Merge branch 'master' of github.com:traefik/traefik
All checks were successful
Build & Push / build-and-push (push) Successful in 10m30s
All checks were successful
Build & Push / build-and-push (push) Successful in 10m30s
This commit is contained in:
commit
6f8b9a338d
89 changed files with 1250 additions and 515 deletions
|
@ -46,7 +46,7 @@ blocks:
|
||||||
- name: GH_VERSION
|
- name: GH_VERSION
|
||||||
value: 2.32.1
|
value: 2.32.1
|
||||||
- name: CODENAME
|
- name: CODENAME
|
||||||
value: "comte"
|
value: "munster"
|
||||||
prologue:
|
prologue:
|
||||||
commands:
|
commands:
|
||||||
- export VERSION=${SEMAPHORE_GIT_TAG_NAME}
|
- export VERSION=${SEMAPHORE_GIT_TAG_NAME}
|
||||||
|
|
51
CHANGELOG.md
51
CHANGELOG.md
|
@ -1,3 +1,54 @@
|
||||||
|
## [v3.2.0-rc1](https://github.com/traefik/traefik/tree/v3.2.0-rc1) (2024-10-02)
|
||||||
|
[All Commits](https://github.com/traefik/traefik/compare/v3.1.0-rc1...v3.2.0-rc1)
|
||||||
|
|
||||||
|
**Enhancements:**
|
||||||
|
- **[acme]** Remove same email requirement for certresolvers ([#11019](https://github.com/traefik/traefik/pull/11019) by [Emrio](https://github.com/Emrio))
|
||||||
|
- **[acme]** Add support for custom CA certificates by certificate resolver ([#10816](https://github.com/traefik/traefik/pull/10816) by [ldez](https://github.com/ldez))
|
||||||
|
- **[acme]** Add 30 day certificatesDuration step ([#10970](https://github.com/traefik/traefik/pull/10970) by [luker983](https://github.com/luker983))
|
||||||
|
- **[docker]** Support HTTP BasicAuth for docker and swarm endpoint ([#10776](https://github.com/traefik/traefik/pull/10776) by [985492783](https://github.com/985492783))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Add supported features to the Gateway API GatewayClass status ([#11056](https://github.com/traefik/traefik/pull/11056) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Update sigs.k8s.io/gateway-api to v1.2.0-rc1 ([#11124](https://github.com/traefik/traefik/pull/11124) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Add support for backend protocol selection in HTTP and GRPC routes ([#11051](https://github.com/traefik/traefik/pull/11051) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Improve Kubernetes GatewayAPI TCPRoute and TLSRoute support ([#11042](https://github.com/traefik/traefik/pull/11042) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support HTTPRoute destination port matching ([#11134](https://github.com/traefik/traefik/pull/11134) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Bump sigs.k8s.io/gateway-api to v1.2.0-rc2 ([#11131](https://github.com/traefik/traefik/pull/11131) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Add support for Gateway API BackendTLSPolicies ([#11009](https://github.com/traefik/traefik/pull/11009) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support NativeLB option in GatewayAPI provider ([#11147](https://github.com/traefik/traefik/pull/11147) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support ResponseHeaderModifier filter ([#10987](https://github.com/traefik/traefik/pull/10987) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support GRPC routes ([#10975](https://github.com/traefik/traefik/pull/10975) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[metrics,otel]** Allow setting service.name for OTLP metrics ([#10917](https://github.com/traefik/traefik/pull/10917) by [cmartell-at-ocp](https://github.com/cmartell-at-ocp))
|
||||||
|
- **[middleware,accesslogs]** Record trace id and EntryPoint span id into access log ([#10921](https://github.com/traefik/traefik/pull/10921) by [weijiany](https://github.com/weijiany))
|
||||||
|
- **[middleware,authentication]** Support LogUserHeader with forwardAuth middleware ([#10833](https://github.com/traefik/traefik/pull/10833) by [GaleHuang](https://github.com/GaleHuang))
|
||||||
|
- **[middleware]** Add encodings option to the compression middleware ([#10943](https://github.com/traefik/traefik/pull/10943) by [wollomatic](https://github.com/wollomatic))
|
||||||
|
- **[middleware]** Add support for ipv6 subnet in ipStrategy ([#9747](https://github.com/traefik/traefik/pull/9747) by [michal-kralik](https://github.com/michal-kralik))
|
||||||
|
- **[nomad]** Support for watching instead of polling Nomad ([#10997](https://github.com/traefik/traefik/pull/10997) by [deverton-godaddy](https://github.com/deverton-godaddy))
|
||||||
|
- **[server,performance]** Introduce a fast proxy mode to improve HTTP/1.1 performances with backends ([#11122](https://github.com/traefik/traefik/pull/11122) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[server]** Configurable max request header size ([#10995](https://github.com/traefik/traefik/pull/10995) by [lucasrod16](https://github.com/lucasrod16))
|
||||||
|
- **[service]** Add mirrorBody option to HTTP mirroring ([#11032](https://github.com/traefik/traefik/pull/11032) by [MatteoPaier](https://github.com/MatteoPaier))
|
||||||
|
|
||||||
|
## [v3.1.5](https://github.com/traefik/traefik/tree/v3.1.5) (2024-10-02)
|
||||||
|
[All Commits](https://github.com/traefik/traefik/compare/v3.1.4...v3.1.5)
|
||||||
|
|
||||||
|
**Bug fixes:**
|
||||||
|
- **[k8s/ingress,k8s]** Disable IngressClass lookup when disableClusterScopeResources is enabled ([#11111](https://github.com/traefik/traefik/pull/11111) by [jnoordsij](https://github.com/jnoordsij))
|
||||||
|
- **[server]** Rework condition to not log on timeout ([#11132](https://github.com/traefik/traefik/pull/11132) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- Merge branch v2.11 into v3.1 ([#11149](https://github.com/traefik/traefik/pull/11149) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- Merge branch v2.11 into v3.1 ([#11142](https://github.com/traefik/traefik/pull/11142) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
|
||||||
|
## [v2.11.11](https://github.com/traefik/traefik/tree/v2.11.11) (2024-10-02)
|
||||||
|
[All Commits](https://github.com/traefik/traefik/compare/v2.11.10...v2.11.11)
|
||||||
|
|
||||||
|
**Bug fixes:**
|
||||||
|
- **[acme]** Ensure defaultGeneratedCert.main as Subject's CN ([#10581](https://github.com/traefik/traefik/pull/10581) by [Lamatte](https://github.com/Lamatte))
|
||||||
|
- **[middleware,authentication]** Clean connection headers for forward auth request only ([#11095](https://github.com/traefik/traefik/pull/11095) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[middleware]** Bump github.com/klauspost/compress to 8e14b1b5a913 ([#11141](https://github.com/traefik/traefik/pull/11141) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[server]** Rework condition to not log on timeout ([#11133](https://github.com/traefik/traefik/pull/11133) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[webui]** Remove unused boot files from webui ([#11109](https://github.com/traefik/traefik/pull/11109) by [michelheusschen](https://github.com/michelheusschen))
|
||||||
|
|
||||||
|
**Documentation:**
|
||||||
|
- **[accesslogs]** Specify default format value for access log ([#11130](https://github.com/traefik/traefik/pull/11130) by [darkweaver87](https://github.com/darkweaver87))
|
||||||
|
- **[api]** Update API documentation to mention pagination ([#11115](https://github.com/traefik/traefik/pull/11115) by [lyrandy](https://github.com/lyrandy))
|
||||||
|
|
||||||
## [v3.1.4](https://github.com/traefik/traefik/tree/v3.1.4) (2024-09-19)
|
## [v3.1.4](https://github.com/traefik/traefik/tree/v3.1.4) (2024-09-19)
|
||||||
[All Commits](https://github.com/traefik/traefik/compare/v3.1.3...v3.1.4)
|
[All Commits](https://github.com/traefik/traefik/compare/v3.1.3...v3.1.4)
|
||||||
|
|
||||||
|
|
|
@ -79,7 +79,7 @@ traefik --help
|
||||||
# or
|
# or
|
||||||
|
|
||||||
docker run traefik[:version] --help
|
docker run traefik[:version] --help
|
||||||
# ex: docker run traefik:v3.1 --help
|
# ex: docker run traefik:v3.2 --help
|
||||||
```
|
```
|
||||||
|
|
||||||
Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments.
|
Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments.
|
||||||
|
|
|
@ -16,12 +16,12 @@ You can install Traefik with the following flavors:
|
||||||
|
|
||||||
Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file:
|
Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file:
|
||||||
|
|
||||||
* [YAML](https://raw.githubusercontent.com/traefik/traefik/v3.1/traefik.sample.yml)
|
* [YAML](https://raw.githubusercontent.com/traefik/traefik/v3.2/traefik.sample.yml)
|
||||||
* [TOML](https://raw.githubusercontent.com/traefik/traefik/v3.1/traefik.sample.toml)
|
* [TOML](https://raw.githubusercontent.com/traefik/traefik/v3.2/traefik.sample.toml)
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker run -d -p 8080:8080 -p 80:80 \
|
docker run -d -p 8080:8080 -p 80:80 \
|
||||||
-v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v3.1
|
-v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v3.2
|
||||||
```
|
```
|
||||||
|
|
||||||
For more details, go to the [Docker provider documentation](../providers/docker.md)
|
For more details, go to the [Docker provider documentation](../providers/docker.md)
|
||||||
|
@ -29,7 +29,7 @@ For more details, go to the [Docker provider documentation](../providers/docker.
|
||||||
!!! tip
|
!!! tip
|
||||||
|
|
||||||
* Prefer a fixed version than the latest that could be an unexpected version.
|
* Prefer a fixed version than the latest that could be an unexpected version.
|
||||||
ex: `traefik:v3.1`
|
ex: `traefik:v3.2`
|
||||||
* Docker images are based from the [Alpine Linux Official image](https://hub.docker.com/_/alpine).
|
* Docker images are based from the [Alpine Linux Official image](https://hub.docker.com/_/alpine).
|
||||||
* Any orchestrator using docker images can fetch the official Traefik docker image.
|
* Any orchestrator using docker images can fetch the official Traefik docker image.
|
||||||
|
|
||||||
|
|
|
@ -154,7 +154,7 @@ spec:
|
||||||
serviceAccountName: traefik-account
|
serviceAccountName: traefik-account
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --api.insecure
|
- --api.insecure
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
|
|
|
@ -20,7 +20,7 @@ version: '3'
|
||||||
services:
|
services:
|
||||||
reverse-proxy:
|
reverse-proxy:
|
||||||
# The official v3 Traefik docker image
|
# The official v3 Traefik docker image
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
# Enables the web UI and tells Traefik to listen to docker
|
# Enables the web UI and tells Traefik to listen to docker
|
||||||
command: --api.insecure=true --providers.docker
|
command: --api.insecure=true --providers.docker
|
||||||
ports:
|
ports:
|
||||||
|
|
|
@ -640,3 +640,15 @@ Increasing the `readTimeout` value could be the solution notably if you are deal
|
||||||
- TCP: `Error while handling TCP connection: readfrom tcp X.X.X.X:X->X.X.X.X:X: read tcp X.X.X.X:X->X.X.X.X:X: i/o timeout`
|
- TCP: `Error while handling TCP connection: readfrom tcp X.X.X.X:X->X.X.X.X:X: read tcp X.X.X.X:X->X.X.X.X:X: i/o timeout`
|
||||||
- HTTP: `'499 Client Closed Request' caused by: context canceled`
|
- HTTP: `'499 Client Closed Request' caused by: context canceled`
|
||||||
- HTTP: `ReverseProxy read error during body copy: read tcp X.X.X.X:X->X.X.X.X:X: use of closed network connection`
|
- HTTP: `ReverseProxy read error during body copy: read tcp X.X.X.X:X->X.X.X.X:X: use of closed network connection`
|
||||||
|
|
||||||
|
## v2.11.3
|
||||||
|
|
||||||
|
### Connection headers
|
||||||
|
|
||||||
|
In `v2.11.3`, the handling of the request Connection headers directives has changed to prevent any abuse.
|
||||||
|
Before, Traefik removed any header listed in the Connection header just before forwarding the request to the backends.
|
||||||
|
Now, Traefik removes the headers listed in the Connection header as soon as the request is handled.
|
||||||
|
As a consequence, middlewares do not have access to those Connection headers,
|
||||||
|
and a new option has been introduced to specify which ones could go through the middleware chain before being removed: `<entrypoint>.forwardedHeaders.connection`.
|
||||||
|
|
||||||
|
Please check out the [entrypoint forwarded headers connection option configuration](../routing/entrypoints.md#forwarded-headers) documentation.
|
||||||
|
|
|
@ -67,6 +67,8 @@ accessLog:
|
||||||
|
|
||||||
### `format`
|
### `format`
|
||||||
|
|
||||||
|
_Optional, Default="common"_
|
||||||
|
|
||||||
By default, logs are written using the Common Log Format (CLF).
|
By default, logs are written using the Common Log Format (CLF).
|
||||||
To write logs in JSON, use `json` in the `format` option.
|
To write logs in JSON, use `json` in the `format` option.
|
||||||
If the given format is unsupported, the default (CLF) is used instead.
|
If the given format is unsupported, the default (CLF) is used instead.
|
||||||
|
@ -277,7 +279,7 @@ version: "3.7"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
environment:
|
environment:
|
||||||
- TZ=US/Alaska
|
- TZ=US/Alaska
|
||||||
command:
|
command:
|
||||||
|
|
|
@ -136,6 +136,15 @@ api:
|
||||||
|
|
||||||
All the following endpoints must be accessed with a `GET` HTTP request.
|
All the following endpoints must be accessed with a `GET` HTTP request.
|
||||||
|
|
||||||
|
!!! info "Pagination"
|
||||||
|
|
||||||
|
By default, up to 100 results are returned per page, and the next page can be checked using the `X-Next-Page` HTTP Header.
|
||||||
|
To control pagination, use the `page` and `per_page` query parameters.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
curl https://traefik.example.com:8080/api/http/routers?page=2&per_page=20
|
||||||
|
```
|
||||||
|
|
||||||
| Path | Description |
|
| Path | Description |
|
||||||
|--------------------------------|---------------------------------------------------------------------------------------------|
|
|--------------------------------|---------------------------------------------------------------------------------------------|
|
||||||
| `/api/http/routers` | Lists all the HTTP routers information. |
|
| `/api/http/routers` | Lists all the HTTP routers information. |
|
||||||
|
|
|
@ -166,7 +166,7 @@ See the [Docker API Access](#docker-api-access) section for more information.
|
||||||
|
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik:v3.1 # The official v3 Traefik docker image
|
image: traefik:v3.2 # The official v3 Traefik docker image
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
volumes:
|
volumes:
|
||||||
|
|
|
@ -31,10 +31,10 @@ the Traefik engineering team developed a [Custom Resource Definition](https://ku
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Install Traefik Resource Definitions:
|
# Install Traefik Resource Definitions:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
||||||
|
|
||||||
# Install RBAC for Traefik:
|
# Install RBAC for Traefik:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
## Resource Configuration
|
## Resource Configuration
|
||||||
|
|
|
@ -34,7 +34,7 @@ For more details, check out the conformance [report](https://github.com/kubernet
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Install Traefik RBACs.
|
# Install Traefik RBACs.
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-gateway-rbac.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-gateway-rbac.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
3. Deploy Traefik and enable the `kubernetesGateway` provider in the static configuration as detailed below:
|
3. Deploy Traefik and enable the `kubernetesGateway` provider in the static configuration as detailed below:
|
||||||
|
|
|
@ -526,6 +526,6 @@ providers:
|
||||||
### Further
|
### Further
|
||||||
|
|
||||||
To learn more about the various aspects of the Ingress specification that Traefik supports,
|
To learn more about the various aspects of the Ingress specification that Traefik supports,
|
||||||
many examples of Ingresses definitions are located in the test [examples](https://github.com/traefik/traefik/tree/v3.1/pkg/provider/kubernetes/ingress/fixtures) of the Traefik repository.
|
many examples of Ingresses definitions are located in the test [examples](https://github.com/traefik/traefik/tree/v3.2/pkg/provider/kubernetes/ingress/fixtures) of the Traefik repository.
|
||||||
|
|
||||||
{!traefik-for-business-applications.md!}
|
{!traefik-for-business-applications.md!}
|
||||||
|
|
|
@ -212,7 +212,7 @@ See the [Docker Swarm API Access](#docker-api-access) section for more informati
|
||||||
|
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik:v3.1 # The official v3 Traefik docker image
|
image: traefik:v3.2 # The official v3 Traefik docker image
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
volumes:
|
volumes:
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -63,12 +63,12 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: |-
|
description: |-
|
||||||
Middlewares defines the list of references to Middleware resources.
|
Middlewares defines the list of references to Middleware resources.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
items:
|
items:
|
||||||
description: MiddlewareRef is a reference to a Middleware
|
description: MiddlewareRef is a reference to a Middleware
|
||||||
resource.
|
resource.
|
||||||
|
@ -88,7 +88,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -229,7 +229,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -277,7 +277,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- kind
|
- kind
|
||||||
|
@ -287,18 +287,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration.
|
TLS defines the TLS configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -317,17 +317,17 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSOption.
|
Name defines the name of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSOption.
|
Namespace defines the namespace of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -344,12 +344,12 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSStore.
|
Name defines the name of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSStore.
|
Namespace defines the namespace of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -409,7 +409,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -422,7 +422,7 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares defines the list of references to MiddlewareTCP
|
description: Middlewares defines the list of references to MiddlewareTCP
|
||||||
|
@ -446,7 +446,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: Services defines the list of TCP services.
|
description: Services defines the list of TCP services.
|
||||||
|
@ -487,7 +487,7 @@ spec:
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
description: |-
|
description: |-
|
||||||
ProxyProtocol defines the PROXY protocol configuration.
|
ProxyProtocol defines the PROXY protocol configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol
|
||||||
properties:
|
properties:
|
||||||
version:
|
version:
|
||||||
description: Version defines the PROXY Protocol version
|
description: Version defines the PROXY Protocol version
|
||||||
|
@ -525,7 +525,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- match
|
- match
|
||||||
|
@ -534,18 +534,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -564,7 +564,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: Name defines the name of the referenced Traefik
|
description: Name defines the name of the referenced Traefik
|
||||||
|
@ -656,7 +656,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -743,7 +743,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
Middleware is the CRD implementation of a Traefik Middleware.
|
Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -769,7 +769,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
AddPrefix holds the add prefix middleware configuration.
|
AddPrefix holds the add prefix middleware configuration.
|
||||||
This middleware updates the path of a request before forwarding it.
|
This middleware updates the path of a request before forwarding it.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/
|
||||||
properties:
|
properties:
|
||||||
prefix:
|
prefix:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -781,12 +781,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
BasicAuth holds the basic auth middleware configuration.
|
BasicAuth holds the basic auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -807,7 +807,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Buffering holds the buffering middleware configuration.
|
Buffering holds the buffering middleware configuration.
|
||||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
properties:
|
properties:
|
||||||
maxRequestBodyBytes:
|
maxRequestBodyBytes:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -839,14 +839,14 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RetryExpression defines the retry conditions.
|
RetryExpression defines the retry conditions.
|
||||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
chain:
|
chain:
|
||||||
description: |-
|
description: |-
|
||||||
Chain holds the configuration of the chain middleware.
|
Chain holds the configuration of the chain middleware.
