2017-08-25 14:10:03 +00:00
package configuration
2015-09-07 08:38:58 +00:00
2015-09-25 09:44:19 +00:00
import (
2016-01-23 16:41:56 +00:00
"fmt"
2016-05-03 14:52:14 +00:00
"strings"
"time"
2016-08-05 14:02:46 +00:00
2017-03-27 09:51:53 +00:00
"github.com/containous/flaeg"
2017-11-27 13:26:04 +00:00
"github.com/containous/traefik-extra-service-fabric"
2016-08-05 14:02:46 +00:00
"github.com/containous/traefik/acme"
2017-11-09 15:12:04 +00:00
"github.com/containous/traefik/api"
2017-09-26 08:22:03 +00:00
"github.com/containous/traefik/log"
2018-01-10 16:48:04 +00:00
"github.com/containous/traefik/middlewares/tracing"
2017-11-09 15:12:04 +00:00
"github.com/containous/traefik/ping"
2018-03-05 19:54:04 +00:00
acmeprovider "github.com/containous/traefik/provider/acme"
2017-04-17 10:50:02 +00:00
"github.com/containous/traefik/provider/boltdb"
"github.com/containous/traefik/provider/consul"
2018-01-04 14:56:03 +00:00
"github.com/containous/traefik/provider/consulcatalog"
2017-04-15 13:49:53 +00:00
"github.com/containous/traefik/provider/docker"
2017-04-17 10:50:02 +00:00
"github.com/containous/traefik/provider/dynamodb"
"github.com/containous/traefik/provider/ecs"
"github.com/containous/traefik/provider/etcd"
"github.com/containous/traefik/provider/eureka"
"github.com/containous/traefik/provider/file"
"github.com/containous/traefik/provider/kubernetes"
"github.com/containous/traefik/provider/marathon"
"github.com/containous/traefik/provider/mesos"
"github.com/containous/traefik/provider/rancher"
2017-11-09 15:12:04 +00:00
"github.com/containous/traefik/provider/rest"
2017-04-17 10:50:02 +00:00
"github.com/containous/traefik/provider/zk"
2017-11-09 11:16:03 +00:00
"github.com/containous/traefik/tls"
2016-08-05 14:02:46 +00:00
"github.com/containous/traefik/types"
2015-09-25 09:44:19 +00:00
)
2017-08-18 13:34:04 +00:00
const (
2017-11-09 15:12:04 +00:00
// DefaultInternalEntryPointName the name of the default internal entry point
DefaultInternalEntryPointName = "traefik"
2017-08-18 13:34:04 +00:00
// DefaultHealthCheckInterval is the default health check interval.
DefaultHealthCheckInterval = 30 * time . Second
// DefaultDialTimeout when connecting to a backend server.
DefaultDialTimeout = 30 * time . Second
2017-08-25 14:10:03 +00:00
2017-08-18 13:34:04 +00:00
// DefaultIdleTimeout before closing an idle connection.
DefaultIdleTimeout = 180 * time . Second
2017-09-26 08:22:03 +00:00
// DefaultGraceTimeout controls how long Traefik serves pending requests
// prior to shutting down.
DefaultGraceTimeout = 10 * time . Second
2017-08-18 13:34:04 +00:00
)
2017-03-24 08:36:33 +00:00
2015-11-06 17:11:57 +00:00
// GlobalConfiguration holds global configuration (with providers, etc.).
// It's populated from the traefik configuration file passed as an argument to the binary.
