baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge v1.5.4 into master

Browse source
This commit is contained in:
Ludovic Fernandez 2018-03-15 22:22:03 +01:00 committed by Traefiker Bot
parent 8d468925d3
commit 526c19181e
10 changed files with 92 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
CHANGELOG.md
View file

@ -1,5 +1,30 @@
# Change Log
## [v1.5.4](https://github.com/containous/traefik/tree/v1.5.4) (2018-03-15)
[All Commits](https://github.com/containous/traefik/compare/v1.5.3...v1.5.4)
**Bug fixes:**
- **[acme]** Fix panic when parsing resolv.conf ([#2955](https://github.com/containous/traefik/pull/2955) by [ldez](https://github.com/ldez))
- **[acme]** Don't failed traefik start if register and subscribe failed on acme ([#2977](https://github.com/containous/traefik/pull/2977) by [Juliens](https://github.com/Juliens))
- **[ecs]** Safe access to ECS API pointer values. ([#2983](https://github.com/containous/traefik/pull/2983) by [ldez](https://github.com/ldez))
- **[kv]** Add lower-case passHostHeader key support. ([#3015](https://github.com/containous/traefik/pull/3015) by [ldez](https://github.com/ldez))
- **[middleware]** Propagate insecure in white list. ([#2981](https://github.com/containous/traefik/pull/2981) by [ldez](https://github.com/ldez))
- **[rancher]** Fix Rancher Healthcheck when upgrading a service ([#2962](https://github.com/containous/traefik/pull/2962) by [jmirc](https://github.com/jmirc))
- **[websocket]** Capitalize Sec-WebSocket-Protocol Header ([#2975](https://github.com/containous/traefik/pull/2975) by [Juliens](https://github.com/Juliens))
- Use goroutine pool in throttleProvider ([#3013](https://github.com/containous/traefik/pull/3013) by [Juliens](https://github.com/Juliens))
- Handle quoted strings in UnmarshalJSON ([#3004](https://github.com/containous/traefik/pull/3004) by [Juliens](https://github.com/Juliens))
**Documentation:**
- **[acme]** Clarify some deprecations. ([#2959](https://github.com/containous/traefik/pull/2959) by [ldez](https://github.com/ldez))
- **[acme]** Second defaultEntryPoint should be https, not http. ([#2948](https://github.com/containous/traefik/pull/2948) by [GerbenWelter](https://github.com/GerbenWelter))
- **[api]** Enhance API, REST, ping documentation. ([#2950](https://github.com/containous/traefik/pull/2950) by [ldez](https://github.com/ldez))
- **[k8s]** Add TLS Docs ([#3012](https://github.com/containous/traefik/pull/3012) by [dtomcej](https://github.com/dtomcej))
- Enhance Traefik TOML sample. ([#2996](https://github.com/containous/traefik/pull/2996) by [ldez](https://github.com/ldez))
- Fix typo in docs ([#2990](https://github.com/containous/traefik/pull/2990) by [mo](https://github.com/mo))
- Clarify how setting a frontend priority works ([#2984](https://github.com/containous/traefik/pull/2984) by [jbdoumenjou](https://github.com/jbdoumenjou))
- Add [file] in syntax reference ([#3016](https://github.com/containous/traefik/pull/3016) by [ldez](https://github.com/ldez))
- Updated the test-it example according to the latest docker version ([#3000](https://github.com/containous/traefik/pull/3000) by [geraldcroes](https://github.com/geraldcroes))
## [v1.5.3](https://github.com/containous/traefik/tree/v1.5.3) (2018-02-27)
[All Commits](https://github.com/containous/traefik/compare/v1.5.2...v1.5.3)

2
docs/configuration/backends/file.md
View file

@ -5,6 +5,8 @@ Træfik can be configured with a file.
## Reference
```toml
[file]
# Backends
[backends]

11
docs/configuration/backends/kubernetes.md
View file

@ -105,6 +105,17 @@ A label selector can be defined to filter on specific Ingress objects only.
See [label-selectors](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors) for details.
### TLS communication between Traefik and backend pods
Traefik automatically requests endpoint information based on the service provided in the ingress spec.
Although traefik will connect directly to the endpoints (pods), it still checks the service port to see if TLS communication is required.
If the service port defined in the ingress spec is 443, then the backend communication protocol is assumed to be TLS, and will connect via TLS automatically.
!!! note
Please note that by enabling TLS communication between traefik and your pods, you will have to have trusted certificates that have the proper trust chain and IP subject name.