|
||||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/
|
||||||
properties:
|
properties:
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares is the list of MiddlewareRef which composes
|
description: Middlewares is the list of MiddlewareRef which composes
|
||||||
|
@ -905,7 +905,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Compress holds the compress middleware configuration.
|
Compress holds the compress middleware configuration.
|
||||||
This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/
|
||||||
properties:
|
properties:
|
||||||
defaultEncoding:
|
defaultEncoding:
|
||||||
description: DefaultEncoding specifies the default encoding if
|
description: DefaultEncoding specifies the default encoding if
|
||||||
|
@ -954,12 +954,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
DigestAuth holds the digest auth middleware configuration.
|
DigestAuth holds the digest auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -979,7 +979,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ErrorPage holds the custom error middleware configuration.
|
ErrorPage holds the custom error middleware configuration.
|
||||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/
|
||||||
properties:
|
properties:
|
||||||
query:
|
query:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -989,7 +989,7 @@ spec:
|
||||||
service:
|
service:
|
||||||
description: |-
|
description: |-
|
||||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service
|
||||||
properties:
|
properties:
|
||||||
healthCheck:
|
healthCheck:
|
||||||
description: Healthcheck defines health checks for ExternalName
|
description: Healthcheck defines health checks for ExternalName
|
||||||
|
@ -1122,7 +1122,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -1180,7 +1180,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ForwardAuth holds the forward auth middleware configuration.
|
ForwardAuth holds the forward auth middleware configuration.
|
||||||
This middleware delegates the request authentication to a Service.
|
This middleware delegates the request authentication to a Service.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/
|
||||||
properties:
|
properties:
|
||||||
addAuthCookiesToResponse:
|
addAuthCookiesToResponse:
|
||||||
description: AddAuthCookiesToResponse defines the list of cookies
|
description: AddAuthCookiesToResponse defines the list of cookies
|
||||||
|
@ -1208,7 +1208,7 @@ spec:
|
||||||
authResponseHeadersRegex:
|
authResponseHeadersRegex:
|
||||||
description: |-
|
description: |-
|
||||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
type: string
|
type: string
|
||||||
tls:
|
tls:
|
||||||
description: TLS defines the configuration used to secure the
|
description: TLS defines the configuration used to secure the
|
||||||
|
@ -1255,7 +1255,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Headers holds the headers middleware configuration.
|
Headers holds the headers middleware configuration.
|
||||||
This middleware manages the requests and responses headers.
|
This middleware manages the requests and responses headers.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders
|
||||||
properties:
|
properties:
|
||||||
accessControlAllowCredentials:
|
accessControlAllowCredentials:
|
||||||
description: AccessControlAllowCredentials defines whether the
|
description: AccessControlAllowCredentials defines whether the
|
||||||
|
@ -1426,7 +1426,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
InFlightReq holds the in-flight request middleware configuration.
|
InFlightReq holds the in-flight request middleware configuration.
|
||||||
This middleware limits the number of requests being processed and served concurrently.
|
This middleware limits the number of requests being processed and served concurrently.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/
|
||||||
properties:
|
properties:
|
||||||
amount:
|
amount:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1439,12 +1439,12 @@ spec:
|
||||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
If several strategies are defined at the same time, an error will be raised.
|
If several strategies are defined at the same time, an error will be raised.
|
||||||
If none are set, the default is to use the requestHost.
|
If none are set, the default is to use the requestHost.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1479,12 +1479,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList holds the IP allowlist middleware configuration.
|
IPAllowList holds the IP allowlist middleware configuration.
|
||||||
This middleware limits allowed requests based on the client IP.
|
This middleware limits allowed requests based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1521,7 +1521,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1551,7 +1551,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/
|
||||||
properties:
|
properties:
|
||||||
info:
|
info:
|
||||||
description: Info selects the specific client certificate details
|
description: Info selects the specific client certificate details
|
||||||
|
@ -1660,7 +1660,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RateLimit holds the rate limit configuration.
|
RateLimit holds the rate limit configuration.
|
||||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/
|
||||||
properties:
|
properties:
|
||||||
average:
|
average:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1693,7 +1693,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1728,7 +1728,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectRegex holds the redirect regex middleware configuration.
|
RedirectRegex holds the redirect regex middleware configuration.
|
||||||
This middleware redirects a request using regex matching and replacement.
|
This middleware redirects a request using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1747,7 +1747,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectScheme holds the redirect scheme middleware configuration.
|
RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
This middleware redirects requests from a scheme/port to another.
|
This middleware redirects requests from a scheme/port to another.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1764,7 +1764,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePath holds the replace path middleware configuration.
|
ReplacePath holds the replace path middleware configuration.
|
||||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/
|
||||||
properties:
|
properties:
|
||||||
path:
|
path:
|
||||||
description: Path defines the path to use as replacement in the
|
description: Path defines the path to use as replacement in the
|
||||||
|
@ -1775,7 +1775,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
This middleware replaces the path of a URL using regex matching and replacement.
|
This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression used to match
|
description: Regex defines the regular expression used to match
|
||||||
|
@ -1791,7 +1791,7 @@ spec:
|
||||||
Retry holds the retry middleware configuration.
|
Retry holds the retry middleware configuration.
|
||||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/
|
||||||
properties:
|
properties:
|
||||||
attempts:
|
attempts:
|
||||||
description: Attempts defines how many times the request should
|
description: Attempts defines how many times the request should
|
||||||
|
@ -1813,7 +1813,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefix holds the strip prefix middleware configuration.
|
StripPrefix holds the strip prefix middleware configuration.
|
||||||
This middleware removes the specified prefixes from the URL path.
|
This middleware removes the specified prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/
|
||||||
properties:
|
properties:
|
||||||
forceSlash:
|
forceSlash:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1832,7 +1832,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
This middleware removes the matching prefixes from the URL path.
|
This middleware removes the matching prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression to match the
|
description: Regex defines the regular expression to match the
|
||||||
|
@ -1869,7 +1869,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1905,7 +1905,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList defines the IPAllowList middleware configuration.
|
IPAllowList defines the IPAllowList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1919,7 +1919,7 @@ spec:
|
||||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
Deprecated: please use IPAllowList instead.
|
Deprecated: please use IPAllowList instead.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1958,7 +1958,7 @@ spec:
|
||||||
ServersTransport is the CRD implementation of a ServersTransport.
|
ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
If no serversTransport is specified, the default@internal will be used.
|
If no serversTransport is specified, the default@internal will be used.
|
||||||
The default@internal serversTransport is created from the static configuration.
|
The default@internal serversTransport is created from the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2097,7 +2097,7 @@ spec:
|
||||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2215,7 +2215,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2240,14 +2240,14 @@ spec:
|
||||||
alpnProtocols:
|
alpnProtocols:
|
||||||
description: |-
|
description: |-
|
||||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
cipherSuites:
|
cipherSuites:
|
||||||
description: |-
|
description: |-
|
||||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2275,7 +2275,7 @@ spec:
|
||||||
curvePreferences:
|
curvePreferences:
|
||||||
description: |-
|
description: |-
|
||||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2331,7 +2331,7 @@ spec:
|
||||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
For the time being, only the TLSStore named default is supported.
|
For the time being, only the TLSStore named default is supported.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2429,7 +2429,7 @@ spec:
|
||||||
TraefikService object allows to:
|
TraefikService object allows to:
|
||||||
- Apply weight to Services on load-balancing
|
- Apply weight to Services on load-balancing
|
||||||
- Mirror traffic on services
|
- Mirror traffic on services
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2675,7 +2675,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2782,7 +2782,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2965,7 +2965,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -3012,7 +3012,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines whether sticky sessions are enabled.
|
Sticky defines whether sticky sessions are enabled.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
|
|
@ -25,7 +25,7 @@ spec:
|
||||||
serviceAccountName: traefik-controller
|
serviceAccountName: traefik-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --entryPoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --entryPoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -63,12 +63,12 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: |-
|
description: |-
|
||||||
Middlewares defines the list of references to Middleware resources.
|
Middlewares defines the list of references to Middleware resources.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
items:
|
items:
|
||||||
description: MiddlewareRef is a reference to a Middleware
|
description: MiddlewareRef is a reference to a Middleware
|
||||||
resource.
|
resource.
|
||||||
|
@ -88,7 +88,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -229,7 +229,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -277,7 +277,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- kind
|
- kind
|
||||||
|
@ -287,18 +287,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration.
|
TLS defines the TLS configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -317,17 +317,17 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSOption.
|
Name defines the name of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSOption.
|
Namespace defines the namespace of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -344,12 +344,12 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSStore.
|
Name defines the name of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSStore.
|
Namespace defines the namespace of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -56,7 +56,7 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares defines the list of references to MiddlewareTCP
|
description: Middlewares defines the list of references to MiddlewareTCP
|
||||||
|
@ -80,7 +80,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: Services defines the list of TCP services.
|
description: Services defines the list of TCP services.
|
||||||
|
@ -121,7 +121,7 @@ spec:
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
description: |-
|
description: |-
|
||||||
ProxyProtocol defines the PROXY protocol configuration.
|
ProxyProtocol defines the PROXY protocol configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol
|
||||||
properties:
|
properties:
|
||||||
version:
|
version:
|
||||||
description: Version defines the PROXY Protocol version
|
description: Version defines the PROXY Protocol version
|
||||||
|
@ -159,7 +159,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- match
|
- match
|
||||||
|
@ -168,18 +168,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -198,7 +198,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: Name defines the name of the referenced Traefik
|
description: Name defines the name of the referenced Traefik
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
Middleware is the CRD implementation of a Traefik Middleware.
|
Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -45,7 +45,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
AddPrefix holds the add prefix middleware configuration.
|
AddPrefix holds the add prefix middleware configuration.
|
||||||
This middleware updates the path of a request before forwarding it.
|
This middleware updates the path of a request before forwarding it.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/
|
||||||
properties:
|
properties:
|
||||||
prefix:
|
prefix:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -57,12 +57,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
BasicAuth holds the basic auth middleware configuration.
|
BasicAuth holds the basic auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -83,7 +83,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Buffering holds the buffering middleware configuration.
|
Buffering holds the buffering middleware configuration.
|
||||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
properties:
|
properties:
|
||||||
maxRequestBodyBytes:
|
maxRequestBodyBytes:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -115,14 +115,14 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RetryExpression defines the retry conditions.
|
RetryExpression defines the retry conditions.
|
||||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
chain:
|
chain:
|
||||||
description: |-
|
description: |-
|
||||||
Chain holds the configuration of the chain middleware.
|
Chain holds the configuration of the chain middleware.
|
||||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/
|
||||||
properties:
|
properties:
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares is the list of MiddlewareRef which composes
|
description: Middlewares is the list of MiddlewareRef which composes
|
||||||
|
@ -181,7 +181,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Compress holds the compress middleware configuration.
|
Compress holds the compress middleware configuration.
|
||||||
This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/
|
||||||
properties:
|
properties:
|
||||||
defaultEncoding:
|
defaultEncoding:
|
||||||
description: DefaultEncoding specifies the default encoding if
|
description: DefaultEncoding specifies the default encoding if
|
||||||
|
@ -230,12 +230,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
DigestAuth holds the digest auth middleware configuration.
|
DigestAuth holds the digest auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -255,7 +255,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ErrorPage holds the custom error middleware configuration.
|
ErrorPage holds the custom error middleware configuration.
|
||||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/
|
||||||
properties:
|
properties:
|
||||||
query:
|
query:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -265,7 +265,7 @@ spec:
|
||||||
service:
|
service:
|
||||||
description: |-
|
description: |-
|
||||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service
|
||||||
properties:
|
properties:
|
||||||
healthCheck:
|
healthCheck:
|
||||||
description: Healthcheck defines health checks for ExternalName
|
description: Healthcheck defines health checks for ExternalName
|
||||||
|
@ -398,7 +398,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -456,7 +456,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ForwardAuth holds the forward auth middleware configuration.
|
ForwardAuth holds the forward auth middleware configuration.
|
||||||
This middleware delegates the request authentication to a Service.
|
This middleware delegates the request authentication to a Service.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/
|
||||||
properties:
|
properties:
|
||||||
addAuthCookiesToResponse:
|
addAuthCookiesToResponse:
|
||||||
description: AddAuthCookiesToResponse defines the list of cookies
|
description: AddAuthCookiesToResponse defines the list of cookies
|
||||||
|
@ -484,7 +484,7 @@ spec:
|
||||||
authResponseHeadersRegex:
|
authResponseHeadersRegex:
|
||||||
description: |-
|
description: |-
|
||||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
type: string
|
type: string
|
||||||
tls:
|
tls:
|
||||||
description: TLS defines the configuration used to secure the
|
description: TLS defines the configuration used to secure the
|
||||||
|
@ -531,7 +531,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Headers holds the headers middleware configuration.
|
Headers holds the headers middleware configuration.
|
||||||
This middleware manages the requests and responses headers.
|
This middleware manages the requests and responses headers.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders
|
||||||
properties:
|
properties:
|
||||||
accessControlAllowCredentials:
|
accessControlAllowCredentials:
|
||||||
description: AccessControlAllowCredentials defines whether the
|
description: AccessControlAllowCredentials defines whether the
|
||||||
|
@ -702,7 +702,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
InFlightReq holds the in-flight request middleware configuration.
|
InFlightReq holds the in-flight request middleware configuration.
|
||||||
This middleware limits the number of requests being processed and served concurrently.
|
This middleware limits the number of requests being processed and served concurrently.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/
|
||||||
properties:
|
properties:
|
||||||
amount:
|
amount:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -715,12 +715,12 @@ spec:
|
||||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
If several strategies are defined at the same time, an error will be raised.
|
If several strategies are defined at the same time, an error will be raised.
|
||||||
If none are set, the default is to use the requestHost.
|
If none are set, the default is to use the requestHost.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -755,12 +755,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList holds the IP allowlist middleware configuration.
|
IPAllowList holds the IP allowlist middleware configuration.
|
||||||
This middleware limits allowed requests based on the client IP.
|
This middleware limits allowed requests based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -797,7 +797,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -827,7 +827,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/
|
||||||
properties:
|
properties:
|
||||||
info:
|
info:
|
||||||
description: Info selects the specific client certificate details
|
description: Info selects the specific client certificate details
|
||||||
|
@ -936,7 +936,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RateLimit holds the rate limit configuration.
|
RateLimit holds the rate limit configuration.
|
||||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/
|
||||||
properties:
|
properties:
|
||||||
average:
|
average:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -969,7 +969,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1004,7 +1004,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectRegex holds the redirect regex middleware configuration.
|
RedirectRegex holds the redirect regex middleware configuration.
|
||||||
This middleware redirects a request using regex matching and replacement.
|
This middleware redirects a request using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1023,7 +1023,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectScheme holds the redirect scheme middleware configuration.
|
RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
This middleware redirects requests from a scheme/port to another.
|
This middleware redirects requests from a scheme/port to another.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1040,7 +1040,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePath holds the replace path middleware configuration.
|
ReplacePath holds the replace path middleware configuration.
|
||||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/
|
||||||
properties:
|
properties:
|
||||||
path:
|
path:
|
||||||
description: Path defines the path to use as replacement in the
|
description: Path defines the path to use as replacement in the
|
||||||
|
@ -1051,7 +1051,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
This middleware replaces the path of a URL using regex matching and replacement.
|
This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression used to match
|
description: Regex defines the regular expression used to match
|
||||||
|
@ -1067,7 +1067,7 @@ spec:
|
||||||
Retry holds the retry middleware configuration.
|
Retry holds the retry middleware configuration.
|
||||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/
|
||||||
properties:
|
properties:
|
||||||
attempts:
|
attempts:
|
||||||
description: Attempts defines how many times the request should
|
description: Attempts defines how many times the request should
|
||||||
|
@ -1089,7 +1089,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefix holds the strip prefix middleware configuration.
|
StripPrefix holds the strip prefix middleware configuration.
|
||||||
This middleware removes the specified prefixes from the URL path.
|
This middleware removes the specified prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/
|
||||||
properties:
|
properties:
|
||||||
forceSlash:
|
forceSlash:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1108,7 +1108,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
This middleware removes the matching prefixes from the URL path.
|
This middleware removes the matching prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression to match the
|
description: Regex defines the regular expression to match the
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -55,7 +55,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList defines the IPAllowList middleware configuration.
|
IPAllowList defines the IPAllowList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -69,7 +69,7 @@ spec:
|
||||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
Deprecated: please use IPAllowList instead.
|
Deprecated: please use IPAllowList instead.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
|
|
@ -21,7 +21,7 @@ spec:
|
||||||
ServersTransport is the CRD implementation of a ServersTransport.
|
ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
If no serversTransport is specified, the default@internal will be used.
|
If no serversTransport is specified, the default@internal will be used.
|
||||||
The default@internal serversTransport is created from the static configuration.
|
The default@internal serversTransport is created from the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -21,7 +21,7 @@ spec:
|
||||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -44,14 +44,14 @@ spec:
|
||||||
alpnProtocols:
|
alpnProtocols:
|
||||||
description: |-
|
description: |-
|
||||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
cipherSuites:
|
cipherSuites:
|
||||||
description: |-
|
description: |-
|
||||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -79,7 +79,7 @@ spec:
|
||||||
curvePreferences:
|
curvePreferences:
|
||||||
description: |-
|
description: |-
|
||||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
|
|
@ -21,7 +21,7 @@ spec:
|
||||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
For the time being, only the TLSStore named default is supported.
|
For the time being, only the TLSStore named default is supported.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -22,7 +22,7 @@ spec:
|
||||||
TraefikService object allows to:
|
TraefikService object allows to:
|
||||||
- Apply weight to Services on load-balancing
|
- Apply weight to Services on load-balancing
|
||||||
- Mirror traffic on services
|
- Mirror traffic on services
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -268,7 +268,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -375,7 +375,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -558,7 +558,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -605,7 +605,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines whether sticky sessions are enabled.
|
Sticky defines whether sticky sessions are enabled.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
|
|
@ -801,6 +801,9 @@ Kubernetes label selector to select specific GatewayClasses.
|
||||||
`--providers.kubernetesgateway.namespaces`:
|
`--providers.kubernetesgateway.namespaces`:
|
||||||
Kubernetes namespaces.
|
Kubernetes namespaces.
|
||||||
|
|
||||||
|
`--providers.kubernetesgateway.nativelbbydefault`:
|
||||||
|
Defines whether to use Native Kubernetes load-balancing by default. (Default: ```false```)
|
||||||
|
|
||||||
`--providers.kubernetesgateway.statusaddress.hostname`:
|
`--providers.kubernetesgateway.statusaddress.hostname`:
|
||||||
Hostname used for Kubernetes Gateway status address.
|
Hostname used for Kubernetes Gateway status address.
|
||||||
|
|
||||||
|
|
|
@ -801,6 +801,9 @@ Kubernetes label selector to select specific GatewayClasses.
|
||||||
`TRAEFIK_PROVIDERS_KUBERNETESGATEWAY_NAMESPACES`:
|
`TRAEFIK_PROVIDERS_KUBERNETESGATEWAY_NAMESPACES`:
|
||||||
Kubernetes namespaces.
|
Kubernetes namespaces.
|
||||||
|
|
||||||
|
`TRAEFIK_PROVIDERS_KUBERNETESGATEWAY_NATIVELBBYDEFAULT`:
|
||||||
|
Defines whether to use Native Kubernetes load-balancing by default. (Default: ```false```)
|
||||||
|
|
||||||
`TRAEFIK_PROVIDERS_KUBERNETESGATEWAY_STATUSADDRESS_HOSTNAME`:
|
`TRAEFIK_PROVIDERS_KUBERNETESGATEWAY_STATUSADDRESS_HOSTNAME`:
|
||||||
Hostname used for Kubernetes Gateway status address.
|
Hostname used for Kubernetes Gateway status address.
|
||||||
|
|
||||||
|
|
|
@ -158,6 +158,7 @@
|
||||||
labelSelector = "foobar"
|
labelSelector = "foobar"
|
||||||
throttleDuration = "42s"
|
throttleDuration = "42s"
|
||||||
experimentalChannel = true
|
experimentalChannel = true
|
||||||
|
nativeLBByDefault = true
|
||||||
[providers.kubernetesGateway.statusAddress]
|
[providers.kubernetesGateway.statusAddress]
|
||||||
ip = "foobar"
|
ip = "foobar"
|
||||||
hostname = "foobar"
|
hostname = "foobar"
|
||||||
|
|
|
@ -183,6 +183,7 @@ providers:
|
||||||
service:
|
service:
|
||||||
name: foobar
|
name: foobar
|
||||||
namespace: foobar
|
namespace: foobar
|
||||||
|
nativeLBByDefault: true
|
||||||
rest:
|
rest:
|
||||||
insecure: true
|
insecure: true
|
||||||
consulCatalog:
|
consulCatalog:
|
||||||
|
|
|
@ -48,7 +48,7 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --log.level=DEBUG
|
- --log.level=DEBUG
|
||||||
- --api
|
- --api
|
||||||
|
|
|
@ -130,7 +130,7 @@ which in turn will create the resulting routers, services, handlers, etc.
