[Question] Can/should i use Nginx and/or Traefik with Vulcain? Where should be Varnish?

[dvc]

Hello, everybody! Cool idea, cool project!

But i'm not understand how to modify my current scheme to use Vulcain.

Now:

(https, http/2)-> Traefik -(http)-> Nginx -(static or fastcgi)-> php-fpm (ApiPlatform)

• Traefik is my ingress controller with auto routing to some microservices via docker labels. +http/2 endpoint.
• Nginx handles static files and routes dynamic to php-fpm.

1. How it will looks with Vulcain?
2. Where should be Varnish?

[dunglas]

To be able to use Server Push, Vulcain must be at the edge. Alternatively, you can use reverse proxies able to forward Server Push, but this isn’t supported yet by Nginx and Traefik.

[dvc]

So, i need dedicated entrypoint for custom domain. Without traefik...

(https, http/2)-> Vulcain -(http)->Nginx -(static or fastcgi)-> [Varnish] -> php-fpm (ApiPlatform)

Or create issue to support Vulcain integration to Traefik :)

[soyuka]

Vulcain (http/2 + tls) => Varnish => Nginx => php-fpm

[dvc]

Thank you!

[ottsch]

See traefik/traefik#906

[dvc]

https://docs.traefik.io/routing/routers/#tls_1

By default, Traefik will terminate the SSL connections (meaning that it will send decrypted data to the services), but Traefik can be configured in order to let the requests pass through (keeping the data encrypted), and be forwarded to the service "as is".

# Configuring passthrough
## Dynamic configuration
tcp:
  routers:
    Router-1:
      rule: "HostSNI(`foo-domain`)"
      service: service-id
      tls:
        passthrough: true

Vulcain can be one of traefik 2.x https "Services" or "Servers". Am i right?