Remove Rancher v1 provider
This commit is contained in:
parent
7129f03dc9
commit
2ad1fd725a
66 changed files with 10 additions and 3316 deletions
|
@ -11,7 +11,7 @@
|
||||||
[![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik)
|
[![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik)
|
||||||
|
|
||||||
Traefik (pronounced _traffic_) is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy.
|
Traefik (pronounced _traffic_) is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy.
|
||||||
Traefik integrates with your existing infrastructure components ([Docker](https://www.docker.com/), [Swarm mode](https://docs.docker.com/engine/swarm/), [Kubernetes](https://kubernetes.io), [Marathon](https://mesosphere.github.io/marathon/), [Consul](https://www.consul.io/), [Etcd](https://coreos.com/etcd/), [Rancher](https://rancher.com), [Amazon ECS](https://aws.amazon.com/ecs), ...) and configures itself automatically and dynamically.
|
Traefik integrates with your existing infrastructure components ([Docker](https://www.docker.com/), [Swarm mode](https://docs.docker.com/engine/swarm/), [Kubernetes](https://kubernetes.io), [Marathon](https://mesosphere.github.io/marathon/), [Consul](https://www.consul.io/), [Etcd](https://coreos.com/etcd/), [Rancher v2](https://rancher.com), [Amazon ECS](https://aws.amazon.com/ecs), ...) and configures itself automatically and dynamically.
|
||||||
Pointing Traefik at your orchestrator should be the _only_ configuration step you need.
|
Pointing Traefik at your orchestrator should be the _only_ configuration step you need.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
@ -69,7 +69,6 @@ _(But if you'd rather configure some of your routes manually, Traefik supports t
|
||||||
- [Docker](https://doc.traefik.io/traefik/providers/docker/) / [Swarm mode](https://doc.traefik.io/traefik/providers/docker/)
|
- [Docker](https://doc.traefik.io/traefik/providers/docker/) / [Swarm mode](https://doc.traefik.io/traefik/providers/docker/)
|
||||||
- [Kubernetes](https://doc.traefik.io/traefik/providers/kubernetes-crd/)
|
- [Kubernetes](https://doc.traefik.io/traefik/providers/kubernetes-crd/)
|
||||||
- [Marathon](https://doc.traefik.io/traefik/providers/marathon/)
|
- [Marathon](https://doc.traefik.io/traefik/providers/marathon/)
|
||||||
- [Rancher](https://doc.traefik.io/traefik/providers/rancher/) (Metadata)
|
|
||||||
- [File](https://doc.traefik.io/traefik/providers/file/)
|
- [File](https://doc.traefik.io/traefik/providers/file/)
|
||||||
|
|
||||||
## Quickstart
|
## Quickstart
|
||||||
|
|
|
@ -107,7 +107,6 @@ The `status/*` labels represent the desired state in the workflow.
|
||||||
* `area/provider/kv`: KV related.
|
* `area/provider/kv`: KV related.
|
||||||
* `area/provider/marathon`: Marathon related.
|
* `area/provider/marathon`: Marathon related.
|
||||||
* `area/provider/mesos`: Mesos related.
|
* `area/provider/mesos`: Mesos related.
|
||||||
* `area/provider/rancher`: Rancher related.
|
|
||||||
* `area/provider/servicefabric`: Azure service fabric related.
|
* `area/provider/servicefabric`: Azure service fabric related.
|
||||||
* `area/provider/zk`: Zoo Keeper related.
|
* `area/provider/zk`: Zoo Keeper related.
|
||||||
* `area/rules`: Rules related.
|
* `area/rules`: Rules related.
|
||||||
|
|
|
@ -54,16 +54,6 @@ labels: {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
## Dynamic configuration
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.blog.rule=Host(`example.com`) && Path(`/blog`)
|
|
||||||
- traefik.http.routers.blog.tls=true
|
|
||||||
- traefik.http.routers.blog.tls.certresolver=myresolver
|
|
||||||
- traefik.http.routers.blog.tls.domains[0].main=example.org
|
|
||||||
- traefik.http.routers.blog.tls.domains[0].sans=*.example.org
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
## Dynamic configuration
|
## Dynamic configuration
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -44,14 +44,6 @@ labels: {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
## Dynamic configuration
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.blog.rule=(Host(`example.com`) && Path(`/blog`)) || Host(`blog.example.org`)
|
|
||||||
- traefik.http.routers.blog.tls=true
|
|
||||||
- traefik.http.routers.blog.tls.certresolver=myresolver
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
## Dynamic configuration
|
## Dynamic configuration
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -44,14 +44,6 @@ labels: {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
## Dynamic configuration
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.blog.rule=Host(`example.com`) && Path(`/blog`)
|
|
||||||
- traefik.http.routers.blog.tls=true
|
|
||||||
- traefik.http.routers.blog.tls.certresolver=myresolver
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
## Dynamic configuration
|
## Dynamic configuration
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -127,13 +127,6 @@ A certificate resolver requests certificates for a set of domain names inferred
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
## Dynamic configuration
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.blog.rule=Host(`monitoring.yak-bebop.ts.net`) && Path(`/metrics`)
|
|
||||||
- traefik.http.routers.blog.tls.certresolver=myresolver
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
## Dynamic configuration
|
## Dynamic configuration
|
||||||
http:
|
http:
|
||||||
|
@ -200,14 +193,6 @@ A certificate resolver requests certificates for a set of domain names inferred
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
## Dynamic configuration
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.blog.rule=Path(`/metrics`)
|
|
||||||
- traefik.http.routers.blog.tls.certresolver=myresolver
|
|
||||||
- traefik.http.routers.blog.tls.domains[0].main=monitoring.yak-bebop.ts.net
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
## Dynamic configuration
|
## Dynamic configuration
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -42,12 +42,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Prefixing with /foo
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.add-foo.addprefix.prefix=/foo"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Prefixing with /foo
|
# Prefixing with /foo
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -47,12 +47,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Declaring the user list
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Declaring the user list
|
# Declaring the user list
|
||||||
http:
|
http:
|
||||||
|
@ -163,12 +157,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Declaring the user list
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Declaring the user list
|
# Declaring the user list
|
||||||
http:
|
http:
|
||||||
|
@ -238,11 +226,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -293,11 +276,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -386,11 +364,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.basicauth.removeheader=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -46,12 +46,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Sets the maximum request body to 2MB
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=2000000"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Sets the maximum request body to 2MB
|
# Sets the maximum request body to 2MB
|
||||||
http:
|
http:
|
||||||
|
@ -103,11 +97,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=2000000"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -153,11 +142,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.limit.buffering.memRequestBodyBytes=2000000"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -205,11 +189,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=2000000"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -255,11 +234,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.limit.buffering.memResponseBodyBytes=2000000"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -307,11 +281,6 @@ You can have the Buffering middleware replay the request using `retryExpression`
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.limit.buffering.retryExpression=IsNetworkError() && Attempts() < 2"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -110,18 +110,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.routers.router1.service=service1"
|
|
||||||
- "traefik.http.routers.router1.middlewares=secured"
|
|
||||||
- "traefik.http.routers.router1.rule=Host(`mydomain`)"
|
|
||||||
- "traefik.http.middlewares.secured.chain.middlewares=https-only,known-ips,auth-users"
|
|
||||||
- "traefik.http.middlewares.auth-users.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
|
|
||||||
- "traefik.http.middlewares.https-only.redirectscheme.scheme=https"
|
|
||||||
- "traefik.http.middlewares.known-ips.ipallowlist.sourceRange=192.168.1.7,127.0.0.1/32"
|
|
||||||
- "traefik.http.services.service1.loadbalancer.server.port=80"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# ...
|
# ...
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -58,12 +58,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Latency Check
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.latency-check.circuitbreaker.expression=LatencyAtQuantileMS(50.0) > 100"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Latency Check
|
# Latency Check
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -42,12 +42,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Enable compression
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-compress.compress=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Enable compression
|
# Enable compression
|
||||||
http:
|
http:
|
||||||
|
@ -120,11 +114,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-compress.compress.excludedcontenttypes=text/event-stream"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -173,11 +162,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-compress.compress.minresponsebodybytes=1200"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -45,12 +45,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Enable auto-detection
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.autodetect.contenttype=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Enable auto-detection
|
# Enable auto-detection
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -42,12 +42,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Declaring the user list
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Declaring the user list
|
# Declaring the user list
|
||||||
http:
|
http:
|
||||||
|
@ -120,11 +114,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -192,11 +181,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.digestauth.usersfile=/path/to/my/usersfile"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -247,11 +231,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.digestauth.realm=MyRealm"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -296,11 +275,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.my-auth.digestauth.headerField=X-WebAuth-User"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -345,11 +319,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.digestauth.removeheader=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -56,14 +56,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Dynamic Custom Error Page for 5XX Status Code
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-errors.errors.status=500-599"
|
|
||||||
- "traefik.http.middlewares.test-errors.errors.service=serviceError"
|
|
||||||
- "traefik.http.middlewares.test-errors.errors.query=/{status}.html"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Custom Error Page for 5XX
|
# Custom Error Page for 5XX
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -44,12 +44,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Forward authentication to example.com
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.address=https://example.com/auth"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Forward authentication to example.com
|
# Forward authentication to example.com
|
||||||
http:
|
http:
|
||||||
|
@ -109,11 +103,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.address=https://example.com/auth"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -158,11 +147,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.trustForwardHeader=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -212,11 +196,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.authResponseHeaders=X-Auth-User, X-Secret"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -268,11 +247,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.authResponseHeadersRegex=^X-"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -329,11 +303,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.authRequestHeaders=Accept,X-CustomHeader"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -403,11 +372,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.tls.ca=path/to/local.crt"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -474,12 +438,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.tls.cert=path/to/foo.cert"
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.tls.key=path/to/foo.key"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -552,12 +510,6 @@ data:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.tls.cert=path/to/foo.cert"
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.tls.key=path/to/foo.key"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -615,11 +567,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-auth.forwardauth.tls.InsecureSkipVerify=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -43,11 +43,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-grpcweb.grpcweb.alloworigins=*"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -51,12 +51,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name=test"
|
|
||||||
- "traefik.http.middlewares.testheader.headers.customresponseheaders.X-Custom-Response-Header=value"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -117,13 +111,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name=test"
|
|
||||||
- "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Custom-Request-Header="
|
|
||||||
- "traefik.http.middlewares.testheader.headers.customresponseheaders.X-Custom-Response-Header="
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -180,11 +167,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.testheader.headers.framedeny=true"
|
|
||||||
- "traefik.http.middlewares.testheader.headers.browserxssfilter=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
|
@ -251,14 +233,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.testheader.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
|
|
||||||
- "traefik.http.middlewares.testheader.headers.accesscontrolalloworiginlist=https://foo.bar.org,https://example.org"
|
|
||||||
- "traefik.http.middlewares.testheader.headers.accesscontrolmaxage=100"
|
|
||||||
- "traefik.http.middlewares.testheader.headers.addvaryheader=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -40,12 +40,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Limiting to 10 simultaneous connections
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-inflightreq.inflightreq.amount=10"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Limiting to 10 simultaneous connections
|
# Limiting to 10 simultaneous connections
|
||||||
http:
|
http:
|
||||||
|
@ -95,12 +89,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Limiting to 10 simultaneous connections
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-inflightreq.inflightreq.amount=10"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Limiting to 10 simultaneous connections
|
# Limiting to 10 simultaneous connections
|
||||||
http:
|
http:
|
||||||
|
@ -171,11 +159,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.ipstrategy.depth=2"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -238,11 +221,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -292,11 +270,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.requestheadername=username"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -343,11 +316,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.requesthost=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -41,12 +41,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Accepts request from defined IP
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Accepts request from defined IP
|
# Accepts request from defined IP
|
||||||
http:
|
http:
|
||||||
|
@ -127,13 +121,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Allowlisting Based on `X-Forwarded-For` with `depth=2`
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
|
|
||||||
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.depth=2"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Allowlisting Based on `X-Forwarded-For` with `depth=2`
|
# Allowlisting Based on `X-Forwarded-For` with `depth=2`
|
||||||
http:
|
http:
|
||||||
|
@ -203,12 +190,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Exclude from `X-Forwarded-For`
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Exclude from `X-Forwarded-For`
|
# Exclude from `X-Forwarded-For`
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -76,15 +76,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# As a Rancher Label
|
|
||||||
labels:
|
|
||||||
# Create a middleware named `foo-add-prefix`
|
|
||||||
- "traefik.http.middlewares.foo-add-prefix.addprefix.prefix=/foo"
|
|
||||||
# Apply the middleware named `foo-add-prefix` to the router named `router1`
|
|
||||||
- "traefik.http.routers.router1.middlewares=foo-add-prefix@rancher"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
```toml tab="File (TOML)"
|
||||||
# As TOML Configuration File
|
# As TOML Configuration File
|
||||||
[http.routers]
|
[http.routers]
|
||||||
|
|
|
@ -45,12 +45,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
||||||
http:
|
http:
|
||||||
|
@ -169,29 +163,6 @@ http:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.notafter=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.notbefore=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.sans=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.commonname=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.country=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.domaincomponent=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.locality=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.organization=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.organizationalunit=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.province=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.serialnumber=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.commonname=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.country=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.domaincomponent=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.locality=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.organization=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.province=true"
|
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.serialnumber=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
|
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -47,14 +47,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Here, an average of 100 requests per second is allowed.