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --entryPoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
|
@ -543,7 +543,7 @@ This way, any Ingress attached to this Entrypoint will have TLS termination by d
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --entryPoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --entryPoints.websecure.http.tls
|
- --entryPoints.websecure.http.tls
|
||||||
|
@ -736,7 +736,7 @@ For more options, please refer to the available [annotations](#on-ingress).
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --entryPoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
|
|
|
@ -26,7 +26,7 @@ spec:
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.1
|
image: traefik:v3.2
|
||||||
args:
|
args:
|
||||||
- --api.insecure
|
- --api.insecure
|
||||||
- --accesslog
|
- --accesslog
|
||||||
|
|
|
@ -49,10 +49,10 @@ and the RBAC authorization resources which will be referenced through the `servi
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Install Traefik Resource Definitions:
|
# Install Traefik Resource Definitions:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
||||||
|
|
||||||
# Install RBAC for Traefik:
|
# Install RBAC for Traefik:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
### Services
|
### Services
|
||||||
|
@ -60,7 +60,7 @@ kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/con
|
||||||
Then, the services. One for Traefik itself, and one for the app it routes for, i.e. in this case our demo HTTP server: [whoami](https://github.com/traefik/whoami).
|
Then, the services. One for Traefik itself, and one for the app it routes for, i.e. in this case our demo HTTP server: [whoami](https://github.com/traefik/whoami).
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/02-services.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/user-guides/crd-acme/02-services.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
@ -73,7 +73,7 @@ Next, the deployments, i.e. the actual pods behind the services.
|
||||||
Again, one pod for Traefik, and one for the whoami app.
|
Again, one pod for Traefik, and one for the whoami app.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/03-deployments.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/user-guides/crd-acme/03-deployments.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
@ -100,7 +100,7 @@ Look it up.
|
||||||
We can now finally apply the actual ingressRoutes, with:
|
We can now finally apply the actual ingressRoutes, with:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/04-ingressroutes.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/user-guides/crd-acme/04-ingressroutes.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
@ -126,7 +126,7 @@ Nowadays, TLS v1.0 and v1.1 are deprecated.
|
||||||
In order to force TLS v1.2 or later on all your IngressRoute, you can define the `default` TLSOption:
|
In order to force TLS v1.2 or later on all your IngressRoute, you can define the `default` TLSOption:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/05-tlsoption.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/user-guides/crd-acme/05-tlsoption.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
|
|
@ -26,5 +26,5 @@ node:
|
||||||
- K3S_CLUSTER_SECRET=somethingtotallyrandom
|
- K3S_CLUSTER_SECRET=somethingtotallyrandom
|
||||||
volumes:
|
volumes:
|
||||||
# this is where you would place a alternative traefik image (saved as a .tar file with
|
# this is where you would place a alternative traefik image (saved as a .tar file with
|
||||||
# 'docker save'), if you want to use it, instead of the traefik:v3.1 image.
|
# 'docker save'), if you want to use it, instead of the traefik:v3.2 image.
|
||||||
- /somewhere/on/your/host/custom-image:/var/lib/rancher/k3s/agent/images
|
- /somewhere/on/your/host/custom-image:/var/lib/rancher/k3s/agent/images
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.1"
|
image: "traefik:v3.2"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -13,7 +13,7 @@ secrets:
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.1"
|
image: "traefik:v3.2"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.1"
|
image: "traefik:v3.2"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.1"
|
image: "traefik:v3.2"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.1"
|
image: "traefik:v3.2"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -31,7 +31,7 @@ Create a `docker-compose.yml` file with the following content:
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.1"
|
image: "traefik:v3.2"
|
||||||
...
|
...
|
||||||
networks:
|
networks:
|
||||||
- traefiknet
|
- traefiknet
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -34,7 +34,7 @@ require (
|
||||||
github.com/http-wasm/http-wasm-host-go v0.6.0
|
github.com/http-wasm/http-wasm-host-go v0.6.0
|
||||||
github.com/influxdata/influxdb-client-go/v2 v2.7.0
|
github.com/influxdata/influxdb-client-go/v2 v2.7.0
|
||||||
github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab // No tag on the repo.
|
github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab // No tag on the repo.
|
||||||
github.com/klauspost/compress v1.17.9
|
github.com/klauspost/compress v1.17.11-0.20240927175842-8e14b1b5a913 // Required to have the content-type fix: https://github.com/klauspost/compress/pull/1011
|
||||||
github.com/kvtools/consul v1.0.2
|
github.com/kvtools/consul v1.0.2
|
||||||
github.com/kvtools/etcdv3 v1.0.2
|
github.com/kvtools/etcdv3 v1.0.2
|
||||||
github.com/kvtools/redis v1.1.0
|
github.com/kvtools/redis v1.1.0
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -597,8 +597,8 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW
|
||||||
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
|
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
|
||||||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||||
github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
|
github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
|
||||||
github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
|
github.com/klauspost/compress v1.17.11-0.20240927175842-8e14b1b5a913 h1:7s7Xd7zVElAw1qh/eh+tXDNfDNXXj38Tpq54eeG6/BM=
|
||||||
github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
|
github.com/klauspost/compress v1.17.11-0.20240927175842-8e14b1b5a913/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
|
||||||
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
|
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
|
||||||
github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg=
|
github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg=
|
||||||
github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
|
github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -63,12 +63,12 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: |-
|
description: |-
|
||||||
Middlewares defines the list of references to Middleware resources.
|
Middlewares defines the list of references to Middleware resources.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
items:
|
items:
|
||||||
description: MiddlewareRef is a reference to a Middleware
|
description: MiddlewareRef is a reference to a Middleware
|
||||||
resource.
|
resource.
|
||||||
|
@ -88,7 +88,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -229,7 +229,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -277,7 +277,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- kind
|
- kind
|
||||||
|
@ -287,18 +287,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration.
|
TLS defines the TLS configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -317,17 +317,17 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSOption.
|
Name defines the name of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSOption.
|
Namespace defines the namespace of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -344,12 +344,12 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSStore.
|
Name defines the name of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSStore.
|
Namespace defines the namespace of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -409,7 +409,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -422,7 +422,7 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares defines the list of references to MiddlewareTCP
|
description: Middlewares defines the list of references to MiddlewareTCP
|
||||||
|
@ -446,7 +446,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: Services defines the list of TCP services.
|
description: Services defines the list of TCP services.
|
||||||
|
@ -487,7 +487,7 @@ spec:
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
description: |-
|
description: |-
|
||||||
ProxyProtocol defines the PROXY protocol configuration.
|
ProxyProtocol defines the PROXY protocol configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol
|
||||||
properties:
|
properties:
|
||||||
version:
|
version:
|
||||||
description: Version defines the PROXY Protocol version
|
description: Version defines the PROXY Protocol version
|
||||||
|
@ -525,7 +525,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- match
|
- match
|
||||||
|
@ -534,18 +534,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -564,7 +564,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: Name defines the name of the referenced Traefik
|
description: Name defines the name of the referenced Traefik
|
||||||
|
@ -656,7 +656,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -743,7 +743,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
Middleware is the CRD implementation of a Traefik Middleware.
|
Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -769,7 +769,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
AddPrefix holds the add prefix middleware configuration.
|
AddPrefix holds the add prefix middleware configuration.
|
||||||
This middleware updates the path of a request before forwarding it.
|
This middleware updates the path of a request before forwarding it.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/
|
||||||
properties:
|
properties:
|
||||||
prefix:
|
prefix:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -781,12 +781,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
BasicAuth holds the basic auth middleware configuration.
|
BasicAuth holds the basic auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -807,7 +807,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Buffering holds the buffering middleware configuration.
|
Buffering holds the buffering middleware configuration.
|
||||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
properties:
|
properties:
|
||||||
maxRequestBodyBytes:
|
maxRequestBodyBytes:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -839,14 +839,14 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RetryExpression defines the retry conditions.
|
RetryExpression defines the retry conditions.
|
||||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
chain:
|
chain:
|
||||||
description: |-
|
description: |-
|
||||||
Chain holds the configuration of the chain middleware.
|
Chain holds the configuration of the chain middleware.
|
||||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/
|
||||||
properties:
|
properties:
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares is the list of MiddlewareRef which composes
|
description: Middlewares is the list of MiddlewareRef which composes
|
||||||
|
@ -905,7 +905,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Compress holds the compress middleware configuration.
|
Compress holds the compress middleware configuration.
|
||||||
This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/
|
||||||
properties:
|
properties:
|
||||||
defaultEncoding:
|
defaultEncoding:
|
||||||
description: DefaultEncoding specifies the default encoding if
|
description: DefaultEncoding specifies the default encoding if
|
||||||
|
@ -954,12 +954,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
DigestAuth holds the digest auth middleware configuration.
|
DigestAuth holds the digest auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -979,7 +979,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ErrorPage holds the custom error middleware configuration.
|
ErrorPage holds the custom error middleware configuration.
|
||||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/
|
||||||
properties:
|
properties:
|
||||||
query:
|
query:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -989,7 +989,7 @@ spec:
|
||||||
service:
|
service:
|
||||||
description: |-
|
description: |-
|
||||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service
|
||||||
properties:
|
properties:
|
||||||
healthCheck:
|
healthCheck:
|
||||||
description: Healthcheck defines health checks for ExternalName
|
description: Healthcheck defines health checks for ExternalName
|
||||||
|
@ -1122,7 +1122,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -1180,7 +1180,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ForwardAuth holds the forward auth middleware configuration.
|
ForwardAuth holds the forward auth middleware configuration.
|
||||||
This middleware delegates the request authentication to a Service.
|
This middleware delegates the request authentication to a Service.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/
|
||||||
properties:
|
properties:
|
||||||
addAuthCookiesToResponse:
|
addAuthCookiesToResponse:
|
||||||
description: AddAuthCookiesToResponse defines the list of cookies
|
description: AddAuthCookiesToResponse defines the list of cookies
|
||||||
|
@ -1208,7 +1208,7 @@ spec:
|
||||||
authResponseHeadersRegex:
|
authResponseHeadersRegex:
|
||||||
description: |-
|
description: |-
|
||||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
type: string
|
type: string
|
||||||
tls:
|
tls:
|
||||||
description: TLS defines the configuration used to secure the
|
description: TLS defines the configuration used to secure the
|
||||||
|
@ -1255,7 +1255,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Headers holds the headers middleware configuration.
|
Headers holds the headers middleware configuration.
|
||||||
This middleware manages the requests and responses headers.
|
This middleware manages the requests and responses headers.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders
|
||||||
properties:
|
properties:
|
||||||
accessControlAllowCredentials:
|
accessControlAllowCredentials:
|
||||||
description: AccessControlAllowCredentials defines whether the
|
description: AccessControlAllowCredentials defines whether the
|
||||||
|
@ -1426,7 +1426,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
InFlightReq holds the in-flight request middleware configuration.
|
InFlightReq holds the in-flight request middleware configuration.
|
||||||
This middleware limits the number of requests being processed and served concurrently.
|
This middleware limits the number of requests being processed and served concurrently.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/
|
||||||
properties:
|
properties:
|
||||||
amount:
|
amount:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1439,12 +1439,12 @@ spec:
|
||||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
If several strategies are defined at the same time, an error will be raised.
|
If several strategies are defined at the same time, an error will be raised.
|
||||||
If none are set, the default is to use the requestHost.
|
If none are set, the default is to use the requestHost.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1479,12 +1479,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList holds the IP allowlist middleware configuration.
|
IPAllowList holds the IP allowlist middleware configuration.
|
||||||
This middleware limits allowed requests based on the client IP.
|
This middleware limits allowed requests based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1521,7 +1521,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1551,7 +1551,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/
|
||||||
properties:
|
properties:
|
||||||
info:
|
info:
|
||||||
description: Info selects the specific client certificate details
|
description: Info selects the specific client certificate details
|
||||||
|
@ -1660,7 +1660,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RateLimit holds the rate limit configuration.
|
RateLimit holds the rate limit configuration.
|
||||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/
|
||||||
properties:
|
properties:
|
||||||
average:
|
average:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1693,7 +1693,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1728,7 +1728,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectRegex holds the redirect regex middleware configuration.
|
RedirectRegex holds the redirect regex middleware configuration.
|
||||||
This middleware redirects a request using regex matching and replacement.
|
This middleware redirects a request using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1747,7 +1747,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectScheme holds the redirect scheme middleware configuration.
|
RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
This middleware redirects requests from a scheme/port to another.
|
This middleware redirects requests from a scheme/port to another.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1764,7 +1764,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePath holds the replace path middleware configuration.
|
ReplacePath holds the replace path middleware configuration.
|
||||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/
|
||||||
properties:
|
properties:
|
||||||
path:
|
path:
|
||||||
description: Path defines the path to use as replacement in the
|
description: Path defines the path to use as replacement in the
|
||||||
|
@ -1775,7 +1775,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
This middleware replaces the path of a URL using regex matching and replacement.
|
This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression used to match
|
description: Regex defines the regular expression used to match
|
||||||
|
@ -1791,7 +1791,7 @@ spec:
|
||||||
Retry holds the retry middleware configuration.
|
Retry holds the retry middleware configuration.
|
||||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/
|
||||||
properties:
|
properties:
|
||||||
attempts:
|
attempts:
|
||||||
description: Attempts defines how many times the request should
|
description: Attempts defines how many times the request should
|
||||||
|
@ -1813,7 +1813,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefix holds the strip prefix middleware configuration.
|
StripPrefix holds the strip prefix middleware configuration.
|
||||||
This middleware removes the specified prefixes from the URL path.
|
This middleware removes the specified prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/
|
||||||
properties:
|
properties:
|
||||||
forceSlash:
|
forceSlash:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1832,7 +1832,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
This middleware removes the matching prefixes from the URL path.
|
This middleware removes the matching prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression to match the
|
description: Regex defines the regular expression to match the
|
||||||
|
@ -1869,7 +1869,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1905,7 +1905,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList defines the IPAllowList middleware configuration.
|
IPAllowList defines the IPAllowList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1919,7 +1919,7 @@ spec:
|
||||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
Deprecated: please use IPAllowList instead.
|
Deprecated: please use IPAllowList instead.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1958,7 +1958,7 @@ spec:
|
||||||
ServersTransport is the CRD implementation of a ServersTransport.
|
ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
If no serversTransport is specified, the default@internal will be used.
|
If no serversTransport is specified, the default@internal will be used.
|
||||||
The default@internal serversTransport is created from the static configuration.
|
The default@internal serversTransport is created from the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2097,7 +2097,7 @@ spec:
|
||||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2215,7 +2215,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2240,14 +2240,14 @@ spec:
|
||||||
alpnProtocols:
|
alpnProtocols:
|
||||||
description: |-
|
description: |-
|
||||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
cipherSuites:
|
cipherSuites:
|
||||||
description: |-
|
description: |-
|
||||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2275,7 +2275,7 @@ spec:
|
||||||
curvePreferences:
|
curvePreferences:
|
||||||
description: |-
|
description: |-
|
||||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2331,7 +2331,7 @@ spec:
|
||||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
For the time being, only the TLSStore named default is supported.
|
For the time being, only the TLSStore named default is supported.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2429,7 +2429,7 @@ spec:
|
||||||
TraefikService object allows to:
|
TraefikService object allows to:
|
||||||
- Apply weight to Services on load-balancing
|
- Apply weight to Services on load-balancing
|
||||||
- Mirror traffic on services
|
- Mirror traffic on services
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2675,7 +2675,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2782,7 +2782,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2965,7 +2965,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -3012,7 +3012,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines whether sticky sessions are enabled.
|
Sticky defines whether sticky sessions are enabled.
