traefik/templates/marathon.tmpl

278 lines
9.7 KiB
Cheetah
Raw Normal View History

2018-01-10 11:58:03 +01:00
{{ $apps := .Applications }}
[marathon] Use single API call to fetch Marathon resources. Change Marathon provider to make just one API call instead of two per configuration update by means of specifying embedded resources, which enable retrieving multiple response types from the API at once. Apart from the obvious savings in API calls, we primarily gain a consistent view on both applications and tasks that allows us to drop a lot of correlation logic. Additionally, it will serve as the basis for the introduction of readiness checks which require application/task consistency for correct leverage on the proxy end. Additional changes: marathon.go: - Filter on tasks now embedded inside the applications. - Reduce/simplify signature on multiple template functions as we do not need to check for proper application/task correlation anymore. - Remove getFrontendBackend in favor of just getBackend. - Move filtering on enabled/exposed applications from `taskFilter` to `applicationFilter`. (The task filter just reached out to the applications anyway, so it never made sense to locate it with the tasks where the filter was called once for every task even though the result would never change.) - Remove duplicate constraints filter in tasks, where it neither made sense to keep as it operates on the application level only. - Add context to rendering error. marathon_test.go: - Simplify and reduce numerous tests. - Convert tests with high number of cases into parallelized sub-tests. - Improve readability/structure for several tests. - Add missing test for enabled/exposed applications. - Simplify the mocked Marathon server. marathon.tmpl: - Update application/task iteration. - Replace `getFrontendBackend` by `getBackend`.
2017-05-22 23:21:15 +02:00
[backends]
{{range $backendName, $app := $apps }}
2018-01-10 11:58:03 +01:00
[backends."{{ $backendName }}"]
2018-03-26 15:32:04 +02:00
{{ $circuitBreaker := getCircuitBreaker $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $circuitBreaker }}
[backends."{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
2018-10-29 18:42:03 +01:00
{{ $responseForwarding := getResponseForwarding $app.SegmentLabels }}
{{if $responseForwarding }}
[backends."{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
2018-01-10 11:58:03 +01:00
2018-03-26 15:32:04 +02:00
{{ $loadBalancer := getLoadBalancer $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $loadBalancer }}
[backends."{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $maxConn := getMaxConn $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $maxConn }}
[backends."{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $healthCheck := getHealthCheck $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $healthCheck }}
[backends."{{ $backendName }}".healthCheck]
2018-05-14 12:08:03 +02:00
scheme = "{{ $healthCheck.Scheme }}"
2018-01-10 11:58:03 +01:00
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
2018-09-27 13:16:03 -05:00
timeout = "{{ $healthCheck.Timeout }}"
2018-04-16 11:40:03 +02:00
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends.{{ $backendName }}.healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $buffering := getBuffering $app.SegmentLabels }}
2018-01-31 15:32:04 +01:00
{{if $buffering }}
[backends."{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
2018-03-26 15:32:04 +02:00
{{range $serverName, $server := getServers $app }}
2018-01-10 11:58:03 +01:00
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
2015-09-09 22:39:08 +02:00
{{end}}
[frontends]
{{range $backendName, $app := $apps }}
2018-03-26 15:32:04 +02:00
{{ $frontendName := getFrontendName $app }}
2018-01-10 11:58:03 +01:00
[frontends."{{ $frontendName }}"]
backend = "{{ $backendName }}"
2018-03-26 15:32:04 +02:00
priority = {{ getPriority $app.SegmentLabels }}
passHostHeader = {{ getPassHostHeader $app.SegmentLabels }}
passTLSCert = {{ getPassTLSCert $app.SegmentLabels }}
2018-03-26 15:32:04 +02:00
entryPoints = [{{range getEntryPoints $app.SegmentLabels }}
"{{.}}",
{{end}}]
2018-08-29 11:36:03 +02:00
{{ $tlsClientCert := getPassTLSClientCert $app.SegmentLabels }}
{{if $tlsClientCert }}
[frontends."{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
2018-08-29 11:36:03 +02:00
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $app.SegmentLabels }}
2018-07-06 16:52:04 +02:00
{{if $auth }}
[frontends."{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
2018-07-06 16:52:04 +02:00
{{if $auth.Forward.TLS }}
[frontends."{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
2018-07-06 16:52:04 +02:00
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."{{ $frontendName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader }}
2018-07-06 16:52:04 +02:00
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
2018-07-06 16:52:04 +02:00
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $whitelist := getWhiteList $app.SegmentLabels }}
{{if $whitelist }}
[frontends."{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $redirect := getRedirect $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $redirect }}
[frontends."{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
2018-01-31 19:10:04 +01:00
permanent = {{ $redirect.Permanent }}
2018-01-10 11:58:03 +01:00
{{end}}
2018-03-26 15:32:04 +02:00
{{ $errorPages := getErrorPages $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $errorPages }}
[frontends."{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
2018-03-07 22:10:04 +01:00
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
2018-01-10 11:58:03 +01:00
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
2018-04-11 13:54:03 +02:00
backend = "backend{{ $page.Backend }}"
2018-01-10 11:58:03 +01:00
query = "{{ $page.Query }}"
{{end}}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $rateLimit := getRateLimit $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $rateLimit }}
[frontends."{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."{{ $frontendName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
2018-03-07 22:10:04 +01:00
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
2018-01-10 11:58:03 +01:00
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
2018-03-26 15:32:04 +02:00
{{ $headers := getHeaders $app.SegmentLabels }}
2018-01-10 11:58:03 +01:00
{{if $headers }}
[frontends."{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
2018-05-14 11:44:03 +02:00
SSLForceHost = {{ $headers.SSLForceHost }}
2018-01-10 11:58:03 +01:00
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
2018-03-02 14:24:03 +01:00
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
2018-01-10 11:58:03 +01:00
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
2018-01-02 09:42:03 +01:00
2018-01-10 11:58:03 +01:00
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
2018-01-02 09:42:03 +01:00
2018-01-10 11:58:03 +01:00
{{if $headers.CustomRequestHeaders }}
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
2017-12-16 15:36:17 +01:00
{{end}}
2018-01-02 09:42:03 +01:00
2018-01-10 11:58:03 +01:00
{{if $headers.CustomResponseHeaders }}
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
2017-12-16 15:36:17 +01:00
{{end}}
2018-01-02 09:42:03 +01:00
2018-01-10 11:58:03 +01:00
{{if $headers.SSLProxyHeaders }}
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
2017-12-16 15:36:17 +01:00
{{end}}
2018-01-02 09:42:03 +01:00
{{end}}
2017-12-16 15:36:17 +01:00
2018-03-26 15:32:04 +02:00
[frontends."{{ $frontendName }}".routes."route-host{{ $app.ID | replace "/" "-" }}{{ getSegmentNameSuffix $app.SegmentName }}"]
rule = "{{ getFrontendRule $app }}"
{{end}}