homogenization of templates: Rancher

This commit is contained in:
Ludovic Fernandez 2018-01-10 18:08:03 +01:00 committed by Traefiker
parent 30ffba78e6
commit 0d57e2aed9
4 changed files with 1156 additions and 441 deletions

View file

@ -1327,147 +1327,162 @@ func templatesNotfoundTmpl() (*asset, error) {
return a, nil return a, nil
} }
var _templatesRancherTmpl = []byte(`{{$backendServers := .Backends}} var _templatesRancherTmpl = []byte(`{{ $backendServers := .Backends }}
[backends] [backends]
{{range $backendName, $backend := .Backends}} {{range $backendName, $backend := .Backends }}
[backends.backend-{{$backendName}}] [backends.backend-{{ $backendName }}]
{{if hasCircuitBreakerLabel $backend}} {{ $circuitBreaker := getCircuitBreaker $backend }}
[backends.backend-{{$backendName}}.circuitBreaker] {{if $circuitBreaker }}
expression = "{{getCircuitBreakerExpression $backend}}" [backends."backend-{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}} {{end}}
{{if hasLoadBalancerLabel $backend}} {{ $loadBalancer := getLoadBalancer $backend }}
[backends.backend-{{$backendName}}.loadBalancer] {{if $loadBalancer }}
method = "{{getLoadBalancerMethod $backend}}" [backends."backend-{{ $backendName }}".loadBalancer]
sticky = {{getSticky $backend}} method = "{{ $loadBalancer.Method }}"
{{if hasStickinessLabel $backend}} sticky = {{ $loadBalancer.Sticky }}
[backends.backend-{{$backendName}}.loadBalancer.stickiness] {{if $loadBalancer.Stickiness }}
cookieName = "{{getStickinessCookieName $backend}}" [backends."backend-{{ $backendName }}".loadBalancer.stickiness]
{{end}} cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}} {{end}}
{{if hasMaxConnLabels $backend}} {{ $maxConn := getMaxConn $backend }}
[backends.backend-{{$backendName}}.maxConn] {{if $maxConn }}
amount = {{getMaxConnAmount $backend}} [backends."backend-{{ $backendName }}".maxConn]
extractorFunc = "{{getMaxConnExtractorFunc $backend}}" extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}} {{end}}
{{if hasHealthCheckLabels $backend}} {{ $healthCheck := getHealthCheck $backend }}
[backends.backend-{{$backendName}}.healthCheck] {{if $healthCheck }}
path = "{{getHealthCheckPath $backend}}" [backends.backend-{{ $backendName }}.healthCheck]
port = {{getHealthCheckPort $backend}} path = "{{ $healthCheck.Path }}"
interval = "{{getHealthCheckInterval $backend}}" port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
{{end}} {{end}}
{{range $index, $ip := $backend.Containers}} {{range $serverName, $server := getServers $backend}}
[backends.backend-{{$backendName}}.servers.server-{{$index}}] [backends.backend-{{ $backendName }}.servers.{{ $serverName }}]
url = "{{getProtocol $backend}}://{{$ip}}:{{getPort $backend}}" url = "{{ $server.URL }}"
weight = {{getWeight $backend}} weight = {{ $server.Weight }}
{{end}} {{end}}
{{end}} {{end}}
[frontends] [frontends]
{{range $frontendName, $service := .Frontends}} {{range $frontendName, $service := .Frontends }}
[frontends."frontend-{{$frontendName}}"] [frontends."frontend-{{ $frontendName }}"]
backend = "backend-{{getBackend $service}}" backend = "backend-{{ getBackendName $service }}"
priority = {{getPriority $service}} priority = {{ getPriority $service }}
passHostHeader = {{getPassHostHeader $service}} passHostHeader = {{ getPassHostHeader $service }}
passTLSCert = {{getPassTLSCert $service}} passTLSCert = {{ getPassTLSCert $service }}
entryPoints = [{{range getEntryPoints $service}} entryPoints = [{{range getEntryPoints $service }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
{{if getWhitelistSourceRange $service}} {{ $whitelistSourceRange := getWhitelistSourceRange $service }}
whitelistSourceRange = [{{range getWhitelistSourceRange $service}} {{if $whitelistSourceRange }}
whitelistSourceRange = [{{range $whitelistSourceRange }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
{{end}} {{end}}
basicAuth = [{{range getBasicAuth $service}} basicAuth = [{{range getBasicAuth $service }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
{{if hasRedirect $service}} {{ $redirect := getRedirect $service }}
[frontends."frontend-{{$frontendName}}".redirect] {{if $redirect }}
entryPoint = "{{getRedirectEntryPoint $service}}" [frontends."frontend-{{ $frontendName }}".redirect]
regex = "{{getRedirectRegex $service}}" entryPoint = "{{ $redirect.EntryPoint }}"
replacement = "{{getRedirectReplacement $service}}" regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
{{end}} {{end}}
{{ if hasErrorPages $service }} {{ $errorPages := getErrorPages $service }}
[frontends."frontend-{{$frontendName}}".errors] {{if $errorPages }}
{{ range $pageName, $page := getErrorPages $service }} [frontends."frontend-{{ $frontendName }}".errors]
[frontends."frontend-{{$frontendName}}".errors.{{ $pageName }}] {{range $pageName, $page := $errorPages }}
status = [{{range $page.Status}} [frontends."frontend-{{ $frontendName }}".errors.{{ $pageName }}]
status = [{{range $page.Status }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
backend = "{{$page.Backend}}" backend = "{{ $page.Backend }}"
query = "{{$page.Query}}" query = "{{ $page.Query }}"
{{end}} {{end}}
{{end}} {{end}}
{{ if hasRateLimits $service }} {{ $rateLimit := getRateLimit $service }}
[frontends."frontend-{{$frontendName}}".rateLimit] {{if $rateLimit }}
extractorFunc = "{{ getRateLimitsExtractorFunc $service }}" [frontends."frontend-{{ $frontendName }}".rateLimit]
[frontends."frontend-{{$frontendName}}".rateLimit.rateSet] extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
{{ range $limitName, $rateLimit := getRateLimits $service }} [frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
[frontends."frontend-{{$frontendName}}".rateLimit.rateSet.{{ $limitName }}] {{ range $limitName, $limit := $rateLimit.RateSet }}
period = "{{ $rateLimit.Period }}" [frontends."frontend-{{ $frontendName }}".rateLimit.rateSet.{{ $limitName }}]
average = {{ $rateLimit.Average }} period = "{{ $limit.Period }}"
burst = {{ $rateLimit.Burst }} average = {{ $limit.Average }}
{{end}} burst = {{ $limit.Burst }}
{{end}}
{{end}} {{end}}
{{if hasHeaders $service }} {{ $headers := getHeaders $service }}
[frontends."frontend-{{$frontendName}}".headers] {{if $headers }}
SSLRedirect = {{getSSLRedirectHeaders $service}} [frontends."frontend-{{ $frontendName }}".headers]
SSLTemporaryRedirect = {{getSSLTemporaryRedirectHeaders $service}} SSLRedirect = {{ $headers.SSLRedirect }}
SSLHost = "{{getSSLHostHeaders $service}}" SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
STSSeconds = {{getSTSSecondsHeaders $service}} SSLHost = "{{ $headers.SSLHost }}"
STSIncludeSubdomains = {{getSTSIncludeSubdomainsHeaders $service}} STSSeconds = {{ $headers.STSSeconds }}
STSPreload = {{getSTSPreloadHeaders $service}} STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
ForceSTSHeader = {{getForceSTSHeaderHeaders $service}} STSPreload = {{ $headers.STSPreload }}
FrameDeny = {{getFrameDenyHeaders $service}} ForceSTSHeader = {{ $headers.ForceSTSHeader }}
CustomFrameOptionsValue = "{{getCustomFrameOptionsValueHeaders $service}}" FrameDeny = {{ $headers.FrameDeny }}
ContentTypeNosniff = {{getContentTypeNosniffHeaders $service}} CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
BrowserXSSFilter = {{getBrowserXSSFilterHeaders $service}} ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