|
||||||
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
|
|
@ -194,7 +194,7 @@ func (c *configuration) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if c.Pilot != nil {
|
if c.Pilot != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Pilot configuration has been removed in v3, please remove all Pilot-related static configuration for Traefik to start." +
|
logger.Error().Msg("Pilot configuration has been removed in v3, please remove all Pilot-related static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#pilot")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#pilot")
|
||||||
}
|
}
|
||||||
|
|
||||||
incompatibleExperimental := c.Experimental.deprecationNotice(logger)
|
incompatibleExperimental := c.Experimental.deprecationNotice(logger)
|
||||||
|
@ -227,13 +227,13 @@ func (p *providers) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if p.Marathon != nil {
|
if p.Marathon != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Marathon provider has been removed in v3, please remove all Marathon-related static configuration for Traefik to start." +
|
logger.Error().Msg("Marathon provider has been removed in v3, please remove all Marathon-related static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#marathon-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#marathon-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if p.Rancher != nil {
|
if p.Rancher != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Rancher provider has been removed in v3, please remove all Rancher-related static configuration for Traefik to start." +
|
logger.Error().Msg("Rancher provider has been removed in v3, please remove all Rancher-related static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#rancher-v1-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#rancher-v1-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
dockerIncompatible := p.Docker.deprecationNotice(logger)
|
dockerIncompatible := p.Docker.deprecationNotice(logger)
|
||||||
|
@ -275,14 +275,14 @@ func (d *docker) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if d.SwarmMode != nil {
|
if d.SwarmMode != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Docker provider `swarmMode` option has been removed in v3, please use the Swarm Provider instead." +
|
logger.Error().Msg("Docker provider `swarmMode` option has been removed in v3, please use the Swarm Provider instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#docker-docker-swarm")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#docker-docker-swarm")
|
||||||
}
|
}
|
||||||
|
|
||||||
if d.TLS != nil && d.TLS.CAOptional != nil {
|
if d.TLS != nil && d.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Docker provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Docker provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tlscaoptional")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -323,7 +323,7 @@ func (e *etcd) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("ETCD provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("ETCD provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_3")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tlscaoptional_3")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -344,7 +344,7 @@ func (r *redis) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Redis provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Redis provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_4")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tlscaoptional_4")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -365,14 +365,14 @@ func (c *consul) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if c.Namespace != nil {
|
if c.Namespace != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Consul provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
logger.Error().Msg("Consul provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#consul-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#consul-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.TLS != nil && c.TLS.CAOptional != nil {
|
if c.TLS != nil && c.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Consul provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Consul provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_1")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tlscaoptional_1")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -397,14 +397,14 @@ func (c *consulCatalog) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if c.Namespace != nil {
|
if c.Namespace != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("ConsulCatalog provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
logger.Error().Msg("ConsulCatalog provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#consulcatalog-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#consulcatalog-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.Endpoint != nil && c.Endpoint.TLS != nil && c.Endpoint.TLS.CAOptional != nil {
|
if c.Endpoint != nil && c.Endpoint.TLS != nil && c.Endpoint.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("ConsulCatalog provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("ConsulCatalog provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#endpointtlscaoptional")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#endpointtlscaoptional")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -425,14 +425,14 @@ func (n *nomad) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if n.Namespace != nil {
|
if n.Namespace != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Nomad provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
logger.Error().Msg("Nomad provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#nomad-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#nomad-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if n.Endpoint != nil && n.Endpoint.TLS != nil && n.Endpoint.TLS.CAOptional != nil {
|
if n.Endpoint != nil && n.Endpoint.TLS != nil && n.Endpoint.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Nomad provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Nomad provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#endpointtlscaoptional_1")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#endpointtlscaoptional_1")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -453,7 +453,7 @@ func (h *http) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("HTTP provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("HTTP provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_2")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tlscaoptional_2")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -471,7 +471,7 @@ func (i *ingress) deprecationNotice(logger zerolog.Logger) {
|
||||||
if i.DisableIngressClassLookup != nil {
|
if i.DisableIngressClassLookup != nil {
|
||||||
logger.Error().Msg("Kubernetes Ingress provider `disableIngressClassLookup` option has been deprecated in v3.1, and will be removed in the next major version." +
|
logger.Error().Msg("Kubernetes Ingress provider `disableIngressClassLookup` option has been deprecated in v3.1, and will be removed in the next major version." +
|
||||||
"Please use the `disableClusterScopeResources` option instead." +
|
"Please use the `disableClusterScopeResources` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v3/#ingressclasslookup")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v3/#ingressclasslookup")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -488,7 +488,7 @@ func (e *experimental) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if e.HTTP3 != nil {
|
if e.HTTP3 != nil {
|
||||||
logger.Error().Msg("HTTP3 is not an experimental feature in v3 and the associated enablement has been removed." +
|
logger.Error().Msg("HTTP3 is not an experimental feature in v3 and the associated enablement has been removed." +
|
||||||
"Please remove its usage from the static configuration for Traefik to start." +
|
"Please remove its usage from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3-details/#http3")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3-details/#http3")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
@ -496,7 +496,7 @@ func (e *experimental) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if e.KubernetesGateway != nil {
|
if e.KubernetesGateway != nil {
|
||||||
logger.Error().Msg("KubernetesGateway provider is not an experimental feature starting with v3.1." +
|
logger.Error().Msg("KubernetesGateway provider is not an experimental feature starting with v3.1." +
|
||||||
"Please remove its usage from the static configuration." +
|
"Please remove its usage from the static configuration." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v3/#gateway-api-kubernetesgateway-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v3/#gateway-api-kubernetesgateway-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
return false
|
return false
|
||||||
|
@ -520,49 +520,49 @@ func (t *tracing) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if t.SpanNameLimit != nil {
|
if t.SpanNameLimit != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("SpanNameLimit option for Tracing has been removed in v3, as Span names are now of a fixed length." +
|
logger.Error().Msg("SpanNameLimit option for Tracing has been removed in v3, as Span names are now of a fixed length." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Jaeger != nil {
|
if t.Jaeger != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Jaeger Tracing backend has been removed in v3, please remove all Jaeger-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Jaeger Tracing backend has been removed in v3, please remove all Jaeger-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Zipkin != nil {
|
if t.Zipkin != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Zipkin Tracing backend has been removed in v3, please remove all Zipkin-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Zipkin Tracing backend has been removed in v3, please remove all Zipkin-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Datadog != nil {
|
if t.Datadog != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Datadog Tracing backend has been removed in v3, please remove all Datadog-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Datadog Tracing backend has been removed in v3, please remove all Datadog-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Instana != nil {
|
if t.Instana != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Instana Tracing backend has been removed in v3, please remove all Instana-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Instana Tracing backend has been removed in v3, please remove all Instana-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Haystack != nil {
|
if t.Haystack != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Haystack Tracing backend has been removed in v3, please remove all Haystack-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Haystack Tracing backend has been removed in v3, please remove all Haystack-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Elastic != nil {
|
if t.Elastic != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Elastic Tracing backend has been removed in v3, please remove all Elastic-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Elastic Tracing backend has been removed in v3, please remove all Elastic-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.2/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
|
|
@ -73,7 +73,7 @@ type ContentType struct {
|
||||||
|
|
||||||
// AddPrefix holds the add prefix middleware configuration.
|
// AddPrefix holds the add prefix middleware configuration.
|
||||||
// This middleware updates the path of a request before forwarding it.
|
// This middleware updates the path of a request before forwarding it.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/
|
||||||
type AddPrefix struct {
|
type AddPrefix struct {
|
||||||
// Prefix is the string to add before the current path in the requested URL.
|
// Prefix is the string to add before the current path in the requested URL.
|
||||||
// It should include a leading slash (/).
|
// It should include a leading slash (/).
|
||||||
|
@ -84,7 +84,7 @@ type AddPrefix struct {
|
||||||
|
|
||||||
// BasicAuth holds the basic auth middleware configuration.
|
// BasicAuth holds the basic auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/
|
||||||
type BasicAuth struct {
|
type BasicAuth struct {
|
||||||
// Users is an array of authorized users.
|
// Users is an array of authorized users.
|
||||||
// Each user must be declared using the name:hashed-password format.
|
// Each user must be declared using the name:hashed-password format.
|
||||||
|
@ -99,7 +99,7 @@ type BasicAuth struct {
|
||||||
// Default: false.
|
// Default: false.
|
||||||
RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"`
|
RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -107,7 +107,7 @@ type BasicAuth struct {
|
||||||
|
|
||||||
// Buffering holds the buffering middleware configuration.
|
// Buffering holds the buffering middleware configuration.
|
||||||
// This middleware retries or limits the size of requests that can be forwarded to backends.
|
// This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
type Buffering struct {
|
type Buffering struct {
|
||||||
// MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
|
// MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
|
||||||
// If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
|
// If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
|
||||||
|
@ -125,7 +125,7 @@ type Buffering struct {
|
||||||
MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"`
|
MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"`
|
||||||
// RetryExpression defines the retry conditions.
|
// RetryExpression defines the retry conditions.
|
||||||
// It is a logical combination of functions with operators AND (&&) and OR (||).
|
// It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression
|
||||||
RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"`
|
RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,7 +142,7 @@ type Chain struct {
|
||||||
|
|
||||||
// CircuitBreaker holds the circuit breaker middleware configuration.
|
// CircuitBreaker holds the circuit breaker middleware configuration.
|
||||||
// This middleware protects the system from stacking requests to unhealthy services, resulting in cascading failures.
|
// This middleware protects the system from stacking requests to unhealthy services, resulting in cascading failures.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/circuitbreaker/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/circuitbreaker/
|
||||||
type CircuitBreaker struct {
|
type CircuitBreaker struct {
|
||||||
// Expression defines the expression that, once matched, opens the circuit breaker and applies the fallback mechanism instead of calling the services.
|
// Expression defines the expression that, once matched, opens the circuit breaker and applies the fallback mechanism instead of calling the services.
|
||||||
Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"`
|
Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"`
|
||||||
|
@ -191,7 +191,7 @@ func (c *Compress) SetDefaults() {
|
||||||
|
|
||||||
// DigestAuth holds the digest auth middleware configuration.
|
// DigestAuth holds the digest auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/
|
||||||
type DigestAuth struct {
|
type DigestAuth struct {
|
||||||
// Users defines the authorized users.
|
// Users defines the authorized users.
|
||||||
// Each user should be declared using the name:realm:encoded-password format.
|
// Each user should be declared using the name:realm:encoded-password format.
|
||||||
|
@ -204,7 +204,7 @@ type DigestAuth struct {
|
||||||
// Default: traefik.
|
// Default: traefik.
|
||||||
Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"`
|
Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -230,7 +230,7 @@ type ErrorPage struct {
|
||||||
|
|
||||||
// ForwardAuth holds the forward auth middleware configuration.
|
// ForwardAuth holds the forward auth middleware configuration.
|
||||||
// This middleware delegates the request authentication to a Service.
|
// This middleware delegates the request authentication to a Service.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/
|
||||||
type ForwardAuth struct {
|
type ForwardAuth struct {
|
||||||
// Address defines the authentication server address.
|
// Address defines the authentication server address.
|
||||||
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
|
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
|
||||||
|
@ -241,7 +241,7 @@ type ForwardAuth struct {
|
||||||
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
||||||
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"`
|
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"`
|
||||||
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"`
|
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"`
|
||||||
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
||||||
// If not set or empty then all request headers are passed.
|
// If not set or empty then all request headers are passed.
|
||||||
|
@ -271,7 +271,7 @@ type ClientTLS struct {
|
||||||
|
|
||||||
// Headers holds the headers middleware configuration.
|
// Headers holds the headers middleware configuration.
|
||||||
// This middleware manages the requests and responses headers.
|
// This middleware manages the requests and responses headers.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders
|
||||||
type Headers struct {
|
type Headers struct {
|
||||||
// CustomRequestHeaders defines the header names and values to apply to the request.
|
// CustomRequestHeaders defines the header names and values to apply to the request.
|
||||||
CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"`
|
CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"`
|
||||||
|
@ -400,7 +400,7 @@ func (h *Headers) HasSecureHeadersDefined() bool {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy
|
||||||
type IPStrategy struct {
|
type IPStrategy struct {
|
||||||
// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
|
// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
|
||||||
Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"`
|
Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"`
|
||||||
|
@ -454,7 +454,7 @@ func (s *IPStrategy) Get() (ip.Strategy, error) {
|
||||||
|
|
||||||
// IPWhiteList holds the IP whitelist middleware configuration.
|
// IPWhiteList holds the IP whitelist middleware configuration.
|
||||||
// This middleware limits allowed requests based on the client IP.
|
// This middleware limits allowed requests based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipwhitelist/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipwhitelist/
|
||||||
// Deprecated: please use IPAllowList instead.
|
// Deprecated: please use IPAllowList instead.
|
||||||
type IPWhiteList struct {
|
type IPWhiteList struct {
|
||||||
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
|
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
|
||||||
|
@ -466,7 +466,7 @@ type IPWhiteList struct {
|
||||||
|
|
||||||
// IPAllowList holds the IP allowlist middleware configuration.
|
// IPAllowList holds the IP allowlist middleware configuration.
|
||||||
// This middleware limits allowed requests based on the client IP.
|
// This middleware limits allowed requests based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/
|
||||||
type IPAllowList struct {
|
type IPAllowList struct {
|
||||||
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
||||||
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
||||||
|
@ -480,7 +480,7 @@ type IPAllowList struct {
|
||||||
|
|
||||||
// InFlightReq holds the in-flight request middleware configuration.
|
// InFlightReq holds the in-flight request middleware configuration.
|
||||||
// This middleware limits the number of requests being processed and served concurrently.
|
// This middleware limits the number of requests being processed and served concurrently.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/
|
||||||
type InFlightReq struct {
|
type InFlightReq struct {
|
||||||
// Amount defines the maximum amount of allowed simultaneous in-flight request.
|
// Amount defines the maximum amount of allowed simultaneous in-flight request.
|
||||||
// The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
|
// The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
|
||||||
|
@ -488,7 +488,7 @@ type InFlightReq struct {
|
||||||
// SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
// SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
// If several strategies are defined at the same time, an error will be raised.
|
// If several strategies are defined at the same time, an error will be raised.
|
||||||
// If none are set, the default is to use the requestHost.
|
// If none are set, the default is to use the requestHost.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion
|
||||||
SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"`
|
SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -496,7 +496,7 @@ type InFlightReq struct {
|
||||||
|
|
||||||
// PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
// PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
// This middleware adds the selected data from the passed client TLS certificate to a header.
|
// This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/
|
||||||
type PassTLSClientCert struct {
|
type PassTLSClientCert struct {
|
||||||
// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
|
// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
|
||||||
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
|
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
|
||||||
|
@ -552,7 +552,7 @@ func (r *RateLimit) SetDefaults() {
|
||||||
|
|
||||||
// RedirectRegex holds the redirect regex middleware configuration.
|
// RedirectRegex holds the redirect regex middleware configuration.
|
||||||
// This middleware redirects a request using regex matching and replacement.
|
// This middleware redirects a request using regex matching and replacement.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex
|
||||||
type RedirectRegex struct {
|
type RedirectRegex struct {
|
||||||
// Regex defines the regex used to match and capture elements from the request URL.
|
// Regex defines the regex used to match and capture elements from the request URL.
|
||||||
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"`
|
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"`
|
||||||
|
@ -566,7 +566,7 @@ type RedirectRegex struct {
|
||||||
|
|
||||||
// RedirectScheme holds the redirect scheme middleware configuration.
|
// RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
// This middleware redirects requests from a scheme/port to another.
|
// This middleware redirects requests from a scheme/port to another.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/
|
||||||
type RedirectScheme struct {
|
type RedirectScheme struct {
|
||||||
// Scheme defines the scheme of the new URL.
|
// Scheme defines the scheme of the new URL.
|
||||||
Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"`
|
Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"`
|
||||||
|
@ -580,7 +580,7 @@ type RedirectScheme struct {
|
||||||
|
|
||||||
// ReplacePath holds the replace path middleware configuration.
|
// ReplacePath holds the replace path middleware configuration.
|
||||||
// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/
|
||||||
type ReplacePath struct {
|
type ReplacePath struct {
|
||||||
// Path defines the path to use as replacement in the request URL.
|
// Path defines the path to use as replacement in the request URL.
|
||||||
Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"`
|
Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"`
|
||||||
|
@ -590,7 +590,7 @@ type ReplacePath struct {
|
||||||
|
|
||||||
// ReplacePathRegex holds the replace path regex middleware configuration.
|
// ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
// This middleware replaces the path of a URL using regex matching and replacement.
|
// This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/
|
||||||
type ReplacePathRegex struct {
|
type ReplacePathRegex struct {
|
||||||
// Regex defines the regular expression used to match and capture the path from the request URL.
|
// Regex defines the regular expression used to match and capture the path from the request URL.
|
||||||
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
||||||
|
@ -603,7 +603,7 @@ type ReplacePathRegex struct {
|
||||||
// Retry holds the retry middleware configuration.
|
// Retry holds the retry middleware configuration.
|
||||||
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/
|
||||||
type Retry struct {
|
type Retry struct {
|
||||||
// Attempts defines how many times the request should be retried.
|
// Attempts defines how many times the request should be retried.
|
||||||
Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"`
|
Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"`
|
||||||
|
@ -619,7 +619,7 @@ type Retry struct {
|
||||||
|
|
||||||
// StripPrefix holds the strip prefix middleware configuration.
|
// StripPrefix holds the strip prefix middleware configuration.
|
||||||
// This middleware removes the specified prefixes from the URL path.
|
// This middleware removes the specified prefixes from the URL path.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/
|
||||||
type StripPrefix struct {
|
type StripPrefix struct {
|
||||||
// Prefixes defines the prefixes to strip from the request URL.
|
// Prefixes defines the prefixes to strip from the request URL.
|
||||||
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
|
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
|
||||||
|
@ -634,7 +634,7 @@ type StripPrefix struct {
|
||||||
|
|
||||||
// StripPrefixRegex holds the strip prefix regex middleware configuration.
|
// StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
// This middleware removes the matching prefixes from the URL path.
|
// This middleware removes the matching prefixes from the URL path.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/
|
||||||
type StripPrefixRegex struct {
|
type StripPrefixRegex struct {
|
||||||
// Regex defines the regular expression to match the path prefix from the request URL.
|
// Regex defines the regular expression to match the path prefix from the request URL.
|
||||||
Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
||||||
|
|
|
@ -125,7 +125,7 @@ type TCPServer struct {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// ProxyProtocol holds the PROXY Protocol configuration.
|
// ProxyProtocol holds the PROXY Protocol configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol
|
||||||
type ProxyProtocol struct {
|
type ProxyProtocol struct {
|
||||||
// Version defines the PROXY Protocol version to use.
|
// Version defines the PROXY Protocol version to use.
|
||||||
Version int `json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"`
|
Version int `json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"`
|
||||||
|
|
|
@ -15,7 +15,7 @@ type TCPMiddleware struct {
|
||||||
// TCPInFlightConn holds the TCP InFlightConn middleware configuration.
|
// TCPInFlightConn holds the TCP InFlightConn middleware configuration.
|
||||||
// This middleware prevents services from being overwhelmed with high load,
|
// This middleware prevents services from being overwhelmed with high load,
|
||||||
// by limiting the number of allowed simultaneous connections for one IP.
|
// by limiting the number of allowed simultaneous connections for one IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/inflightconn/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/inflightconn/
|
||||||
type TCPInFlightConn struct {
|
type TCPInFlightConn struct {
|
||||||
// Amount defines the maximum amount of allowed simultaneous connections.
|
// Amount defines the maximum amount of allowed simultaneous connections.
|
||||||
// The middleware closes the connection if there are already amount connections opened.
|
// The middleware closes the connection if there are already amount connections opened.
|
||||||
|
@ -35,7 +35,7 @@ type TCPIPWhiteList struct {
|
||||||
|
|
||||||
// TCPIPAllowList holds the TCP IPAllowList middleware configuration.
|
// TCPIPAllowList holds the TCP IPAllowList middleware configuration.
|
||||||
// This middleware limits allowed requests based on the client IP.
|
// This middleware limits allowed requests based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/
|
||||||
type TCPIPAllowList struct {
|
type TCPIPAllowList struct {
|
||||||
// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
||||||
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
||||||
|
|
|
@ -13,22 +13,21 @@ const (
|
||||||
upgradeHeader = "Upgrade"
|
upgradeHeader = "Upgrade"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Remover removes hop-by-hop headers listed in the "Connection" header.
|
// RemoveConnectionHeaders removes hop-by-hop headers listed in the "Connection" header.
|
||||||
// See RFC 7230, section 6.1.
|
// See RFC 7230, section 6.1.
|
||||||
func Remover(next http.Handler) http.HandlerFunc {
|
func RemoveConnectionHeaders(req *http.Request) {
|
||||||
return func(rw http.ResponseWriter, req *http.Request) {
|
|
||||||
next.ServeHTTP(rw, Remove(req))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Remove removes hop-by-hop header on the request.
