This guide helps you get the Telecom Platform running with Traefik as the API Gateway.
- Docker and Docker Compose installed
- Make port 80, 443, and 8080 available
- Domain
api.telecom.com(or modify configuration)
# Make the startup script executable
chmod +x scripts/start-gateway.sh
# Start the platform with API Gateway
./scripts/start-gateway.shAdd the domain to your hosts file:
# On Linux/macOS
echo "127.0.0.1 api.telecom.com" | sudo tee -a /etc/hosts
# On Windows (as Administrator)
echo "127.0.0.1 api.telecom.com" >> C:\Windows\System32\drivers\etc\hosts- Traefik Dashboard: http://localhost:8080
- API Documentation: https://api.telecom.com/api/v1/swagger
- Web Dashboard: http://localhost:3000
- Health Check: https://api.telecom.com/api/v1/health
All services are now accessible through the gateway:
https://api.telecom.com/api/v1/subscribershttps://api.telecom.com/api/v1/authhttps://api.telecom.com/api/v1/users
https://api.telecom.com/v1/credit/{ip}/checkhttps://api.telecom.com/v1/credit/{ip}/deducthttps://api.telecom.com/v1/usage
https://api.telecom.com/v1/es2/downloadhttps://api.telecom.com/v1/carrier/profile
https://api.telecom.com/v1/packet/flowhttps://api.telecom.com/v1/gateway/status
- API endpoints: 100 requests/minute, burst 200
- Charging endpoints: 1000 requests/minute, burst 2000
- Carrier endpoints: 50 requests/minute, burst 100
- HTTPS redirection (80 -> 443)
- XSS protection
- Content Security Policy
- Frame protection
- JWT validation (configure JWT_SECRET env var)
- CORS handling
- Request compression
Access: http://localhost:8080
Shows:
- Active routers and services
- Request metrics
- Health checks
- Middleware status
# View all logs
docker-compose logs -f
# View specific service logs
docker-compose logs -f traefik
docker-compose logs -f api-server
docker-compose logs -f charging-enginePrometheus metrics available at: http://localhost:8080/metrics
# JWT Secret (required for production)
export JWT_SECRET="your-32-character-secret-here"
# Optional: Custom domain
# Update traefik/dynamic/middlewares.yml and service labels- Update service labels in
docker-compose.yml - Update middleware configuration in
traefik/dynamic/middlewares.yml - Update your DNS/hosts file
For production, add certificates to traefik/certs/ and update configuration:
# traefik/traefik.yml
entryPoints:
websecure:
address: ":443"
tls:
certificates:
- certFile: /traefik/certs/api.telecom.com.crt
keyFile: /traefik/certs/api.telecom.com.key- Check if service is running:
docker-compose ps - Check service logs:
docker-compose logs [service-name] - Verify Traefik configuration: http://localhost:8080/dashboard/
- Check middleware configuration in
traefik/dynamic/middlewares.yml - Monitor Traefik dashboard for rate limit status
- Adjust limits in configuration
- Verify JWT_SECRET is set:
echo $JWT_SECRET - Check JWT token format and expiration
- Review Traefik logs for authentication errors
- Monitor Traefik dashboard for request metrics
- Check service health endpoints
- Review resource usage:
docker stats
If you were previously accessing services directly:
# Direct access
curl http://localhost:8000/api/v1/subscribers
curl http://localhost:8081/v1/health# Through gateway
curl https://api.telecom.com/api/v1/subscribers
curl https://api.telecom.com/v1/health- Change base URLs from
http://localhost:PORTtohttps://api.telecom.com - Update authentication headers if needed
- Handle HTTPS certificate validation
- Set strong JWT_SECRET: Use environment variable, not default
- Use real SSL certificates: Obtain from Let's Encrypt or your CA
- Monitor resource usage: Traefik adds minimal overhead
- Backup configuration: Save
traefik/directory - Log rotation: Configure Docker logging drivers
- Health monitoring: Set up alerts for service downtime
- Check logs:
docker-compose logs -f traefik - View dashboard: http://localhost:8080
- Review configuration:
traefik/traefik.ymlandtraefik/dynamic/ - Test endpoints: Use curl or Postman with proper headers