If this is not an option, you may need to skip TLS certificate verification.
See the [InsecureSkipVerify](configuration/commons/#main-section) setting for more details.
## Annotations
### General annotations

2
docs/user-guide/kv-config.md
View file

@ -328,7 +328,7 @@ And there, the same dynamic configuration in a KV Store (using `prefix = "traefi
| Key | Value |
|----------------------------------------------------|--------------------|
| `/traefik/frontends/frontend2/backend` | `backend1` |
| `/traefik/frontends/frontend2/passHostHeader` | `true` |
| `/traefik/frontends/frontend2/passhostheader` | `true` |
| `/traefik/frontends/frontend2/priority` | `10` |
| `/traefik/frontends/frontend2/entrypoints` | `http,https` |
| `/traefik/frontends/frontend2/routes/test_2/rule` | `PathPrefix:/test` |

45
provider/kv/keynames.go
View file

@ -22,28 +22,29 @@ const (
pathBackendBufferingMemRequestBodyBytes = pathBackendBuffering + "memrequestbodybytes"
pathBackendBufferingRetryExpression = pathBackendBuffering + "retryexpression"
pathFrontends = "/frontends/"
pathFrontendBackend = "/backend"
pathFrontendPriority = "/priority"
pathFrontendPassHostHeader = "/passHostHeader"
pathFrontendPassTLSCert = "/passtlscert"
pathFrontendWhiteListSourceRange = "/whitelistsourcerange"
pathFrontendBasicAuth = "/basicauth"
pathFrontendEntryPoints = "/entrypoints"
pathFrontendRedirectEntryPoint = "/redirect/entrypoint"
pathFrontendRedirectRegex = "/redirect/regex"
pathFrontendRedirectReplacement = "/redirect/replacement"
pathFrontendRedirectPermanent = "/redirect/permanent"
pathFrontendErrorPages = "/errors/"
pathFrontendErrorPagesBackend = "/backend"
pathFrontendErrorPagesQuery = "/query"
pathFrontendErrorPagesStatus = "/status"
pathFrontendRateLimit = "/ratelimit/"
pathFrontendRateLimitRateSet = pathFrontendRateLimit + "rateset/"
pathFrontendRateLimitExtractorFunc = pathFrontendRateLimit + "extractorfunc"
pathFrontendRateLimitPeriod = "/period"
pathFrontendRateLimitAverage = "/average"
pathFrontendRateLimitBurst = "/burst"
pathFrontends = "/frontends/"
pathFrontendBackend = "/backend"
pathFrontendPriority = "/priority"
pathFrontendPassHostHeaderDeprecated = "/passHostHeader" // Deprecated
pathFrontendPassHostHeader = "/passhostheader"
pathFrontendPassTLSCert = "/passtlscert"
pathFrontendWhiteListSourceRange = "/whitelistsourcerange"
pathFrontendBasicAuth = "/basicauth"
pathFrontendEntryPoints = "/entrypoints"
pathFrontendRedirectEntryPoint = "/redirect/entrypoint"
pathFrontendRedirectRegex = "/redirect/regex"
pathFrontendRedirectReplacement = "/redirect/replacement"
pathFrontendRedirectPermanent = "/redirect/permanent"
pathFrontendErrorPages = "/errors/"
pathFrontendErrorPagesBackend = "/backend"
pathFrontendErrorPagesQuery = "/query"
pathFrontendErrorPagesStatus = "/status"
pathFrontendRateLimit = "/ratelimit/"
pathFrontendRateLimitRateSet = pathFrontendRateLimit + "rateset/"
pathFrontendRateLimitExtractorFunc = pathFrontendRateLimit + "extractorfunc"
pathFrontendRateLimitPeriod = "/period"
pathFrontendRateLimitAverage = "/average"
pathFrontendRateLimitBurst = "/burst"
pathFrontendCustomRequestHeaders = "/headers/customrequestheaders/"
pathFrontendCustomResponseHeaders = "/headers/customresponseheaders/"

22
provider/kv/kv_config.go
View file

@ -42,8 +42,8 @@ func (p *Provider) buildConfiguration() *types.Configuration {
// Frontend functions
"getBackendName": p.getFuncString(pathFrontendBackend, ""),
"getPriority": p.getFuncInt(pathFrontendPriority, 0),
"getPassHostHeader": p.getFuncBool(pathFrontendPassHostHeader, true),
"getPriority": p.getFuncInt(pathFrontendPriority, label.DefaultFrontendPriorityInt),
"getPassHostHeader": p.getPassHostHeader(),
"getPassTLSCert": p.getFuncBool(pathFrontendPassTLSCert, label.DefaultPassTLSCert),
"getEntryPoints": p.getFuncList(pathFrontendEntryPoints),