|
|
||||||
# In addition, a burst of 50 requests is allowed.
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.average=100"
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.burst=50"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Here, an average of 100 requests per second is allowed.
|
# Here, an average of 100 requests per second is allowed.
|
||||||
# In addition, a burst of 50 requests is allowed.
|
# In addition, a burst of 50 requests is allowed.
|
||||||
|
@ -114,11 +106,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.average=100"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# 100 reqs/s
|
# 100 reqs/s
|
||||||
http:
|
http:
|
||||||
|
@ -177,13 +164,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# 6 reqs/minute
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.average=6"
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.period=1m"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# 6 reqs/minute
|
# 6 reqs/minute
|
||||||
http:
|
http:
|
||||||
|
@ -233,11 +213,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.burst=100"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -306,11 +281,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.ipstrategy.depth=2"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -400,11 +370,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -454,11 +419,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.requestheadername=username"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
@ -505,11 +465,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.requesthost=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -50,14 +50,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Redirect with domain replacement
|
|
||||||
# Note: all dollar signs need to be doubled for escaping.
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-redirectregex.redirectregex.regex=^http://localhost/(.*)"
|
|
||||||
- "traefik.http.middlewares.test-redirectregex.redirectregex.replacement=http://mydomain/$${1}"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Redirect with domain replacement
|
# Redirect with domain replacement
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -58,13 +58,6 @@ labels:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Redirect to https
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https"
|
|
||||||
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.permanent=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Redirect to https
|
# Redirect to https
|
||||||
http:
|
http:
|
||||||
|
@ -122,13 +115,6 @@ labels:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Redirect to https
|
|
||||||
labels:
|
|
||||||
# ...
|
|
||||||
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.permanent=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Redirect to https
|
# Redirect to https
|
||||||
http:
|
http:
|
||||||
|
@ -180,12 +166,6 @@ labels:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Redirect to https
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Redirect to https
|
# Redirect to https
|
||||||
http:
|
http:
|
||||||
|
@ -239,13 +219,6 @@ labels:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Redirect to https
|
|
||||||
labels:
|
|
||||||
# ...
|
|
||||||
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.port=443"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Redirect to https
|
# Redirect to https
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -44,12 +44,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Replace the path with /foo
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-replacepath.replacepath.path=/foo"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Replace the path with /foo
|
# Replace the path with /foo
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -48,13 +48,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Replace path with regex
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.regex=^/foo/(.*)"
|
|
||||||
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.replacement=/bar/$1"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Replace path with regex
|
# Replace path with regex
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -50,13 +50,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Retry 4 times with exponential backoff
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-retry.retry.attempts=4"
|
|
||||||
- "traefik.http.middlewares.test-retry.retry.initialinterval=100ms"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Retry 4 times with exponential backoff
|
# Retry 4 times with exponential backoff
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -46,12 +46,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Strip prefix /foobar and /fiibar
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-stripprefix.stripprefix.prefixes=/foobar,/fiibar"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Strip prefix /foobar and /fiibar
|
# Strip prefix /foobar and /fiibar
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -38,11 +38,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
labels:
|
|
||||||
- "traefik.http.middlewares.test-stripprefixregex.stripprefixregex.regex=/foo/[a-z0-9]+/[0-9]+/"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -73,15 +73,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# As a Rancher Label
|
|
||||||
labels:
|
|
||||||
# Create a middleware named `foo-add-prefix`
|
|
||||||
- "traefik.http.middlewares.foo-add-prefix.addprefix.prefix=/foo"
|
|
||||||
# Apply the middleware named `foo-add-prefix` to the router named `router1`
|
|
||||||
- "traefik.http.routers.router1.middlewares=foo-add-prefix@rancher"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# As YAML Configuration File
|
# As YAML Configuration File
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -33,12 +33,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Limiting to 10 simultaneous connections.
|
|
||||||
labels:
|
|
||||||
- "traefik.tcp.middlewares.test-inflightconn.inflightconn.amount=10"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Limiting to 10 simultaneous connections.
|
# Limiting to 10 simultaneous connections.
|
||||||
tcp:
|
tcp:
|
||||||
|
|
|
@ -41,12 +41,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Accepts request from defined IP
|
|
||||||
labels:
|
|
||||||
- "traefik.tcp.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
```toml tab="File (TOML)"
|
||||||
# Accepts request from defined IP
|
# Accepts request from defined IP
|
||||||
[tcp.middlewares]
|
[tcp.middlewares]
|
||||||
|
|
|
@ -77,15 +77,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# As a Rancher Label
|
|
||||||
labels:
|
|
||||||
# Create a middleware named `foo-ip-allowlist`
|
|
||||||
- "traefik.tcp.middlewares.foo-ip-allowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
|
|
||||||
# Apply the middleware named `foo-ip-allowlist` to the router named `router1`
|
|
||||||
- "traefik.tcp.routers.router1.middlewares=foo-ip-allowlist@rancher"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
```toml tab="File (TOML)"
|
||||||
# As TOML Configuration File
|
# As TOML Configuration File
|
||||||
[tcp.routers]
|
[tcp.routers]
|
||||||
|
|
|
@ -65,3 +65,10 @@ When using the KubernetesCRD provider, it is therefore necessary to update [RBAC
|
||||||
|
|
||||||
The TCP LoadBalancer `terminationDelay` option has been removed.
|
The TCP LoadBalancer `terminationDelay` option has been removed.
|
||||||
This option can now be configured directly on the `TCPServersTransport` level, please take a look at this [documentation](../routing/services/index.md#terminationdelay)
|
This option can now be configured directly on the `TCPServersTransport` level, please take a look at this [documentation](../routing/services/index.md#terminationdelay)
|
||||||
|
|
||||||
|
## Rancher v1
|
||||||
|
|
||||||
|
In v3, the rancher v1 provider has been removed because Rancher v1 is [no longer actively maintaned](https://rancher.com/docs/os/v1.x/en/support/) and v2 is supported as a standard Kubernetes provider.
|
||||||
|
|
||||||
|
Rancher 2.x requires Kubernetes and does not have a metadata endpoint of its own for Traefik to query.
|
||||||
|
As such, Rancher 2.x users should utilize the [Kubernetes CRD provider](../providers/kubernetes-crd.md) directly.
|
||||||
|
|
|
@ -60,15 +60,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Dynamic Configuration
|
|
||||||
labels:
|
|
||||||
- "traefik.http.routers.api.rule=Host(`traefik.example.com`)"
|
|
||||||
- "traefik.http.routers.api.service=api@internal"
|
|
||||||
- "traefik.http.routers.api.middlewares=auth"
|
|
||||||
- "traefik.http.middlewares.auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Dynamic Configuration
|
# Dynamic Configuration
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -60,15 +60,6 @@ spec:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
|
||||||
# Dynamic Configuration
|
|
||||||
labels:
|
|
||||||
- "traefik.http.routers.dashboard.rule=Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
|
|
||||||
- "traefik.http.routers.dashboard.service=api@internal"
|
|
||||||
- "traefik.http.routers.dashboard.middlewares=auth"
|
|
||||||
- "traefik.http.middlewares.auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
|
|
||||||
```
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Dynamic Configuration
|
# Dynamic Configuration
|
||||||
http:
|
http:
|
||||||
|
|
|
@ -142,7 +142,6 @@ Below is the list of the currently supported providers in Traefik.
|
||||||
| [Nomad](./nomad.md) | Orchestrator | Label | `nomad` |
|
| [Nomad](./nomad.md) | Orchestrator | Label | `nomad` |
|
||||||
| [ECS](./ecs.md) | Orchestrator | Label | `ecs` |
|
| [ECS](./ecs.md) | Orchestrator | Label | `ecs` |
|
||||||
| [Marathon](./marathon.md) | Orchestrator | Label | `marathon` |
|
| [Marathon](./marathon.md) | Orchestrator | Label | `marathon` |
|
||||||
| [Rancher](./rancher.md) | Orchestrator | Label | `rancher` |
|
|
||||||
| [File](./file.md) | Manual | YAML/TOML format | `file` |
|
| [File](./file.md) | Manual | YAML/TOML format | `file` |
|
||||||
| [Consul](./consul.md) | KV | KV | `consul` |
|
| [Consul](./consul.md) | KV | KV | `consul` |
|
||||||
| [Etcd](./etcd.md) | KV | KV | `etcd` |
|
| [Etcd](./etcd.md) | KV | KV | `etcd` |
|
||||||
|
@ -216,7 +215,6 @@ List of providers that support these features:
|
||||||
- [ECS](./ecs.md#exposedbydefault)
|
- [ECS](./ecs.md#exposedbydefault)
|
||||||
- [Consul Catalog](./consul-catalog.md#exposedbydefault)
|
- [Consul Catalog](./consul-catalog.md#exposedbydefault)
|
||||||
- [Nomad](./nomad.md#exposedbydefault)
|
- [Nomad](./nomad.md#exposedbydefault)
|
||||||
- [Rancher](./rancher.md#exposedbydefault)
|
|
||||||
- [Marathon](./marathon.md#exposedbydefault)
|
- [Marathon](./marathon.md#exposedbydefault)
|
||||||
|
|
||||||
### Constraints
|
### Constraints
|
||||||
|
@ -227,7 +225,6 @@ List of providers that support constraints:
|
||||||
- [ECS](./ecs.md#constraints)
|
- [ECS](./ecs.md#constraints)
|
||||||
- [Consul Catalog](./consul-catalog.md#constraints)
|
- [Consul Catalog](./consul-catalog.md#constraints)
|
||||||
- [Nomad](./nomad.md#constraints)
|
- [Nomad](./nomad.md#constraints)
|
||||||
- [Rancher](./rancher.md#constraints)
|
|
||||||
- [Marathon](./marathon.md#constraints)
|
- [Marathon](./marathon.md#constraints)
|
||||||
- [Kubernetes CRD](./kubernetes-crd.md#labelselector)
|
- [Kubernetes CRD](./kubernetes-crd.md#labelselector)
|
||||||
- [Kubernetes Ingress](./kubernetes-ingress.md#labelselector)
|
- [Kubernetes Ingress](./kubernetes-ingress.md#labelselector)
|
||||||
|
|
|
@ -1,286 +0,0 @@
|
||||||
---
|
|
||||||
title: ""Traefik Configuration Discovery: Rancher""
|
|
||||||
description: "Read the official Traefik documentation to learn how to expose Rancher services by default in Traefik Proxy."