2015-09-10 13:13:35 +00:00
type GlobalConfiguration struct {
2017-10-02 15:18:24 +00:00
LifeCycle * LifeCycle ` description:"Timeouts influencing the server life cycle" export:"true" `
GraceTimeOut flaeg . Duration ` short:"g" description:"(Deprecated) Duration to give active requests a chance to finish before Traefik stops" export:"true" ` // Deprecated
2017-10-02 08:32:02 +00:00
Debug bool ` short:"d" description:"Enable debug mode" export:"true" `
CheckNewVersion bool ` description:"Periodically check if a new version has been released" export:"true" `
2017-11-25 12:36:03 +00:00
SendAnonymousUsage bool ` description:"send periodically anonymous usage statistics" export:"true" `
2017-10-02 08:32:02 +00:00
AccessLogsFile string ` description:"(Deprecated) Access logs file" export:"true" ` // Deprecated
AccessLog * types . AccessLog ` description:"Access log settings" export:"true" `
2017-10-02 15:18:24 +00:00
TraefikLogsFile string ` description:"(Deprecated) Traefik logs file. Stdout is used when omitted or empty" export:"true" ` // Deprecated
TraefikLog * types . TraefikLog ` description:"Traefik log settings" export:"true" `
2018-01-10 16:48:04 +00:00
Tracing * tracing . Tracing ` description:"OpenTracing configuration" export:"true" `
2017-10-02 08:32:02 +00:00
LogLevel string ` short:"l" description:"Log level" export:"true" `
EntryPoints EntryPoints ` description:"Entrypoints definition using format: --entryPoints='Name:http Address::8000 Redirect.EntryPoint:https' --entryPoints='Name:https Address::4442 TLS:tests/traefik.crt,tests/traefik.key;prod/traefik.crt,prod/traefik.key'" export:"true" `
Cluster * types . Cluster ` description:"Enable clustering" export:"true" `
Constraints types . Constraints ` description:"Filter services by constraint, matching with service tags" export:"true" `
ACME * acme . ACME ` description:"Enable ACME (Let's Encrypt): automatic SSL" export:"true" `
DefaultEntryPoints DefaultEntryPoints ` description:"Entrypoints to be used by frontends that do not specify any entrypoint" export:"true" `
ProvidersThrottleDuration flaeg . Duration ` description:"Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time." export:"true" `
MaxIdleConnsPerHost int ` description:"If non-zero, controls the maximum idle (keep-alive) to keep per-host. If zero, DefaultMaxIdleConnsPerHost is used" export:"true" `
IdleTimeout flaeg . Duration ` description:"(Deprecated) maximum amount of time an idle (keep-alive) connection will remain idle before closing itself." export:"true" ` // Deprecated
InsecureSkipVerify bool ` description:"Disable SSL certificate verification" export:"true" `
2017-11-09 11:16:03 +00:00
RootCAs tls . RootCAs ` description:"Add cert file for self-signed certificate" `
2017-10-02 08:32:02 +00:00
Retry * Retry ` description:"Enable retry sending request if network error" export:"true" `
HealthCheck * HealthCheckConfig ` description:"Health check parameters" export:"true" `
RespondingTimeouts * RespondingTimeouts ` description:"Timeouts for incoming requests to the Traefik instance" export:"true" `
ForwardingTimeouts * ForwardingTimeouts ` description:"Timeouts for requests forwarded to the backend servers" export:"true" `
2017-11-09 15:12:04 +00:00
Web * WebCompatibility ` description:"(Deprecated) Enable Web backend with default settings" export:"true" ` // Deprecated
2017-10-02 08:32:02 +00:00
Docker * docker . Provider ` description:"Enable Docker backend with default settings" export:"true" `
File * file . Provider ` description:"Enable File backend with default settings" export:"true" `
Marathon * marathon . Provider ` description:"Enable Marathon backend with default settings" export:"true" `
Consul * consul . Provider ` description:"Enable Consul backend with default settings" export:"true" `