ContentSecurityPolicy = "{{getContentSecurityPolicyHeaders $service}}" BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
PublicKey = "{{getPublicKeyHeaders $service}}" ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
ReferrerPolicy = "{{getReferrerPolicyHeaders $service}}" PublicKey = "{{ $headers.PublicKey }}"
IsDevelopment = {{getIsDevelopmentHeaders $service}} ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
AllowedHosts = [{{range getAllowedHostsHeaders $service}} {{if $headers.AllowedHosts }}
"{{.}}", AllowedHosts = [{{range $headers.AllowedHosts }}
{{end}}] "{{.}}",
{{end}}]
{{end}}
HostsProxyHeaders = [{{range getHostsProxyHeaders $service}} {{if $headers.HostsProxyHeaders }}
"{{.}}", HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
{{end}}] "{{.}}",
{{end}}]
{{end}}
{{if hasRequestHeaders $service}} {{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{$frontendName}}".headers.customRequestHeaders] [frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := getRequestHeaders $service}} {{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}" {{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}} {{end}}
{{end}} {{end}}
{{if hasResponseHeaders $service}}
[frontends."frontend-{{$frontendName}}".headers.customResponseHeaders]
{{range $k, $v := getResponseHeaders $service}}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if hasSSLProxyHeaders $service}}
[frontends."frontend-{{$frontendName}}".headers.SSLProxyHeaders]
{{range $k, $v := getSSLProxyHeaders $service}}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{$frontendName}}".routes."route-frontend-{{$frontendName}}"] [frontends."frontend-{{$frontendName}}".routes."route-frontend-{{$frontendName}}"]
rule = "{{getFrontendRule $service}}" rule = "{{getFrontendRule $service}}"

View file

@ -1,7 +1,9 @@
package rancher package rancher
import ( import (
"fmt"
"math" "math"
"strconv"
"strings" "strings"
"text/template" "text/template"
@ -15,70 +17,57 @@ import (
func (p *Provider) buildConfiguration(services []rancherData) *types.Configuration { func (p *Provider) buildConfiguration(services []rancherData) *types.Configuration {
var RancherFuncMap = template.FuncMap{ var RancherFuncMap = template.FuncMap{
"getDomain": getFuncString(label.TraefikDomain, p.Domain), // FIXME dead ? "getDomain": getFuncString(label.TraefikDomain, p.Domain),
// Backend functions // Backend functions
"getPort": getFuncString(label.TraefikPort, ""), "getCircuitBreaker": getCircuitBreaker,
"getProtocol": getFuncString(label.TraefikProtocol, label.DefaultProtocol), "getLoadBalancer": getLoadBalancer,
"getWeight": getFuncString(label.TraefikWeight, label.DefaultWeight), "getMaxConn": getMaxConn,
"hasCircuitBreakerLabel": hasFunc(label.TraefikBackendCircuitBreakerExpression), "getHealthCheck": getHealthCheck,
"getServers": getServers,
// TODO Deprecated [breaking]
"getPort": getFuncString(label.TraefikPort, ""),
// TODO Deprecated [breaking]
"getProtocol": getFuncString(label.TraefikProtocol, label.DefaultProtocol),
// TODO Deprecated [breaking]
"getWeight": getFuncInt(label.TraefikWeight, label.DefaultWeightInt),
// TODO Deprecated [breaking]
"hasCircuitBreakerLabel": hasFunc(label.TraefikBackendCircuitBreakerExpression),
// TODO Deprecated [breaking]
"getCircuitBreakerExpression": getFuncString(label.TraefikBackendCircuitBreakerExpression, label.DefaultCircuitBreakerExpression), "getCircuitBreakerExpression": getFuncString(label.TraefikBackendCircuitBreakerExpression, label.DefaultCircuitBreakerExpression),
"hasLoadBalancerLabel": hasLoadBalancerLabel, // TODO Deprecated [breaking]
"getLoadBalancerMethod": getFuncString(label.TraefikBackendLoadBalancerMethod, label.DefaultBackendLoadBalancerMethod), "hasLoadBalancerLabel": hasLoadBalancerLabel,
"hasMaxConnLabels": hasMaxConnLabels, // TODO Deprecated [breaking]
"getMaxConnAmount": getFuncInt64(label.TraefikBackendMaxConnAmount, math.MaxInt64), "getLoadBalancerMethod": getFuncString(label.TraefikBackendLoadBalancerMethod, label.DefaultBackendLoadBalancerMethod),
"getMaxConnExtractorFunc": getFuncString(label.TraefikBackendMaxConnExtractorFunc, label.DefaultBackendMaxconnExtractorFunc), // TODO Deprecated [breaking]
"getSticky": getSticky, "hasMaxConnLabels": hasMaxConnLabels,
"hasStickinessLabel": hasFunc(label.TraefikBackendLoadBalancerStickiness), // TODO Deprecated [breaking]
"getStickinessCookieName": getFuncString(label.TraefikBackendLoadBalancerStickinessCookieName, label.DefaultBackendLoadbalancerStickinessCookieName), "getMaxConnAmount": getFuncInt64(label.TraefikBackendMaxConnAmount, 0),
"hasHealthCheckLabels": hasFunc(label.TraefikBackendHealthCheckPath), // TODO Deprecated [breaking]
"getHealthCheckPath": getFuncString(label.TraefikBackendHealthCheckPath, ""), "getMaxConnExtractorFunc": getFuncString(label.TraefikBackendMaxConnExtractorFunc, label.DefaultBackendMaxconnExtractorFunc),
"getHealthCheckPort": getFuncInt(label.TraefikBackendHealthCheckPort, label.DefaultBackendHealthCheckPort), // TODO Deprecated [breaking]
"getHealthCheckInterval": getFuncString(label.TraefikBackendHealthCheckInterval, ""), "getSticky": getSticky,
// TODO Deprecated [breaking]
"hasStickinessLabel": hasFunc(label.TraefikBackendLoadBalancerStickiness),
// TODO Deprecated [breaking]
"getStickinessCookieName": getFuncString(label.TraefikBackendLoadBalancerStickinessCookieName, label.DefaultBackendLoadbalancerStickinessCookieName),
// Frontend functions // Frontend functions
"getBackend": getBackend, "getBackend": getBackendName, // TODO Deprecated [breaking] replaced by getBackendName
"getPriority": getFuncString(label.TraefikFrontendPriority, label.DefaultFrontendPriority), "getBackendName": getBackendName,
"getPassHostHeader": getFuncString(label.TraefikFrontendPassHostHeader, label.DefaultPassHostHeader), "getFrontendRule": p.getFrontendRule,
"getPassTLSCert": getFuncBool(label.TraefikFrontendPassTLSCert, label.DefaultPassTLSCert), "getPriority": getFuncInt(label.TraefikFrontendPriority, label.DefaultFrontendPriorityInt),
"getEntryPoints": getFuncSliceString(label.TraefikFrontendEntryPoints), "getPassHostHeader": getFuncBool(label.TraefikFrontendPassHostHeader, label.DefaultPassHostHeaderBool),
"getBasicAuth": getFuncSliceString(label.TraefikFrontendAuthBasic), "getPassTLSCert": getFuncBool(label.TraefikFrontendPassTLSCert, label.DefaultPassTLSCert),
"getWhitelistSourceRange": getFuncSliceString(label.TraefikFrontendWhitelistSourceRange), "getEntryPoints": getFuncSliceString(label.TraefikFrontendEntryPoints),
"getFrontendRule": p.getFrontendRule, "getBasicAuth": getFuncSliceString(label.TraefikFrontendAuthBasic),
"hasRedirect": hasRedirect, "getWhitelistSourceRange": getFuncSliceString(label.TraefikFrontendWhitelistSourceRange),
"getRedirectEntryPoint": getFuncString(label.TraefikFrontendRedirectEntryPoint, label.DefaultFrontendRedirectEntryPoint),
"getRedirectRegex": getFuncString(label.TraefikFrontendRedirectRegex, ""), "getErrorPages": getErrorPages,
"getRedirectReplacement": getFuncString(label.TraefikFrontendRedirectReplacement, ""), "getRateLimit": getRateLimit,
"hasErrorPages": hasPrefixFunc(label.Prefix + label.BaseFrontendErrorPage), "getRedirect": getRedirect,
"getErrorPages": getErrorPages, "getHeaders": getHeaders,
"hasRateLimits": hasFunc(label.TraefikFrontendRateLimitExtractorFunc),
"getRateLimitsExtractorFunc": getFuncString(label.TraefikFrontendRateLimitExtractorFunc, ""),