|
|
||||||
---
|
|
||||||
|
|
||||||
# Traefik & Rancher
|
|
||||||
|
|
||||||
A Story of Labels, Services & Containers
|
|
||||||
{: .subtitle }
|
|
||||||
|
|
||||||
![Rancher](../assets/img/providers/rancher.png)
|
|
||||||
|
|
||||||
Attach labels to your services and let Traefik do the rest!
|
|
||||||
|
|
||||||
!!! important "This provider is specific to Rancher 1.x."
|
|
||||||
|
|
||||||
Rancher 2.x requires Kubernetes and does not have a metadata endpoint of its own for Traefik to query.
|
|
||||||
As such, Rancher 2.x users should utilize the [Kubernetes CRD provider](./kubernetes-crd.md) directly.
|
|
||||||
|
|
||||||
## Configuration Examples
|
|
||||||
|
|
||||||
??? example "Configuring Rancher & Deploying / Exposing Services"
|
|
||||||
|
|
||||||
Enabling the Rancher provider
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher: {}
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher=true
|
|
||||||
```
|
|
||||||
|
|
||||||
Attaching labels to services
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
labels:
|
|
||||||
- traefik.http.services.my-service.rule=Host(`example.com`)
|
|
||||||
```
|
|
||||||
|
|
||||||
## Routing Configuration
|
|
||||||
|
|
||||||
See the dedicated section in [routing](../routing/providers/rancher.md).
|
|
||||||
|
|
||||||
## Provider Configuration
|
|
||||||
|
|
||||||
??? tip "Browse the Reference"
|
|
||||||
|
|
||||||
For an overview of all the options that can be set with the Rancher provider, see the following snippets:
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
--8<-- "content/providers/rancher.yml"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
--8<-- "content/providers/rancher.toml"
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--8<-- "content/providers/rancher.txt"
|
|
||||||
```
|
|
||||||
|
|
||||||
### `exposedByDefault`
|
|
||||||
|
|
||||||
_Optional, Default=true_
|
|
||||||
|
|
||||||
Expose Rancher services by default in Traefik.
|
|
||||||
If set to `false`, services that do not have a `traefik.enable=true` label are ignored from the resulting routing configuration.
|
|
||||||
|
|
||||||
For additional information, refer to [Restrict the Scope of Service Discovery](./overview.md#restrict-the-scope-of-service-discovery).
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
exposedByDefault: false
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
exposedByDefault = false
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.exposedByDefault=false
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
### `defaultRule`
|
|
||||||
|
|
||||||
_Optional, Default=```Host(`{{ normalize .Name }}`)```_
|
|
||||||
|
|
||||||
The default host rule for all services.
|
|
||||||
|
|
||||||
The `defaultRule` option defines what routing rule to apply to a container if no rule is defined by a label.
|
|
||||||
|
|
||||||
It must be a valid [Go template](https://pkg.go.dev/text/template/), and can use
|
|
||||||
[sprig template functions](https://masterminds.github.io/sprig/).
|
|
||||||
The service name can be accessed with the `Name` identifier,
|
|
||||||
and the template has access to all the labels defined on this container.
|
|
||||||
|
|
||||||
This option can be overridden on a container basis with the `traefik.http.routers.Router1.rule` label.
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
defaultRule: "Host(`{{ .Name }}.{{ index .Labels \"customLabel\"}}`)"
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
defaultRule = "Host(`{{ .Name }}.{{ index .Labels \"customLabel\"}}`)"
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.defaultRule=Host(`{{ .Name }}.{{ index .Labels \"customLabel\"}}`)
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
### `enableServiceHealthFilter`
|
|
||||||
|
|
||||||
_Optional, Default=true_
|
|
||||||
|
|
||||||
Filter out services with unhealthy states and inactive states.
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
enableServiceHealthFilter: false
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
enableServiceHealthFilter = false
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.enableServiceHealthFilter=false
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
### `refreshSeconds`
|
|
||||||
|
|
||||||
_Optional, Default=15_
|
|
||||||
|
|
||||||
Defines the polling interval (in seconds).
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
refreshSeconds: 30
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
refreshSeconds = 30
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.refreshSeconds=30
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
### `intervalPoll`
|
|
||||||
|
|
||||||
_Optional, Default=false_
|
|
||||||
|
|
||||||
Poll the Rancher metadata service for changes every `rancher.refreshSeconds`,
|
|
||||||
which is less accurate than the default long polling technique which provides near instantaneous updates to Traefik.
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
intervalPoll: true
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
intervalPoll = true
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.intervalPoll=true
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
### `prefix`
|
|
||||||
|
|
||||||
_Optional, Default="/latest"_
|
|
||||||
|
|
||||||
Prefix used for accessing the Rancher metadata service.
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
prefix: "/test"
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
prefix = "/test"
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.prefix=/test
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
### `constraints`
|
|
||||||
|
|
||||||
_Optional, Default=""_
|
|
||||||
|
|
||||||
The `constraints` option can be set to an expression that Traefik matches against the container labels to determine whether
|
|
||||||
to create any route for that container. If none of the container tags match the expression, no route for that container is
|
|
||||||
created. If the expression is empty, all detected containers are included.
|
|
||||||
|
|
||||||
The expression syntax is based on the `Label("key", "value")`, and `LabelRegex("key", "value")` functions, as well as
|
|
||||||
the usual boolean logic, as shown in examples below.
|
|
||||||
|
|
||||||
??? example "Constraints Expression Examples"
|
|
||||||
|
|
||||||
```toml
|
|
||||||
# Includes only containers having a label with key `a.label.name` and value `foo`
|
|
||||||
constraints = "Label(`a.label.name`, `foo`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml
|
|
||||||
# Excludes containers having any label with key `a.label.name` and value `foo`
|
|
||||||
constraints = "!Label(`a.label.name`, `value`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml
|
|
||||||
# With logical AND.
|
|
||||||
constraints = "Label(`a.label.name`, `valueA`) && Label(`another.label.name`, `valueB`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml
|
|
||||||
# With logical OR.
|
|
||||||
constraints = "Label(`a.label.name`, `valueA`) || Label(`another.label.name`, `valueB`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml
|
|
||||||
# With logical AND and OR, with precedence set by parentheses.
|
|
||||||
constraints = "Label(`a.label.name`, `valueA`) && (Label(`another.label.name`, `valueB`) || Label(`yet.another.label.name`, `valueC`))"
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml
|
|
||||||
# Includes only containers having a label with key `a.label.name` and a value matching the `a.+` regular expression.
|
|
||||||
constraints = "LabelRegex(`a.label.name`, `a.+`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
For additional information, refer to [Restrict the Scope of Service Discovery](./overview.md#restrict-the-scope-of-service-discovery).
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
constraints: "Label(`a.label.name`,`foo`)"
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[providers.rancher]
|
|
||||||
constraints = "Label(`a.label.name`,`foo`)"
|
|
||||||
# ...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--providers.rancher.constraints=Label(`a.label.name`,`foo`)
|
|
||||||
# ...
|
|
||||||
```
|
|
|
@ -1,20 +0,0 @@
|
||||||
# Enable Rancher Provider.
|
|
||||||
[providers.rancher]
|
|
||||||
|
|
||||||
# Expose Rancher services by default in Traefik.
|
|
||||||
exposedByDefault = true
|
|
||||||
|
|
||||||
# Enable watch Rancher changes.
|
|
||||||
watch = true
|
|
||||||
|
|
||||||
# Filter services with unhealthy states and inactive states.
|
|
||||||
enableServiceHealthFilter = true
|
|
||||||
|
|
||||||
# Defines the polling interval (in seconds).
|
|
||||||
refreshSeconds = 15
|
|
||||||
|
|
||||||
# Poll the Rancher metadata service for changes every `rancher.refreshSeconds`, which is less accurate
|
|
||||||
intervalPoll = false
|
|
||||||
|
|
||||||
# Prefix used for accessing the Rancher metadata service
|
|
||||||
prefix = "/latest"
|
|
|
@ -1,20 +0,0 @@
|
||||||
# Enable Rancher Provider.
|
|
||||||
--providers.rancher=true
|
|
||||||
|
|
||||||
# Expose Rancher services by default in Traefik.
|
|
||||||
--providers.rancher.exposedByDefault=true
|
|
||||||
|
|
||||||
# Enable watch Rancher changes.
|
|
||||||
--providers.rancher.watch=true
|
|
||||||
|
|
||||||
# Filter services with unhealthy states and inactive states.
|
|
||||||
--providers.rancher.enableServiceHealthFilter=true
|
|
||||||
|
|
||||||
# Defines the polling interval (in seconds).
|
|
||||||
--providers.rancher.refreshSeconds=15
|
|
||||||
|
|
||||||
# Poll the Rancher metadata service for changes every `rancher.refreshSeconds`, which is less accurate
|
|
||||||
--providers.rancher.intervalPoll=false
|
|
||||||
|
|
||||||
# Prefix used for accessing the Rancher metadata service
|
|
||||||
--providers.rancher.prefix=/latest
|
|
|
@ -1,21 +0,0 @@
|
||||||
# Enable Rancher Provider.
|
|
||||||
providers:
|
|
||||||
rancher:
|
|
||||||
|
|
||||||
# Expose Rancher services by default in Traefik.
|
|
||||||
exposedByDefault: true
|
|
||||||
|
|
||||||
# Enable watch Rancher changes.
|
|
||||||
watch: true
|
|
||||||
|
|
||||||
# Filter services with unhealthy states and inactive states.
|
|
||||||
enableServiceHealthFilter: true
|
|
||||||
|
|
||||||
# Defines the polling interval (in seconds).
|
|
||||||
refreshSeconds: 15
|
|
||||||
|
|
||||||
# Poll the Rancher metadata service for changes every `rancher.refreshSeconds`, which is less accurate
|
|
||||||
intervalPoll: false
|
|
||||||
|
|
||||||
# Prefix used for accessing the Rancher metadata service
|
|
||||||
prefix: /latest
|
|
|
@ -1,17 +0,0 @@
|
||||||
---
|
|
||||||
title: "Traefik Dynamic Configuration with Rancher"
|
|
||||||
description: "Read the official Traefik documentation to learn more on dynamic configuration in Traefik Proxy with Rancher Labels."
|
|
||||||
---
|
|
||||||
|
|
||||||
# Rancher Configuration Reference
|
|
||||||
|
|
||||||
Dynamic configuration with Rancher Labels
|
|
||||||
{: .subtitle }
|
|
||||||
|
|
||||||
The labels are case insensitive.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
labels:
|
|
||||||
--8<-- "content/reference/dynamic-configuration/rancher.yml"
|
|
||||||
--8<-- "content/reference/dynamic-configuration/docker-labels.yml"
|
|
||||||
```
|
|
|
@ -1 +0,0 @@
|
||||||
- "traefik.enable=true"
|
|
|
@ -912,33 +912,6 @@ Plugins configuration.