|
|
||||||
func Remove(req *http.Request) *http.Request {
|
|
||||||
var reqUpType string
|
var reqUpType string
|
||||||
if httpguts.HeaderValuesContainsToken(req.Header[connectionHeader], upgradeHeader) {
|
if httpguts.HeaderValuesContainsToken(req.Header[connectionHeader], upgradeHeader) {
|
||||||
reqUpType = req.Header.Get(upgradeHeader)
|
reqUpType = req.Header.Get(upgradeHeader)
|
||||||
}
|
}
|
||||||
|
|
||||||
removeConnectionHeaders(req.Header)
|
for _, f := range req.Header[connectionHeader] {
|
||||||
|
for _, sf := range strings.Split(f, ",") {
|
||||||
|
if sf = textproto.TrimString(sf); sf != "" {
|
||||||
|
req.Header.Del(sf)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if reqUpType != "" {
|
if reqUpType != "" {
|
||||||
req.Header.Set(connectionHeader, upgradeHeader)
|
req.Header.Set(connectionHeader, upgradeHeader)
|
||||||
|
@ -36,16 +35,4 @@ func Remove(req *http.Request) *http.Request {
|
||||||
} else {
|
} else {
|
||||||
req.Header.Del(connectionHeader)
|
req.Header.Del(connectionHeader)
|
||||||
}
|
}
|
||||||
|
|
||||||
return req
|
|
||||||
}
|
|
||||||
|
|
||||||
func removeConnectionHeaders(h http.Header) {
|
|
||||||
for _, f := range h[connectionHeader] {
|
|
||||||
for _, sf := range strings.Split(f, ",") {
|
|
||||||
if sf = textproto.TrimString(sf); sf != "" {
|
|
||||||
h.Del(sf)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -50,19 +50,13 @@ func TestRemover(t *testing.T) {
|
||||||
t.Run(test.desc, func(t *testing.T) {
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {})
|
|
||||||
|
|
||||||
h := Remover(next)
|
|
||||||
|
|
||||||
req := httptest.NewRequest(http.MethodGet, "https://localhost", nil)
|
req := httptest.NewRequest(http.MethodGet, "https://localhost", nil)
|
||||||
|
|
||||||
for k, v := range test.reqHeaders {
|
for k, v := range test.reqHeaders {
|
||||||
req.Header.Set(k, v)
|
req.Header.Set(k, v)
|
||||||
}
|
}
|
||||||
|
|
||||||
rw := httptest.NewRecorder()
|
RemoveConnectionHeaders(req)
|
||||||
|
|
||||||
h.ServeHTTP(rw, req)
|
|
||||||
|
|
||||||
assert.Equal(t, test.expected, req.Header)
|
assert.Equal(t, test.expected, req.Header)
|
||||||
})
|
})
|
||||||
|
|
|
@ -123,8 +123,6 @@ func (fa *forwardAuth) GetTracingInformation() (string, string, trace.SpanKind)
|
||||||
func (fa *forwardAuth) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
|
func (fa *forwardAuth) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
|
||||||
logger := middlewares.GetLogger(req.Context(), fa.name, typeNameForward)
|
logger := middlewares.GetLogger(req.Context(), fa.name, typeNameForward)
|
||||||
|
|
||||||
req = Remove(req)
|
|
||||||
|
|
||||||
forwardReq, err := http.NewRequestWithContext(req.Context(), http.MethodGet, fa.address, nil)
|
forwardReq, err := http.NewRequestWithContext(req.Context(), http.MethodGet, fa.address, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Debug().Msgf("Error calling %s. Cause %s", fa.address, err)
|
logger.Debug().Msgf("Error calling %s. Cause %s", fa.address, err)
|
||||||
|
@ -274,6 +272,8 @@ func (fa *forwardAuth) buildModifier(authCookies []*http.Cookie) func(res *http.
|
||||||
|
|
||||||
func writeHeader(req, forwardReq *http.Request, trustForwardHeader bool, allowedHeaders []string) {
|
func writeHeader(req, forwardReq *http.Request, trustForwardHeader bool, allowedHeaders []string) {
|
||||||
utils.CopyHeaders(forwardReq.Header, req.Header)
|
utils.CopyHeaders(forwardReq.Header, req.Header)
|
||||||
|
|
||||||
|
RemoveConnectionHeaders(forwardReq)
|
||||||
utils.RemoveHeaders(forwardReq.Header, hopHeaders...)
|
utils.RemoveHeaders(forwardReq.Header, hopHeaders...)
|
||||||
|
|
||||||
forwardReq.Header = filterForwardRequestHeaders(forwardReq.Header, allowedHeaders)
|
forwardReq.Header = filterForwardRequestHeaders(forwardReq.Header, allowedHeaders)
|
||||||
|
|
|
@ -623,8 +623,11 @@ func (p *Provider) resolveDefaultCertificate(ctx context.Context, domains []stri
|
||||||
|
|
||||||
p.resolvingDomainsMutex.Lock()
|
p.resolvingDomainsMutex.Lock()
|
||||||
|
|
||||||
sort.Strings(domains)
|
sortedDomains := make([]string, len(domains))
|
||||||
domainKey := strings.Join(domains, ",")
|
copy(sortedDomains, domains)
|
||||||
|
sort.Strings(sortedDomains)
|
||||||
|
|
||||||
|
domainKey := strings.Join(sortedDomains, ",")
|
||||||
|
|
||||||
if _, ok := p.resolvingDomains[domainKey]; ok {
|
if _, ok := p.resolvingDomains[domainKey]; ok {
|
||||||
p.resolvingDomainsMutex.Unlock()
|
p.resolvingDomainsMutex.Unlock()
|
||||||
|
@ -1026,12 +1029,14 @@ func (p *Provider) certExists(validDomains []string) bool {
|
||||||
p.certificatesMu.RLock()
|
p.certificatesMu.RLock()
|
||||||
defer p.certificatesMu.RUnlock()
|
defer p.certificatesMu.RUnlock()
|
||||||
|
|
||||||
sort.Strings(validDomains)
|
sortedDomains := make([]string, len(validDomains))
|
||||||
|
copy(sortedDomains, validDomains)
|
||||||
|
sort.Strings(sortedDomains)
|
||||||
|
|
||||||
for _, cert := range p.certificates {
|
for _, cert := range p.certificates {
|
||||||
domains := cert.Certificate.Domain.ToStrArray()
|
domains := cert.Certificate.Domain.ToStrArray()
|
||||||
sort.Strings(domains)
|
sort.Strings(domains)
|
||||||
if reflect.DeepEqual(domains, validDomains) {
|
if reflect.DeepEqual(domains, sortedDomains) {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1609,7 +1609,7 @@ func TestLoadIngressRouteTCPs(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -4891,7 +4891,7 @@ func TestLoadIngressRoutes(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -4972,7 +4972,7 @@ func TestLoadIngressRoutes_multipleEndpointAddresses(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, []string{"services.yml", "with_multiple_endpointslices.yml"})
|
k8sObjects, crdObjects := readResources(t, []string{"services.yml", "with_multiple_endpointslices.yml"})
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -5481,7 +5481,7 @@ func TestLoadIngressRouteUDPs(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -6971,7 +6971,7 @@ func TestCrossNamespace(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -7240,7 +7240,7 @@ func TestExternalNameService(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -7421,7 +7421,7 @@ func TestNativeLB(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -7686,7 +7686,7 @@ func TestNodePortLB(t *testing.T) {
|
||||||
|
|
||||||
k8sObjects, crdObjects := readResources(t, test.paths)
|
k8sObjects, crdObjects := readResources(t, test.paths)
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -7727,7 +7727,7 @@ func TestCreateBasicAuthCredentials(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset()
|
crdClient := traefikcrdfake.NewSimpleClientset()
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
@ -8198,7 +8198,7 @@ func TestGlobalNativeLB(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
kubeClient := kubefake.NewSimpleClientset(k8sObjects...)
|
kubeClient := kubefake.NewClientset(k8sObjects...)
|
||||||
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
crdClient := traefikcrdfake.NewSimpleClientset(crdObjects...)
|
||||||
|
|
||||||
client := newClientImpl(kubeClient, crdClient)
|
client := newClientImpl(kubeClient, crdClient)
|
||||||
|
|
|
@ -13,75 +13,75 @@ type IngressRouteSpec struct {
|
||||||
Routes []Route `json:"routes"`
|
Routes []Route `json:"routes"`
|
||||||
// EntryPoints defines the list of entry point names to bind to.
|
// EntryPoints defines the list of entry point names to bind to.
|
||||||
// Entry points have to be configured in the static configuration.
|
// Entry points have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
// Default: all.
|
// Default: all.
|
||||||
EntryPoints []string `json:"entryPoints,omitempty"`
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
||||||
// TLS defines the TLS configuration.
|
// TLS defines the TLS configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls
|
||||||
TLS *TLS `json:"tls,omitempty"`
|
TLS *TLS `json:"tls,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Route holds the HTTP route configuration.
|
// Route holds the HTTP route configuration.
|
||||||
type Route struct {
|
type Route struct {
|
||||||
// Match defines the router's rule.
|
// Match defines the router's rule.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule
|
||||||
Match string `json:"match"`
|
Match string `json:"match"`
|
||||||
// Kind defines the kind of the route.
|
// Kind defines the kind of the route.
|
||||||
// Rule is the only supported kind.
|
// Rule is the only supported kind.
|
||||||
// +kubebuilder:validation:Enum=Rule
|
// +kubebuilder:validation:Enum=Rule
|
||||||
Kind string `json:"kind"`
|
Kind string `json:"kind"`
|
||||||
// Priority defines the router's priority.
|
// Priority defines the router's priority.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority
|
||||||
Priority int `json:"priority,omitempty"`
|
Priority int `json:"priority,omitempty"`
|
||||||
// Syntax defines the router's rule syntax.
|
// Syntax defines the router's rule syntax.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax
|
||||||
Syntax string `json:"syntax,omitempty"`
|
Syntax string `json:"syntax,omitempty"`
|
||||||
// Services defines the list of Service.
|
// Services defines the list of Service.
|
||||||
// It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
|
// It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
|
||||||
Services []Service `json:"services,omitempty"`
|
Services []Service `json:"services,omitempty"`
|
||||||
// Middlewares defines the list of references to Middleware resources.
|
// Middlewares defines the list of references to Middleware resources.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLS holds the TLS configuration.
|
// TLS holds the TLS configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls
|
||||||
type TLS struct {
|
type TLS struct {
|
||||||
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
||||||
SecretName string `json:"secretName,omitempty"`
|
SecretName string `json:"secretName,omitempty"`
|
||||||
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
// If not defined, the `default` TLSOption is used.
|
// If not defined, the `default` TLSOption is used.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
Options *TLSOptionRef `json:"options,omitempty"`
|
Options *TLSOptionRef `json:"options,omitempty"`
|
||||||
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
||||||
// Please note that only `default` TLSStore can be used.
|
// Please note that only `default` TLSStore can be used.
|
||||||
Store *TLSStoreRef `json:"store,omitempty"`
|
Store *TLSStoreRef `json:"store,omitempty"`
|
||||||
// CertResolver defines the name of the certificate resolver to use.
|
// CertResolver defines the name of the certificate resolver to use.
|
||||||
// Cert resolvers have to be configured in the static configuration.
|
// Cert resolvers have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
// More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
CertResolver string `json:"certResolver,omitempty"`
|
CertResolver string `json:"certResolver,omitempty"`
|
||||||
// Domains defines the list of domains that will be used to issue certificates.
|
// Domains defines the list of domains that will be used to issue certificates.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
Domains []types.Domain `json:"domains,omitempty"`
|
Domains []types.Domain `json:"domains,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSOptionRef is a reference to a TLSOption resource.
|
// TLSOptionRef is a reference to a TLSOption resource.
|
||||||
type TLSOptionRef struct {
|
type TLSOptionRef struct {
|
||||||
// Name defines the name of the referenced TLSOption.
|
// Name defines the name of the referenced TLSOption.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
// Namespace defines the namespace of the referenced TLSOption.
|
// Namespace defines the namespace of the referenced TLSOption.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
Namespace string `json:"namespace,omitempty"`
|
Namespace string `json:"namespace,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSStoreRef is a reference to a TLSStore resource.
|
// TLSStoreRef is a reference to a TLSStore resource.
|
||||||
type TLSStoreRef struct {
|
type TLSStoreRef struct {
|
||||||
// Name defines the name of the referenced TLSStore.
|
// Name defines the name of the referenced TLSStore.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
// Namespace defines the namespace of the referenced TLSStore.
|
// Namespace defines the namespace of the referenced TLSStore.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
Namespace string `json:"namespace,omitempty"`
|
Namespace string `json:"namespace,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -98,7 +98,7 @@ type LoadBalancerSpec struct {
|
||||||
// Namespace defines the namespace of the referenced Kubernetes Service or TraefikService.
|
// Namespace defines the namespace of the referenced Kubernetes Service or TraefikService.
|
||||||
Namespace string `json:"namespace,omitempty"`
|
Namespace string `json:"namespace,omitempty"`
|
||||||
// Sticky defines the sticky sessions configuration.
|
// Sticky defines the sticky sessions configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
||||||
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
||||||
// Port defines the port of a Kubernetes Service.
|
// Port defines the port of a Kubernetes Service.
|
||||||
// This can be a reference to a named port.
|
// This can be a reference to a named port.
|
||||||
|
|
|
@ -13,24 +13,24 @@ type IngressRouteTCPSpec struct {
|
||||||
Routes []RouteTCP `json:"routes"`
|
Routes []RouteTCP `json:"routes"`
|
||||||
// EntryPoints defines the list of entry point names to bind to.
|
// EntryPoints defines the list of entry point names to bind to.
|
||||||
// Entry points have to be configured in the static configuration.
|
// Entry points have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
// Default: all.
|
// Default: all.
|
||||||
EntryPoints []string `json:"entryPoints,omitempty"`
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
||||||
// TLS defines the TLS configuration on a layer 4 / TCP Route.
|
// TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
||||||
TLS *TLSTCP `json:"tls,omitempty"`
|
TLS *TLSTCP `json:"tls,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// RouteTCP holds the TCP route configuration.
|
// RouteTCP holds the TCP route configuration.
|
||||||
type RouteTCP struct {
|
type RouteTCP struct {
|
||||||
// Match defines the router's rule.
|
// Match defines the router's rule.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1
|
||||||
Match string `json:"match"`
|
Match string `json:"match"`
|
||||||
// Priority defines the router's priority.
|
// Priority defines the router's priority.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1
|
||||||
Priority int `json:"priority,omitempty"`
|
Priority int `json:"priority,omitempty"`
|
||||||
// Syntax defines the router's rule syntax.
|
// Syntax defines the router's rule syntax.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1
|
||||||
Syntax string `json:"syntax,omitempty"`
|
Syntax string `json:"syntax,omitempty"`
|
||||||
// Services defines the list of TCP services.
|
// Services defines the list of TCP services.
|
||||||
Services []ServiceTCP `json:"services,omitempty"`
|
Services []ServiceTCP `json:"services,omitempty"`
|
||||||
|
@ -39,7 +39,7 @@ type RouteTCP struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSTCP holds the TLS configuration for an IngressRouteTCP.
|
// TLSTCP holds the TLS configuration for an IngressRouteTCP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
||||||
type TLSTCP struct {
|
type TLSTCP struct {
|
||||||
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
||||||
SecretName string `json:"secretName,omitempty"`
|
SecretName string `json:"secretName,omitempty"`
|
||||||
|
@ -47,17 +47,17 @@ type TLSTCP struct {
|
||||||
Passthrough bool `json:"passthrough,omitempty"`
|
Passthrough bool `json:"passthrough,omitempty"`
|
||||||
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
// If not defined, the `default` TLSOption is used.
|
// If not defined, the `default` TLSOption is used.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
Options *ObjectReference `json:"options,omitempty"`
|
Options *ObjectReference `json:"options,omitempty"`
|
||||||
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
||||||
// Please note that only `default` TLSStore can be used.
|
// Please note that only `default` TLSStore can be used.
|
||||||
Store *ObjectReference `json:"store,omitempty"`
|
Store *ObjectReference `json:"store,omitempty"`
|
||||||
// CertResolver defines the name of the certificate resolver to use.
|
// CertResolver defines the name of the certificate resolver to use.
|
||||||
// Cert resolvers have to be configured in the static configuration.
|
// Cert resolvers have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
// More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
||||||
CertResolver string `json:"certResolver,omitempty"`
|
CertResolver string `json:"certResolver,omitempty"`
|
||||||
// Domains defines the list of domains that will be used to issue certificates.
|
// Domains defines the list of domains that will be used to issue certificates.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
||||||
Domains []types.Domain `json:"domains,omitempty"`
|
Domains []types.Domain `json:"domains,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -80,7 +80,7 @@ type ServiceTCP struct {
|
||||||
// Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead.
|
// Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead.
|
||||||
TerminationDelay *int `json:"terminationDelay,omitempty"`
|
TerminationDelay *int `json:"terminationDelay,omitempty"`
|
||||||
// ProxyProtocol defines the PROXY protocol configuration.
|
// ProxyProtocol defines the PROXY protocol configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol
|
||||||
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
|
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
|
||||||
// ServersTransport defines the name of ServersTransportTCP resource to use.
|
// ServersTransport defines the name of ServersTransportTCP resource to use.
|
||||||
// It allows to configure the transport between Traefik and your servers.
|
// It allows to configure the transport between Traefik and your servers.
|
||||||
|
|
|
@ -11,7 +11,7 @@ type IngressRouteUDPSpec struct {
|
||||||
Routes []RouteUDP `json:"routes"`
|
Routes []RouteUDP `json:"routes"`
|
||||||
// EntryPoints defines the list of entry point names to bind to.
|
// EntryPoints defines the list of entry point names to bind to.
|
||||||
// Entry points have to be configured in the static configuration.
|
// Entry points have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
||||||
// Default: all.
|
// Default: all.
|
||||||
EntryPoints []string `json:"entryPoints,omitempty"`
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
// +kubebuilder:storageversion
|
// +kubebuilder:storageversion
|
||||||
|
|
||||||
// Middleware is the CRD implementation of a Traefik Middleware.
|
// Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/
|
||||||
type Middleware struct {
|
type Middleware struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -60,7 +60,7 @@ type MiddlewareSpec struct {
|
||||||
|
|
||||||
// ErrorPage holds the custom error middleware configuration.
|
// ErrorPage holds the custom error middleware configuration.
|
||||||
// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/
|
||||||
type ErrorPage struct {
|
type ErrorPage struct {
|
||||||
// Status defines which status or range of statuses should result in an error page.
|
// Status defines which status or range of statuses should result in an error page.
|
||||||
// It can be either a status code as a number (500),
|
// It can be either a status code as a number (500),
|
||||||
|
@ -69,7 +69,7 @@ type ErrorPage struct {
|
||||||
// or a combination of the two (404,418,500-599).
|
// or a combination of the two (404,418,500-599).
|
||||||
Status []string `json:"status,omitempty"`
|
Status []string `json:"status,omitempty"`
|
||||||
// Service defines the reference to a Kubernetes Service that will serve the error page.
|
// Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service
|
||||||
Service Service `json:"service,omitempty"`
|
Service Service `json:"service,omitempty"`
|
||||||
// Query defines the URL for the error page (hosted by service).
|
// Query defines the URL for the error page (hosted by service).
|
||||||
// The {status} variable can be used in order to insert the status code in the URL.
|
// The {status} variable can be used in order to insert the status code in the URL.
|
||||||
|
@ -96,7 +96,7 @@ type CircuitBreaker struct {
|
||||||
|
|
||||||
// Chain holds the configuration of the chain middleware.
|
// Chain holds the configuration of the chain middleware.
|
||||||
// This middleware enables to define reusable combinations of other pieces of middleware.
|
// This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/
|
||||||
type Chain struct {
|
type Chain struct {
|
||||||
// Middlewares is the list of MiddlewareRef which composes the chain.
|
// Middlewares is the list of MiddlewareRef which composes the chain.