"getRateLimits": getRateLimits,
// Headers
"hasHeaders": hasPrefixFunc(label.TraefikFrontendHeaders),
"hasRequestHeaders": hasFunc(label.TraefikFrontendRequestHeaders),
"getRequestHeaders": getFuncMap(label.TraefikFrontendRequestHeaders),
"hasResponseHeaders": hasFunc(label.TraefikFrontendResponseHeaders),
"getResponseHeaders": getFuncMap(label.TraefikFrontendResponseHeaders),
"getAllowedHostsHeaders": getFuncSliceString(label.TraefikFrontendAllowedHosts),
"getHostsProxyHeaders": getFuncSliceString(label.TraefikFrontendHostsProxyHeaders),
"getSSLRedirectHeaders": getFuncBool(label.TraefikFrontendSSLRedirect, false),
"getSSLTemporaryRedirectHeaders": getFuncBool(label.TraefikFrontendSSLTemporaryRedirect, false),
"getSSLHostHeaders": getFuncString(label.TraefikFrontendSSLHost, ""),
"hasSSLProxyHeaders": hasFunc(label.TraefikFrontendSSLProxyHeaders),
"getSSLProxyHeaders": getFuncMap(label.TraefikFrontendSSLProxyHeaders),
"getSTSSecondsHeaders": getFuncInt64(label.TraefikFrontendSTSSeconds, 0),
"getSTSIncludeSubdomainsHeaders": getFuncBool(label.TraefikFrontendSTSIncludeSubdomains, false),
"getSTSPreloadHeaders": getFuncBool(label.TraefikFrontendSTSPreload, false),
"getForceSTSHeaderHeaders": getFuncBool(label.TraefikFrontendForceSTSHeader, false),
"getFrameDenyHeaders": getFuncBool(label.TraefikFrontendFrameDeny, false),
"getCustomFrameOptionsValueHeaders": getFuncString(label.TraefikFrontendCustomFrameOptionsValue, ""),
"getContentTypeNosniffHeaders": getFuncBool(label.TraefikFrontendContentTypeNosniff, false),
"getBrowserXSSFilterHeaders": getFuncBool(label.TraefikFrontendBrowserXSSFilter, false),
"getContentSecurityPolicyHeaders": getFuncString(label.TraefikFrontendContentSecurityPolicy, ""),
"getPublicKeyHeaders": getFuncString(label.TraefikFrontendPublicKey, ""),
"getReferrerPolicyHeaders": getFuncString(label.TraefikFrontendReferrerPolicy, ""),
"getIsDevelopmentHeaders": getFuncBool(label.TraefikFrontendIsDevelopment, false),
} }
// filter services // filter services
@ -90,7 +79,7 @@ func (p *Provider) buildConfiguration(services []rancherData) *types.Configurati
for _, service := range filteredServices { for _, service := range filteredServices {
frontendName := p.getFrontendName(service) frontendName := p.getFrontendName(service)
frontends[frontendName] = service frontends[frontendName] = service
backendName := getBackend(service) backendName := getBackendName(service)
backends[backendName] = service backends[backendName] = service
} }
@ -113,7 +102,6 @@ func (p *Provider) buildConfiguration(services []rancherData) *types.Configurati
} }
func (p *Provider) serviceFilter(service rancherData) bool { func (p *Provider) serviceFilter(service rancherData) bool {
if service.Labels[label.TraefikPort] == "" { if service.Labels[label.TraefikPort] == "" {
log.Debugf("Filtering service %s without traefik.port label", service.Name) log.Debugf("Filtering service %s without traefik.port label", service.Name)
return false return false
@ -161,13 +149,14 @@ func (p *Provider) getFrontendName(service rancherData) string {
// TODO: Deprecated // TODO: Deprecated
// replaced by Stickiness // replaced by Stickiness
// Deprecated // Deprecated
func getSticky(service rancherData) string { func getSticky(service rancherData) bool {
if label.Has(service.Labels, label.TraefikBackendLoadBalancerSticky) { if label.Has(service.Labels, label.TraefikBackendLoadBalancerSticky) {
log.Warnf("Deprecated configuration found: %s. Please use %s.", label.TraefikBackendLoadBalancerSticky, label.TraefikBackendLoadBalancerStickiness) log.Warnf("Deprecated configuration found: %s. Please use %s.", label.TraefikBackendLoadBalancerSticky, label.TraefikBackendLoadBalancerStickiness)
} }
return label.GetStringValue(service.Labels, label.TraefikBackendLoadBalancerSticky, "false") return label.GetBoolValue(service.Labels, label.TraefikBackendLoadBalancerSticky, false)
} }
// Deprecated
func hasLoadBalancerLabel(service rancherData) bool { func hasLoadBalancerLabel(service rancherData) bool {
method := label.Has(service.Labels, label.TraefikBackendLoadBalancerMethod) method := label.Has(service.Labels, label.TraefikBackendLoadBalancerMethod)
sticky := label.Has(service.Labels, label.TraefikBackendLoadBalancerSticky) sticky := label.Has(service.Labels, label.TraefikBackendLoadBalancerSticky)
@ -176,23 +165,114 @@ func hasLoadBalancerLabel(service rancherData) bool {
return method || sticky || stickiness || cookieName return method || sticky || stickiness || cookieName
} }
// Deprecated
func hasMaxConnLabels(service rancherData) bool { func hasMaxConnLabels(service rancherData) bool {
mca := label.Has(service.Labels, label.TraefikBackendMaxConnAmount) mca := label.Has(service.Labels, label.TraefikBackendMaxConnAmount)
mcef := label.Has(service.Labels, label.TraefikBackendMaxConnExtractorFunc) mcef := label.Has(service.Labels, label.TraefikBackendMaxConnExtractorFunc)
return mca && mcef return mca && mcef
} }
func getBackend(service rancherData) string { func getBackendName(service rancherData) string {
backend := label.GetStringValue(service.Labels, label.TraefikBackend, service.Name) backend := label.GetStringValue(service.Labels, label.TraefikBackend, service.Name)
return provider.Normalize(backend) return provider.Normalize(backend)
} }
func hasRedirect(service rancherData) bool { func getCircuitBreaker(service rancherData) *types.CircuitBreaker {
frep := label.Has(service.Labels, label.TraefikFrontendRedirectEntryPoint) circuitBreaker := label.GetStringValue(service.Labels, label.TraefikBackendCircuitBreakerExpression, "")
frrg := label.Has(service.Labels, label.TraefikFrontendRedirectRegex) if len(circuitBreaker) == 0 {
frrp := label.Has(service.Labels, label.TraefikFrontendRedirectReplacement) return nil
}
return &types.CircuitBreaker{Expression: circuitBreaker}
}
return frep || frrg && frrp func getLoadBalancer(service rancherData) *types.LoadBalancer {
if !label.HasPrefix(service.Labels, label.TraefikBackendLoadBalancer) {
return nil
}
method := label.GetStringValue(service.Labels, label.TraefikBackendLoadBalancerMethod, label.DefaultBackendLoadBalancerMethod)
lb := &types.LoadBalancer{
Method: method,
Sticky: getSticky(service),
}
if label.GetBoolValue(service.Labels, label.TraefikBackendLoadBalancerStickiness, false) {
cookieName := label.GetStringValue(service.Labels, label.TraefikBackendLoadBalancerStickinessCookieName, label.DefaultBackendLoadbalancerStickinessCookieName)
lb.Stickiness = &types.Stickiness{CookieName: cookieName}
}
return lb
}
func getMaxConn(service rancherData) *types.MaxConn {
amount := label.GetInt64Value(service.Labels, label.TraefikBackendMaxConnAmount, math.MinInt64)
extractorFunc := label.GetStringValue(service.Labels, label.TraefikBackendMaxConnExtractorFunc, label.DefaultBackendMaxconnExtractorFunc)
if amount == math.MinInt64 || len(extractorFunc) == 0 {
return nil
}
return &types.MaxConn{
Amount: amount,
ExtractorFunc: extractorFunc,
}
}
func getHealthCheck(service rancherData) *types.HealthCheck {
path := label.GetStringValue(service.Labels, label.TraefikBackendHealthCheckPath, "")
if len(path) == 0 {
return nil
}
port := label.GetIntValue(service.Labels, label.TraefikBackendHealthCheckPort, label.DefaultBackendHealthCheckPort)
interval := label.GetStringValue(service.Labels, label.TraefikBackendHealthCheckInterval, "")