|
||||||
`--providers.providersthrottleduration`:
|
`--providers.providersthrottleduration`:
|
||||||
Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time. (Default: ```2```)
|
Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time. (Default: ```2```)
|
||||||
|
|
||||||
`--providers.rancher`:
|
|
||||||
Enable Rancher backend with default settings. (Default: ```false```)
|
|
||||||
|
|
||||||
`--providers.rancher.constraints`:
|
|
||||||
Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container.
|
|
||||||
|
|
||||||
`--providers.rancher.defaultrule`:
|
|
||||||
Default rule. (Default: ```Host(`{{ normalize .Name }}`)```)
|
|
||||||
|
|
||||||
`--providers.rancher.enableservicehealthfilter`:
|
|
||||||
Filter services with unhealthy states and inactive states. (Default: ```true```)
|
|
||||||
|
|
||||||
`--providers.rancher.exposedbydefault`:
|
|
||||||
Expose containers by default. (Default: ```true```)
|
|
||||||
|
|
||||||
`--providers.rancher.intervalpoll`:
|
|
||||||
Poll the Rancher metadata service every 'rancher.refreshseconds' (less accurate). (Default: ```false```)
|
|
||||||
|
|
||||||
`--providers.rancher.prefix`:
|
|
||||||
Prefix used for accessing the Rancher metadata service. (Default: ```latest```)
|
|
||||||
|
|
||||||
`--providers.rancher.refreshseconds`:
|
|
||||||
Defines the polling interval in seconds. (Default: ```15```)
|
|
||||||
|
|
||||||
`--providers.rancher.watch`:
|
|
||||||
Watch provider. (Default: ```true```)
|
|
||||||
|
|
||||||
`--providers.redis`:
|
`--providers.redis`:
|
||||||
Enable Redis backend with default settings. (Default: ```false```)
|
Enable Redis backend with default settings. (Default: ```false```)
|
||||||
|
|
||||||
|
|
|
@ -912,33 +912,6 @@ Plugins configuration.
|
||||||
`TRAEFIK_PROVIDERS_PROVIDERSTHROTTLEDURATION`:
|
`TRAEFIK_PROVIDERS_PROVIDERSTHROTTLEDURATION`:
|
||||||
Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time. (Default: ```2```)
|
Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time. (Default: ```2```)
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER`:
|
|
||||||
Enable Rancher backend with default settings. (Default: ```false```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_CONSTRAINTS`:
|
|
||||||
Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container.
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_DEFAULTRULE`:
|
|
||||||
Default rule. (Default: ```Host(`{{ normalize .Name }}`)```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_ENABLESERVICEHEALTHFILTER`:
|
|
||||||
Filter services with unhealthy states and inactive states. (Default: ```true```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_EXPOSEDBYDEFAULT`:
|
|
||||||
Expose containers by default. (Default: ```true```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_INTERVALPOLL`:
|
|
||||||
Poll the Rancher metadata service every 'rancher.refreshseconds' (less accurate). (Default: ```false```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_PREFIX`:
|
|
||||||
Prefix used for accessing the Rancher metadata service. (Default: ```latest```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_REFRESHSECONDS`:
|
|
||||||
Defines the polling interval in seconds. (Default: ```15```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_RANCHER_WATCH`:
|
|
||||||
Watch provider. (Default: ```true```)
|
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_REDIS`:
|
`TRAEFIK_PROVIDERS_REDIS`:
|
||||||
Enable Redis backend with default settings. (Default: ```false```)
|
Enable Redis backend with default settings. (Default: ```false```)
|
||||||
|
|
||||||
|
|
|
@ -154,15 +154,6 @@
|
||||||
throttleDuration = "42s"
|
throttleDuration = "42s"
|
||||||
[providers.rest]
|
[providers.rest]
|
||||||
insecure = true
|
insecure = true
|
||||||
[providers.rancher]
|
|
||||||
constraints = "foobar"
|
|
||||||
watch = true
|
|
||||||
defaultRule = "foobar"
|
|
||||||
exposedByDefault = true
|
|
||||||
enableServiceHealthFilter = true
|
|
||||||
refreshSeconds = 42
|
|
||||||
intervalPoll = true
|
|
||||||
prefix = "foobar"
|
|
||||||
[providers.consulCatalog]
|
[providers.consulCatalog]
|
||||||
constraints = "foobar"
|
constraints = "foobar"
|
||||||
prefix = "foobar"
|
prefix = "foobar"
|
||||||
|
|
|
@ -167,15 +167,6 @@ providers:
|
||||||
throttleDuration: 42s
|
throttleDuration: 42s
|
||||||
rest:
|
rest:
|
||||||
insecure: true
|
insecure: true
|
||||||
rancher:
|
|
||||||
constraints: foobar
|
|
||||||
watch: true
|
|
||||||
defaultRule: foobar
|
|
||||||
exposedByDefault: true
|
|
||||||
enableServiceHealthFilter: true
|
|
||||||
refreshSeconds: 42
|
|
||||||
intervalPoll: true
|
|
||||||
prefix: foobar
|
|
||||||
consulCatalog:
|
consulCatalog:
|
||||||
constraints: foobar
|
constraints: foobar
|
||||||
prefix: foobar
|
prefix: foobar
|
||||||
|
|
|
@ -1,545 +0,0 @@
|
||||||
---
|
|
||||||
title: "Routing & Load Balancing Providers: Rancher"
|
|
||||||
description: "Traefik Proxy creates a corresponding service and router for each Rancher Service. Read the full documentation to learn more."
|
|
||||||
---
|
|
||||||
|
|
||||||
# Traefik & Rancher
|
|
||||||
|
|
||||||
A Story of Labels, Services & Containers
|
|
||||||
{: .subtitle }
|
|
||||||
|
|
||||||
![Rancher](../../assets/img/providers/rancher.png)
|
|
||||||
|
|
||||||
Attach labels to your services and let Traefik do the rest!
|
|
||||||
|
|
||||||
!!! important "This provider is specific to Rancher 1.x."
|
|
||||||
|
|
||||||
Rancher 2.x requires Kubernetes and does not have a metadata endpoint of its own for Traefik to query.
|
|
||||||
As such, Rancher 2.x users should utilize the [Kubernetes provider](./kubernetes-crd.md) directly.
|
|
||||||
|
|
||||||
## Routing Configuration
|
|
||||||
|
|
||||||
!!! info "Labels"
|
|
||||||
|
|
||||||
- Labels are case insensitive.
|
|
||||||
- The complete list of labels can be found in [the reference page](../../reference/dynamic-configuration/rancher.md).
|
|
||||||
|
|
||||||
### General
|
|
||||||
|
|
||||||
Traefik creates, for each rancher service, a corresponding [service](../services/index.md) and [router](../routers/index.md).
|
|
||||||
|
|
||||||
The Service automatically gets a server per container in this rancher service, and the router gets a default rule attached to it, based on the service name.
|
|
||||||
|
|
||||||
#### Service definition
|
|
||||||
|
|
||||||
--8<-- "content/routing/providers/service-by-label.md"
|
|
||||||
|
|
||||||
??? example "Automatic service assignment with labels"
|
|
||||||
|
|
||||||
With labels in a compose file
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
labels:
|
|
||||||
- "traefik.http.routers.myproxy.rule=Host(`example.net`)"
|
|
||||||
# service myservice gets automatically assigned to router myproxy
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.server.port=80"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? example "Automatic service creation and assignment with labels"
|
|
||||||
|
|
||||||
With labels in a compose file
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
labels:
|
|
||||||
# no service specified or defined and yet one gets automatically created
|
|
||||||
# and assigned to router myproxy.
|
|
||||||
- "traefik.http.routers.myproxy.rule=Host(`example.net`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
### Routers
|
|
||||||
|
|
||||||
To update the configuration of the Router automatically attached to the container, add labels starting with `traefik.routers.{name-of-your-choice}.` and followed by the option you want to change.
|
|
||||||
|
|
||||||
For example, to change the rule, you could add the label ```traefik.http.routers.my-container.rule=Host(`example.com`)```.
|
|
||||||
|
|
||||||
!!! warning "The character `@` is not authorized in the router name `<router_name>`."
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.rule`"
|
|
||||||
|
|
||||||
See [rule](../routers/index.md#rule) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.rule=Host(`example.com`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.entrypoints`"
|
|
||||||
|
|
||||||
See [entry points](../routers/index.md#entrypoints) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.entrypoints=ep1,ep2"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.middlewares`"
|
|
||||||
|
|
||||||
See [middlewares](../routers/index.md#middlewares) and [middlewares overview](../../middlewares/overview.md) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.middlewares=auth,prefix,cb"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.service`"
|
|
||||||
|
|
||||||
See [rule](../routers/index.md#service) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.service=myservice"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.tls`"
|
|
||||||
|
|
||||||
See [tls](../routers/index.md#tls) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter>.tls=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.tls.certresolver`"
|
|
||||||
|
|
||||||
See [certResolver](../routers/index.md#certresolver) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.tls.certresolver=myresolver"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.tls.domains[n].main`"
|
|
||||||
|
|
||||||
See [domains](../routers/index.md#domains) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.tls.domains[0].main=example.org"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.tls.domains[n].sans`"
|
|
||||||
|
|
||||||
See [domains](../routers/index.md#domains) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.tls.domains[0].sans=test.example.org,dev.example.org"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.tls.options`"
|
|
||||||
|
|
||||||
See [options](../routers/index.md#options) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.tls.options=foobar"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.routers.<router_name>.priority`"
|
|
||||||
|
|
||||||
See [priority](../routers/index.md#priority) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.routers.myrouter.priority=42"
|
|
||||||
```
|
|
||||||
|
|
||||||
### Services
|
|
||||||
|
|
||||||
To update the configuration of the Service automatically attached to the container,
|
|
||||||
add labels starting with `traefik.http.services.{name-of-your-choice}.`, followed by the option you want to change.
|
|
||||||
|
|
||||||
For example, to change the `passHostHeader` behavior,
|
|
||||||
you'd add the label `traefik.http.services.{name-of-your-choice}.loadbalancer.passhostheader=false`.
|
|
||||||
|
|
||||||
!!! warning "The character `@` is not authorized in the service name `<service_name>`."