2018-01-04 14:56:03 +00:00
ConsulCatalog * consulcatalog . Provider ` description:"Enable Consul catalog backend with default settings" export:"true" `
2017-10-02 08:32:02 +00:00
Etcd * etcd . Provider ` description:"Enable Etcd backend with default settings" export:"true" `
Zookeeper * zk . Provider ` description:"Enable Zookeeper backend with default settings" export:"true" `
Boltdb * boltdb . Provider ` description:"Enable Boltdb backend with default settings" export:"true" `
Kubernetes * kubernetes . Provider ` description:"Enable Kubernetes backend with default settings" export:"true" `
Mesos * mesos . Provider ` description:"Enable Mesos backend with default settings" export:"true" `
Eureka * eureka . Provider ` description:"Enable Eureka backend with default settings" export:"true" `
ECS * ecs . Provider ` description:"Enable ECS backend with default settings" export:"true" `
Rancher * rancher . Provider ` description:"Enable Rancher backend with default settings" export:"true" `
DynamoDB * dynamodb . Provider ` description:"Enable DynamoDB backend with default settings" export:"true" `
2017-11-27 13:26:04 +00:00
ServiceFabric * servicefabric . Provider ` description:"Enable Service Fabric backend with default settings" export:"true" `
2017-11-09 15:12:04 +00:00
Rest * rest . Provider ` description:"Enable Rest backend with default settings" export:"true" `
API * api . Handler ` description:"Enable api/dashboard" export:"true" `
Metrics * types . Metrics ` description:"Enable a metrics exporter" export:"true" `
Ping * ping . Handler ` description:"Enable ping" export:"true" `
}
// WebCompatibility is a configuration to handle compatibility with deprecated web provider options
type WebCompatibility struct {
Address string ` description:"Web administration port" export:"true" `
CertFile string ` description:"SSL certificate" export:"true" `
KeyFile string ` description:"SSL certificate" export:"true" `
ReadOnly bool ` description:"Enable read only API" export:"true" `
Statistics * types . Statistics ` description:"Enable more detailed statistics" export:"true" `
Metrics * types . Metrics ` description:"Enable a metrics exporter" export:"true" `
Path string ` description:"Root path for dashboard and API" export:"true" `
Auth * types . Auth ` export:"true" `
Debug bool ` export:"true" `
}
func ( gc * GlobalConfiguration ) handleWebDeprecation ( ) {
if gc . Web != nil {
log . Warn ( "web provider configuration is deprecated, you should use these options : api, rest provider, ping and metrics" )
if gc . API != nil || gc . Metrics != nil || gc . Ping != nil || gc . Rest != nil {
log . Warn ( "web option is ignored if you use it with one of these options : api, rest provider, ping or metrics" )
return
}
gc . EntryPoints [ DefaultInternalEntryPointName ] = & EntryPoint {
Address : gc . Web . Address ,
Auth : gc . Web . Auth ,
}
if gc . Web . CertFile != "" {
gc . EntryPoints [ DefaultInternalEntryPointName ] . TLS = & tls . TLS {
Certificates : [ ] tls . Certificate {
{
CertFile : tls . FileOrContent ( gc . Web . CertFile ) ,
KeyFile : tls . FileOrContent ( gc . Web . KeyFile ) ,
} ,
} ,
}
}
if gc . API == nil {
gc . API = & api . Handler {
EntryPoint : DefaultInternalEntryPointName ,
Statistics : gc . Web . Statistics ,
Dashboard : true ,
}
}
if gc . Ping == nil {
gc . Ping = & ping . Handler {
EntryPoint : DefaultInternalEntryPointName ,
}
}
if gc . Metrics == nil {
gc . Metrics = gc . Web . Metrics
}
if ! gc . Debug {
gc . Debug = gc . Web . Debug
}
}
2015-09-10 13:13:35 +00:00
}
2017-10-16 21:10:44 +00:00
// SetEffectiveConfiguration adds missing configuration parameters derived from existing ones.
// It also takes care of maintaining backwards compatibility.