return &types.HealthCheck{
Path: path,
Port: port,
Interval: interval,
}
}
func getServers(service rancherData) map[string]types.Server {
var servers map[string]types.Server
for index, ip := range service.Containers {
if servers == nil {
servers = make(map[string]types.Server)
}
protocol := label.GetStringValue(service.Labels, label.TraefikProtocol, label.DefaultProtocol)
port := label.GetStringValue(service.Labels, label.TraefikPort, "")
weight := label.GetIntValue(service.Labels, label.TraefikWeight, label.DefaultWeightInt)
serverName := "server-" + strconv.Itoa(index)
servers[serverName] = types.Server{
URL: fmt.Sprintf("%s://%s:%s", protocol, ip, port),
Weight: weight,
}
}
return servers
}
func getRedirect(service rancherData) *types.Redirect {
if label.Has(service.Labels, label.TraefikFrontendRedirectEntryPoint) {
return &types.Redirect{
EntryPoint: label.GetStringValue(service.Labels, label.TraefikFrontendRedirectEntryPoint, ""),
}
}
if label.Has(service.Labels, label.TraefikFrontendRedirectRegex) &&
label.Has(service.Labels, label.TraefikFrontendRedirectReplacement) {
return &types.Redirect{
Regex: label.GetStringValue(service.Labels, label.TraefikFrontendRedirectRegex, ""),
Replacement: label.GetStringValue(service.Labels, label.TraefikFrontendRedirectReplacement, ""),
}
}
return nil
} }
func getErrorPages(service rancherData) map[string]*types.ErrorPage { func getErrorPages(service rancherData) map[string]*types.ErrorPage {
@ -200,9 +280,50 @@ func getErrorPages(service rancherData) map[string]*types.ErrorPage {
return label.ParseErrorPages(service.Labels, prefix, label.RegexpFrontendErrorPage) return label.ParseErrorPages(service.Labels, prefix, label.RegexpFrontendErrorPage)
} }
func getRateLimits(service rancherData) map[string]*types.Rate { func getRateLimit(service rancherData) *types.RateLimit {
extractorFunc := label.GetStringValue(service.Labels, label.TraefikFrontendRateLimitExtractorFunc, "")
if len(extractorFunc) == 0 {
return nil
}
prefix := label.Prefix + label.BaseFrontendRateLimit prefix := label.Prefix + label.BaseFrontendRateLimit
return label.ParseRateSets(service.Labels, prefix, label.RegexpFrontendRateLimit) limits := label.ParseRateSets(service.Labels, prefix, label.RegexpFrontendRateLimit)
return &types.RateLimit{
ExtractorFunc: extractorFunc,
RateSet: limits,
}
}
func getHeaders(service rancherData) *types.Headers {
headers := &types.Headers{
CustomRequestHeaders: label.GetMapValue(service.Labels, label.TraefikFrontendRequestHeaders),
CustomResponseHeaders: label.GetMapValue(service.Labels, label.TraefikFrontendResponseHeaders),
SSLProxyHeaders: label.GetMapValue(service.Labels, label.TraefikFrontendSSLProxyHeaders),
AllowedHosts: label.GetSliceStringValue(service.Labels, label.TraefikFrontendAllowedHosts),
HostsProxyHeaders: label.GetSliceStringValue(service.Labels, label.TraefikFrontendHostsProxyHeaders),
STSSeconds: label.GetInt64Value(service.Labels, label.TraefikFrontendSTSSeconds, 0),
SSLRedirect: label.GetBoolValue(service.Labels, label.TraefikFrontendSSLRedirect, false),
SSLTemporaryRedirect: label.GetBoolValue(service.Labels, label.TraefikFrontendSSLTemporaryRedirect, false),
STSIncludeSubdomains: label.GetBoolValue(service.Labels, label.TraefikFrontendSTSIncludeSubdomains, false),
STSPreload: label.GetBoolValue(service.Labels, label.TraefikFrontendSTSPreload, false),
ForceSTSHeader: label.GetBoolValue(service.Labels, label.TraefikFrontendForceSTSHeader, false),
FrameDeny: label.GetBoolValue(service.Labels, label.TraefikFrontendFrameDeny, false),
ContentTypeNosniff: label.GetBoolValue(service.Labels, label.TraefikFrontendContentTypeNosniff, false),
BrowserXSSFilter: label.GetBoolValue(service.Labels, label.TraefikFrontendBrowserXSSFilter, false),
IsDevelopment: label.GetBoolValue(service.Labels, label.TraefikFrontendIsDevelopment, false),
SSLHost: label.GetStringValue(service.Labels, label.TraefikFrontendSSLHost, ""),
CustomFrameOptionsValue: label.GetStringValue(service.Labels, label.TraefikFrontendCustomFrameOptionsValue, ""),
ContentSecurityPolicy: label.GetStringValue(service.Labels, label.TraefikFrontendContentSecurityPolicy, ""),
PublicKey: label.GetStringValue(service.Labels, label.TraefikFrontendPublicKey, ""),
ReferrerPolicy: label.GetStringValue(service.Labels, label.TraefikFrontendReferrerPolicy, ""),
}
if !headers.HasSecureHeadersDefined() && !headers.HasCustomHeadersDefined() {
return nil
}
return headers
} }
// Label functions // Label functions
@ -213,18 +334,18 @@ func getFuncString(labelName string, defaultValue string) func(service rancherDa
} }
} }
func getFuncInt(labelName string, defaultValue int) func(service rancherData) int {
return func(service rancherData) int {
return label.GetIntValue(service.Labels, labelName, defaultValue)
}
}
func getFuncBool(labelName string, defaultValue bool) func(service rancherData) bool { func getFuncBool(labelName string, defaultValue bool) func(service rancherData) bool {
return func(service rancherData) bool { return func(service rancherData) bool {
return label.GetBoolValue(service.Labels, labelName, defaultValue) return label.GetBoolValue(service.Labels, labelName, defaultValue)
} }
} }
func getFuncInt(labelName string, defaultValue int) func(service rancherData) int {
return func(service rancherData) int {
return label.GetIntValue(service.Labels, labelName, defaultValue)
}
}
func getFuncInt64(labelName string, defaultValue int64) func(service rancherData) int64 { func getFuncInt64(labelName string, defaultValue int64) func(service rancherData) int64 {
return func(service rancherData) int64 { return func(service rancherData) int64 {
return label.GetInt64Value(service.Labels, labelName, defaultValue) return label.GetInt64Value(service.Labels, labelName, defaultValue)
@ -237,20 +358,8 @@ func getFuncSliceString(labelName string) func(service rancherData) []string {
} }
} }
func getFuncMap(labelName string) func(service rancherData) map[string]string {
return func(service rancherData) map[string]string {
return label.GetMapValue(service.Labels, labelName)
}
}
func hasFunc(labelName string) func(service rancherData) bool { func hasFunc(labelName string) func(service rancherData) bool {
return func(service rancherData) bool { return func(service rancherData) bool {
return label.Has(service.Labels, labelName) return label.Has(service.Labels, labelName)
} }
} }
func hasPrefixFunc(prefix string) func(service rancherData) bool {
return func(service rancherData) bool {
return label.HasPrefix(service.Labels, prefix)
}
}

View file

@ -29,6 +29,208 @@ func TestProviderBuildConfiguration(t *testing.T) {
expectedFrontends: map[string]*types.Frontend{}, expectedFrontends: map[string]*types.Frontend{},
expectedBackends: map[string]*types.Backend{}, expectedBackends: map[string]*types.Backend{},
}, },
{
desc: "when all labels are set",
services: []rancherData{
{
Labels: map[string]string{
label.TraefikPort: "666",
label.TraefikProtocol: "https",
label.TraefikWeight: "12",
label.TraefikBackend: "foobar",
label.TraefikBackendCircuitBreakerExpression: "NetworkErrorRatio() > 0.5",
label.TraefikBackendHealthCheckPath: "/health",
label.TraefikBackendHealthCheckPort: "880",
label.TraefikBackendHealthCheckInterval: "6",
label.TraefikBackendLoadBalancerMethod: "drr",
label.TraefikBackendLoadBalancerSticky: "true",
label.TraefikBackendLoadBalancerStickiness: "true",