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.server.port`"
|
|
||||||
|
|
||||||
Registers a port.
|
|
||||||
Useful when the container exposes multiples ports.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.server.port=8080"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.server.scheme`"
|
|
||||||
|
|
||||||
Overrides the default scheme.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.server.scheme=http"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.serverstransport`"
|
|
||||||
|
|
||||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
|
||||||
See [serverstransport](../services/index.md#serverstransport) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.<service_name>.loadbalancer.serverstransport=foobar@file"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.passhostheader`"
|
|
||||||
|
|
||||||
See [pass Host header](../services/index.md#pass-host-header) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.passhostheader=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.headers.<header_name>`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.headers.X-Foo=foobar"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.hostname`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.hostname=example.org"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.interval`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.interval=10s"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.path`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.path=/foo"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.method`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.method=foobar"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.status`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.status=42"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.port`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.port=42"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.scheme`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.scheme=http"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.timeout`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.timeout=10"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.followredirects`"
|
|
||||||
|
|
||||||
See [health check](../services/index.md#health-check) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.followredirects=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.sticky.cookie`"
|
|
||||||
|
|
||||||
See [sticky sessions](../services/index.md#sticky-sessions) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.sticky.cookie=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.sticky.cookie.httponly`"
|
|
||||||
|
|
||||||
See [sticky sessions](../services/index.md#sticky-sessions) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.httponly=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.sticky.cookie.name`"
|
|
||||||
|
|
||||||
See [sticky sessions](../services/index.md#sticky-sessions) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.name=foobar"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.sticky.cookie.secure`"
|
|
||||||
|
|
||||||
See [sticky sessions](../services/index.md#sticky-sessions) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.secure=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.sticky.cookie.samesite`"
|
|
||||||
|
|
||||||
See [sticky sessions](../services/index.md#sticky-sessions) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.sticky.cookie.samesite=none"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.http.services.<service_name>.loadbalancer.responseforwarding.flushinterval`"
|
|
||||||
|
|
||||||
See [response forwarding](../services/index.md#response-forwarding) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.http.services.myservice.loadbalancer.responseforwarding.flushinterval=10"
|
|
||||||
```
|
|
||||||
|
|
||||||
### Middleware
|
|
||||||
|
|
||||||
You can declare pieces of middleware using labels starting with `traefik.http.middlewares.{name-of-your-choice}.`, followed by the middleware type/options.
|
|
||||||
|
|
||||||
For example, to declare a middleware [`redirectscheme`](../../middlewares/http/redirectscheme.md) named `my-redirect`, you'd write `traefik.http.middlewares.my-redirect.redirectscheme.scheme: https`.
|
|
||||||
|
|
||||||
More information about available middlewares in the dedicated [middlewares section](../../middlewares/overview.md).
|
|
||||||
|
|
||||||
!!! warning "The character `@` is not authorized in the middleware name."
|
|
||||||
|
|
||||||
??? example "Declaring and Referencing a Middleware"
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
# ...
|
|
||||||
labels:
|
|
||||||
# Declaring a middleware
|
|
||||||
- traefik.http.middlewares.my-redirect.redirectscheme.scheme=https
|
|
||||||
# Referencing a middleware
|
|
||||||
- traefik.http.routers.my-container.middlewares=my-redirect
|
|
||||||
```
|
|
||||||
|
|
||||||
!!! warning "Conflicts in Declaration"
|
|
||||||
|
|
||||||
If you declare multiple middleware with the same name but with different parameters, the middleware fails to be declared.
|
|
||||||
|
|
||||||
### TCP
|
|
||||||
|
|
||||||
You can declare TCP Routers and/or Services using labels.
|
|
||||||
|
|
||||||
??? example "Declaring TCP Routers and Services"
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
services:
|
|
||||||
my-container:
|
|
||||||
# ...
|
|
||||||
labels:
|
|
||||||
- "traefik.tcp.routers.my-router.rule=HostSNI(`example.com`)"
|
|
||||||
- "traefik.tcp.routers.my-router.tls=true"
|
|
||||||
- "traefik.tcp.services.my-service.loadbalancer.server.port=4123"
|
|
||||||
```
|
|
||||||
|
|
||||||
!!! warning "TCP and HTTP"
|
|
||||||
|
|
||||||
If you declare a TCP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (like it does by default if no TCP Router/Service is defined).
|
|
||||||
You can declare both a TCP Router/Service and an HTTP Router/Service for the same container (but you have to do so manually).
|
|
||||||
|
|
||||||
#### TCP Routers
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.entrypoints`"
|
|
||||||
|
|
||||||
See [entry points](../routers/index.md#entrypoints_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.entrypoints=ep1,ep2"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.rule`"
|
|
||||||
|
|
||||||
See [rule](../routers/index.md#rule_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.rule=HostSNI(`example.com`)"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.service`"
|
|
||||||
|
|
||||||
See [service](../routers/index.md#services) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.service=myservice"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.tls`"
|
|
||||||
|
|
||||||
See [TLS](../routers/index.md#tls_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.tls=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.tls.certresolver`"
|
|
||||||
|
|
||||||
See [certResolver](../routers/index.md#certresolver_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.tls.certresolver=myresolver"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.tls.domains[n].main`"
|
|
||||||
|
|
||||||
See [domains](../routers/index.md#domains_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.tls.domains[0].main=example.org"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.tls.domains[n].sans`"
|
|
||||||
|
|
||||||
See [domains](../routers/index.md#domains_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.tls.domains[0].sans=test.example.org,dev.example.org"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.tls.options`"
|
|
||||||
|
|
||||||
See [options](../routers/index.md#options_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.tls.options=mysoptions"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.tls.passthrough`"
|
|
||||||
|
|
||||||
See [TLS](../routers/index.md#tls_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.mytcprouter.tls.passthrough=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.routers.<router_name>.priority`"
|
|
||||||
|
|
||||||
See [priority](../routers/index.md#priority_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.routers.myrouter.priority=42"
|
|
||||||
```
|
|
||||||
|
|
||||||
#### TCP Services
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.port`"
|
|
||||||
|
|
||||||
Registers a port of the application.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.services.mytcpservice.loadbalancer.server.port=423"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
|
||||||
|
|
||||||
Determines whether to use TLS when dialing with the backend.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.services.mytcpservice.loadbalancer.server.tls=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
|
||||||
|
|
||||||
See [PROXY protocol](../services/index.md#proxy-protocol) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
|
||||||
|
|
||||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
|
||||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.tcp.services.<service_name>.loadbalancer.serverstransport=foobar@file"
|
|
||||||
```
|
|
||||||
|
|
||||||
### UDP
|
|
||||||
|
|
||||||
You can declare UDP Routers and/or Services using labels.
|
|
||||||
|
|
||||||
??? example "Declaring UDP Routers and Services"
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
services:
|
|
||||||
my-container:
|
|
||||||
# ...
|
|
||||||
labels:
|
|
||||||
- "traefik.udp.routers.my-router.entrypoints=udp"
|
|
||||||
- "traefik.udp.services.my-service.loadbalancer.server.port=4123"
|
|
||||||
```
|
|
||||||
|
|
||||||
!!! warning "UDP and HTTP"
|
|
||||||
|
|
||||||
If you declare a UDP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (like it does by default if no UDP Router/Service is defined).
|
|
||||||
You can declare both a UDP Router/Service and an HTTP Router/Service for the same container (but you have to do so manually).
|
|
||||||
|
|
||||||
#### UDP Routers
|
|
||||||
|
|
||||||
??? info "`traefik.udp.routers.<router_name>.entrypoints`"
|
|
||||||
|
|
||||||
See [entry points](../routers/index.md#entrypoints_2) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.udp.routers.myudprouter.entrypoints=ep1,ep2"
|
|
||||||
```
|
|
||||||
|
|
||||||
??? info "`traefik.udp.routers.<router_name>.service`"
|
|
||||||
|
|
||||||
See [service](../routers/index.md#services_1) for more information.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.udp.routers.myudprouter.service=myservice"
|
|
||||||
```
|
|
||||||
|
|
||||||
#### UDP Services
|
|
||||||
|
|
||||||
??? info "`traefik.udp.services.<service_name>.loadbalancer.server.port`"
|
|
||||||
|
|
||||||
Registers a port of the application.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.udp.services.myudpservice.loadbalancer.server.port=423"
|
|
||||||
```
|
|
||||||
|
|
||||||
### Specific Provider Options
|
|
||||||
|
|
||||||
#### `traefik.enable`
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- "traefik.enable=true"
|
|
||||||
```
|
|
||||||
|
|
||||||
You can tell Traefik to consider (or not) the container by setting `traefik.enable` to true or false.
|
|
||||||
|
|
||||||
This option overrides the value of `exposedByDefault`.
|
|
||||||
|
|
||||||
#### Port Lookup
|
|
||||||
|
|
||||||
Traefik is capable of detecting the port to use, by following the default rancher flow.
|
|
||||||
That means, if you just expose lets say port `:1337` on the rancher ui, traefik will pick up this port and use it.
|
|
|
@ -557,7 +557,7 @@ which is basically where the request will be passed along to.
|
||||||
|
|
||||||
In general, a service assigned to a router should have been defined,
|
In general, a service assigned to a router should have been defined,
|
||||||
but there are exceptions for label-based providers.
|
but there are exceptions for label-based providers.
|
||||||
See the specific [docker](../providers/docker.md#service-definition), [rancher](../providers/rancher.md#service-definition),
|
See the specific [docker](../providers/docker.md#service-definition),
|
||||||
or [marathon](../providers/marathon.md#service-definition) documentation.
|
or [marathon](../providers/marathon.md#service-definition) documentation.
|
||||||
|
|
||||||
!!! warning "The character `@` is not authorized in the service name."
|
!!! warning "The character `@` is not authorized in the service name."