|
||||||
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
||||||
|
@ -106,7 +106,7 @@ type Chain struct {
|
||||||
|
|
||||||
// BasicAuth holds the basic auth middleware configuration.
|
// BasicAuth holds the basic auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/
|
||||||
type BasicAuth struct {
|
type BasicAuth struct {
|
||||||
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
||||||
Secret string `json:"secret,omitempty"`
|
Secret string `json:"secret,omitempty"`
|
||||||
|
@ -117,7 +117,7 @@ type BasicAuth struct {
|
||||||
// Default: false.
|
// Default: false.
|
||||||
RemoveHeader bool `json:"removeHeader,omitempty"`
|
RemoveHeader bool `json:"removeHeader,omitempty"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty"`
|
HeaderField string `json:"headerField,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -125,7 +125,7 @@ type BasicAuth struct {
|
||||||
|
|
||||||
// DigestAuth holds the digest auth middleware configuration.
|
// DigestAuth holds the digest auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/
|
||||||
type DigestAuth struct {
|
type DigestAuth struct {
|
||||||
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
||||||
Secret string `json:"secret,omitempty"`
|
Secret string `json:"secret,omitempty"`
|
||||||
|
@ -135,7 +135,7 @@ type DigestAuth struct {
|
||||||
// Default: traefik.
|
// Default: traefik.
|
||||||
Realm string `json:"realm,omitempty"`
|
Realm string `json:"realm,omitempty"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty"`
|
HeaderField string `json:"headerField,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -143,7 +143,7 @@ type DigestAuth struct {
|
||||||
|
|
||||||
// ForwardAuth holds the forward auth middleware configuration.
|
// ForwardAuth holds the forward auth middleware configuration.
|
||||||
// This middleware delegates the request authentication to a Service.
|
// This middleware delegates the request authentication to a Service.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/
|
||||||
type ForwardAuth struct {
|
type ForwardAuth struct {
|
||||||
// Address defines the authentication server address.
|
// Address defines the authentication server address.
|
||||||
Address string `json:"address,omitempty"`
|
Address string `json:"address,omitempty"`
|
||||||
|
@ -152,7 +152,7 @@ type ForwardAuth struct {
|
||||||
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
||||||
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"`
|
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"`
|
||||||
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"`
|
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"`
|
||||||
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
||||||
// If not set or empty then all request headers are passed.
|
// If not set or empty then all request headers are passed.
|
||||||
|
@ -182,7 +182,7 @@ type ClientTLS struct {
|
||||||
|
|
||||||
// RateLimit holds the rate limit configuration.
|
// RateLimit holds the rate limit configuration.
|
||||||
// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/
|
||||||
type RateLimit struct {
|
type RateLimit struct {
|
||||||
// Average is the maximum rate, by default in requests/s, allowed for the given source.
|
// Average is the maximum rate, by default in requests/s, allowed for the given source.
|
||||||
// It defaults to 0, which means no rate limiting.
|
// It defaults to 0, which means no rate limiting.
|
||||||
|
@ -205,7 +205,7 @@ type RateLimit struct {
|
||||||
|
|
||||||
// Compress holds the compress middleware configuration.
|
// Compress holds the compress middleware configuration.
|
||||||
// This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
// This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/
|
||||||
type Compress struct {
|
type Compress struct {
|
||||||
// ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
|
// ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
|
||||||
// `application/grpc` is always excluded.
|
// `application/grpc` is always excluded.
|
||||||
|
@ -226,7 +226,7 @@ type Compress struct {
|
||||||
// Retry holds the retry middleware configuration.
|
// Retry holds the retry middleware configuration.
|
||||||
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/
|
||||||
type Retry struct {
|
type Retry struct {
|
||||||
// Attempts defines how many times the request should be retried.
|
// Attempts defines how many times the request should be retried.
|
||||||
Attempts int `json:"attempts,omitempty"`
|
Attempts int `json:"attempts,omitempty"`
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
|
||||||
// MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
// MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/
|
||||||
type MiddlewareTCP struct {
|
type MiddlewareTCP struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -28,11 +28,11 @@ type MiddlewareTCPSpec struct {
|
||||||
// IPWhiteList defines the IPWhiteList middleware configuration.
|
// IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
// This middleware accepts/refuses connections based on the client IP.
|
// This middleware accepts/refuses connections based on the client IP.
|
||||||
// Deprecated: please use IPAllowList instead.
|
// Deprecated: please use IPAllowList instead.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/
|
||||||
IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"`
|
IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"`
|
||||||
// IPAllowList defines the IPAllowList middleware configuration.
|
// IPAllowList defines the IPAllowList middleware configuration.
|
||||||
// This middleware accepts/refuses connections based on the client IP.
|
// This middleware accepts/refuses connections based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/
|
||||||
IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"`
|
IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// ServersTransport is the CRD implementation of a ServersTransport.
|
// ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
// If no serversTransport is specified, the default@internal will be used.
|
// If no serversTransport is specified, the default@internal will be used.
|
||||||
// The default@internal serversTransport is created from the static configuration.
|
// The default@internal serversTransport is created from the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1
|
||||||
type ServersTransport struct {
|
type ServersTransport struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
// ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
// If no tcpServersTransport is specified, a default one named default@internal will be used.
|
// If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
// The default@internal tcpServersTransport can be configured in the static configuration.
|
// The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3
|
||||||
type ServersTransportTCP struct {
|
type ServersTransportTCP struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// TraefikService object allows to:
|
// TraefikService object allows to:
|
||||||
// - Apply weight to Services on load-balancing
|
// - Apply weight to Services on load-balancing
|
||||||
// - Mirror traffic on services
|
// - Mirror traffic on services
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
type TraefikService struct {
|
type TraefikService struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -49,7 +49,7 @@ type TraefikServiceSpec struct {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// Mirroring holds the mirroring service configuration.
|
// Mirroring holds the mirroring service configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#mirroring-service
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#mirroring-service
|
||||||
type Mirroring struct {
|
type Mirroring struct {
|
||||||
LoadBalancerSpec `json:",inline"`
|
LoadBalancerSpec `json:",inline"`
|
||||||
|
|
||||||
|
@ -78,11 +78,11 @@ type MirrorService struct {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// WeightedRoundRobin holds the weighted round-robin configuration.
|
// WeightedRoundRobin holds the weighted round-robin configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#weighted-round-robin-service
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#weighted-round-robin-service
|
||||||
type WeightedRoundRobin struct {
|
type WeightedRoundRobin struct {
|
||||||
// Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight.
|
// Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight.
|
||||||
Services []Service `json:"services,omitempty"`
|
Services []Service `json:"services,omitempty"`
|
||||||
// Sticky defines whether sticky sessions are enabled.
|
// Sticky defines whether sticky sessions are enabled.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
// +kubebuilder:storageversion
|
// +kubebuilder:storageversion
|
||||||
|
|
||||||
// TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
// TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
||||||
type TLSOption struct {
|
type TLSOption struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -32,17 +32,17 @@ type TLSOptionSpec struct {
|
||||||
// Default: None.
|
// Default: None.
|
||||||
MaxVersion string `json:"maxVersion,omitempty"`
|
MaxVersion string `json:"maxVersion,omitempty"`
|
||||||
// CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
// CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites
|
||||||
CipherSuites []string `json:"cipherSuites,omitempty"`
|
CipherSuites []string `json:"cipherSuites,omitempty"`
|
||||||
// CurvePreferences defines the preferred elliptic curves in a specific order.
|
// CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences
|
||||||
CurvePreferences []string `json:"curvePreferences,omitempty"`
|
CurvePreferences []string `json:"curvePreferences,omitempty"`
|
||||||
// ClientAuth defines the server's policy for TLS Client Authentication.
|
// ClientAuth defines the server's policy for TLS Client Authentication.
|
||||||
ClientAuth ClientAuth `json:"clientAuth,omitempty"`
|
ClientAuth ClientAuth `json:"clientAuth,omitempty"`
|
||||||
// SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
|
// SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
|
||||||
SniStrict bool `json:"sniStrict,omitempty"`
|
SniStrict bool `json:"sniStrict,omitempty"`
|
||||||
// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols
|
||||||
ALPNProtocols []string `json:"alpnProtocols,omitempty"`
|
ALPNProtocols []string `json:"alpnProtocols,omitempty"`
|
||||||
|
|
||||||
// PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
|
// PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
// TLSStore is the CRD implementation of a Traefik TLS Store.
|
// TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
// For the time being, only the TLSStore named default is supported.
|
// For the time being, only the TLSStore named default is supported.
|
||||||
// This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
// This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores
|
||||||
type TLSStore struct {
|
type TLSStore struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
|
54
pkg/provider/kubernetes/gateway/annotations.go
Normal file
54
pkg/provider/kubernetes/gateway/annotations.go
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
package gateway
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/traefik/traefik/v3/pkg/config/label"
|
||||||
|
)
|
||||||
|
|
||||||
|
const annotationsPrefix = "traefik.io/"
|
||||||
|
|
||||||
|
// ServiceConfig is the service's root configuration from annotations.
|
||||||
|
type ServiceConfig struct {
|
||||||
|
Service Service `json:"service"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Service is the service's configuration from annotations.
|
||||||
|
type Service struct {
|
||||||
|
NativeLB bool `json:"nativeLB"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseServiceAnnotations(annotations map[string]string) (ServiceConfig, error) {
|
||||||
|
var svcConf ServiceConfig
|
||||||
|
|
||||||
|
labels := convertAnnotations(annotations)
|
||||||
|
if len(labels) == 0 {
|
||||||
|
return svcConf, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := label.Decode(labels, &svcConf, "traefik.service."); err != nil {
|
||||||
|
return svcConf, fmt.Errorf("decoding labels: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return svcConf, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func convertAnnotations(annotations map[string]string) map[string]string {
|
||||||
|
if len(annotations) == 0 {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
result := make(map[string]string)
|
||||||
|
|
||||||
|
for key, value := range annotations {
|
||||||
|
if !strings.HasPrefix(key, annotationsPrefix) {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
newKey := strings.ReplaceAll(key, "io/", "")
|
||||||
|
result[newKey] = value
|
||||||
|
}
|
||||||
|
|
||||||
|
return result
|
||||||
|
}
|
89
pkg/provider/kubernetes/gateway/annotations_test.go
Normal file
89
pkg/provider/kubernetes/gateway/annotations_test.go
Normal file
|
@ -0,0 +1,89 @@
|
||||||
|
package gateway
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_parseServiceConfig(t *testing.T) {
|
||||||
|
testCases := []struct {
|
||||||
|
desc string
|
||||||
|
annotations map[string]string
|
||||||
|
expected ServiceConfig
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
desc: "service annotations",
|
||||||
|
annotations: map[string]string{
|
||||||
|
"ingress.kubernetes.io/foo": "bar",
|
||||||
|
"traefik.io/foo": "bar",
|
||||||
|
"traefik.io/service.nativelb": "true",
|
||||||
|
},
|
||||||
|
expected: ServiceConfig{
|
||||||
|
Service: Service{
|
||||||
|
NativeLB: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "empty map",
|
||||||
|
annotations: map[string]string{},
|
||||||
|
expected: ServiceConfig{},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "nil map",
|
||||||
|
annotations: nil,
|
||||||
|
expected: ServiceConfig{},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, test := range testCases {
|
||||||
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
cfg, err := parseServiceAnnotations(test.annotations)
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
assert.Equal(t, test.expected, cfg)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func Test_convertAnnotations(t *testing.T) {
|
||||||
|
testCases := []struct {
|
||||||
|
desc string
|
||||||
|
annotations map[string]string
|
||||||
|
expected map[string]string
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
desc: "service annotations",
|
||||||
|
annotations: map[string]string{
|
||||||
|
"traefik.io/service.nativelb": "true",
|
||||||
|
},
|
||||||
|
expected: map[string]string{
|
||||||
|
"traefik.service.nativelb": "true",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "empty map",
|
||||||
|
annotations: map[string]string{},
|
||||||
|
expected: nil,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "nil map",
|
||||||
|
annotations: nil,
|
||||||
|
expected: nil,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, test := range testCases {
|
||||||
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
labels := convertAnnotations(test.annotations)
|
||||||
|
|
||||||
|
assert.Equal(t, test.expected, labels)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,51 @@
|
||||||
|
---
|
||||||
|
kind: GatewayClass
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: my-gateway-class
|
||||||
|
spec:
|
||||||
|
controllerName: traefik.io/gateway-controller
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: Gateway
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: my-gateway
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
gatewayClassName: my-gateway-class
|
||||||
|
listeners: # Use GatewayClass defaults for listener definition.
|
||||||
|
- name: http
|
||||||
|
protocol: HTTP
|
||||||
|
port: 80
|
||||||
|
allowedRoutes:
|
||||||
|
kinds:
|
||||||
|
- kind: HTTPRoute
|
||||||
|
group: gateway.networking.k8s.io
|
||||||
|
namespaces:
|
||||||
|
from: Same
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: HTTPRoute
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: http-app-1
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
parentRefs:
|
||||||
|
- name: my-gateway
|
||||||
|
kind: Gateway
|
||||||
|
group: gateway.networking.k8s.io
|
||||||
|
hostnames:
|
||||||
|
- "foo.com"
|
||||||
|
rules:
|
||||||
|
- matches:
|
||||||
|
- path:
|
||||||
|
type: Exact
|
||||||
|
value: /bar
|
||||||
|
backendRefs:
|
||||||
|
- name: whoami-native
|
||||||
|
port: 80
|
||||||
|
weight: 1
|
||||||
|
kind: Service
|
||||||
|
group: ""
|
|
@ -5,6 +5,7 @@ metadata:
|
||||||
namespace: default
|
namespace: default
|
||||||
|
|
||||||
spec:
|
spec:
|
||||||
|
clusterIP: 10.10.10.1
|
||||||
ports:
|
ports:
|
||||||
- name: web2
|
- name: web2
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
@ -262,6 +263,7 @@ metadata:
|
||||||
namespace: default
|
namespace: default
|
||||||
|
|
||||||
spec:
|
spec:
|
||||||
|
clusterIP: 10.10.10.1
|
||||||
ports:
|
ports:
|
||||||
- protocol: TCP
|
- protocol: TCP
|
||||||
port: 9000
|
port: 9000
|
||||||
|
@ -424,3 +426,45 @@ spec:
|
||||||
port: 80
|
port: 80
|
||||||
name: wss
|
name: wss
|
||||||
appProtocol: kubernetes.io/wss
|
appProtocol: kubernetes.io/wss
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: whoami-native
|
||||||
|
namespace: default
|
||||||
|
annotations:
|
||||||
|
traefik.io/service.nativelb: "true"
|
||||||
|
spec:
|
||||||
|
clusterIP: 10.10.10.1
|
||||||
|
ports:
|
||||||
|
- name: web2
|
||||||
|
protocol: TCP
|
||||||
|
port: 8000
|
||||||
|
targetPort: web2
|
||||||
|
- name: web
|
||||||
|
protocol: TCP
|
||||||
|
port: 80
|
||||||
|
targetPort: web
|
||||||
|
selector:
|
||||||
|
app: containous
|
||||||
|
task: whoami
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: whoamitcp-native
|
||||||
|
namespace: default
|
||||||
|
annotations:
|
||||||
|
traefik.io/service.nativelb: "true"
|
||||||
|
|
||||||
|
spec:
|
||||||
|
clusterIP: 10.10.10.1
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
port: 9000
|
||||||
|
name: tcp-1
|
||||||
|
- protocol: TCP
|
||||||
|
port: 10000
|
||||||
|
name: tcp-2
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
---
|
||||||
|
kind: GatewayClass
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: my-gateway-class
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
controllerName: traefik.io/gateway-controller
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: Gateway
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: my-tcp-gateway
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
gatewayClassName: my-gateway-class
|
||||||
|
listeners: # Use GatewayClass defaults for listener definition.
|
||||||
|
- name: tcp
|
||||||
|
protocol: TCP
|
||||||
|
port: 9000
|
||||||
|
allowedRoutes:
|
||||||
|
namespaces:
|
||||||
|
from: Same
|
||||||
|
kinds:
|
||||||
|
- kind: TCPRoute
|
||||||
|
group: gateway.networking.k8s.io
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: TCPRoute
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1alpha2
|
||||||
|
metadata:
|
||||||
|
name: tcp-app-1
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
parentRefs:
|
||||||
|
- name: my-tcp-gateway
|
||||||
|
kind: Gateway
|
||||||
|
group: gateway.networking.k8s.io
|
||||||
|
rules:
|
||||||
|
- backendRefs:
|
||||||
|
- name: whoamitcp-native
|
||||||
|
port: 9000
|
||||||
|
weight: 1
|
||||||
|
kind: Service
|
||||||
|
group: ""
|
|
@ -0,0 +1,60 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: supersecret
|
||||||
|
namespace: default
|
||||||
|
|
||||||
|
data:
|
||||||
|
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
||||||
|
tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0=
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: GatewayClass
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: my-gateway-class
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
controllerName: traefik.io/gateway-controller
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: Gateway
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: my-tls-gateway
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
gatewayClassName: my-gateway-class
|
||||||
|
listeners: # Use GatewayClass defaults for listener definition.