label.TraefikBackendLoadBalancerStickinessCookieName: "chocolate",
label.TraefikBackendMaxConnAmount: "666",
label.TraefikBackendMaxConnExtractorFunc: "client.ip",
label.TraefikFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
label.TraefikFrontendEntryPoints: "http,https",
label.TraefikFrontendPassHostHeader: "true",
label.TraefikFrontendPassTLSCert: "true",
label.TraefikFrontendPriority: "666",
label.TraefikFrontendRedirectEntryPoint: "https",
label.TraefikFrontendRedirectRegex: "nope",
label.TraefikFrontendRedirectReplacement: "nope",
label.TraefikFrontendRule: "Host:traefik.io",
label.TraefikFrontendWhitelistSourceRange: "10.10.10.10",
label.TraefikFrontendRequestHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
label.TraefikFrontendResponseHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
label.TraefikFrontendSSLProxyHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
label.TraefikFrontendAllowedHosts: "foo,bar,bor",
label.TraefikFrontendHostsProxyHeaders: "foo,bar,bor",
label.TraefikFrontendSSLHost: "foo",
label.TraefikFrontendCustomFrameOptionsValue: "foo",
label.TraefikFrontendContentSecurityPolicy: "foo",
label.TraefikFrontendPublicKey: "foo",
label.TraefikFrontendReferrerPolicy: "foo",
label.TraefikFrontendSTSSeconds: "666",
label.TraefikFrontendSSLRedirect: "true",
label.TraefikFrontendSSLTemporaryRedirect: "true",
label.TraefikFrontendSTSIncludeSubdomains: "true",
label.TraefikFrontendSTSPreload: "true",
label.TraefikFrontendForceSTSHeader: "true",
label.TraefikFrontendFrameDeny: "true",
label.TraefikFrontendContentTypeNosniff: "true",
label.TraefikFrontendBrowserXSSFilter: "true",
label.TraefikFrontendIsDevelopment: "true",
label.Prefix + label.BaseFrontendErrorPage + "foo." + label.SuffixErrorPageStatus: "404",
label.Prefix + label.BaseFrontendErrorPage + "foo." + label.SuffixErrorPageBackend: "foobar",
label.Prefix + label.BaseFrontendErrorPage + "foo." + label.SuffixErrorPageQuery: "foo_query",
label.Prefix + label.BaseFrontendErrorPage + "bar." + label.SuffixErrorPageStatus: "500,600",
label.Prefix + label.BaseFrontendErrorPage + "bar." + label.SuffixErrorPageBackend: "foobar",
label.Prefix + label.BaseFrontendErrorPage + "bar." + label.SuffixErrorPageQuery: "bar_query",
label.TraefikFrontendRateLimitExtractorFunc: "client.ip",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitPeriod: "6",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitAverage: "12",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitBurst: "18",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitPeriod: "3",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitAverage: "6",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitBurst: "9",
},
Health: "healthy",
Containers: []string{"10.0.0.1", "10.0.0.2"},
},
},
expectedFrontends: map[string]*types.Frontend{
"frontend-Host-traefik-io": {
EntryPoints: []string{
"http",
"https",
},
Backend: "backend-foobar",
Routes: map[string]types.Route{
"route-frontend-Host-traefik-io": {
Rule: "Host:traefik.io",
},
},
PassHostHeader: true,
PassTLSCert: true,
Priority: 666,
BasicAuth: []string{
"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
},
WhitelistSourceRange: []string{
"10.10.10.10",
},
Headers: &types.Headers{
CustomRequestHeaders: map[string]string{
"Access-Control-Allow-Methods": "POST,GET,OPTIONS",
"Content-Type": "application/json; charset=utf-8",
},
CustomResponseHeaders: map[string]string{
"Access-Control-Allow-Methods": "POST,GET,OPTIONS",
"Content-Type": "application/json; charset=utf-8",
},
AllowedHosts: []string{
"foo",
"bar",
"bor",
},
HostsProxyHeaders: []string{
"foo",
"bar",
"bor",
},
SSLRedirect: true,
SSLTemporaryRedirect: true,
SSLHost: "foo",
SSLProxyHeaders: map[string]string{
"Access-Control-Allow-Methods": "POST,GET,OPTIONS",
"Content-Type": "application/json; charset=utf-8",
},
STSSeconds: 666,
STSIncludeSubdomains: true,
STSPreload: true,
ForceSTSHeader: true,
FrameDeny: true,
CustomFrameOptionsValue: "foo",
ContentTypeNosniff: true,
BrowserXSSFilter: true,
ContentSecurityPolicy: "foo",
PublicKey: "foo",
ReferrerPolicy: "foo",
IsDevelopment: true,
},
Errors: map[string]*types.ErrorPage{
"foo": {
Status: []string{"404"},
Query: "foo_query",
Backend: "foobar",
},
"bar": {
Status: []string{"500", "600"},
Query: "bar_query",
Backend: "foobar",
},
},
RateLimit: &types.RateLimit{
ExtractorFunc: "client.ip",
RateSet: map[string]*types.Rate{
"foo": {
Period: flaeg.Duration(6 * time.Second),
Average: 12,
Burst: 18,
},
"bar": {
Period: flaeg.Duration(3 * time.Second),
Average: 6,
Burst: 9,
},
},
},
Redirect: &types.Redirect{
EntryPoint: "https",
Regex: "",
Replacement: "",
},
},
},
expectedBackends: map[string]*types.Backend{
"backend-foobar": {
Servers: map[string]types.Server{
"server-0": {
URL: "https://10.0.0.1:666",
Weight: 12,
},
"server-1": {
URL: "https://10.0.0.2:666",
Weight: 12,
},
},
CircuitBreaker: &types.CircuitBreaker{
Expression: "NetworkErrorRatio() > 0.5",
},
LoadBalancer: &types.LoadBalancer{
Method: "drr",
Sticky: true,
Stickiness: &types.Stickiness{
CookieName: "chocolate",
},
},
MaxConn: &types.MaxConn{
Amount: 666,
ExtractorFunc: "client.ip",
},
HealthCheck: &types.HealthCheck{
Path: "/health",
Port: 880,
Interval: "6",
},
},
},
},
{ {
desc: "with services", desc: "with services",
services: []rancherData{ services: []rancherData{
@ -72,118 +274,6 @@ func TestProviderBuildConfiguration(t *testing.T) {
}, },
}, },
}, },
{
desc: "with Error Pages",
services: []rancherData{
{
Name: "test/service",
Labels: map[string]string{
label.TraefikPort: "80",
label.Prefix + label.BaseFrontendErrorPage + "foo." + label.SuffixErrorPageStatus: "404",
label.Prefix + label.BaseFrontendErrorPage + "foo." + label.SuffixErrorPageBackend: "foobar",
label.Prefix + label.BaseFrontendErrorPage + "foo." + label.SuffixErrorPageQuery: "foo_query",
label.Prefix + label.BaseFrontendErrorPage + "bar." + label.SuffixErrorPageStatus: "500,600",
label.Prefix + label.BaseFrontendErrorPage + "bar." + label.SuffixErrorPageBackend: "foobar",
label.Prefix + label.BaseFrontendErrorPage + "bar." + label.SuffixErrorPageQuery: "bar_query",
},
Health: "healthy",
Containers: []string{"127.0.0.1"},
},
},
expectedBackends: map[string]*types.Backend{
"backend-test-service": {
Servers: map[string]types.Server{
"server-0": {
URL: "http://127.0.0.1:80",
Weight: 0,
},
},
},
},
expectedFrontends: map[string]*types.Frontend{
"frontend-Host-test-service-rancher-localhost": {
EntryPoints: []string{},
BasicAuth: []string{},
Backend: "backend-test-service",
Routes: map[string]types.Route{
"route-frontend-Host-test-service-rancher-localhost": {
Rule: "Host:test.service.rancher.localhost",
},
},
PassHostHeader: true,
Errors: map[string]*types.ErrorPage{
"foo": {
Status: []string{"404"},
Query: "foo_query",
Backend: "foobar",
},
"bar": {
Status: []string{"500", "600"},
Query: "bar_query",
Backend: "foobar",
},
},
},
},
},
{
desc: "with rate Limits",
services: []rancherData{
{
Name: "test/service",
Labels: map[string]string{
label.TraefikPort: "80",
label.TraefikFrontendRateLimitExtractorFunc: "client.ip",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitPeriod: "6",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitAverage: "12",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitBurst: "18",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitPeriod: "3",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitAverage: "6",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitBurst: "9",