2017-10-11 08:38:03 +00:00
func ( gc * GlobalConfiguration ) SetEffectiveConfiguration ( configFile string ) {
2017-09-26 08:22:03 +00:00
if len ( gc . EntryPoints ) == 0 {
2017-10-16 21:10:44 +00:00
gc . EntryPoints = map [ string ] * EntryPoint { "http" : {
Address : ":80" ,
ForwardedHeaders : & ForwardedHeaders { Insecure : true } ,
} }
2017-09-26 08:22:03 +00:00
gc . DefaultEntryPoints = [ ] string { "http" }
}
2017-11-09 15:12:04 +00:00
gc . handleWebDeprecation ( )
if ( gc . API != nil && gc . API . EntryPoint == DefaultInternalEntryPointName ) ||
( gc . Ping != nil && gc . Ping . EntryPoint == DefaultInternalEntryPointName ) ||
( gc . Metrics != nil && gc . Metrics . Prometheus != nil && gc . Metrics . Prometheus . EntryPoint == DefaultInternalEntryPointName ) ||
( gc . Rest != nil && gc . Rest . EntryPoint == DefaultInternalEntryPointName ) {
if _ , ok := gc . EntryPoints [ DefaultInternalEntryPointName ] ; ! ok {
gc . EntryPoints [ DefaultInternalEntryPointName ] = & EntryPoint { Address : ":8080" }
}
}
2017-10-16 21:10:44 +00:00
// ForwardedHeaders must be remove in the next breaking version
for entryPointName := range gc . EntryPoints {
entryPoint := gc . EntryPoints [ entryPointName ]
if entryPoint . ForwardedHeaders == nil {
entryPoint . ForwardedHeaders = & ForwardedHeaders { Insecure : true }
}
}
2017-09-26 08:22:03 +00:00
// Make sure LifeCycle isn't nil to spare nil checks elsewhere.
if gc . LifeCycle == nil {
gc . LifeCycle = & LifeCycle { }
}
// Prefer legacy grace timeout parameter for backwards compatibility reasons.
if gc . GraceTimeOut > 0 {
log . Warn ( "top-level grace period configuration has been deprecated -- please use lifecycle grace period" )
gc . LifeCycle . GraceTimeOut = gc . GraceTimeOut
}
2018-03-07 09:46:04 +00:00
if gc . Eureka != nil {
if gc . Eureka . Delay != 0 {
log . Warn ( "Delay has been deprecated -- please use RefreshSeconds" )
gc . Eureka . RefreshSeconds = gc . Eureka . Delay
}
}
2017-09-26 08:22:03 +00:00
if gc . Rancher != nil {
// Ensure backwards compatibility for now
if len ( gc . Rancher . AccessKey ) > 0 ||
len ( gc . Rancher . Endpoint ) > 0 ||
len ( gc . Rancher . SecretKey ) > 0 {
if gc . Rancher . API == nil {
gc . Rancher . API = & rancher . APIConfiguration {
AccessKey : gc . Rancher . AccessKey ,
SecretKey : gc . Rancher . SecretKey ,
Endpoint : gc . Rancher . Endpoint ,
}
}
log . Warn ( "Deprecated configuration found: rancher.[accesskey|secretkey|endpoint]. " +
"Please use rancher.api.[accesskey|secretkey|endpoint] instead." )
}
if gc . Rancher . Metadata != nil && len ( gc . Rancher . Metadata . Prefix ) == 0 {
gc . Rancher . Metadata . Prefix = "latest"
}
}
2017-11-09 15:12:04 +00:00
if gc . API != nil {
gc . API . Debug = gc . Debug
}
if gc . Debug {
gc . LogLevel = "DEBUG"
}
2017-10-23 13:48:03 +00:00
if gc . Web != nil && ( gc . Web . Path == "" || ! strings . HasSuffix ( gc . Web . Path , "/" ) ) {
gc . Web . Path += "/"
}
2017-10-25 09:15:50 +00:00
2017-10-11 08:38:03 +00:00
// Try to fallback to traefik config file in case the file provider is enabled
// but has no file name configured.
