Traefik Pilot Dashboard provides a real-time, high-level overview of your Traefik instances, aggregating metrics and logs from multiple Traefik Edge Routers into a single pane of glass.
Let’s see it in action. Imagine you have two Traefik instances, one running in your production Kubernetes cluster and another in your staging environment.
First, ensure your Traefik instances are configured to send metrics and logs to Traefik Pilot. For Traefik Enterprise, this is typically done via the pilot configuration block in your static configuration:
# traefik.yaml (Static Configuration)
pilot:
token: "your-pilot-token" # Get this from your Traefik Cloud account
dashboard:
enabled: true
addr: ":8080" # The address Pilot will listen on for metrics
# For logs, configure your log provider to send to Pilot
log:
level: "INFO"
filePath: "/var/log/traefik.log" # Or configure your logging driver
If you’re using Traefik Community Edition, you’ll likely be using the OpenTelemetry collector to export metrics and traces to Pilot. Here’s a snippet of a Traefik configuration forwarding to an OpenTelemetry collector, which in turn is configured to send to Traefik Pilot:
# traefik.yaml (Static Configuration for Community Edition)
api:
dashboard: true
insecure: true # For demonstration, use proper auth in production
# Example using OpenTelemetry exporter
tracing:
otel:
address: "otel-collector.your-namespace.svc.cluster.local:4317" # Address of your OpenTelemetry Collector
And your OpenTelemetry Collector configuration (otel-collector-config.yaml):
receivers:
otlp:
protocols:
grpc:
http:
exporters:
# This exporter sends data to Traefik Pilot
otlp:
endpoint: "api.traefik.cloud:443" # Traefik Pilot endpoint
tls:
insecure: false # Use TLS for production
processors:
batch:
service:
pipelines:
traces:
receivers: [otlp]
processors: [batch]
exporters: [otlp]
metrics:
receivers: [otlp]
processors: [batch]
exporters: [otlp]
Once your Traefik instances are configured and running, and your OpenTelemetry collector is set up (if applicable), you’ll see your Traefik instances appear in your Traefik Pilot Dashboard within Traefik Cloud.
The dashboard breaks down into several key areas:
- Overview: A bird’s-eye view of all connected Traefik instances, showing their status, version, and basic health metrics like requests per second and error rates.
- Services: Lists all the services discovered by your Traefik instances. You can drill down into specific services to see which Traefik instances are routing to them, the latency of requests, and the success/failure rates for each backend.
- Routes: Displays all defined routes and their associated metrics. This is invaluable for understanding traffic flow and identifying which routes are experiencing issues.
- Logs: Aggregates logs from all connected Traefik instances. You can filter by instance, log level, and time range to quickly pinpoint errors or unusual activity.
- Alerts: Configure custom alerts based on metrics (e.g., high error rates, increased latency) or log patterns. Traefik Pilot will notify you when these conditions are met.
The mental model for Traefik Pilot is that it acts as a central aggregation point for the telemetry data produced by your Traefik Edge Routers. Traefik itself is designed to be distributed and highly available, often running in multiple instances. Managing and monitoring these distributed instances individually becomes cumbersome. Pilot solves this by collecting metrics (like request counts, latency, status codes) and logs from each instance, normalizing them, and presenting them in a unified, searchable interface. It leverages the pilot configuration block in Traefik Enterprise or OpenTelemetry export for Traefik Community Edition to send this data securely to the Traefik Cloud platform. You control what data is sent and how it’s presented through the configuration of your Traefik instances and the alert rules defined within Traefik Cloud.
A common point of confusion is how Traefik Pilot handles TLS. When configuring Traefik Enterprise to send metrics to Pilot, if you don’t explicitly set tls.insecureSkipVerify to true (which is highly discouraged for production), Traefik will attempt to verify the TLS certificate of the Pilot endpoint. Ensure that your Traefik instances can reach api.traefik.cloud over TLS and that their system’s trust store has the necessary root certificates to validate the connection. For OpenTelemetry, the tls block in the exporter configuration is where you’d manage this.
The next step after getting your Traefik instances reporting to Pilot is to start defining meaningful alerts to proactively catch issues.