},
Health: "healthy",
Containers: []string{"127.0.0.1"},
},
},
expectedBackends: map[string]*types.Backend{
"backend-test-service": {
Servers: map[string]types.Server{
"server-0": {
URL: "http://127.0.0.1:80",
Weight: 0,
},
},
},
},
expectedFrontends: map[string]*types.Frontend{
"frontend-Host-test-service-rancher-localhost": {
EntryPoints: []string{},
BasicAuth: []string{},
Backend: "backend-test-service",
Routes: map[string]types.Route{
"route-frontend-Host-test-service-rancher-localhost": {
Rule: "Host:test.service.rancher.localhost",
},
},
PassHostHeader: true,
RateLimit: &types.RateLimit{
ExtractorFunc: "client.ip",
RateSet: map[string]*types.Rate{
"foo": {
Period: flaeg.Duration(6 * time.Second),
Average: 12,
Burst: 18,
},
"bar": {
Period: flaeg.Duration(3 * time.Second),
Average: 6,
Burst: 9,
},
},
},
},
},
},
} }
for _, test := range testCases { for _, test := range testCases {
@ -493,7 +583,7 @@ func TestProviderGetFrontendRule(t *testing.T) {
} }
} }
func TestGetBackend(t *testing.T) { func TestGetBackendName(t *testing.T) {
testCases := []struct { testCases := []struct {
desc string desc string
service rancherData service rancherData
@ -524,65 +614,39 @@ func TestGetBackend(t *testing.T) {
t.Run(test.desc, func(t *testing.T) { t.Run(test.desc, func(t *testing.T) {
t.Parallel() t.Parallel()
actual := getBackend(test.service) actual := getBackendName(test.service)
assert.Equal(t, test.expected, actual) assert.Equal(t, test.expected, actual)
}) })
} }
} }
func TestHasRedirect(t *testing.T) { func TestGetCircuitBreaker(t *testing.T) {
testCases := []struct { testCases := []struct {
desc string desc string
service rancherData service rancherData
expected bool expected *types.CircuitBreaker
}{ }{
{ {
desc: "without redirect labels", desc: "should return nil when no CB label",
service: rancherData{ service: rancherData{
Name: "test-service", Labels: map[string]string{},
Health: "healthy",
State: "active",
}, },
expected: false, expected: nil,
}, },
{ {
desc: "with Redirect EntryPoint label", desc: "should return a struct when CB label is set",
service: rancherData{ service: rancherData{
Name: "test-service",
Labels: map[string]string{ Labels: map[string]string{
label.TraefikFrontendRedirectEntryPoint: "https", label.TraefikBackendCircuitBreakerExpression: "NetworkErrorRatio() > 0.5",
}, },
Health: "healthy",
State: "active",
}, },
expected: true, expected: &types.CircuitBreaker{
}, Expression: "NetworkErrorRatio() > 0.5",
{
desc: "with Redirect regex label",
service: rancherData{
Name: "test-service",
Labels: map[string]string{
label.TraefikFrontendRedirectRegex: `(.+)`,
},
}, },
expected: false,
},
{
desc: "with Redirect replacement label",
service: rancherData{
Name: "test-service",
Labels: map[string]string{
label.TraefikFrontendRedirectReplacement: "$1",
},
},
expected: false,
},
{
desc: "with Redirect regex & replacement labels",
service: rancherData{
Name: "test-service",
Labels: map[string]string{
label.TraefikFrontendRedirectRegex: `(.+)`,
label.TraefikFrontendRedirectReplacement: "$1",
},
},
expected: true,
}, },
} }
@ -591,7 +655,519 @@ func TestHasRedirect(t *testing.T) {
t.Run(test.desc, func(t *testing.T) { t.Run(test.desc, func(t *testing.T) {
t.Parallel() t.Parallel()
actual := hasRedirect(test.service) actual := getCircuitBreaker(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetLoadBalancer(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected *types.LoadBalancer
}{
{
desc: "should return nil when no LB labels",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return a struct when labels are set",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendLoadBalancerMethod: "drr",
label.TraefikBackendLoadBalancerSticky: "true",
label.TraefikBackendLoadBalancerStickiness: "true",
label.TraefikBackendLoadBalancerStickinessCookieName: "foo",
},
Health: "healthy",
State: "active",
},
expected: &types.LoadBalancer{
Method: "drr",
Sticky: true,
Stickiness: &types.Stickiness{
CookieName: "foo",
},
},
},
{
desc: "should return a nil Stickiness when Stickiness is not set",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendLoadBalancerMethod: "drr",
label.TraefikBackendLoadBalancerSticky: "true",
label.TraefikBackendLoadBalancerStickinessCookieName: "foo",
},
Health: "healthy",
State: "active",
},
expected: &types.LoadBalancer{
Method: "drr",
Sticky: true,
Stickiness: nil,
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getLoadBalancer(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetMaxConn(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected *types.MaxConn
}{
{
desc: "should return nil when no max conn labels",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return nil when no amount label",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendMaxConnExtractorFunc: "client.ip",
},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return default when no empty extractorFunc label",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendMaxConnExtractorFunc: "",
label.TraefikBackendMaxConnAmount: "666",
},
Health: "healthy",
State: "active",
},
expected: &types.MaxConn{
ExtractorFunc: "request.host",
Amount: 666,
},
},
{
desc: "should return a struct when max conn labels are set",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendMaxConnExtractorFunc: "client.ip",
label.TraefikBackendMaxConnAmount: "666",
},
Health: "healthy",
State: "active",
},
expected: &types.MaxConn{
ExtractorFunc: "client.ip",
Amount: 666,
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getMaxConn(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetHealthCheck(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected *types.HealthCheck
}{
{
desc: "should return nil when no health check labels",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return nil when no health check Path label",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendHealthCheckPort: "80",
label.TraefikBackendHealthCheckInterval: "6",
},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return a struct when health check labels are set",
service: rancherData{
Labels: map[string]string{
label.TraefikBackendHealthCheckPath: "/health",
label.TraefikBackendHealthCheckPort: "80",
label.TraefikBackendHealthCheckInterval: "6",
},
Health: "healthy",
State: "active",
},
expected: &types.HealthCheck{
Path: "/health",
Port: 80,
Interval: "6",
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getHealthCheck(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetServers(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected map[string]types.Server
}{
{
desc: "should return nil when no server labels",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return nil when no server IPs",
service: rancherData{
Labels: map[string]string{
label.TraefikWeight: "7",
},
Containers: []string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should use default weight when invalid weight value",
service: rancherData{
Labels: map[string]string{
label.TraefikWeight: "kls",
},
Containers: []string{"10.10.10.0"},
Health: "healthy",
State: "active",
},
expected: map[string]types.Server{
"server-0": {
URL: "http://10.10.10.0:",
Weight: 0,
},
},
},
{
desc: "should return a map when configuration keys are defined",
service: rancherData{