|
||||||
|
- name: tls
|
||||||
|
protocol: TLS
|
||||||
|
hostname: foo.example.com
|
||||||
|
port: 9000
|
||||||
|
tls:
|
||||||
|
mode: Passthrough
|
||||||
|
allowedRoutes:
|
||||||
|
kinds:
|
||||||
|
- kind: TLSRoute
|
||||||
|
group: gateway.networking.k8s.io
|
||||||
|
namespaces:
|
||||||
|
from: Same
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: TLSRoute
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1alpha2
|
||||||
|
metadata:
|
||||||
|
name: tls-app-1
|
||||||
|
namespace: default
|
||||||
|
spec:
|
||||||
|
parentRefs:
|
||||||
|
- name: my-tls-gateway
|
||||||
|
kind: Gateway
|
||||||
|
group: gateway.networking.k8s.io
|
||||||
|
rules:
|
||||||
|
- backendRefs:
|
||||||
|
- name: whoamitcp-native
|
||||||
|
port: 9000
|
||||||
|
weight: 1
|
||||||
|
kind: Service
|
||||||
|
group: ""
|
|
@ -350,7 +350,7 @@ func (p *Provider) loadGRPCServers(namespace string, route *gatev1.GRPCRoute, ba
|
||||||
|
|
||||||
for _, ba := range backendAddresses {
|
for _, ba := range backendAddresses {
|
||||||
lb.Servers = append(lb.Servers, dynamic.Server{
|
lb.Servers = append(lb.Servers, dynamic.Server{
|
||||||
URL: fmt.Sprintf("h2c://%s", net.JoinHostPort(ba.Address, strconv.Itoa(int(ba.Port)))),
|
URL: fmt.Sprintf("h2c://%s", net.JoinHostPort(ba.IP, strconv.Itoa(int(ba.Port)))),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return lb, nil
|
return lb, nil
|
||||||
|
|
|
@ -482,7 +482,7 @@ func (p *Provider) loadHTTPServers(namespace string, route *gatev1.HTTPRoute, ba
|
||||||
|
|
||||||
for _, ba := range backendAddresses {
|
for _, ba := range backendAddresses {
|
||||||
lb.Servers = append(lb.Servers, dynamic.Server{
|
lb.Servers = append(lb.Servers, dynamic.Server{
|
||||||
URL: fmt.Sprintf("%s://%s", protocol, net.JoinHostPort(ba.Address, strconv.Itoa(int(ba.Port)))),
|
URL: fmt.Sprintf("%s://%s", protocol, net.JoinHostPort(ba.IP, strconv.Itoa(int(ba.Port)))),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return lb, svcPort, nil
|
return lb, svcPort, nil
|
||||||
|
|
|
@ -65,6 +65,7 @@ type Provider struct {
|
||||||
ThrottleDuration ptypes.Duration `description:"Kubernetes refresh throttle duration" json:"throttleDuration,omitempty" toml:"throttleDuration,omitempty" yaml:"throttleDuration,omitempty" export:"true"`
|
ThrottleDuration ptypes.Duration `description:"Kubernetes refresh throttle duration" json:"throttleDuration,omitempty" toml:"throttleDuration,omitempty" yaml:"throttleDuration,omitempty" export:"true"`
|
||||||
ExperimentalChannel bool `description:"Toggles Experimental Channel resources support (TCPRoute, TLSRoute...)." json:"experimentalChannel,omitempty" toml:"experimentalChannel,omitempty" yaml:"experimentalChannel,omitempty" export:"true"`
|
ExperimentalChannel bool `description:"Toggles Experimental Channel resources support (TCPRoute, TLSRoute...)." json:"experimentalChannel,omitempty" toml:"experimentalChannel,omitempty" yaml:"experimentalChannel,omitempty" export:"true"`
|
||||||
StatusAddress *StatusAddress `description:"Defines the Kubernetes Gateway status address." json:"statusAddress,omitempty" toml:"statusAddress,omitempty" yaml:"statusAddress,omitempty" export:"true"`
|
StatusAddress *StatusAddress `description:"Defines the Kubernetes Gateway status address." json:"statusAddress,omitempty" toml:"statusAddress,omitempty" yaml:"statusAddress,omitempty" export:"true"`
|
||||||
|
NativeLBByDefault bool `description:"Defines whether to use Native Kubernetes load-balancing by default." json:"nativeLBByDefault,omitempty" toml:"nativeLBByDefault,omitempty" yaml:"nativeLBByDefault,omitempty" export:"true"`
|
||||||
|
|
||||||
EntryPoints map[string]Entrypoint `json:"-" toml:"-" yaml:"-" label:"-" file:"-"`
|
EntryPoints map[string]Entrypoint `json:"-" toml:"-" yaml:"-" label:"-" file:"-"`
|
||||||
|
|
||||||
|
@ -873,8 +874,8 @@ func (p *Provider) allowedNamespaces(gatewayNamespace string, routeNamespaces *g
|
||||||
}
|
}
|
||||||
|
|
||||||
type backendAddress struct {
|
type backendAddress struct {
|
||||||
Address string
|
IP string
|
||||||
Port int32
|
Port int32
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *Provider) getBackendAddresses(namespace string, ref gatev1.BackendRef) ([]backendAddress, corev1.ServicePort, error) {
|
func (p *Provider) getBackendAddresses(namespace string, ref gatev1.BackendRef) ([]backendAddress, corev1.ServicePort, error) {
|
||||||
|
@ -889,6 +890,9 @@ func (p *Provider) getBackendAddresses(namespace string, ref gatev1.BackendRef)
|
||||||
if !exists {
|
if !exists {
|
||||||
return nil, corev1.ServicePort{}, errors.New("service not found")
|
return nil, corev1.ServicePort{}, errors.New("service not found")
|
||||||
}
|
}
|
||||||
|
if service.Spec.Type == corev1.ServiceTypeExternalName {
|
||||||
|
return nil, corev1.ServicePort{}, errors.New("type ExternalName is not supported for Kubernetes Service reference")
|
||||||
|
}
|
||||||
|
|
||||||
var svcPort *corev1.ServicePort
|
var svcPort *corev1.ServicePort
|
||||||
for _, p := range service.Spec.Ports {
|
for _, p := range service.Spec.Ports {
|
||||||
|
@ -901,6 +905,22 @@ func (p *Provider) getBackendAddresses(namespace string, ref gatev1.BackendRef)
|
||||||
return nil, corev1.ServicePort{}, fmt.Errorf("service port %d not found", *ref.Port)
|
return nil, corev1.ServicePort{}, fmt.Errorf("service port %d not found", *ref.Port)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
annotationsConfig, err := parseServiceAnnotations(service.Annotations)
|
||||||
|
if err != nil {
|
||||||
|
return nil, corev1.ServicePort{}, fmt.Errorf("parsing service annotations config: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if p.NativeLBByDefault || annotationsConfig.Service.NativeLB {
|
||||||
|
if service.Spec.ClusterIP == "" || service.Spec.ClusterIP == "None" {
|
||||||
|
return nil, corev1.ServicePort{}, fmt.Errorf("no clusterIP found for service: %s/%s", service.Namespace, service.Name)
|
||||||
|
}
|
||||||
|
|
||||||
|
return []backendAddress{{
|
||||||
|
IP: service.Spec.ClusterIP,
|
||||||
|
Port: svcPort.Port,
|
||||||
|
}}, *svcPort, nil
|
||||||
|
}
|
||||||
|
|
||||||
endpointSlices, err := p.client.ListEndpointSlicesForService(namespace, string(ref.Name))
|
endpointSlices, err := p.client.ListEndpointSlicesForService(namespace, string(ref.Name))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, corev1.ServicePort{}, fmt.Errorf("getting endpointslices: %w", err)
|
return nil, corev1.ServicePort{}, fmt.Errorf("getting endpointslices: %w", err)
|
||||||
|
@ -935,8 +955,8 @@ func (p *Provider) getBackendAddresses(namespace string, ref gatev1.BackendRef)
|
||||||
|
|
||||||
uniqAddresses[address] = struct{}{}
|
uniqAddresses[address] = struct{}{}
|
||||||
backendServers = append(backendServers, backendAddress{
|
backendServers = append(backendServers, backendAddress{
|
||||||
Address: address,
|
IP: address,
|
||||||
Port: port,
|
Port: port,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -57,6 +57,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
||||||
expected *dynamic.Configuration
|
expected *dynamic.Configuration
|
||||||
entryPoints map[string]Entrypoint
|
entryPoints map[string]Entrypoint
|
||||||
experimentalChannel bool
|
experimentalChannel bool
|
||||||
|
nativeLB bool
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
desc: "Empty",
|
desc: "Empty",
|
||||||
|
@ -2334,6 +2335,123 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
||||||
TLS: &dynamic.TLSConfiguration{},
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
desc: "Simple HTTPRoute with NativeLBByDefault enabled",
|
||||||
|
paths: []string{"services.yml", "httproute/simple.yml"},
|
||||||
|
nativeLB: true,
|
||||||
|
entryPoints: map[string]Entrypoint{"web": {
|
||||||
|
Address: ":80",
|
||||||
|
}},
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
UDP: &dynamic.UDPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.UDPRouter{},
|
||||||
|
Services: map[string]*dynamic.UDPService{},
|
||||||
|
},
|
||||||
|
TCP: &dynamic.TCPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.TCPRouter{},
|
||||||
|
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||||
|
Services: map[string]*dynamic.TCPService{},
|
||||||
|
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||||
|
},
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.Router{
|
||||||
|
"default-http-app-1-my-gateway-web-0-1c0cf64bde37d9d0df06": {
|
||||||
|
EntryPoints: []string{"web"},
|
||||||
|
Service: "default-http-app-1-my-gateway-web-0-1c0cf64bde37d9d0df06-wrr",
|
||||||
|
Rule: "Host(`foo.com`) && Path(`/bar`)",
|
||||||
|
Priority: 100008,
|
||||||
|
RuleSyntax: "v3",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Services: map[string]*dynamic.Service{
|
||||||
|
"default-http-app-1-my-gateway-web-0-1c0cf64bde37d9d0df06-wrr": {
|
||||||
|
Weighted: &dynamic.WeightedRoundRobin{
|
||||||
|
Services: []dynamic.WRRService{
|
||||||
|
{
|
||||||
|
Name: "default-whoami-80",
|
||||||
|
Weight: ptr.To(1),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"default-whoami-80": {
|
||||||
|
LoadBalancer: &dynamic.ServersLoadBalancer{
|
||||||
|
Servers: []dynamic.Server{
|
||||||
|
{
|
||||||
|
URL: "http://10.10.10.1:80",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
PassHostHeader: ptr.To(true),
|
||||||
|
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||||
|
FlushInterval: ptypes.Duration(100 * time.Millisecond),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||||
|
},
|
||||||
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "Simple HTTPRoute with NativeLB annotation",
|
||||||
|
paths: []string{"services.yml", "httproute/simple_nativelb.yml"},
|
||||||
|
entryPoints: map[string]Entrypoint{"web": {
|
||||||
|
Address: ":80",
|
||||||
|
}},
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
UDP: &dynamic.UDPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.UDPRouter{},
|
||||||
|
Services: map[string]*dynamic.UDPService{},
|
||||||
|
},
|
||||||
|
TCP: &dynamic.TCPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.TCPRouter{},
|
||||||
|
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||||
|
Services: map[string]*dynamic.TCPService{},
|
||||||
|
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||||
|
},
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.Router{
|
||||||
|
"default-http-app-1-my-gateway-web-0-1c0cf64bde37d9d0df06": {
|
||||||
|
EntryPoints: []string{"web"},
|
||||||
|
Service: "default-http-app-1-my-gateway-web-0-1c0cf64bde37d9d0df06-wrr",
|
||||||
|
Rule: "Host(`foo.com`) && Path(`/bar`)",
|
||||||
|
Priority: 100008,
|
||||||
|
RuleSyntax: "v3",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Services: map[string]*dynamic.Service{
|
||||||
|
"default-http-app-1-my-gateway-web-0-1c0cf64bde37d9d0df06-wrr": {
|
||||||
|
Weighted: &dynamic.WeightedRoundRobin{
|
||||||
|
Services: []dynamic.WRRService{
|
||||||
|
{
|
||||||
|
Name: "default-whoami-native-80",
|
||||||
|
Weight: ptr.To(1),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"default-whoami-native-80": {
|
||||||
|
LoadBalancer: &dynamic.ServersLoadBalancer{
|
||||||
|
Servers: []dynamic.Server{
|
||||||
|
{
|
||||||
|
URL: "http://10.10.10.1:80",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
PassHostHeader: ptr.To(true),
|
||||||
|
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||||
|
FlushInterval: ptypes.Duration(100 * time.Millisecond),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||||
|
},
|
||||||
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, test := range testCases {
|
for _, test := range testCases {
|
||||||
|
@ -2363,6 +2481,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
||||||
p := Provider{
|
p := Provider{
|
||||||
EntryPoints: test.entryPoints,
|
EntryPoints: test.entryPoints,
|
||||||
ExperimentalChannel: test.experimentalChannel,
|
ExperimentalChannel: test.experimentalChannel,
|
||||||
|
NativeLBByDefault: test.nativeLB,
|
||||||
client: client,
|
client: client,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -3078,6 +3197,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
||||||
paths []string
|
paths []string
|
||||||
expected *dynamic.Configuration
|
expected *dynamic.Configuration
|
||||||
entryPoints map[string]Entrypoint
|
entryPoints map[string]Entrypoint
|
||||||
|
nativeLB bool
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
desc: "Empty",
|
desc: "Empty",
|
||||||
|
@ -3826,6 +3946,113 @@ func TestLoadTCPRoutes(t *testing.T) {
|
||||||
TLS: &dynamic.TLSConfiguration{},
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
desc: "Simple TCPRoute with NativeLBByDefault",
|
||||||
|
paths: []string{"services.yml", "tcproute/simple.yml"},
|
||||||
|
nativeLB: true,
|
||||||
|
entryPoints: map[string]Entrypoint{
|
||||||
|
"tcp": {Address: ":9000"},
|
||||||
|
},
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
UDP: &dynamic.UDPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.UDPRouter{},
|
||||||
|
Services: map[string]*dynamic.UDPService{},
|
||||||
|
},
|
||||||
|
TCP: &dynamic.TCPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.TCPRouter{
|
||||||
|
"default-tcp-app-1-my-tcp-gateway-tcp-0-e3b0c44298fc1c149afb": {
|
||||||
|
EntryPoints: []string{"tcp"},
|
||||||
|
Service: "default-tcp-app-1-my-tcp-gateway-tcp-0-e3b0c44298fc1c149afb-wrr",
|
||||||
|
Rule: "HostSNI(`*`)",
|
||||||
|
RuleSyntax: "v3",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||||
|
Services: map[string]*dynamic.TCPService{
|
||||||
|
"default-tcp-app-1-my-tcp-gateway-tcp-0-e3b0c44298fc1c149afb-wrr": {
|
||||||
|
Weighted: &dynamic.TCPWeightedRoundRobin{
|
||||||
|
Services: []dynamic.TCPWRRService{
|
||||||
|
{
|
||||||
|
Name: "default-whoamitcp-9000",
|
||||||
|
Weight: ptr.To(1),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"default-whoamitcp-9000": {
|
||||||
|
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||||
|
Servers: []dynamic.TCPServer{
|
||||||
|
{
|
||||||
|
Address: "10.10.10.1:9000",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||||
|
},
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.Router{},
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Services: map[string]*dynamic.Service{},
|
||||||
|
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||||
|
},
|
||||||
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "Simple TCPRoute with NativeLB annotation",
|
||||||
|
paths: []string{"services.yml", "tcproute/simple_nativelb.yml"},
|
||||||
|
entryPoints: map[string]Entrypoint{
|
||||||
|
"tcp": {Address: ":9000"},
|
||||||
|
},
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
UDP: &dynamic.UDPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.UDPRouter{},
|
||||||
|
Services: map[string]*dynamic.UDPService{},
|
||||||
|
},
|
||||||
|
TCP: &dynamic.TCPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.TCPRouter{
|
||||||
|
"default-tcp-app-1-my-tcp-gateway-tcp-0-e3b0c44298fc1c149afb": {
|
||||||
|
EntryPoints: []string{"tcp"},
|
||||||
|
Service: "default-tcp-app-1-my-tcp-gateway-tcp-0-e3b0c44298fc1c149afb-wrr",
|
||||||
|
Rule: "HostSNI(`*`)",
|
||||||
|
RuleSyntax: "v3",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||||
|
Services: map[string]*dynamic.TCPService{
|
||||||
|
"default-tcp-app-1-my-tcp-gateway-tcp-0-e3b0c44298fc1c149afb-wrr": {
|
||||||
|
Weighted: &dynamic.TCPWeightedRoundRobin{
|
||||||
|
Services: []dynamic.TCPWRRService{
|
||||||
|
{
|
||||||
|
Name: "default-whoamitcp-native-9000",
|
||||||
|
Weight: ptr.To(1),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"default-whoamitcp-native-9000": {
|
||||||
|
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||||
|
Servers: []dynamic.TCPServer{
|
||||||
|
{
|
||||||
|
Address: "10.10.10.1:9000",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||||
|
},
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.Router{},
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Services: map[string]*dynamic.Service{},
|
||||||
|
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||||
|
},
|
||||||
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, test := range testCases {
|
for _, test := range testCases {
|
||||||
|
@ -3854,6 +4081,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
||||||
|
|
||||||
p := Provider{
|
p := Provider{
|
||||||
EntryPoints: test.entryPoints,
|
EntryPoints: test.entryPoints,
|
||||||
|
NativeLBByDefault: test.nativeLB,
|
||||||
ExperimentalChannel: true,
|
ExperimentalChannel: true,
|
||||||
client: client,
|
client: client,
|
||||||
}
|
}
|
||||||
|
@ -3869,8 +4097,9 @@ func TestLoadTLSRoutes(t *testing.T) {
|
||||||
desc string
|
desc string
|
||||||
ingressClass string
|
ingressClass string
|
||||||
paths []string
|
paths []string
|
||||||
expected *dynamic.Configuration
|
|
||||||
entryPoints map[string]Entrypoint
|
entryPoints map[string]Entrypoint
|
||||||
|
nativeLB bool
|
||||||
|
expected *dynamic.Configuration
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
desc: "Empty",
|
desc: "Empty",
|
||||||
|
@ -4975,6 +5204,119 @@ func TestLoadTLSRoutes(t *testing.T) {
|
||||||
TLS: &dynamic.TLSConfiguration{},
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
desc: "Simple TLSRoute with NativeLBByDefault",
|
||||||
|
paths: []string{"services.yml", "tlsroute/simple_TLS_to_TLSRoute.yml"},
|
||||||
|
nativeLB: true,
|
||||||
|
entryPoints: map[string]Entrypoint{
|
||||||
|
"tcp": {Address: ":9000"},
|
||||||
|
},
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
UDP: &dynamic.UDPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.UDPRouter{},
|
||||||
|
Services: map[string]*dynamic.UDPService{},
|
||||||
|
},
|
||||||
|
TCP: &dynamic.TCPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.TCPRouter{
|
||||||
|
"default-tls-app-1-my-tls-gateway-tcp-0-e3b0c44298fc1c149afb": {
|
||||||
|
EntryPoints: []string{"tcp"},
|
||||||
|
Service: "default-tls-app-1-my-tls-gateway-tcp-0-e3b0c44298fc1c149afb-wrr",
|
||||||
|
Rule: "HostSNI(`foo.example.com`)",
|
||||||
|
RuleSyntax: "v3",
|
||||||
|
TLS: &dynamic.RouterTCPTLSConfig{
|
||||||
|
Passthrough: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||||
|
Services: map[string]*dynamic.TCPService{
|
||||||
|
"default-tls-app-1-my-tls-gateway-tcp-0-e3b0c44298fc1c149afb-wrr": {
|
||||||
|
Weighted: &dynamic.TCPWeightedRoundRobin{
|
||||||
|
Services: []dynamic.TCPWRRService{
|
||||||
|
{
|
||||||
|
Name: "default-whoamitcp-9000",
|
||||||
|
Weight: ptr.To(1),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"default-whoamitcp-9000": {
|
||||||
|
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||||
|
Servers: []dynamic.TCPServer{
|
||||||
|
{
|
||||||
|
Address: "10.10.10.1:9000",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||||
|
},
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.Router{},
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Services: map[string]*dynamic.Service{},
|
||||||
|
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||||
|
},
|
||||||
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "Simple TLSRoute with NativeLB annotation",
|
||||||
|
paths: []string{"services.yml", "tlsroute/simple_nativelb.yml"},
|
||||||
|
entryPoints: map[string]Entrypoint{
|
||||||
|
"tcp": {Address: ":9000"},
|
||||||
|
},
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
UDP: &dynamic.UDPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.UDPRouter{},
|
||||||
|
Services: map[string]*dynamic.UDPService{},
|
||||||
|
},
|
||||||
|
TCP: &dynamic.TCPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.TCPRouter{
|
||||||
|
"default-tls-app-1-my-tls-gateway-tcp-0-e3b0c44298fc1c149afb": {
|
||||||
|
EntryPoints: []string{"tcp"},
|
||||||
|
Service: "default-tls-app-1-my-tls-gateway-tcp-0-e3b0c44298fc1c149afb-wrr",
|
||||||
|
Rule: "HostSNI(`foo.example.com`)",
|
||||||
|
RuleSyntax: "v3",
|
||||||
|
TLS: &dynamic.RouterTCPTLSConfig{
|
||||||
|
Passthrough: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||||
|
Services: map[string]*dynamic.TCPService{
|
||||||
|
"default-tls-app-1-my-tls-gateway-tcp-0-e3b0c44298fc1c149afb-wrr": {
|
||||||
|
Weighted: &dynamic.TCPWeightedRoundRobin{
|
||||||
|
Services: []dynamic.TCPWRRService{
|
||||||
|
{
|
||||||
|
Name: "default-whoamitcp-native-9000",
|
||||||
|
Weight: ptr.To(1),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"default-whoamitcp-native-9000": {
|
||||||
|
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||||
|
Servers: []dynamic.TCPServer{
|
||||||
|
{
|
||||||
|
Address: "10.10.10.1:9000",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||||
|
},
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Routers: map[string]*dynamic.Router{},
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Services: map[string]*dynamic.Service{},
|
||||||
|
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||||
|
},
|
||||||
|
TLS: &dynamic.TLSConfiguration{},
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, test := range testCases {
|
for _, test := range testCases {
|
||||||
|
@ -5003,6 +5345,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
||||||
|
|
||||||
p := Provider{
|
p := Provider{
|
||||||
EntryPoints: test.entryPoints,
|
EntryPoints: test.entryPoints,
|
||||||
|
NativeLBByDefault: test.nativeLB,
|
||||||
ExperimentalChannel: true,
|
ExperimentalChannel: true,
|
||||||
client: client,
|
client: client,
|
||||||
}
|
}
|
||||||
|
|
|
@ -286,7 +286,7 @@ func (p *Provider) loadTCPServers(namespace string, route *gatev1alpha2.TCPRoute
|
||||||
|
|
||||||
for _, ba := range backendAddresses {
|
for _, ba := range backendAddresses {
|
||||||
lb.Servers = append(lb.Servers, dynamic.TCPServer{
|
lb.Servers = append(lb.Servers, dynamic.TCPServer{
|
||||||
Address: net.JoinHostPort(ba.Address, strconv.Itoa(int(ba.Port))),
|
Address: net.JoinHostPort(ba.IP, strconv.Itoa(int(ba.Port))),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return lb, nil
|
return lb, nil
|
||||||
|
|
|
@ -289,7 +289,7 @@ func (p *Provider) loadTLSServers(namespace string, route *gatev1alpha2.TLSRoute
|
||||||
for _, ba := range backendAddresses {
|
for _, ba := range backendAddresses {
|
||||||
lb.Servers = append(lb.Servers, dynamic.TCPServer{
|
lb.Servers = append(lb.Servers, dynamic.TCPServer{
|
||||||
// TODO determine whether the servers needs TLS, from the port?