|
||||||
|
|
|
@ -82,7 +82,6 @@ nav:
|
||||||
- 'Nomad': 'providers/nomad.md'
|
- 'Nomad': 'providers/nomad.md'
|
||||||
- 'ECS': 'providers/ecs.md'
|
- 'ECS': 'providers/ecs.md'
|
||||||
- 'Marathon': 'providers/marathon.md'
|
- 'Marathon': 'providers/marathon.md'
|
||||||
- 'Rancher': 'providers/rancher.md'
|
|
||||||
- 'File': 'providers/file.md'
|
- 'File': 'providers/file.md'
|
||||||
- 'Consul': 'providers/consul.md'
|
- 'Consul': 'providers/consul.md'
|
||||||
- 'Etcd': 'providers/etcd.md'
|
- 'Etcd': 'providers/etcd.md'
|
||||||
|
@ -103,7 +102,6 @@ nav:
|
||||||
- 'Nomad': 'routing/providers/nomad.md'
|
- 'Nomad': 'routing/providers/nomad.md'
|
||||||
- 'ECS': 'routing/providers/ecs.md'
|
- 'ECS': 'routing/providers/ecs.md'
|
||||||
- 'Marathon': 'routing/providers/marathon.md'
|
- 'Marathon': 'routing/providers/marathon.md'
|
||||||
- 'Rancher': 'routing/providers/rancher.md'
|
|
||||||
- 'KV': 'routing/providers/kv.md'
|
- 'KV': 'routing/providers/kv.md'
|
||||||
- 'HTTPS & TLS':
|
- 'HTTPS & TLS':
|
||||||
- 'Overview': 'https/overview.md'
|
- 'Overview': 'https/overview.md'
|
||||||
|
@ -209,7 +207,6 @@ nav:
|
||||||
- 'ECS': 'reference/dynamic-configuration/ecs.md'
|
- 'ECS': 'reference/dynamic-configuration/ecs.md'
|
||||||
- 'KV': 'reference/dynamic-configuration/kv.md'
|
- 'KV': 'reference/dynamic-configuration/kv.md'
|
||||||
- 'Marathon': 'reference/dynamic-configuration/marathon.md'
|
- 'Marathon': 'reference/dynamic-configuration/marathon.md'
|
||||||
- 'Rancher': 'reference/dynamic-configuration/rancher.md'
|
|
||||||
- 'Deprecation Notices':
|
- 'Deprecation Notices':
|
||||||
- 'Releases': 'deprecation/releases.md'
|
- 'Releases': 'deprecation/releases.md'
|
||||||
- 'Features': 'deprecation/features.md'
|
- 'Features': 'deprecation/features.md'
|
||||||
|
|
1
go.mod
1
go.mod
|
@ -59,7 +59,6 @@ require (
|
||||||
github.com/pmezard/go-difflib v1.0.0
|
github.com/pmezard/go-difflib v1.0.0
|
||||||
github.com/prometheus/client_golang v1.12.2-0.20220704083116-e8f91604d835
|
github.com/prometheus/client_golang v1.12.2-0.20220704083116-e8f91604d835
|
||||||
github.com/prometheus/client_model v0.2.0
|
github.com/prometheus/client_model v0.2.0
|
||||||
github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac
|
|
||||||
github.com/rs/zerolog v1.28.0
|
github.com/rs/zerolog v1.28.0
|
||||||
github.com/sirupsen/logrus v1.9.0
|
github.com/sirupsen/logrus v1.9.0
|
||||||
github.com/spiffe/go-spiffe/v2 v2.1.1
|
github.com/spiffe/go-spiffe/v2 v2.1.1
|
||||||
|
|
2
go.sum
2
go.sum
|
@ -1663,8 +1663,6 @@ github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1
|
||||||
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
|
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
|
||||||
github.com/qri-io/jsonpointer v0.1.0/go.mod h1:DnJPaYgiKu56EuDp8TU5wFLdZIcAnb/uH9v37ZaMV64=
|
github.com/qri-io/jsonpointer v0.1.0/go.mod h1:DnJPaYgiKu56EuDp8TU5wFLdZIcAnb/uH9v37ZaMV64=
|
||||||
github.com/qri-io/jsonschema v0.1.1/go.mod h1:QpzJ6gBQ0GYgGmh7mDQ1YsvvhSgE4rYj0k8t5MBOmUY=
|
github.com/qri-io/jsonschema v0.1.1/go.mod h1:QpzJ6gBQ0GYgGmh7mDQ1YsvvhSgE4rYj0k8t5MBOmUY=
|
||||||
github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac h1:wBGhHdXKICZmvAPWS8gQoMyOWDH7QAi9bU4Z1nDWnFU=
|
|
||||||
github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac/go.mod h1:67sLWL17mVlO1HFROaTBmU71NB4R8UNCesFHhg0f6LQ=
|
|
||||||
github.com/rboyer/safeio v0.2.1/go.mod h1:Cq/cEPK+YXFn622lsQ0K4KsPZSPtaptHHEldsy7Fmig=
|
github.com/rboyer/safeio v0.2.1/go.mod h1:Cq/cEPK+YXFn622lsQ0K4KsPZSPtaptHHEldsy7Fmig=
|
||||||
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a h1:9ZKAASQSHhDYGoxY8uLVpewe1GDZ2vu2Tr/vTdVAkFQ=
|
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a h1:9ZKAASQSHhDYGoxY8uLVpewe1GDZ2vu2Tr/vTdVAkFQ=
|
||||||
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
|
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
|
||||||
|
|
|
@ -19,7 +19,6 @@ import (
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd"
|
"github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/kubernetes/ingress"
|
"github.com/traefik/traefik/v2/pkg/provider/kubernetes/ingress"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/marathon"
|
"github.com/traefik/traefik/v2/pkg/provider/marathon"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/rancher"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/rest"
|
"github.com/traefik/traefik/v2/pkg/provider/rest"
|
||||||
"github.com/traefik/traefik/v2/pkg/tracing/jaeger"
|
"github.com/traefik/traefik/v2/pkg/tracing/jaeger"
|
||||||
"github.com/traefik/traefik/v2/pkg/types"
|
"github.com/traefik/traefik/v2/pkg/types"
|
||||||
|
@ -242,7 +241,6 @@ func TestHandler_Overview(t *testing.T) {
|
||||||
KubernetesIngress: &ingress.Provider{},
|
KubernetesIngress: &ingress.Provider{},
|
||||||
KubernetesCRD: &crd.Provider{},
|
KubernetesCRD: &crd.Provider{},
|
||||||
Rest: &rest.Provider{},
|
Rest: &rest.Provider{},
|
||||||
Rancher: &rancher.Provider{},
|
|
||||||
Plugin: map[string]static.PluginConf{
|
Plugin: map[string]static.PluginConf{
|
||||||
"test": map[string]interface{}{},
|
"test": map[string]interface{}{},
|
||||||
},
|
},
|
||||||
|
|
1
pkg/api/testdata/overview-providers.json
vendored
1
pkg/api/testdata/overview-providers.json
vendored
|
@ -29,7 +29,6 @@
|
||||||
"KubernetesIngress",
|
"KubernetesIngress",
|
||||||
"KubernetesCRD",
|
"KubernetesCRD",
|
||||||
"Rest",
|
"Rest",
|
||||||
"Rancher",
|
|
||||||
"plugin-test"
|
"plugin-test"
|
||||||
],
|
],
|
||||||
"tcp": {
|
"tcp": {
|
||||||
|
|
|
@ -96,15 +96,6 @@
|
||||||
ingressClass = "foobar"
|
ingressClass = "foobar"
|
||||||
[providers.rest]
|
[providers.rest]
|
||||||
entryPoint = "foobar"
|
entryPoint = "foobar"
|
||||||
[providers.rancher]
|
|
||||||
constraints = "foobar"
|
|
||||||
watch = true
|
|
||||||
defaultRule = "foobar"
|
|
||||||
exposedByDefault = true
|
|
||||||
enableServiceHealthFilter = true
|
|
||||||
refreshSeconds = 42
|
|
||||||
intervalPoll = true
|
|
||||||
prefix = "foobar"
|
|
||||||
|
|
||||||
[api]
|
[api]
|
||||||
entryPoint = "foobar"
|
entryPoint = "foobar"
|
||||||
|
|
|
@ -27,7 +27,6 @@ import (
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/kv/zk"
|
"github.com/traefik/traefik/v2/pkg/provider/kv/zk"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/marathon"
|
"github.com/traefik/traefik/v2/pkg/provider/marathon"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/nomad"
|
"github.com/traefik/traefik/v2/pkg/provider/nomad"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/rancher"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/rest"
|
"github.com/traefik/traefik/v2/pkg/provider/rest"
|
||||||
"github.com/traefik/traefik/v2/pkg/tls"
|
"github.com/traefik/traefik/v2/pkg/tls"
|
||||||
"github.com/traefik/traefik/v2/pkg/tracing/datadog"
|
"github.com/traefik/traefik/v2/pkg/tracing/datadog"
|
||||||
|
@ -219,7 +218,6 @@ type Providers struct {
|
||||||
KubernetesCRD *crd.Provider `description:"Enable Kubernetes backend with default settings." json:"kubernetesCRD,omitempty" toml:"kubernetesCRD,omitempty" yaml:"kubernetesCRD,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
KubernetesCRD *crd.Provider `description:"Enable Kubernetes backend with default settings." json:"kubernetesCRD,omitempty" toml:"kubernetesCRD,omitempty" yaml:"kubernetesCRD,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
||||||
KubernetesGateway *gateway.Provider `description:"Enable Kubernetes gateway api provider with default settings." json:"kubernetesGateway,omitempty" toml:"kubernetesGateway,omitempty" yaml:"kubernetesGateway,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
KubernetesGateway *gateway.Provider `description:"Enable Kubernetes gateway api provider with default settings." json:"kubernetesGateway,omitempty" toml:"kubernetesGateway,omitempty" yaml:"kubernetesGateway,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
||||||
Rest *rest.Provider `description:"Enable Rest backend with default settings." json:"rest,omitempty" toml:"rest,omitempty" yaml:"rest,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
Rest *rest.Provider `description:"Enable Rest backend with default settings." json:"rest,omitempty" toml:"rest,omitempty" yaml:"rest,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
||||||
Rancher *rancher.Provider `description:"Enable Rancher backend with default settings." json:"rancher,omitempty" toml:"rancher,omitempty" yaml:"rancher,omitempty" export:"true" label:"allowEmpty" file:"allowEmpty"`
|
|
||||||
ConsulCatalog *consulcatalog.ProviderBuilder `description:"Enable ConsulCatalog backend with default settings." json:"consulCatalog,omitempty" toml:"consulCatalog,omitempty" yaml:"consulCatalog,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
ConsulCatalog *consulcatalog.ProviderBuilder `description:"Enable ConsulCatalog backend with default settings." json:"consulCatalog,omitempty" toml:"consulCatalog,omitempty" yaml:"consulCatalog,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||||
Nomad *nomad.ProviderBuilder `description:"Enable Nomad backend with default settings." json:"nomad,omitempty" toml:"nomad,omitempty" yaml:"nomad,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
Nomad *nomad.ProviderBuilder `description:"Enable Nomad backend with default settings." json:"nomad,omitempty" toml:"nomad,omitempty" yaml:"nomad,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||||
Ecs *ecs.Provider `description:"Enable AWS ECS backend with default settings." json:"ecs,omitempty" toml:"ecs,omitempty" yaml:"ecs,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
Ecs *ecs.Provider `description:"Enable AWS ECS backend with default settings." json:"ecs,omitempty" toml:"ecs,omitempty" yaml:"ecs,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||||
|
@ -278,12 +276,6 @@ func (c *Configuration) SetEffectiveConfiguration() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.Providers.Rancher != nil {
|
|
||||||
if c.Providers.Rancher.RefreshSeconds <= 0 {
|
|
||||||
c.Providers.Rancher.RefreshSeconds = 15
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Disable Gateway API provider if not enabled in experimental.
|
// Disable Gateway API provider if not enabled in experimental.