Labels: map[string]string{
label.TraefikWeight: "6",
},
Containers: []string{"10.10.10.0", "10.10.10.1"},
Health: "healthy",
State: "active",
},
expected: map[string]types.Server{
"server-0": {
URL: "http://10.10.10.0:",
Weight: 6,
},
"server-1": {
URL: "http://10.10.10.1:",
Weight: 6,
},
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getServers(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetRedirect(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected *types.Redirect
}{
{
desc: "should return nil when no redirect labels",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should use only entry point tag when mix regex redirect and entry point redirect",
service: rancherData{
Labels: map[string]string{
label.TraefikFrontendRedirectEntryPoint: "https",
label.TraefikFrontendRedirectRegex: "(.*)",
label.TraefikFrontendRedirectReplacement: "$1",
},
Health: "healthy",
State: "active",
},
expected: &types.Redirect{
EntryPoint: "https",
},
},
{
desc: "should return a struct when entry point redirect label",
service: rancherData{
Labels: map[string]string{
label.TraefikFrontendRedirectEntryPoint: "https",
},
Health: "healthy",
State: "active",
},
expected: &types.Redirect{
EntryPoint: "https",
},
},
{
desc: "should return a struct when regex redirect labels",
service: rancherData{
Labels: map[string]string{
label.TraefikFrontendRedirectRegex: "(.*)",
label.TraefikFrontendRedirectReplacement: "$1",
},
Health: "healthy",
State: "active",
},
expected: &types.Redirect{
Regex: "(.*)",
Replacement: "$1",
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getRedirect(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetRateLimit(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected *types.RateLimit
}{
{
desc: "should return nil when no rate limit labels",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return a struct when rate limit labels are defined",
service: rancherData{
Labels: map[string]string{
label.TraefikFrontendRateLimitExtractorFunc: "client.ip",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitPeriod: "6",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitAverage: "12",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitBurst: "18",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitPeriod: "3",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitAverage: "6",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitBurst: "9",
},
Health: "healthy",
State: "active",
},
expected: &types.RateLimit{
ExtractorFunc: "client.ip",
RateSet: map[string]*types.Rate{
"foo": {
Period: flaeg.Duration(6 * time.Second),
Average: 12,
Burst: 18,
},
"bar": {
Period: flaeg.Duration(3 * time.Second),
Average: 6,
Burst: 9,
},
},
},
},
{
desc: "should return nil when ExtractorFunc is missing",
service: rancherData{
Labels: map[string]string{
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitPeriod: "6",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitAverage: "12",
label.Prefix + label.BaseFrontendRateLimit + "foo." + label.SuffixRateLimitBurst: "18",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitPeriod: "3",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitAverage: "6",
label.Prefix + label.BaseFrontendRateLimit + "bar." + label.SuffixRateLimitBurst: "9",
},
Health: "healthy",
State: "active",
},
expected: nil,
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getRateLimit(test.service)
assert.Equal(t, test.expected, actual)
})
}
}
func TestGetHeaders(t *testing.T) {
testCases := []struct {
desc string
service rancherData
expected *types.Headers
}{
{
desc: "should return nil when no custom headers options are set",
service: rancherData{
Labels: map[string]string{},
Health: "healthy",
State: "active",
},
expected: nil,
},
{
desc: "should return a struct when all custom headers options are set",
service: rancherData{
Labels: map[string]string{
label.TraefikFrontendRequestHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
label.TraefikFrontendResponseHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
label.TraefikFrontendSSLProxyHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
label.TraefikFrontendAllowedHosts: "foo,bar,bor",
label.TraefikFrontendHostsProxyHeaders: "foo,bar,bor",
label.TraefikFrontendSSLHost: "foo",
label.TraefikFrontendCustomFrameOptionsValue: "foo",
label.TraefikFrontendContentSecurityPolicy: "foo",
label.TraefikFrontendPublicKey: "foo",
label.TraefikFrontendReferrerPolicy: "foo",
label.TraefikFrontendSTSSeconds: "666",
label.TraefikFrontendSSLRedirect: "true",
label.TraefikFrontendSSLTemporaryRedirect: "true",
label.TraefikFrontendSTSIncludeSubdomains: "true",
label.TraefikFrontendSTSPreload: "true",
label.TraefikFrontendForceSTSHeader: "true",
label.TraefikFrontendFrameDeny: "true",
label.TraefikFrontendContentTypeNosniff: "true",
label.TraefikFrontendBrowserXSSFilter: "true",
label.TraefikFrontendIsDevelopment: "true",
},
Health: "healthy",
State: "active",
},
expected: &types.Headers{
CustomRequestHeaders: map[string]string{
"Access-Control-Allow-Methods": "POST,GET,OPTIONS",
"Content-Type": "application/json; charset=utf-8",
},
CustomResponseHeaders: map[string]string{
"Access-Control-Allow-Methods": "POST,GET,OPTIONS",
"Content-Type": "application/json; charset=utf-8",
},
SSLProxyHeaders: map[string]string{
"Access-Control-Allow-Methods": "POST,GET,OPTIONS",
"Content-Type": "application/json; charset=utf-8",
},
AllowedHosts: []string{"foo", "bar", "bor"},
HostsProxyHeaders: []string{"foo", "bar", "bor"},
SSLHost: "foo",
CustomFrameOptionsValue: "foo",
ContentSecurityPolicy: "foo",
PublicKey: "foo",
ReferrerPolicy: "foo",
STSSeconds: 666,
SSLRedirect: true,
SSLTemporaryRedirect: true,
STSIncludeSubdomains: true,
STSPreload: true,
ForceSTSHeader: true,
FrameDeny: true,
ContentTypeNosniff: true,
BrowserXSSFilter: true,
IsDevelopment: true,
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
actual := getHeaders(test.service)
assert.Equal(t, test.expected, actual) assert.Equal(t, test.expected, actual)
}) })
} }

View file

@ -1,144 +1,159 @@
{{$backendServers := .Backends}} {{ $backendServers := .Backends }}
[backends] [backends]
{{range $backendName, $backend := .Backends}} {{range $backendName, $backend := .Backends }}
[backends.backend-{{$backendName}}] [backends.backend-{{ $backendName }}]
{{if hasCircuitBreakerLabel $backend}} {{ $circuitBreaker := getCircuitBreaker $backend }}
[backends.backend-{{$backendName}}.circuitBreaker] {{if $circuitBreaker }}
expression = "{{getCircuitBreakerExpression $backend}}" [backends."backend-{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}} {{end}}
{{if hasLoadBalancerLabel $backend}} {{ $loadBalancer := getLoadBalancer $backend }}
[backends.backend-{{$backendName}}.loadBalancer] {{if $loadBalancer }}
method = "{{getLoadBalancerMethod $backend}}" [backends."backend-{{ $backendName }}".loadBalancer]
sticky = {{getSticky $backend}} method = "{{ $loadBalancer.Method }}"
{{if hasStickinessLabel $backend}} sticky = {{ $loadBalancer.Sticky }}
[backends.backend-{{$backendName}}.loadBalancer.stickiness] {{if $loadBalancer.Stickiness }}
cookieName = "{{getStickinessCookieName $backend}}" [backends."backend-{{ $backendName }}".loadBalancer.stickiness]
{{end}} cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}} {{end}}
{{if hasMaxConnLabels $backend}} {{ $maxConn := getMaxConn $backend }}
