traefik/docs/content/middlewares/tcp/overview.md

112 lines
3 KiB
Markdown
Raw Normal View History

---
title: "Traefik Proxy TCP Middleware Overview"
description: "Read the official Traefik Proxy documentation for an overview of the available TCP middleware."
---
2021-06-11 13:30:05 +00:00
# TCP Middlewares
Controlling connections
{: .subtitle }
![Overview](../../assets/img/middleware/overview.png)
## Configuration Example
2023-05-10 13:28:05 +00:00
```yaml tab="Docker & Swarm"
2021-06-11 13:30:05 +00:00
# As a Docker Label
whoami:
# A container that exposes an API to show its IP address
image: traefik/whoami
labels:
2022-10-26 15:16:05 +00:00
# Create a middleware named `foo-ip-allowlist`
- "traefik.tcp.middlewares.foo-ip-allowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
# Apply the middleware named `foo-ip-allowlist` to the router named `router1`
- "traefik.tcp.routers.router1.middlewares=foo-ip-allowlist@docker"
2021-06-11 13:30:05 +00:00
```
```yaml tab="Kubernetes IngressRoute"
# As a Kubernetes Traefik IngressRoute
---
2023-03-20 14:38:08 +00:00
apiVersion: traefik.io/v1alpha1
2022-02-07 14:22:07 +00:00
kind: MiddlewareTCP
2021-06-11 13:30:05 +00:00
metadata:
2022-10-26 15:16:05 +00:00
name: foo-ip-allowlist
2021-06-11 13:30:05 +00:00
spec:
2022-10-26 15:16:05 +00:00
ipAllowList:
2021-06-11 13:30:05 +00:00
sourcerange:
- 127.0.0.1/32
- 192.168.1.7
---
2023-03-20 14:38:08 +00:00
apiVersion: traefik.io/v1alpha1
2022-02-07 14:22:07 +00:00
kind: IngressRouteTCP
2021-06-11 13:30:05 +00:00
metadata:
name: ingressroute
spec:
# more fields...
routes:
# more fields...
middlewares:
2022-10-26 15:16:05 +00:00
- name: foo-ip-allowlist
2021-06-11 13:30:05 +00:00
```
```yaml tab="Consul Catalog"
2022-10-26 15:16:05 +00:00
# Create a middleware named `foo-ip-allowlist`
- "traefik.tcp.middlewares.foo-ip-allowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
# Apply the middleware named `foo-ip-allowlist` to the router named `router1`
- "traefik.tcp.routers.router1.middlewares=foo-ip-allowlist@consulcatalog"
2021-06-11 13:30:05 +00:00
```
```toml tab="File (TOML)"
# As TOML Configuration File
[tcp.routers]
[tcp.routers.router1]
service = "myService"
2022-10-26 15:16:05 +00:00
middlewares = ["foo-ip-allowlist"]
2021-06-11 13:30:05 +00:00
rule = "Host(`example.com`)"
[tcp.middlewares]
2022-10-26 15:16:05 +00:00
[tcp.middlewares.foo-ip-allowlist.ipAllowList]
2021-06-11 13:30:05 +00:00
sourceRange = ["127.0.0.1/32", "192.168.1.7"]
[tcp.services]
[tcp.services.service1]
[tcp.services.service1.loadBalancer]
[[tcp.services.service1.loadBalancer.servers]]
address = "10.0.0.10:4000"
[[tcp.services.service1.loadBalancer.servers]]
address = "10.0.0.11:4000"
```
```yaml tab="File (YAML)"
# As YAML Configuration File
tcp:
routers:
router1:
service: myService
middlewares:
2022-10-26 15:16:05 +00:00
- "foo-ip-allowlist"
2021-06-11 13:30:05 +00:00
rule: "Host(`example.com`)"
middlewares:
2022-10-26 15:16:05 +00:00
foo-ip-allowlist:
ipAllowList:
2021-06-11 13:30:05 +00:00
sourceRange:
- "127.0.0.1/32"
- "192.168.1.7"
services:
service1:
loadBalancer:
servers:
- address: "10.0.0.10:4000"
- address: "10.0.0.11:4000"
```
## Available TCP Middlewares
| Middleware | Purpose | Area |
|-------------------------------------------|---------------------------------------------------|-----------------------------|
| [InFlightConn](inflightconn.md) | Limits the number of simultaneous connections. | Security, Request lifecycle |
2022-10-26 15:16:05 +00:00
| [IPAllowList](ipallowlist.md) | Limit the allowed client IPs. | Security, Request lifecycle |