|
||||||
if c.Experimental == nil || !c.Experimental.KubernetesGateway {
|
if c.Experimental == nil || !c.Experimental.KubernetesGateway {
|
||||||
c.Providers.KubernetesGateway = nil
|
c.Providers.KubernetesGateway = nil
|
||||||
|
|
|
@ -100,10 +100,6 @@ func NewProviderAggregator(conf static.Providers) ProviderAggregator {
|
||||||
p.quietAddProvider(conf.KubernetesGateway)
|
p.quietAddProvider(conf.KubernetesGateway)
|
||||||
}
|
}
|
||||||
|
|
||||||
if conf.Rancher != nil {
|
|
||||||
p.quietAddProvider(conf.Rancher)
|
|
||||||
}
|
|
||||||
|
|
||||||
if conf.Ecs != nil {
|
if conf.Ecs != nil {
|
||||||
p.quietAddProvider(conf.Ecs)
|
p.quietAddProvider(conf.Ecs)
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,299 +0,0 @@
|
||||||
package rancher
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"errors"
|
|
||||||
"fmt"
|
|
||||||
"net"
|
|
||||||
"strings"
|
|
||||||
|
|
||||||
"github.com/rs/zerolog/log"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/config/dynamic"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/config/label"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/provider"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/constraints"
|
|
||||||
)
|
|
||||||
|
|
||||||
func (p *Provider) buildConfiguration(ctx context.Context, services []rancherData) *dynamic.Configuration {
|
|
||||||
configurations := make(map[string]*dynamic.Configuration)
|
|
||||||
|
|
||||||
for _, service := range services {
|
|
||||||
logger := log.Ctx(ctx).With().Str("service", service.Name).Logger()
|
|
||||||
ctxService := logger.WithContext(ctx)
|
|
||||||
|
|
||||||
if !p.keepService(ctx, service) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
confFromLabel, err := label.DecodeConfiguration(service.Labels)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Send()
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
var tcpOrUDP bool
|
|
||||||
if len(confFromLabel.TCP.Routers) > 0 || len(confFromLabel.TCP.Services) > 0 {
|
|
||||||
tcpOrUDP = true
|
|
||||||
|
|
||||||
err := p.buildTCPServiceConfiguration(ctxService, service, confFromLabel.TCP)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Send()
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
provider.BuildTCPRouterConfiguration(ctxService, confFromLabel.TCP)
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(confFromLabel.UDP.Routers) > 0 || len(confFromLabel.UDP.Services) > 0 {
|
|
||||||
tcpOrUDP = true
|
|
||||||
|
|
||||||
err := p.buildUDPServiceConfiguration(ctxService, service, confFromLabel.UDP)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Send()
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
provider.BuildUDPRouterConfiguration(ctxService, confFromLabel.UDP)
|
|
||||||
}
|
|
||||||
|
|
||||||
if tcpOrUDP && len(confFromLabel.HTTP.Routers) == 0 &&
|
|
||||||
len(confFromLabel.HTTP.Middlewares) == 0 &&
|
|
||||||
len(confFromLabel.HTTP.Services) == 0 {
|
|
||||||
configurations[service.Name] = confFromLabel
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
err = p.buildServiceConfiguration(ctx, service, confFromLabel.HTTP)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Send()
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
model := struct {
|
|
||||||
Name string
|
|
||||||
Labels map[string]string
|
|
||||||
}{
|
|
||||||
Name: service.Name,
|
|
||||||
Labels: service.Labels,
|
|
||||||
}
|
|
||||||
|
|
||||||
provider.BuildRouterConfiguration(ctx, confFromLabel.HTTP, service.Name, p.defaultRuleTpl, model)
|
|
||||||
|
|
||||||
configurations[service.Name] = confFromLabel
|
|
||||||
}
|
|
||||||
|
|
||||||
return provider.Merge(ctx, configurations)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) buildTCPServiceConfiguration(ctx context.Context, service rancherData, configuration *dynamic.TCPConfiguration) error {
|
|
||||||
serviceName := service.Name
|
|
||||||
|
|
||||||
if len(configuration.Services) == 0 {
|
|
||||||
configuration.Services = map[string]*dynamic.TCPService{
|
|
||||||
serviceName: {
|
|
||||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, confService := range configuration.Services {
|
|
||||||
err := p.addServerTCP(ctx, service, confService.LoadBalancer)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) buildUDPServiceConfiguration(ctx context.Context, service rancherData, configuration *dynamic.UDPConfiguration) error {
|
|
||||||
serviceName := service.Name
|
|
||||||
|
|
||||||
if len(configuration.Services) == 0 {
|
|
||||||
configuration.Services = make(map[string]*dynamic.UDPService)
|
|
||||||
lb := &dynamic.UDPServersLoadBalancer{}
|
|
||||||
|
|
||||||
configuration.Services[serviceName] = &dynamic.UDPService{
|
|
||||||
LoadBalancer: lb,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, confService := range configuration.Services {
|
|
||||||
err := p.addServerUDP(ctx, service, confService.LoadBalancer)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) buildServiceConfiguration(ctx context.Context, service rancherData, configuration *dynamic.HTTPConfiguration) error {
|
|
||||||
serviceName := service.Name
|
|
||||||
|
|
||||||
if len(configuration.Services) == 0 {
|
|
||||||
configuration.Services = make(map[string]*dynamic.Service)
|
|
||||||
lb := &dynamic.ServersLoadBalancer{}
|
|
||||||
lb.SetDefaults()
|
|
||||||
configuration.Services[serviceName] = &dynamic.Service{
|
|
||||||
LoadBalancer: lb,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, confService := range configuration.Services {
|
|
||||||
err := p.addServers(ctx, service, confService.LoadBalancer)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) keepService(ctx context.Context, service rancherData) bool {
|
|
||||||
logger := log.Ctx(ctx)
|
|
||||||
|
|
||||||
if !service.ExtraConf.Enable {
|
|
||||||
logger.Debug().Msg("Filtering disabled service")
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
matches, err := constraints.MatchLabels(service.Labels, p.Constraints)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Msg("Error matching constraint expression")
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
if !matches {
|
|
||||||
logger.Debug().Msgf("Service pruned by constraint expression: %q", p.Constraints)
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
if p.EnableServiceHealthFilter {
|
|
||||||
if service.Health != "" && service.Health != healthy && service.Health != updatingHealthy {
|
|
||||||
logger.Debug().Msgf("Filtering service %s with healthState of %s", service.Name, service.Health)
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
if service.State != "" && service.State != active && service.State != updatingActive && service.State != upgraded && service.State != upgrading {
|
|
||||||
logger.Debug().Msgf("Filtering service %s with state of %s", service.Name, service.State)
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) addServerTCP(ctx context.Context, service rancherData, loadBalancer *dynamic.TCPServersLoadBalancer) error {
|
|
||||||
log.Ctx(ctx).Debug().Msgf("Trying to add servers for service %s", service.Name)
|
|
||||||
|
|
||||||
if loadBalancer == nil {
|
|
||||||
return errors.New("load-balancer is not defined")
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(loadBalancer.Servers) == 0 {
|
|
||||||
loadBalancer.Servers = []dynamic.TCPServer{{}}
|
|
||||||
}
|
|
||||||
|
|
||||||
port := loadBalancer.Servers[0].Port
|
|
||||||
loadBalancer.Servers[0].Port = ""
|
|
||||||
|
|
||||||
if port == "" {
|
|
||||||
port = getServicePort(service)
|
|
||||||
}
|
|
||||||
|
|
||||||
if port == "" {
|
|
||||||
return errors.New("port is missing")
|
|
||||||
}
|
|
||||||
|
|
||||||
var servers []dynamic.TCPServer
|
|
||||||
for _, containerIP := range service.Containers {
|
|
||||||
servers = append(servers, dynamic.TCPServer{
|
|
||||||
Address: net.JoinHostPort(containerIP, port),
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
loadBalancer.Servers = servers
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) addServerUDP(ctx context.Context, service rancherData, loadBalancer *dynamic.UDPServersLoadBalancer) error {
|
|
||||||
log.Ctx(ctx).Debug().Msgf("Trying to add servers for service %s", service.Name)
|
|
||||||
|
|
||||||
if loadBalancer == nil {
|
|
||||||
return errors.New("load-balancer is not defined")
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(loadBalancer.Servers) == 0 {
|
|
||||||
loadBalancer.Servers = []dynamic.UDPServer{{}}
|
|
||||||
}
|
|
||||||
|
|
||||||
port := loadBalancer.Servers[0].Port
|
|
||||||
loadBalancer.Servers[0].Port = ""
|
|
||||||
|
|
||||||
if port == "" {
|
|
||||||
port = getServicePort(service)
|
|
||||||
}
|
|
||||||
|
|
||||||
if port == "" {
|
|
||||||
return errors.New("port is missing")
|
|
||||||
}
|
|
||||||
|
|
||||||
var servers []dynamic.UDPServer
|
|
||||||
for _, containerIP := range service.Containers {
|
|
||||||
servers = append(servers, dynamic.UDPServer{
|
|
||||||
Address: net.JoinHostPort(containerIP, port),
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
loadBalancer.Servers = servers
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) addServers(ctx context.Context, service rancherData, loadBalancer *dynamic.ServersLoadBalancer) error {
|
|
||||||
log.Ctx(ctx).Debug().Msgf("Trying to add servers for service %s", service.Name)
|
|
||||||
|
|
||||||
if loadBalancer == nil {
|
|
||||||
return errors.New("load-balancer is not defined")
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(loadBalancer.Servers) == 0 {
|
|
||||||
server := dynamic.Server{}
|
|
||||||
server.SetDefaults()
|
|
||||||
|
|
||||||
loadBalancer.Servers = []dynamic.Server{server}
|
|
||||||
}
|
|
||||||
|
|
||||||
port := loadBalancer.Servers[0].Port
|
|
||||||
loadBalancer.Servers[0].Port = ""
|
|
||||||
|
|
||||||
if port == "" {
|
|
||||||
port = getServicePort(service)
|
|
||||||
}
|
|
||||||
|
|
||||||
if port == "" {
|
|
||||||
return errors.New("port is missing")
|
|
||||||
}
|
|
||||||
|
|
||||||
var servers []dynamic.Server
|
|
||||||
for _, containerIP := range service.Containers {
|
|
||||||
servers = append(servers, dynamic.Server{
|
|
||||||
URL: fmt.Sprintf("%s://%s", loadBalancer.Servers[0].Scheme, net.JoinHostPort(containerIP, port)),
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
loadBalancer.Servers = servers
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func getServicePort(data rancherData) string {
|
|
||||||
rawPort := strings.Split(data.Port, "/")[0]
|
|
||||||
hostPort := strings.Split(rawPort, ":")
|
|
||||||
|
|
||||||
if len(hostPort) >= 2 {
|
|
||||||
return hostPort[1]
|
|
||||||
}
|
|
||||||
if len(hostPort) > 0 && hostPort[0] != "" {
|
|
||||||
return hostPort[0]
|
|
||||||
}
|
|
||||||
return rawPort
|
|
||||||
}
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,22 +0,0 @@
|
||||||
package rancher
|
|
||||||
|
|
||||||
import (
|
|
||||||
"github.com/traefik/traefik/v2/pkg/config/label"
|
|
||||||
)
|
|
||||||
|
|
||||||
type configuration struct {
|
|
||||||
Enable bool
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) getConfiguration(service rancherData) (configuration, error) {
|
|
||||||
conf := configuration{
|
|
||||||
Enable: p.ExposedByDefault,
|
|
||||||
}
|
|
||||||
|
|
||||||
err := label.Decode(service.Labels, &conf, "traefik.rancher.", "traefik.enable")
|
|
||||||
if err != nil {
|
|
||||||
return configuration{}, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return conf, nil
|
|
||||||
}
|
|
|
@ -1,232 +0,0 @@
|
||||||
package rancher
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"fmt"
|
|
||||||
"text/template"
|
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/cenkalti/backoff/v4"
|
|
||||||
rancher "github.com/rancher/go-rancher-metadata/metadata"
|
|
||||||
"github.com/rs/zerolog/log"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/config/dynamic"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/job"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/logs"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/provider"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/safe"
|
|
||||||
)
|
|
||||||
|
|
||||||
const (
|
|
||||||
// DefaultTemplateRule The default template for the default rule.
|
|
||||||
DefaultTemplateRule = "Host(`{{ normalize .Name }}`)"
|
|
||||||
)
|
|
||||||
|
|
||||||
// Health.
|
|
||||||
const (
|
|
||||||
healthy = "healthy"
|
|
||||||
updatingHealthy = "updating-healthy"
|
|
||||||
)
|
|
||||||
|
|
||||||
// States.
|
|
||||||
const (
|
|
||||||
active = "active"
|
|
||||||
running = "running"
|
|
||||||
upgraded = "upgraded"
|
|
||||||
upgrading = "upgrading"
|
|
||||||
updatingActive = "updating-active"
|
|
||||||
updatingRunning = "updating-running"
|
|
||||||
)
|
|
||||||
|
|
||||||
var _ provider.Provider = (*Provider)(nil)
|
|
||||||
|
|
||||||
// Provider holds configurations of the provider.
|
|
||||||
type Provider struct {
|
|
||||||
Constraints string `description:"Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container." json:"constraints,omitempty" toml:"constraints,omitempty" yaml:"constraints,omitempty" export:"true"`
|
|
||||||
Watch bool `description:"Watch provider." json:"watch,omitempty" toml:"watch,omitempty" yaml:"watch,omitempty" export:"true"`
|
|
||||||
DefaultRule string `description:"Default rule." json:"defaultRule,omitempty" toml:"defaultRule,omitempty" yaml:"defaultRule,omitempty"`
|
|
||||||
ExposedByDefault bool `description:"Expose containers by default." json:"exposedByDefault,omitempty" toml:"exposedByDefault,omitempty" yaml:"exposedByDefault,omitempty" export:"true"`
|
|
||||||
EnableServiceHealthFilter bool `description:"Filter services with unhealthy states and inactive states." json:"enableServiceHealthFilter,omitempty" toml:"enableServiceHealthFilter,omitempty" yaml:"enableServiceHealthFilter,omitempty" export:"true"`
|
|
||||||
RefreshSeconds int `description:"Defines the polling interval in seconds." json:"refreshSeconds,omitempty" toml:"refreshSeconds,omitempty" yaml:"refreshSeconds,omitempty" export:"true"`
|
|
||||||
IntervalPoll bool `description:"Poll the Rancher metadata service every 'rancher.refreshseconds' (less accurate)." json:"intervalPoll,omitempty" toml:"intervalPoll,omitempty" yaml:"intervalPoll,omitempty" export:"true"`
|
|
||||||
Prefix string `description:"Prefix used for accessing the Rancher metadata service." json:"prefix,omitempty" toml:"prefix,omitempty" yaml:"prefix,omitempty"`
|
|
||||||
defaultRuleTpl *template.Template
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetDefaults sets the default values.