[backends.backend-{{$backendName}}.maxConn] {{if $maxConn }}
amount = {{getMaxConnAmount $backend}} [backends."backend-{{ $backendName }}".maxConn]
extractorFunc = "{{getMaxConnExtractorFunc $backend}}" extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}} {{end}}
{{if hasHealthCheckLabels $backend}} {{ $healthCheck := getHealthCheck $backend }}
[backends.backend-{{$backendName}}.healthCheck] {{if $healthCheck }}
path = "{{getHealthCheckPath $backend}}" [backends.backend-{{ $backendName }}.healthCheck]
port = {{getHealthCheckPort $backend}} path = "{{ $healthCheck.Path }}"
interval = "{{getHealthCheckInterval $backend}}" port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
{{end}} {{end}}
{{range $index, $ip := $backend.Containers}} {{range $serverName, $server := getServers $backend}}
[backends.backend-{{$backendName}}.servers.server-{{$index}}] [backends.backend-{{ $backendName }}.servers.{{ $serverName }}]
url = "{{getProtocol $backend}}://{{$ip}}:{{getPort $backend}}" url = "{{ $server.URL }}"
weight = {{getWeight $backend}} weight = {{ $server.Weight }}
{{end}} {{end}}
{{end}} {{end}}
[frontends] [frontends]
{{range $frontendName, $service := .Frontends}} {{range $frontendName, $service := .Frontends }}
[frontends."frontend-{{$frontendName}}"] [frontends."frontend-{{ $frontendName }}"]
backend = "backend-{{getBackend $service}}" backend = "backend-{{ getBackendName $service }}"
priority = {{getPriority $service}} priority = {{ getPriority $service }}
passHostHeader = {{getPassHostHeader $service}} passHostHeader = {{ getPassHostHeader $service }}
passTLSCert = {{getPassTLSCert $service}} passTLSCert = {{ getPassTLSCert $service }}
entryPoints = [{{range getEntryPoints $service}} entryPoints = [{{range getEntryPoints $service }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
{{if getWhitelistSourceRange $service}} {{ $whitelistSourceRange := getWhitelistSourceRange $service }}
whitelistSourceRange = [{{range getWhitelistSourceRange $service}} {{if $whitelistSourceRange }}
whitelistSourceRange = [{{range $whitelistSourceRange }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
{{end}} {{end}}
basicAuth = [{{range getBasicAuth $service}} basicAuth = [{{range getBasicAuth $service }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
{{if hasRedirect $service}} {{ $redirect := getRedirect $service }}
[frontends."frontend-{{$frontendName}}".redirect] {{if $redirect }}
entryPoint = "{{getRedirectEntryPoint $service}}" [frontends."frontend-{{ $frontendName }}".redirect]
regex = "{{getRedirectRegex $service}}" entryPoint = "{{ $redirect.EntryPoint }}"
replacement = "{{getRedirectReplacement $service}}" regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
{{end}} {{end}}
{{ if hasErrorPages $service }} {{ $errorPages := getErrorPages $service }}
[frontends."frontend-{{$frontendName}}".errors] {{if $errorPages }}
{{ range $pageName, $page := getErrorPages $service }} [frontends."frontend-{{ $frontendName }}".errors]
[frontends."frontend-{{$frontendName}}".errors.{{ $pageName }}] {{range $pageName, $page := $errorPages }}
status = [{{range $page.Status}} [frontends."frontend-{{ $frontendName }}".errors.{{ $pageName }}]
status = [{{range $page.Status }}
"{{.}}", "{{.}}",
{{end}}] {{end}}]
backend = "{{$page.Backend}}" backend = "{{ $page.Backend }}"
query = "{{$page.Query}}" query = "{{ $page.Query }}"
{{end}} {{end}}
{{end}} {{end}}
{{ if hasRateLimits $service }} {{ $rateLimit := getRateLimit $service }}
[frontends."frontend-{{$frontendName}}".rateLimit] {{if $rateLimit }}
extractorFunc = "{{ getRateLimitsExtractorFunc $service }}" [frontends."frontend-{{ $frontendName }}".rateLimit]
[frontends."frontend-{{$frontendName}}".rateLimit.rateSet] extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
{{ range $limitName, $rateLimit := getRateLimits $service }} [frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
[frontends."frontend-{{$frontendName}}".rateLimit.rateSet.{{ $limitName }}] {{ range $limitName, $limit := $rateLimit.RateSet }}
period = "{{ $rateLimit.Period }}" [frontends."frontend-{{ $frontendName }}".rateLimit.rateSet.{{ $limitName }}]
average = {{ $rateLimit.Average }} period = "{{ $limit.Period }}"
burst = {{ $rateLimit.Burst }} average = {{ $limit.Average }}
{{end}} burst = {{ $limit.Burst }}
{{end}}
{{end}} {{end}}
{{if hasHeaders $service }} {{ $headers := getHeaders $service }}
[frontends."frontend-{{$frontendName}}".headers] {{if $headers }}
SSLRedirect = {{getSSLRedirectHeaders $service}} [frontends."frontend-{{ $frontendName }}".headers]
SSLTemporaryRedirect = {{getSSLTemporaryRedirectHeaders $service}} SSLRedirect = {{ $headers.SSLRedirect }}
SSLHost = "{{getSSLHostHeaders $service}}" SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
STSSeconds = {{getSTSSecondsHeaders $service}} SSLHost = "{{ $headers.SSLHost }}"
STSIncludeSubdomains = {{getSTSIncludeSubdomainsHeaders $service}} STSSeconds = {{ $headers.STSSeconds }}
STSPreload = {{getSTSPreloadHeaders $service}} STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
ForceSTSHeader = {{getForceSTSHeaderHeaders $service}} STSPreload = {{ $headers.STSPreload }}
FrameDeny = {{getFrameDenyHeaders $service}} ForceSTSHeader = {{ $headers.ForceSTSHeader }}
CustomFrameOptionsValue = "{{getCustomFrameOptionsValueHeaders $service}}" FrameDeny = {{ $headers.FrameDeny }}
ContentTypeNosniff = {{getContentTypeNosniffHeaders $service}} CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
BrowserXSSFilter = {{getBrowserXSSFilterHeaders $service}} ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
ContentSecurityPolicy = "{{getContentSecurityPolicyHeaders $service}}" BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
PublicKey = "{{getPublicKeyHeaders $service}}" ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
ReferrerPolicy = "{{getReferrerPolicyHeaders $service}}" PublicKey = "{{ $headers.PublicKey }}"
IsDevelopment = {{getIsDevelopmentHeaders $service}} ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
AllowedHosts = [{{range getAllowedHostsHeaders $service}} {{if $headers.AllowedHosts }}
"{{.}}", AllowedHosts = [{{range $headers.AllowedHosts }}
{{end}}] "{{.}}",
{{end}}]
{{end}}
HostsProxyHeaders = [{{range getHostsProxyHeaders $service}} {{if $headers.HostsProxyHeaders }}
"{{.}}", HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
{{end}}] "{{.}}",
{{end}}]
{{end}}
{{if hasRequestHeaders $service}} {{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{$frontendName}}".headers.customRequestHeaders] [frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := getRequestHeaders $service}} {{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}" {{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}} {{end}}
{{end}} {{end}}
{{if hasResponseHeaders $service}}
[frontends."frontend-{{$frontendName}}".headers.customResponseHeaders]
{{range $k, $v := getResponseHeaders $service}}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if hasSSLProxyHeaders $service}}
[frontends."frontend-{{$frontendName}}".headers.SSLProxyHeaders]
{{range $k, $v := getSSLProxyHeaders $service}}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{$frontendName}}".routes."route-frontend-{{$frontendName}}"] [frontends."frontend-{{$frontendName}}".routes."route-frontend-{{$frontendName}}"]
rule = "{{getFrontendRule $service}}" rule = "{{getFrontendRule $service}}"