[denysvitali]

So much hate for Traefik here. I don't get it. I personally use it and find it amazing, but I read elsewhere that their enterprise offering is prohibitively expensive.

I wish them to succeed, Traefik has been one of my favorite choices for Kubernetes for a long time now :)

[mike_d]

They consider caching and TLS to be enterprise features.

If you can't get the basics right, you stay at the kids table forever.

[denysvitali]

Wdym TLS is an enterprise feature? I'm using mTLS and TLS in their OSS version. The certificates are generated via cert-manager. If you expect something like Caddy's auto-provision of certs, then (AFAIK) neither HAProxy nor NGINX have it

[jspdown]

Traefik maintainer here.

I can confirm that bring-your-own certificates, ACME, and mTLS are all included in the OSS version. For enterprise users, Traefik Hub also provides seamless integration with HashiCorp Vault.

Regarding the cache middleware: like many of our more advanced middlewares, you have two options. You can use a community-maintained plugin (such as Souin), or your organization can purchase an enterprise license to access TraefikLabs' officially maintained built-in middleware as part of Traefik Hub API Gateway or Traefik Hub API Management.

[mike_d]

> I can confirm that bring-your-own certificates, ACME, and mTLS are all included in the OSS version

If I open a pull request for distributed Lets Encrypt, you'd accept it?

> Regarding the cache middleware ... purchase an enterprise license

Literally what I said. Also the oddest thing to strip out to get people to pay for enterprise.

[jspdown]

I suppose yes. That's actually what happened with distributed rate-limit.

[mike_d]

https://doc.traefik.io/traefik-hub/api-gateway/secure/tls/le...

They actively block the use of any sort of certificate store that would allow you to run a sane setup with HA.