Merge branch v2.2 into v2.3

This commit is contained in:
romain 2020-09-15 10:57:20 +02:00
commit 4592626bbb
6 changed files with 47 additions and 9 deletions

View file

@ -85,7 +85,7 @@ Once a day (the first call begins 10 minutes after the start of Traefik), we col
ca = "xxxx" ca = "xxxx"
cert = "xxxx" cert = "xxxx"
key = "xxxx" key = "xxxx"
insecureSkipVerify = false insecureSkipVerify = true
``` ```
## The Code for Data Collection ## The Code for Data Collection

View file

@ -134,6 +134,16 @@ If no default certificate is provided, Traefik generates and uses a self-signed
The TLS options allow one to configure some parameters of the TLS connection. The TLS options allow one to configure some parameters of the TLS connection.
!!! important "TLSOptions in Kubernetes"
When using the TLSOptions-CRD in Kubernetes, one might setup a default set of options that,
if not explicitly overwritten, should apply to all ingresses. To achieve that, you'll have to
create a TLSOptions CR with the name `default`. There may exist only one TLSOption with the
name `default` (across all namespaces) - otherwise they will be dropped.
To explicitly use a different TLSOption (and using the Kubernetes Ingress resources) you'll
have to add an annotation to the Ingress in the following form:
`traefik.ingress.kubernetes.io/router.tls.options: <resource-namespace>-<resource-name>@kubernetescrd`
### Minimum TLS Version ### Minimum TLS Version
```toml tab="File (TOML)" ```toml tab="File (TOML)"

View file

@ -165,7 +165,7 @@ http:
### `maxResponseBodyBytes` ### `maxResponseBodyBytes`
With the `maxReesponseBodyBytes` option, you can configure the maximum allowed response size from the service (in Bytes). With the `maxResponseBodyBytes` option, you can configure the maximum allowed response size from the service (in Bytes).
If the response exceeds the allowed size, it is not forwarded to the client. The client gets a `413 (Request Entity Too Large) response` instead. If the response exceeds the allowed size, it is not forwarded to the client. The client gets a `413 (Request Entity Too Large) response` instead.

View file

@ -7,7 +7,7 @@ Don't Waste Time Calling Unhealthy Services
The circuit breaker protects your system from stacking requests to unhealthy services (resulting in cascading failures). The circuit breaker protects your system from stacking requests to unhealthy services (resulting in cascading failures).
When your system is healthy, the circuit is close (normal operations). When your system is healthy, the circuit is closed (normal operations).
When your system becomes unhealthy, the circuit becomes open and the requests are no longer forwarded (but handled by a fallback mechanism). When your system becomes unhealthy, the circuit becomes open and the requests are no longer forwarded (but handled by a fallback mechanism).
To assess if your system is healthy, the circuit breaker constantly monitors the services. To assess if your system is healthy, the circuit breaker constantly monitors the services.
@ -82,13 +82,13 @@ http:
There are three possible states for your circuit breaker: There are three possible states for your circuit breaker:
- Close (your service operates normally) - Closed (your service operates normally)
- Open (the fallback mechanism takes over your service) - Open (the fallback mechanism takes over your service)
- Recovering (the circuit breaker tries to resume normal operations by progressively sending requests to your service) - Recovering (the circuit breaker tries to resume normal operations by progressively sending requests to your service)
### Close ### Closed
While close, the circuit breaker only collects metrics to analyze the behavior of the requests. While the circuit is closed, the circuit breaker only collects metrics to analyze the behavior of the requests.
At specified intervals (`checkPeriod`), it will evaluate `expression` to decide if its state must change. At specified intervals (`checkPeriod`), it will evaluate `expression` to decide if its state must change.

View file

@ -25,7 +25,7 @@ whoami:
- "traefik.http.routers.router1.middlewares=foo-add-prefix@docker" - "traefik.http.routers.router1.middlewares=foo-add-prefix@docker"
``` ```
```yaml tab="Kubernetes" ```yaml tab="Kubernetes IngressRoute"
# As a Kubernetes Traefik IngressRoute # As a Kubernetes Traefik IngressRoute
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
@ -148,6 +148,9 @@ then you'll have to append to the middleware name, the `@` separator, followed b
In this case, since the definition of the middleware is not in kubernetes, In this case, since the definition of the middleware is not in kubernetes,
specifying a "kubernetes namespace" when referring to the resource does not make any sense, specifying a "kubernetes namespace" when referring to the resource does not make any sense,
and therefore this specification would be ignored even if present. and therefore this specification would be ignored even if present.
On the other hand, if you declare the middleware as a Custom Resource in Kubernetes and use the
non-crd Ingress objects, you'll have to add the kubernetes namespace of the middleware to the
annotation like this `<middleware-namespace>-<middleware-name>@kubernetescrd`.
!!! abstract "Referencing a Middleware from Another Provider" !!! abstract "Referencing a Middleware from Another Provider"
@ -178,7 +181,7 @@ then you'll have to append to the middleware name, the `@` separator, followed b
- "traefik.http.routers.my-container.middlewares=add-foo-prefix@file" - "traefik.http.routers.my-container.middlewares=add-foo-prefix@file"
``` ```
```yaml tab="Kubernetes" ```yaml tab="Kubernetes Ingress Route"
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
@ -199,6 +202,31 @@ then you'll have to append to the middleware name, the `@` separator, followed b
# A namespace specification such as above is ignored # A namespace specification such as above is ignored
# when the cross-provider syntax is used. # when the cross-provider syntax is used.
``` ```
```yaml tab="Kubernetes Ingress"
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: stripprefix
namespace: appspace
spec:
stripPrefix:
prefixes:
- /stripit
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
namespace: appspace
annotations:
# referencing a middleware from Kubernetes CRD provider:
# <middleware-namespace>-<middleware-name>@kubernetescrd
"traefik.ingress.kubernetes.io/router.middlewares": appspace-stripprefix@kubernetescrd
spec:
# ... regular ingress definition
```
## Available Middlewares ## Available Middlewares

View file

@ -317,7 +317,7 @@ Below are the available options for the health check mechanism:
- `path` is appended to the server URL to set the health check endpoint. - `path` is appended to the server URL to set the health check endpoint.
- `scheme`, if defined, will replace the server URL `scheme` for the health check endpoint - `scheme`, if defined, will replace the server URL `scheme` for the health check endpoint
- `hostname`, if defined, will apply `Host` header `hostname` to the the health check request. - `hostname`, if defined, will apply `Host` header `hostname` to the health check request.
- `port`, if defined, will replace the server URL `port` for the health check endpoint. - `port`, if defined, will replace the server URL `port` for the health check endpoint.
- `interval` defines the frequency of the health check calls. - `interval` defines the frequency of the health check calls.
- `timeout` defines the maximum duration Traefik will wait for a health check request before considering the server failed (unhealthy). - `timeout` defines the maximum duration Traefik will wait for a health check request before considering the server failed (unhealthy).