"getWhitelistSourceRange": p.getFuncList(pathFrontendWhiteListSourceRange),
@ -80,6 +80,24 @@ func (p *Provider) buildConfiguration() *types.Configuration {
return configuration
}
// Deprecated
func (p *Provider) getPassHostHeader() func(rootPath string) bool {
return func(rootPath string) bool {
rawValue := p.get("", rootPath, pathFrontendPassHostHeader)
if len(rawValue) > 0 {
value, err := strconv.ParseBool(rawValue)
if err != nil {
log.Errorf("Invalid value for %s %s: %s", rootPath, pathFrontendPassHostHeader, rawValue)
return label.DefaultPassHostHeaderBool
}
return value
}
return p.getBool(label.DefaultPassHostHeaderBool, rootPath, pathFrontendPassHostHeaderDeprecated)
}
}
// Deprecated
func (p *Provider) getSticky(rootPath string) bool {
stickyValue := p.get("", rootPath, pathBackendLoadBalancerSticky)

3
provider/rancher/config.go
View file

@ -128,8 +128,7 @@ func (p *Provider) serviceFilter(service rancherData) bool {
log.Debugf("Filtering service %s with healthState of %s", service.Name, service.Health)
return false
}
if service.State != "" && service.State != active && service.State != updatingActive && service.State != upgraded {
if service.State != "" && service.State != active && service.State != updatingActive && service.State != upgraded && service.State != upgrading {
log.Debugf("Filtering service %s with state of %s", service.Name, service.State)
return false
}

3
provider/rancher/rancher.go
View file

@ -18,6 +18,7 @@ const (
active = "active"
running = "running"
upgraded = "upgraded"
upgrading = "upgrading"
updatingActive = "updating-active"
updatingRunning = "updating-running"
)
@ -63,7 +64,7 @@ func containerFilter(name, healthState, state string) bool {
return false
}
if state != "" && state != running && state != updatingRunning {
if state != "" && state != running && state != updatingRunning && state != upgraded {
log.Debugf("Filtering container %s with state of %s", name, state)
return false
}

6
server/server.go
View file

@ -385,7 +385,7 @@ func (s *Server) preLoadConfiguration(configMsg types.ConfigMessage) {
providerConfigUpdateCh = make(chan types.ConfigMessage)
s.providerConfigUpdateMap[configMsg.ProviderName] = providerConfigUpdateCh
s.routinesPool.Go(func(stop chan bool) {
throttleProviderConfigReload(providersThrottleDuration, s.configurationValidatedChan, providerConfigUpdateCh, stop)
s.throttleProviderConfigReload(providersThrottleDuration, s.configurationValidatedChan, providerConfigUpdateCh, stop)
})
}
providerConfigUpdateCh <- configMsg
@ -396,11 +396,11 @@ func (s *Server) preLoadConfiguration(configMsg types.ConfigMessage) {
// It will immediately publish a new configuration and then only publish the next configuration after the throttle duration.
// Note that in the case it receives N new configs in the timeframe of the throttle duration after publishing,
// it will publish the last of the newly received configurations.
func throttleProviderConfigReload(throttle time.Duration, publish chan<- types.ConfigMessage, in <-chan types.ConfigMessage, stop chan bool) {
func (s *Server) throttleProviderConfigReload(throttle time.Duration, publish chan<- types.ConfigMessage, in <-chan types.ConfigMessage, stop chan bool) {
ring := channels.NewRingChannel(1)
defer ring.Close()
safe.Go(func() {
s.routinesPool.Go(func(stop chan bool) {
for {
select {
case <-stop:

5
server/server_test.go
View file

@ -301,7 +301,10 @@ func TestThrottleProviderConfigReload(t *testing.T) {
stop <- true
}()
go throttleProviderConfigReload(throttleDuration, publishConfig, providerConfig, stop)
globalConfig := configuration.GlobalConfiguration{}
server := NewServer(globalConfig, nil)
go server.throttleProviderConfigReload(throttleDuration, publishConfig, providerConfig, stop)
publishedConfigCount := 0
stopConsumeConfigs := make(chan bool)