Merge branch v2.2 into v2.3

docs/content/contributing/data-collection.md

@@ -85,7 +85,7 @@ Once a day (the first call begins 10 minutes after the start of Traefik), we col
     ca = "xxxx"
     cert = "xxxx"
     key = "xxxx"
-    insecureSkipVerify = false
+    insecureSkipVerify = true
 ```
 
 ## The Code for Data Collection

docs/content/https/tls.md

@@ -134,6 +134,16 @@ If no default certificate is provided, Traefik generates and uses a self-signed
 
 The TLS options allow one to configure some parameters of the TLS connection.
 
+!!! important "TLSOptions in Kubernetes"
+
+    When using the TLSOptions-CRD in Kubernetes, one might setup a default set of options that,
+    if not explicitly overwritten, should apply to all ingresses. To achieve that, you'll have to
+    create a TLSOptions CR with the name `default`. There may exist only one TLSOption with the 
+    name `default` (across all namespaces) - otherwise they will be dropped.  
+    To explicitly use a different TLSOption (and using the Kubernetes Ingress resources) you'll 
+    have to add an annotation to the Ingress in the following form:
+    `traefik.ingress.kubernetes.io/router.tls.options: <resource-namespace>-<resource-name>@kubernetescrd`
+
 ### Minimum TLS Version
 
 ```toml tab="File (TOML)"

docs/content/middlewares/buffering.md

@@ -165,7 +165,7 @@ http:
 
 ### `maxResponseBodyBytes`
 
-With the `maxReesponseBodyBytes` option, you can configure the maximum allowed response size from the service (in Bytes).
+With the `maxResponseBodyBytes` option, you can configure the maximum allowed response size from the service (in Bytes).
 
 If the response exceeds the allowed size, it is not forwarded to the client. The client gets a `413 (Request Entity Too Large) response` instead.
 

docs/content/middlewares/circuitbreaker.md

@@ -7,7 +7,7 @@ Don't Waste Time Calling Unhealthy Services
 
 The circuit breaker protects your system from stacking requests to unhealthy services (resulting in cascading failures).
 
-When your system is healthy, the circuit is close (normal operations). 
+When your system is healthy, the circuit is closed (normal operations).
 When your system becomes unhealthy, the circuit becomes open and the requests are no longer forwarded (but handled by a fallback mechanism).
 
 To assess if your system is healthy, the circuit breaker constantly monitors the services. 
@@ -82,13 +82,13 @@ http:
 
 There are three possible states for your circuit breaker:
 
-- Close (your service operates normally)
+- Closed (your service operates normally)
 - Open (the fallback mechanism takes over your service)
 - Recovering (the circuit breaker tries to resume normal operations by progressively sending requests to your service)
 
-### Close
+### Closed
 
-While close, the circuit breaker only collects metrics to analyze the behavior of the requests.
+While the circuit is closed, the circuit breaker only collects metrics to analyze the behavior of the requests.
 
 At specified intervals (`checkPeriod`), it will evaluate `expression` to decide if its state must change. 
 

docs/content/middlewares/overview.md

@@ -25,7 +25,7 @@ whoami:
     - "traefik.http.routers.router1.middlewares=foo-add-prefix@docker"
 ```
 
-```yaml tab="Kubernetes"
+```yaml tab="Kubernetes IngressRoute"
 # As a Kubernetes Traefik IngressRoute
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
@@ -148,6 +148,9 @@ then you'll have to append to the middleware name, the `@` separator, followed b
     In this case, since the definition of the middleware is not in kubernetes,
     specifying a "kubernetes namespace" when referring to the resource does not make any sense,
     and therefore this specification would be ignored even if present.
+    On the other hand, if you declare the middleware as a Custom Resource in Kubernetes and use the 
+    non-crd Ingress objects, you'll have to add the kubernetes namespace of the middleware to the 
+    annotation like this `<middleware-namespace>-<middleware-name>@kubernetescrd`.
 
 !!! abstract "Referencing a Middleware from Another Provider"
 
@@ -178,7 +181,7 @@ then you'll have to append to the middleware name, the `@` separator, followed b
         - "traefik.http.routers.my-container.middlewares=add-foo-prefix@file"
     ```
 
-    ```yaml tab="Kubernetes"
+    ```yaml tab="Kubernetes Ingress Route"
     apiVersion: traefik.containo.us/v1alpha1
     kind: IngressRoute
     metadata:
@@ -200,6 +203,31 @@ then you'll have to append to the middleware name, the `@` separator, followed b
             # when the cross-provider syntax is used.
     ```
     
+    ```yaml tab="Kubernetes Ingress"
+    apiVersion: traefik.containo.us/v1alpha1
+    kind: Middleware
+    metadata:
+      name: stripprefix
+      namespace: appspace
+    spec:
+      stripPrefix:
+        prefixes:
+          - /stripit
+    
+    ---
+    apiVersion: networking.k8s.io/v1
+    kind: Ingress
+    metadata:
+      name: ingress
+      namespace: appspace
+      annotations:
+        # referencing a middleware from Kubernetes CRD provider: 
+        # <middleware-namespace>-<middleware-name>@kubernetescrd
+        "traefik.ingress.kubernetes.io/router.middlewares": appspace-stripprefix@kubernetescrd
+    spec:
+      # ... regular ingress definition
+    ```
+
 ## Available Middlewares
 
 | Middleware                                | Purpose                                           | Area                        |

docs/content/routing/services/index.md

@@ -317,7 +317,7 @@ Below are the available options for the health check mechanism:
 
 - `path` is appended to the server URL to set the health check endpoint.
 - `scheme`, if defined, will replace the server URL `scheme` for the health check endpoint
-- `hostname`, if defined, will apply `Host` header `hostname` to the the health check request.
+- `hostname`, if defined, will apply `Host` header `hostname` to the health check request.
 - `port`, if defined, will replace the server URL `port` for the health check endpoint.
 - `interval` defines the frequency of the health check calls.
 - `timeout` defines the maximum duration Traefik will wait for a health check request before considering the server failed (unhealthy).