if gc . File != nil && len ( gc . File . Filename ) == 0 {
if len ( configFile ) > 0 {
gc . File . Filename = configFile
} else {
log . Errorln ( "Error using file configuration backend, no filename defined" )
}
2017-09-26 08:22:03 +00:00
}
2018-01-15 15:04:05 +00:00
2018-03-05 19:54:04 +00:00
gc . initACMEProvider ( )
}
func ( gc * GlobalConfiguration ) initACMEProvider ( ) {
2018-01-15 15:04:05 +00:00
if gc . ACME != nil {
// TODO: to remove in the futurs
if len ( gc . ACME . StorageFile ) > 0 && len ( gc . ACME . Storage ) == 0 {
log . Warn ( "ACME.StorageFile is deprecated, use ACME.Storage instead" )
gc . ACME . Storage = gc . ACME . StorageFile
}
if len ( gc . ACME . DNSProvider ) > 0 {
log . Warn ( "ACME.DNSProvider is deprecated, use ACME.DNSChallenge instead" )
2018-03-05 19:54:04 +00:00
gc . ACME . DNSChallenge = & acmeprovider . DNSChallenge { Provider : gc . ACME . DNSProvider , DelayBeforeCheck : gc . ACME . DelayDontCheckDNS }
2018-01-15 15:04:05 +00:00
}
if gc . ACME . OnDemand {
log . Warn ( "ACME.OnDemand is deprecated" )
}
2018-03-05 19:54:04 +00:00
// TODO: Remove when Provider ACME will replace totally ACME
// If provider file, use Provider ACME instead of ACME
if gc . Cluster == nil {
acmeprovider . Get ( ) . Configuration = & acmeprovider . Configuration {
OnHostRule : gc . ACME . OnHostRule ,
OnDemand : gc . ACME . OnDemand ,
Email : gc . ACME . Email ,
Storage : gc . ACME . Storage ,
HTTPChallenge : gc . ACME . HTTPChallenge ,
DNSChallenge : gc . ACME . DNSChallenge ,
Domains : gc . ACME . Domains ,
ACMELogging : gc . ACME . ACMELogging ,
CAServer : gc . ACME . CAServer ,
EntryPoint : gc . ACME . EntryPoint ,
}
gc . ACME = nil
}
2018-01-15 15:04:05 +00:00
}
2017-09-26 08:22:03 +00:00
}
2018-01-25 11:02:04 +00:00
// ValidateConfiguration validate that configuration is coherent
func ( gc * GlobalConfiguration ) ValidateConfiguration ( ) {
if gc . ACME != nil {
if _ , ok := gc . EntryPoints [ gc . ACME . EntryPoint ] ; ! ok {
log . Fatalf ( "Unknown entrypoint %q for ACME configuration" , gc . ACME . EntryPoint )
} else {
if gc . EntryPoints [ gc . ACME . EntryPoint ] . TLS == nil {
log . Fatalf ( "Entrypoint without TLS %q for ACME configuration" , gc . ACME . EntryPoint )
}
}
2018-03-05 19:54:04 +00:00
} else if acmeprovider . IsEnabled ( ) {
if _ , ok := gc . EntryPoints [ acmeprovider . Get ( ) . EntryPoint ] ; ! ok {
log . Fatalf ( "Unknown entrypoint %q for provider ACME configuration" , gc . ACME . EntryPoint )
} else {
if gc . EntryPoints [ acmeprovider . Get ( ) . EntryPoint ] . TLS == nil {
log . Fatalf ( "Entrypoint without TLS %q for provider ACME configuration" , gc . ACME . EntryPoint )
}
}
2018-01-25 11:02:04 +00:00
}
}
2016-01-29 19:34:17 +00:00
// DefaultEntryPoints holds default entry points
type DefaultEntryPoints [ ] string
// String is the method to format the flag's value, part of the flag.Value interface.
// The String method's output will be used in diagnostics.
func ( dep * DefaultEntryPoints ) String ( ) string {
2016-05-27 09:13:34 +00:00
return strings . Join ( * dep , "," )
2016-01-29 19:34:17 +00:00
}
// Set is the method to set the flag value, part of the flag.Value interface.
// Set's argument is a string to be parsed to set the flag.
