specify custom server URLs through labels for Docker, Swarm, ECS, Consul, and Nomad deployments, which allows greater flexibility by bypassing the container’s default IP, enabling more precise control over traffic routing.
Apart from those mentioned above, additional enhancements enrich this release:
- Internally, the experimental usage of maps and slices has been transitioned to standard libraries for improved stability and performance.
- Improved ACME functionality, with new customization options for certificate management.
- Kubernetes integration sees notable improvements, including enhanced CEL validation, ingress statuses for ClusterIP and NodePort services, and added capability to integrate root CA certificates via ConfigMaps.
- Gateway API now allows users to set priorities within TLSRoute rules.
- Middleware updates include preserving original HTTP request methods and dynamic rewriting of HTTP status codes.
- Sticky session management now supports specifying cookie domains, offering more granular control over session persistence.
- Security and TLS enhancements enable the disabling of TLS session tickets and the incorporation of extra CA certificates through Kubernetes ConfigMaps.
- UDP routing capabilities have expanded with systemd socket activation, enabling Traefik to manage UDP traffic efficiently.
- The user interface is now more adaptive, automatically switching between light and dark themes based on system settings.
Check out the release announcement or look at the changelog for the full list of all novelties in Traefik 3.4 Proxy.