|
// TODO determine whether the servers needs TLS, from the port?
|
||||||
Address: net.JoinHostPort(ba.Address, strconv.Itoa(int(ba.Port))),
|
Address: net.JoinHostPort(ba.IP, strconv.Itoa(int(ba.Port))),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return lb, nil
|
return lb, nil
|
||||||
|
|
|
@ -219,7 +219,7 @@ func (p *Provider) loadConfigurationFromIngresses(ctx context.Context, client Cl
|
||||||
|
|
||||||
var ingressClasses []*netv1.IngressClass
|
var ingressClasses []*netv1.IngressClass
|
||||||
|
|
||||||
if !p.DisableIngressClassLookup {
|
if !p.DisableIngressClassLookup && !p.DisableClusterScopeResources {
|
||||||
ics, err := client.GetIngressClasses()
|
ics, err := client.GetIngressClasses()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Ctx(ctx).Warn().Err(err).Msg("Failed to list ingress classes")
|
log.Ctx(ctx).Warn().Err(err).Msg("Failed to list ingress classes")
|
||||||
|
|
|
@ -26,11 +26,12 @@ func Bool(v bool) *bool { return &v }
|
||||||
|
|
||||||
func TestLoadConfigurationFromIngresses(t *testing.T) {
|
func TestLoadConfigurationFromIngresses(t *testing.T) {
|
||||||
testCases := []struct {
|
testCases := []struct {
|
||||||
desc string
|
desc string
|
||||||
ingressClass string
|
ingressClass string
|
||||||
expected *dynamic.Configuration
|
expected *dynamic.Configuration
|
||||||
allowEmptyServices bool
|
allowEmptyServices bool
|
||||||
disableIngressClassLookup bool
|
disableIngressClassLookup bool
|
||||||
|
disableClusterScopeResources bool
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
desc: "Empty ingresses",
|
desc: "Empty ingresses",
|
||||||
|
@ -1335,6 +1336,38 @@ func TestLoadConfigurationFromIngresses(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
// Duplicate test case with the same fixture as the one above, but with the disableClusterScopeResources option to true.
|
||||||
|
// Showing that disabling the ingressClass discovery still allow the discovery of ingresses with ingress annotation.
|
||||||
|
desc: "Ingress with ingress annotation",
|
||||||
|
disableClusterScopeResources: true,
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Routers: map[string]*dynamic.Router{
|
||||||
|
"testing-bar": {
|
||||||
|
Rule: "PathPrefix(`/bar`)",
|
||||||
|
Service: "testing-service1-80",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Services: map[string]*dynamic.Service{
|
||||||
|
"testing-service1-80": {
|
||||||
|
LoadBalancer: &dynamic.ServersLoadBalancer{
|
||||||
|
PassHostHeader: Bool(true),
|
||||||
|
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||||
|
FlushInterval: ptypes.Duration(100 * time.Millisecond),
|
||||||
|
},
|
||||||
|
Servers: []dynamic.Server{
|
||||||
|
{
|
||||||
|
URL: "http://10.10.0.1:8080",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
desc: "Ingress with ingressClass",
|
desc: "Ingress with ingressClass",
|
||||||
expected: &dynamic.Configuration{
|
expected: &dynamic.Configuration{
|
||||||
|
@ -1377,6 +1410,19 @@ func TestLoadConfigurationFromIngresses(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
// Duplicate test case with the same fixture as the one above, but with the disableClusterScopeResources option to true.
|
||||||
|
// Showing that disabling the ingressClass discovery avoid discovering Ingresses with an IngressClass.
|
||||||
|
desc: "Ingress with ingressClass",
|
||||||
|
disableClusterScopeResources: true,
|
||||||
|
expected: &dynamic.Configuration{
|
||||||
|
HTTP: &dynamic.HTTPConfiguration{
|
||||||
|
Middlewares: map[string]*dynamic.Middleware{},
|
||||||
|
Routers: map[string]*dynamic.Router{},
|
||||||
|
Services: map[string]*dynamic.Service{},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
desc: "Ingress with named port",
|
desc: "Ingress with named port",
|
||||||
expected: &dynamic.Configuration{
|
expected: &dynamic.Configuration{
|
||||||
|
@ -1455,9 +1501,10 @@ func TestLoadConfigurationFromIngresses(t *testing.T) {
|
||||||
|
|
||||||
clientMock := newClientMock(generateTestFilename(test.desc))
|
clientMock := newClientMock(generateTestFilename(test.desc))
|
||||||
p := Provider{
|
p := Provider{
|
||||||
IngressClass: test.ingressClass,
|
IngressClass: test.ingressClass,
|
||||||
AllowEmptyServices: test.allowEmptyServices,
|
AllowEmptyServices: test.allowEmptyServices,
|
||||||
DisableIngressClassLookup: test.disableIngressClassLookup,
|
DisableIngressClassLookup: test.disableIngressClassLookup,
|
||||||
|
DisableClusterScopeResources: test.disableClusterScopeResources,
|
||||||
}
|
}
|
||||||
conf := p.loadConfigurationFromIngresses(context.Background(), clientMock)
|
conf := p.loadConfigurationFromIngresses(context.Background(), clientMock)
|
||||||
|
|
||||||
|
|
|
@ -28,7 +28,7 @@ func isPostgres(br *bufio.Reader) (bool, error) {
|
||||||
peeked, err := br.Peek(i)
|
peeked, err := br.Peek(i)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
var opErr *net.OpError
|
var opErr *net.OpError
|
||||||
if !errors.Is(err, io.EOF) && (!errors.As(err, &opErr) || opErr.Timeout()) {
|
if !errors.Is(err, io.EOF) && (!errors.As(err, &opErr) || !opErr.Timeout()) {
|
||||||
log.Error().Err(err).Msg("Error while Peeking first byte")
|
log.Error().Err(err).Msg("Error while Peeking first byte")
|
||||||
}
|
}
|
||||||
return false, err
|
return false, err
|
||||||
|
|
|
@ -363,7 +363,7 @@ func clientHelloInfo(br *bufio.Reader) (*clientHello, error) {
|
||||||
hdr, err := br.Peek(1)
|
hdr, err := br.Peek(1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
var opErr *net.OpError
|
var opErr *net.OpError
|
||||||
if !errors.Is(err, io.EOF) && (!errors.As(err, &opErr) || opErr.Timeout()) {
|
if !errors.Is(err, io.EOF) && (!errors.As(err, &opErr) || !opErr.Timeout()) {
|
||||||
log.Error().Err(err).Msg("Error while Peeking first byte")
|
log.Error().Err(err).Msg("Error while Peeking first byte")
|
||||||
}
|
}
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
|
@ -4,11 +4,11 @@ RepositoryName = "traefik"
|
||||||
OutputType = "file"
|
OutputType = "file"
|
||||||
FileName = "traefik_changelog.md"
|
FileName = "traefik_changelog.md"
|
||||||
|
|
||||||
# example new bugfix v3.1.4
|
# example new bugfix v3.1.5
|
||||||
CurrentRef = "v3.1"
|
CurrentRef = "v3.1"
|
||||||
PreviousRef = "v3.1.3"
|
PreviousRef = "v3.1.4"
|
||||||
BaseBranch = "v3.1"
|
BaseBranch = "v3.1"
|
||||||
FutureCurrentRefName = "v3.1.4"
|
FutureCurrentRefName = "v3.1.5"
|
||||||
|
|
||||||
ThresholdPreviousRef = 10
|
ThresholdPreviousRef = 10
|
||||||
ThresholdCurrentRef = 10
|
ThresholdCurrentRef = 10
|
||||||
|
|
|
@ -4,11 +4,11 @@ RepositoryName = "traefik"
|
||||||
OutputType = "file"
|
OutputType = "file"
|
||||||
FileName = "traefik_changelog.md"
|
FileName = "traefik_changelog.md"
|
||||||
|
|
||||||
# example RC1 of v3.1.0-rc1
|
# example RC1 of v3.2.0-rc1
|
||||||
CurrentRef = "master"
|
CurrentRef = "master"
|
||||||
PreviousRef = "v3.0.0-beta3"
|
PreviousRef = "v3.1.0-rc1"
|
||||||
BaseBranch = "master"
|
BaseBranch = "master"
|
||||||
FutureCurrentRefName = "v3.1.0-rc1"
|
FutureCurrentRefName = "v3.2.0-rc1"
|
||||||
|
|
||||||
ThresholdPreviousRef = 10000
|
ThresholdPreviousRef = 10000
|
||||||
ThresholdCurrentRef = 10000
|
ThresholdCurrentRef = 10000
|
||||||
|
|
|
@ -5,6 +5,8 @@ import (
|
||||||
"io/fs"
|
"io/fs"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// Files starting with . and _ are excluded by default
|
||||||
|
//
|
||||||
//go:embed static
|
//go:embed static
|
||||||
var assets embed.FS
|
var assets embed.FS
|
||||||
|
|
||||||
|
|
|
@ -20,16 +20,13 @@
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@quasar/extras": "^1.16.12",
|
"@quasar/extras": "^1.16.12",
|
||||||
"axios": "^1.7.4",
|
"axios": "^1.7.4",
|
||||||
"bowser": "^2.11.0",
|
|
||||||
"chart.js": "^4.4.1",
|
"chart.js": "^4.4.1",
|
||||||
"core-js": "^3.35.1",
|
"core-js": "^3.35.1",
|
||||||
"dot-prop": "^8.0.2",
|
"dot-prop": "^8.0.2",
|
||||||
"iframe-resizer": "^4.3.9",
|
|
||||||
"lodash.isequal": "4.5.0",
|
"lodash.isequal": "4.5.0",
|
||||||
"moment": "^2.30.1",
|
"moment": "^2.30.1",
|
||||||
"quasar": "^2.16.6",
|
"quasar": "^2.16.6",
|
||||||
"query-string": "^8.1.0",
|
"query-string": "^8.1.0",
|
||||||
"vh-check": "^2.0.5",
|
|
||||||
"vue": "^3.0.0",
|
"vue": "^3.0.0",
|
||||||
"vue-chartjs": "^5.3.0",
|
"vue-chartjs": "^5.3.0",
|
||||||
"vue-router": "^4.0.12",
|
"vue-router": "^4.0.12",
|
||||||
|
|
|
@ -13,9 +13,7 @@ module.exports = configure(function (ctx) {
|
||||||
// app boot file (/src/boot)
|
// app boot file (/src/boot)
|
||||||
// --> boot files are part of "main.js"
|
// --> boot files are part of "main.js"
|
||||||
boot: [
|
boot: [
|
||||||
'api',
|
'api'
|
||||||
'_hacks',
|
|
||||||
'_init'
|
|
||||||
],
|
],
|
||||||
|
|
||||||
css: [
|
css: [
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
import iframeResize from 'iframe-resizer/js/iframeResizer'
|
|
||||||
|
|
||||||
const resize = {
|
|
||||||
mounted (el, binding) {
|
|
||||||
const options = binding.value || {}
|
|
||||||
el.addEventListener('load', () => iframeResize(options, el))
|
|
||||||
},
|
|
||||||
unmounted (el) {
|
|
||||||
const resizableEl = el
|
|
||||||
if (resizableEl.iFrameResizer) {
|
|
||||||
resizableEl.iFrameResizer.removeListeners()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
export default resize
|
|
|
@ -1,10 +0,0 @@
|
||||||
import { APP } from '../_helpers/APP'
|
|
||||||
import Boot from '../_middleware/Boot'
|
|
||||||
|
|
||||||
export default async ({ app, router, store }) => {
|
|
||||||
app.use(Boot)
|
|
||||||
|
|
||||||
APP.root = app
|
|
||||||
APP.router = router
|
|
||||||
APP.store = store
|
|
||||||
}
|
|
|
@ -1,13 +0,0 @@
|
||||||
import Bowser from 'bowser'
|
|
||||||
import vhCheck from 'vh-check'
|
|
||||||
|
|
||||||
const browser = Bowser.getParser(window.navigator.userAgent)
|
|
||||||
|
|
||||||
// In Mobile
|
|
||||||
if (browser.getPlatform().type === 'mobile') {
|
|
||||||
vhCheck()
|
|
||||||
}
|
|
||||||
|
|
||||||
export default async ({ app, Vue }) => {
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,30 +0,0 @@
|
||||||
import { APP } from '../_helpers/APP'
|
|
||||||
import errors from '../_helpers/Errors'
|
|
||||||
import resize from '../_directives/resize'
|
|
||||||
|
|
||||||
export default async ({ app, router }) => {
|
|
||||||
// Directives
|
|
||||||
app.directive('resize', resize)
|
|
||||||
|
|
||||||
// Router
|
|
||||||
// ----------------------------------------------
|
|
||||||
router.beforeEach(async (to, from, next) => {
|
|
||||||
// Set APP
|
|
||||||
APP.routeTo = to
|
|
||||||
APP.routeFrom = from
|
|
||||||
next()
|
|
||||||
})
|
|
||||||
|
|
||||||
// Api (axios)
|
|
||||||
// ----------------------------------------------
|
|
||||||
APP.api.interceptors.request.use((config) => {
|
|
||||||
console.log('interceptors -> config', config)
|
|
||||||
// config.headers['Accept'] = '*/*'
|
|
||||||
return config
|
|
||||||
})
|
|
||||||
|
|
||||||
APP.api.interceptors.response.use((response) => {
|
|
||||||
console.log('interceptors -> response', response)
|
|
||||||
return response
|
|
||||||
}, errors.handleResponse)
|
|
||||||
}
|
|
|
@ -2267,11 +2267,6 @@ boolbase@^1.0.0:
|
||||||
resolved "https://registry.yarnpkg.com/boolbase/-/boolbase-1.0.0.tgz#68dff5fbe60c51eb37725ea9e3ed310dcc1e776e"
|
resolved "https://registry.yarnpkg.com/boolbase/-/boolbase-1.0.0.tgz#68dff5fbe60c51eb37725ea9e3ed310dcc1e776e"
|
||||||
integrity sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==
|
integrity sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==
|
||||||
|
|
||||||
bowser@^2.11.0:
|
|
||||||
version "2.11.0"
|
|
||||||
resolved "https://registry.yarnpkg.com/bowser/-/bowser-2.11.0.tgz#5ca3c35757a7aa5771500c70a73a9f91ef420a8f"
|
|
||||||
integrity sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==
|
|
||||||
|
|
||||||
brace-expansion@^1.1.7:
|
brace-expansion@^1.1.7:
|
||||||
version "1.1.11"
|
version "1.1.11"
|
||||||
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
|
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
|
||||||
|
@ -3864,11 +3859,6 @@ ieee754@^1.1.13, ieee754@^1.2.1:
|
||||||
resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352"
|
resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352"
|
||||||
integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==
|
integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==
|
||||||
|
|
||||||
iframe-resizer@^4.3.9:
|
|
||||||
version "4.4.5"
|
|
||||||
resolved "https://registry.yarnpkg.com/iframe-resizer/-/iframe-resizer-4.4.5.tgz#f5048636e7f2fb5d9a09cc2ae78eb2da55ad555c"
|
|
||||||
integrity sha512-U8bCywf/Gh07O69RXo6dXAzTtODQrxaHGHRI7Nt4ipXsuq6EMxVsOP/jjaP43YtXz/ibESS0uSVDN3sOGCzSmw==
|
|
||||||
|
|
||||||
ignore@^5.2.0, ignore@^5.2.4:
|
ignore@^5.2.0, ignore@^5.2.4:
|
||||||
version "5.3.1"
|
version "5.3.1"
|
||||||
resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.1.tgz#5073e554cd42c5b33b394375f538b8593e34d4ef"
|
resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.1.tgz#5073e554cd42c5b33b394375f538b8593e34d4ef"
|
||||||
|
@ -6007,11 +5997,6 @@ vary@~1.1.2:
|
||||||
resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc"
|
resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc"
|
||||||
integrity sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==
|
integrity sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==
|
||||||
|
|
||||||
vh-check@^2.0.5:
|
|
||||||
version "2.0.5"
|
|
||||||
resolved "https://registry.yarnpkg.com/vh-check/-/vh-check-2.0.5.tgz#1b70610461e9776176f23d172daae3c4761aed09"
|
|
||||||
integrity sha512-vHtIYWt9uLl2P2tLlatVpMwv9+ezuJCtMNjUVIpzd5Pa/dJXN8AtqkKmVRcNSlmXyCjkCkbMQX/Vs9axmdlfgg==
|
|
||||||
|
|
||||||
vite-jsconfig-paths@^2.0.1:
|
vite-jsconfig-paths@^2.0.1:
|
||||||
version "2.0.1"
|
version "2.0.1"
|
||||||
resolved "https://registry.yarnpkg.com/vite-jsconfig-paths/-/vite-jsconfig-paths-2.0.1.tgz#d66e36d67596dd8a8e4a6ed6e6db20debc50b45e"
|
resolved "https://registry.yarnpkg.com/vite-jsconfig-paths/-/vite-jsconfig-paths-2.0.1.tgz#d66e36d67596dd8a8e4a6ed6e6db20debc50b45e"
|
||||||
|
|
Loading…
Reference in a new issue