// It's a comma-separated list, so we split it.
func ( dep * DefaultEntryPoints ) Set ( value string ) error {
entrypoints := strings . Split ( value , "," )
if len ( entrypoints ) == 0 {
2017-05-26 15:03:14 +00:00
return fmt . Errorf ( "bad DefaultEntryPoints format: %s" , value )
2016-01-29 19:34:17 +00:00
}
for _ , entrypoint := range entrypoints {
* dep = append ( * dep , entrypoint )
}
return nil
}
2016-05-03 14:52:14 +00:00
// Get return the EntryPoints map
2016-08-16 17:13:18 +00:00
func ( dep * DefaultEntryPoints ) Get ( ) interface { } {
2017-12-18 08:14:03 +00:00
return * dep
2016-08-16 17:13:18 +00:00
}
2016-05-03 14:52:14 +00:00
// SetValue sets the EntryPoints map with val
func ( dep * DefaultEntryPoints ) SetValue ( val interface { } ) {
2017-12-18 08:14:03 +00:00
* dep = val . ( DefaultEntryPoints )
2016-05-03 14:52:14 +00:00
}
2016-01-29 19:34:17 +00:00
// Type is type of the struct
func ( dep * DefaultEntryPoints ) Type ( ) string {
2017-06-23 13:15:07 +00:00
return "defaultentrypoints"
}
2016-03-29 20:25:32 +00:00
// Retry contains request retry config
type Retry struct {
2017-10-02 08:32:02 +00:00
Attempts int ` description:"Number of attempts" export:"true" `
2016-03-29 20:25:32 +00:00
}
2017-03-24 08:36:33 +00:00
// HealthCheckConfig contains health check configuration parameters.
type HealthCheckConfig struct {
2017-10-02 08:32:02 +00:00
Interval flaeg . Duration ` description:"Default periodicity of enabled health checks" export:"true" `
2017-03-24 08:36:33 +00:00
}
2017-08-18 13:34:04 +00:00
// RespondingTimeouts contains timeout configurations for incoming requests to the Traefik instance.
type RespondingTimeouts struct {
2017-10-02 08:32:02 +00:00
ReadTimeout flaeg . Duration ` description:"ReadTimeout is the maximum duration for reading the entire request, including the body. If zero, no timeout is set" export:"true" `
WriteTimeout flaeg . Duration ` description:"WriteTimeout is the maximum duration before timing out writes of the response. If zero, no timeout is set" export:"true" `
IdleTimeout flaeg . Duration ` description:"IdleTimeout is the maximum amount duration an idle (keep-alive) connection will remain idle before closing itself. Defaults to 180 seconds. If zero, no timeout is set" export:"true" `
2017-08-18 13:34:04 +00:00
}
// ForwardingTimeouts contains timeout configurations for forwarding requests to the backend servers.
type ForwardingTimeouts struct {
2017-10-02 08:32:02 +00:00
DialTimeout flaeg . Duration ` description:"The amount of time to wait until a connection to a backend server can be established. Defaults to 30 seconds. If zero, no timeout exists" export:"true" `
ResponseHeaderTimeout flaeg . Duration ` description:"The amount of time to wait for a server's response headers after fully writing the request (including its body, if any). If zero, no timeout exists" export:"true" `
2017-08-18 13:34:04 +00:00
}
2017-09-26 08:22:03 +00:00
2017-10-10 12:50:03 +00:00
// ProxyProtocol contains Proxy-Protocol configuration
type ProxyProtocol struct {
2017-10-16 10:46:03 +00:00
Insecure bool
TrustedIPs [ ] string
}
// ForwardedHeaders Trust client forwarding headers
type ForwardedHeaders struct {
Insecure bool
2017-10-10 12:50:03 +00:00
TrustedIPs [ ] string
}
2017-10-10 15:17:44 +00:00
2017-09-26 08:22:03 +00:00
// LifeCycle contains configurations relevant to the lifecycle (such as the
// shutdown phase) of Traefik.
type LifeCycle struct {
RequestAcceptGraceTimeout flaeg . Duration ` description:"Duration to keep accepting requests before Traefik initiates the graceful shutdown procedure" `
GraceTimeOut flaeg . Duration ` description:"Duration to give active requests a chance to finish before Traefik stops" `
}