|
|
||||||
func (p *Provider) SetDefaults() {
|
|
||||||
p.Watch = true
|
|
||||||
p.ExposedByDefault = true
|
|
||||||
p.EnableServiceHealthFilter = true
|
|
||||||
p.RefreshSeconds = 15
|
|
||||||
p.DefaultRule = DefaultTemplateRule
|
|
||||||
p.Prefix = "latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
type rancherData struct {
|
|
||||||
Name string
|
|
||||||
Labels map[string]string
|
|
||||||
Containers []string
|
|
||||||
Health string
|
|
||||||
State string
|
|
||||||
Port string
|
|
||||||
ExtraConf configuration
|
|
||||||
}
|
|
||||||
|
|
||||||
// Init the provider.
|
|
||||||
func (p *Provider) Init() error {
|
|
||||||
defaultRuleTpl, err := provider.MakeDefaultRuleTemplate(p.DefaultRule, nil)
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("error while parsing default rule: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
p.defaultRuleTpl = defaultRuleTpl
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) createClient(ctx context.Context) (rancher.Client, error) {
|
|
||||||
metadataServiceURL := fmt.Sprintf("http://rancher-metadata.rancher.internal/%s", p.Prefix)
|
|
||||||
client, err := rancher.NewClientAndWait(metadataServiceURL)
|
|
||||||
if err != nil {
|
|
||||||
log.Ctx(ctx).Error().Err(err).Msg("Failed to create Rancher metadata service client")
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return client, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// Provide allows the rancher provider to provide configurations to traefik using the given configuration channel.
|
|
||||||
func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe.Pool) error {
|
|
||||||
pool.GoCtx(func(routineCtx context.Context) {
|
|
||||||
logger := log.Ctx(routineCtx).With().Str(logs.ProviderName, "rancher").Logger()
|
|
||||||
ctxLog := logger.WithContext(routineCtx)
|
|
||||||
|
|
||||||
operation := func() error {
|
|
||||||
client, err := p.createClient(ctxLog)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Msg("Failed to create the metadata client metadata service")
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
updateConfiguration := func(_ string) {
|
|
||||||
stacks, err := client.GetStacks()
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Msg("Failed to query Rancher metadata service")
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
rancherData := p.parseMetadataSourcedRancherData(ctxLog, stacks)
|
|
||||||
|
|
||||||
logger.Printf("Received Rancher data %+v", rancherData)
|
|
||||||
|
|
||||||
configuration := p.buildConfiguration(ctxLog, rancherData)
|
|
||||||
configurationChan <- dynamic.Message{
|
|
||||||
ProviderName: "rancher",
|
|
||||||
Configuration: configuration,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
updateConfiguration("init")
|
|
||||||
|
|
||||||
if p.Watch {
|
|
||||||
if p.IntervalPoll {
|
|
||||||
p.intervalPoll(ctxLog, client, updateConfiguration)
|
|
||||||
} else {
|
|
||||||
// Long polling should be favored for the most accurate configuration updates.
|
|
||||||
// Holds the connection until there is either a change in the metadata repository or `p.RefreshSeconds` has elapsed.
|
|
||||||
client.OnChangeCtx(ctxLog, p.RefreshSeconds, updateConfiguration)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
notify := func(err error, time time.Duration) {
|
|
||||||
logger.Error().Err(err).Msgf("Provider error, retrying in %s", time)
|
|
||||||
}
|
|
||||||
err := backoff.RetryNotify(safe.OperationWithRecover(operation), backoff.WithContext(job.NewBackOff(backoff.NewExponentialBackOff()), ctxLog), notify)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Msg("Cannot retrieve data")
|
|
||||||
}
|
|
||||||
})
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) intervalPoll(ctx context.Context, client rancher.Client, updateConfiguration func(string)) {
|
|
||||||
ticker := time.NewTicker(time.Duration(p.RefreshSeconds) * time.Second)
|
|
||||||
defer ticker.Stop()
|
|
||||||
|
|
||||||
var version string
|
|
||||||
for {
|
|
||||||
select {
|
|
||||||
case <-ticker.C:
|
|
||||||
newVersion, err := client.GetVersion()
|
|
||||||
if err != nil {
|
|
||||||
log.Ctx(ctx).Error().Err(err).Msg("Failed to create Rancher metadata service client")
|
|
||||||
} else if version != newVersion {
|
|
||||||
version = newVersion
|
|
||||||
updateConfiguration(version)
|
|
||||||
}
|
|
||||||
case <-ctx.Done():
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (p *Provider) parseMetadataSourcedRancherData(ctx context.Context, stacks []rancher.Stack) (rancherDataList []rancherData) {
|
|
||||||
for _, stack := range stacks {
|
|
||||||
for _, service := range stack.Services {
|
|
||||||
logger := log.Ctx(ctx).With().Str("stack", stack.Name).Str("service", service.Name).Logger()
|
|
||||||
ctxSvc := logger.WithContext(ctx)
|
|
||||||
|
|
||||||
servicePort := ""
|
|
||||||
if len(service.Ports) > 0 {
|
|
||||||
servicePort = service.Ports[0]
|
|
||||||
}
|
|
||||||
for _, port := range service.Ports {
|
|
||||||
logger.Debug().Msgf("Set Port %s", port)
|
|
||||||
}
|
|
||||||
|
|
||||||
var containerIPAddresses []string
|
|
||||||
for _, container := range service.Containers {
|
|
||||||
if containerFilter(ctxSvc, container.Name, container.HealthState, container.State) {
|
|
||||||
containerIPAddresses = append(containerIPAddresses, container.PrimaryIp)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
service := rancherData{
|
|
||||||
Name: service.Name + "_" + stack.Name,
|
|
||||||
State: service.State,
|
|
||||||
Labels: service.Labels,
|
|
||||||
Port: servicePort,
|
|
||||||
Containers: containerIPAddresses,
|
|
||||||
}
|
|
||||||
|
|
||||||
extraConf, err := p.getConfiguration(service)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error().Err(err).Msgf("Skip container %s", service.Name)
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
service.ExtraConf = extraConf
|
|
||||||
|
|
||||||
rancherDataList = append(rancherDataList, service)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return rancherDataList
|
|
||||||
}
|
|
||||||
|
|
||||||
func containerFilter(ctx context.Context, name, healthState, state string) bool {
|
|
||||||
logger := log.Ctx(ctx)
|
|
||||||
|
|
||||||
if healthState != "" && healthState != healthy && healthState != updatingHealthy {
|
|
||||||
logger.Debug().Msgf("Filtering container %s with healthState of %s", name, healthState)
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
if state != "" && state != running && state != updatingRunning && state != upgraded {
|
|
||||||
logger.Debug().Msgf("Filtering container %s with state of %s", name, state)
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
return true
|
|
||||||
}
|
|
|
@ -29,7 +29,6 @@ import (
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/kv/redis"
|
"github.com/traefik/traefik/v2/pkg/provider/kv/redis"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/kv/zk"
|
"github.com/traefik/traefik/v2/pkg/provider/kv/zk"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/marathon"
|
"github.com/traefik/traefik/v2/pkg/provider/marathon"
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/rancher"
|
|
||||||
"github.com/traefik/traefik/v2/pkg/provider/rest"
|
"github.com/traefik/traefik/v2/pkg/provider/rest"
|
||||||
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
||||||
"github.com/traefik/traefik/v2/pkg/tracing/datadog"
|
"github.com/traefik/traefik/v2/pkg/tracing/datadog"
|
||||||
|
@ -675,17 +674,6 @@ func TestDo_staticConfiguration(t *testing.T) {
|
||||||
Insecure: true,
|
Insecure: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
config.Providers.Rancher = &rancher.Provider{
|
|
||||||
Constraints: `Label("foo", "bar")`,
|
|
||||||
Watch: true,
|
|
||||||
DefaultRule: "PathPrefix(`/`)",
|
|
||||||
ExposedByDefault: true,
|
|
||||||
EnableServiceHealthFilter: true,
|
|
||||||
RefreshSeconds: 42,
|
|
||||||
IntervalPoll: true,
|
|
||||||
Prefix: "MyPrefix",
|
|
||||||
}
|
|
||||||
|
|
||||||
config.Providers.ConsulCatalog = &consulcatalog.ProviderBuilder{
|
config.Providers.ConsulCatalog = &consulcatalog.ProviderBuilder{
|
||||||
Configuration: consulcatalog.Configuration{
|
Configuration: consulcatalog.Configuration{
|
||||||
Constraints: `Label("foo", "bar")`,
|
Constraints: `Label("foo", "bar")`,
|
||||||
|
|
|
@ -180,16 +180,6 @@
|
||||||
"rest": {
|
"rest": {
|
||||||
"insecure": true
|
"insecure": true
|
||||||
},
|
},
|
||||||
"rancher": {
|
|
||||||
"constraints": "Label(\"foo\", \"bar\")",
|
|
||||||
"watch": true,
|
|
||||||
"defaultRule": "xxxx",
|
|
||||||
"exposedByDefault": true,
|
|
||||||
"enableServiceHealthFilter": true,
|
|
||||||
"refreshSeconds": 42,
|
|
||||||
"intervalPoll": true,
|
|
||||||
"prefix": "xxxx"
|
|
||||||
},
|
|
||||||
"consulCatalog": {
|
"consulCatalog": {
|
||||||
"constraints": "Label(\"foo\", \"bar\")",
|
"constraints": "Label(\"foo\", \"bar\")",
|
||||||
"endpoint": {
|
"endpoint": {
|
||||||
|
|
1
pkg/redactor/testdata/example.json
vendored
1
pkg/redactor/testdata/example.json
vendored
|
@ -76,7 +76,6 @@
|
||||||
"Mesos": null,
|
"Mesos": null,
|
||||||
"Eureka": null,
|
"Eureka": null,
|
||||||
"ECS": null,
|
"ECS": null,
|
||||||
"Rancher": null,
|
|
||||||
"DynamoDB": null,
|
"DynamoDB": null,
|
||||||
"ConfigFile": "/etc/traefik/traefik.toml"
|
"ConfigFile": "/etc/traefik/traefik.toml"
|
||||||
}
|
}
|
||||||
|
|
1
pkg/redactor/testdata/expected.json
vendored
1
pkg/redactor/testdata/expected.json
vendored
|
@ -76,7 +76,6 @@
|
||||||
"Mesos": null,
|
"Mesos": null,
|
||||||
"Eureka": null,
|
"Eureka": null,
|
||||||
"ECS": null,
|
"ECS": null,
|
||||||
"Rancher": null,
|
|
||||||
"DynamoDB": null,
|
"DynamoDB": null,
|
||||||
"ConfigFile": "/etc/traefik/traefik.toml"
|
"ConfigFile": "/etc/traefik/traefik.toml"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue