From e77a66c2ac99c5ff9754dcaa6df5008df77a27b3 Mon Sep 17 00:00:00 2001 From: Suyash Choudhary <57896905+sssash18@users.noreply.github.com> Date: Wed, 6 Dec 2023 19:06:05 +0530 Subject: [PATCH 01/17] Fixed datadog logs json format issue --- pkg/log/datadog.go | 13 +++++++++++++ pkg/tracing/datadog/datadog.go | 4 ++++ 2 files changed, 17 insertions(+) create mode 100644 pkg/log/datadog.go diff --git a/pkg/log/datadog.go b/pkg/log/datadog.go new file mode 100644 index 000000000..dda0fed5d --- /dev/null +++ b/pkg/log/datadog.go @@ -0,0 +1,13 @@ +package log + +type DatadogLogger struct { + logger Logger +} + +func NewDatadogLogger(logger Logger) *DatadogLogger { + return &DatadogLogger{logger: logger} +} + +func (d DatadogLogger) Log(msg string) { + d.logger.Debug(msg) +} diff --git a/pkg/tracing/datadog/datadog.go b/pkg/tracing/datadog/datadog.go index b0c32643f..30e99fcda 100644 --- a/pkg/tracing/datadog/datadog.go +++ b/pkg/tracing/datadog/datadog.go @@ -1,6 +1,7 @@ package datadog import ( + "context" "io" "net" "os" @@ -47,6 +48,8 @@ func (c *Config) SetDefaults() { // Setup sets up the tracer. func (c *Config) Setup(serviceName string) (opentracing.Tracer, io.Closer, error) { + ctx := log.With(context.Background(), log.Str(log.MetricsProviderName, "datadog")) + opts := []datadog.StartOption{ datadog.WithService(serviceName), datadog.WithDebugMode(c.Debug), @@ -56,6 +59,7 @@ func (c *Config) Setup(serviceName string) (opentracing.Tracer, io.Closer, error PriorityHeader: c.SamplingPriorityHeaderName, BaggagePrefix: c.BagagePrefixHeaderName, })), + datadog.WithLogger(log.NewDatadogLogger(log.FromContext(ctx))), } if c.LocalAgentSocket != "" { From 0a7964300166d167f68d5502bc245b3b9c8842b4 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Wed, 6 Dec 2023 16:42:09 +0100 Subject: [PATCH 02/17] Prepare release v2.10.7 --- CHANGELOG.md | 6 ++++++ script/gcg/traefik-bugfix.toml | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49f19bedb..4d40ab83e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +## [v2.10.7](https://github.com/traefik/traefik/tree/v2.10.7) (2023-12-06) +[All Commits](https://github.com/traefik/traefik/compare/v2.10.6...v2.10.7) + +**Bug fixes:** +- **[logs]** Fixed datadog logs json format issue ([#10233](https://github.com/traefik/traefik/pull/10233) by [sssash18](https://github.com/sssash18)) + ## [v2.10.6](https://github.com/traefik/traefik/tree/v2.10.6) (2023-11-28) [All Commits](https://github.com/traefik/traefik/compare/v2.10.5...v2.10.6) diff --git a/script/gcg/traefik-bugfix.toml b/script/gcg/traefik-bugfix.toml index fb6f9ccde..d1f7eed10 100644 --- a/script/gcg/traefik-bugfix.toml +++ b/script/gcg/traefik-bugfix.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example new bugfix v2.10.6 +# example new bugfix v2.10.7 CurrentRef = "v2.10" -PreviousRef = "v2.10.5" +PreviousRef = "v2.10.6" BaseBranch = "v2.10" -FutureCurrentRefName = "v2.10.6" +FutureCurrentRefName = "v2.10.7" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 From 2a7b2ef772b31844141da8d1cf85bec82456a052 Mon Sep 17 00:00:00 2001 From: Michael Date: Tue, 2 Jan 2024 15:28:09 +0100 Subject: [PATCH 03/17] chore: happy new year 2024 --- LICENSE.md | 2 +- docs/mkdocs.yml | 2 +- pkg/config/dynamic/zz_generated.deepcopy.go | 2 +- .../kubernetes/crd/generated/clientset/versioned/clientset.go | 2 +- .../generated/clientset/versioned/fake/clientset_generated.go | 2 +- .../kubernetes/crd/generated/clientset/versioned/fake/doc.go | 2 +- .../crd/generated/clientset/versioned/fake/register.go | 2 +- .../kubernetes/crd/generated/clientset/versioned/scheme/doc.go | 2 +- .../crd/generated/clientset/versioned/scheme/register.go | 2 +- .../clientset/versioned/typed/traefikcontainous/v1alpha1/doc.go | 2 +- .../versioned/typed/traefikcontainous/v1alpha1/fake/doc.go | 2 +- .../typed/traefikcontainous/v1alpha1/fake/fake_ingressroute.go | 2 +- .../traefikcontainous/v1alpha1/fake/fake_ingressroutetcp.go | 2 +- .../traefikcontainous/v1alpha1/fake/fake_ingressrouteudp.go | 2 +- .../typed/traefikcontainous/v1alpha1/fake/fake_middleware.go | 2 +- .../typed/traefikcontainous/v1alpha1/fake/fake_middlewaretcp.go | 2 +- .../traefikcontainous/v1alpha1/fake/fake_serverstransport.go | 2 +- .../typed/traefikcontainous/v1alpha1/fake/fake_tlsoption.go | 2 +- .../typed/traefikcontainous/v1alpha1/fake/fake_tlsstore.go | 2 +- .../v1alpha1/fake/fake_traefikcontainous_client.go | 2 +- .../traefikcontainous/v1alpha1/fake/fake_traefikservice.go | 2 +- .../typed/traefikcontainous/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/traefikcontainous/v1alpha1/ingressroute.go | 2 +- .../typed/traefikcontainous/v1alpha1/ingressroutetcp.go | 2 +- .../typed/traefikcontainous/v1alpha1/ingressrouteudp.go | 2 +- .../versioned/typed/traefikcontainous/v1alpha1/middleware.go | 2 +- .../versioned/typed/traefikcontainous/v1alpha1/middlewaretcp.go | 2 +- .../typed/traefikcontainous/v1alpha1/serverstransport.go | 2 +- .../versioned/typed/traefikcontainous/v1alpha1/tlsoption.go | 2 +- .../versioned/typed/traefikcontainous/v1alpha1/tlsstore.go | 2 +- .../traefikcontainous/v1alpha1/traefikcontainous_client.go | 2 +- .../typed/traefikcontainous/v1alpha1/traefikservice.go | 2 +- .../clientset/versioned/typed/traefikio/v1alpha1/doc.go | 2 +- .../clientset/versioned/typed/traefikio/v1alpha1/fake/doc.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_ingressroute.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_ingressroutetcp.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_ingressrouteudp.go | 2 +- .../versioned/typed/traefikio/v1alpha1/fake/fake_middleware.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_middlewaretcp.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_serverstransport.go | 2 +- .../versioned/typed/traefikio/v1alpha1/fake/fake_tlsoption.go | 2 +- .../versioned/typed/traefikio/v1alpha1/fake/fake_tlsstore.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_traefikio_client.go | 2 +- .../typed/traefikio/v1alpha1/fake/fake_traefikservice.go | 2 +- .../versioned/typed/traefikio/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/traefikio/v1alpha1/ingressroute.go | 2 +- .../versioned/typed/traefikio/v1alpha1/ingressroutetcp.go | 2 +- .../versioned/typed/traefikio/v1alpha1/ingressrouteudp.go | 2 +- .../clientset/versioned/typed/traefikio/v1alpha1/middleware.go | 2 +- .../versioned/typed/traefikio/v1alpha1/middlewaretcp.go | 2 +- .../versioned/typed/traefikio/v1alpha1/serverstransport.go | 2 +- .../clientset/versioned/typed/traefikio/v1alpha1/tlsoption.go | 2 +- .../clientset/versioned/typed/traefikio/v1alpha1/tlsstore.go | 2 +- .../versioned/typed/traefikio/v1alpha1/traefikio_client.go | 2 +- .../versioned/typed/traefikio/v1alpha1/traefikservice.go | 2 +- .../crd/generated/informers/externalversions/factory.go | 2 +- .../crd/generated/informers/externalversions/generic.go | 2 +- .../externalversions/internalinterfaces/factory_interfaces.go | 2 +- .../informers/externalversions/traefikcontainous/interface.go | 2 +- .../externalversions/traefikcontainous/v1alpha1/ingressroute.go | 2 +- .../traefikcontainous/v1alpha1/ingressroutetcp.go | 2 +- .../traefikcontainous/v1alpha1/ingressrouteudp.go | 2 +- .../externalversions/traefikcontainous/v1alpha1/interface.go | 2 +- .../externalversions/traefikcontainous/v1alpha1/middleware.go | 2 +- .../traefikcontainous/v1alpha1/middlewaretcp.go | 2 +- .../traefikcontainous/v1alpha1/serverstransport.go | 2 +- .../externalversions/traefikcontainous/v1alpha1/tlsoption.go | 2 +- .../externalversions/traefikcontainous/v1alpha1/tlsstore.go | 2 +- .../traefikcontainous/v1alpha1/traefikservice.go | 2 +- .../generated/informers/externalversions/traefikio/interface.go | 2 +- .../externalversions/traefikio/v1alpha1/ingressroute.go | 2 +- .../externalversions/traefikio/v1alpha1/ingressroutetcp.go | 2 +- .../externalversions/traefikio/v1alpha1/ingressrouteudp.go | 2 +- .../informers/externalversions/traefikio/v1alpha1/interface.go | 2 +- .../informers/externalversions/traefikio/v1alpha1/middleware.go | 2 +- .../externalversions/traefikio/v1alpha1/middlewaretcp.go | 2 +- .../externalversions/traefikio/v1alpha1/serverstransport.go | 2 +- .../informers/externalversions/traefikio/v1alpha1/tlsoption.go | 2 +- .../informers/externalversions/traefikio/v1alpha1/tlsstore.go | 2 +- .../externalversions/traefikio/v1alpha1/traefikservice.go | 2 +- .../listers/traefikcontainous/v1alpha1/expansion_generated.go | 2 +- .../listers/traefikcontainous/v1alpha1/ingressroute.go | 2 +- .../listers/traefikcontainous/v1alpha1/ingressroutetcp.go | 2 +- .../listers/traefikcontainous/v1alpha1/ingressrouteudp.go | 2 +- .../generated/listers/traefikcontainous/v1alpha1/middleware.go | 2 +- .../listers/traefikcontainous/v1alpha1/middlewaretcp.go | 2 +- .../listers/traefikcontainous/v1alpha1/serverstransport.go | 2 +- .../generated/listers/traefikcontainous/v1alpha1/tlsoption.go | 2 +- .../generated/listers/traefikcontainous/v1alpha1/tlsstore.go | 2 +- .../listers/traefikcontainous/v1alpha1/traefikservice.go | 2 +- .../generated/listers/traefikio/v1alpha1/expansion_generated.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/ingressroute.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/ingressroutetcp.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/ingressrouteudp.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/middleware.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/middlewaretcp.go | 2 +- .../generated/listers/traefikio/v1alpha1/serverstransport.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/tlsoption.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/tlsstore.go | 2 +- .../crd/generated/listers/traefikio/v1alpha1/traefikservice.go | 2 +- .../crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go | 2 +- .../kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go | 2 +- pkg/tls/zz_generated.deepcopy.go | 2 +- pkg/types/zz_generated.deepcopy.go | 2 +- 104 files changed, 104 insertions(+), 104 deletions(-) diff --git a/LICENSE.md b/LICENSE.md index d56287566..fda9f5084 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 7432a44a0..f588c1d80 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -27,7 +27,7 @@ theme: prev: 'Previous' next: 'Next' -copyright: 'Traefik Labs • Copyright © 2016-2023' +copyright: 'Traefik Labs • Copyright © 2016-2024' extra_javascript: - assets/js/hljs/highlight.pack.js # Download from https://highlightjs.org/download/ and enable YAML, TOML and Dockerfile diff --git a/pkg/config/dynamic/zz_generated.deepcopy.go b/pkg/config/dynamic/zz_generated.deepcopy.go index 7b51c92c7..f897f6f31 100644 --- a/pkg/config/dynamic/zz_generated.deepcopy.go +++ b/pkg/config/dynamic/zz_generated.deepcopy.go @@ -4,7 +4,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/clientset.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/clientset.go index 6f1dbe043..f204dbe07 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/clientset.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/clientset.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/clientset_generated.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/clientset_generated.go index b2f1ea211..db9c67cb2 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/clientset_generated.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/clientset_generated.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/doc.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/doc.go index 081d07edb..ae4bdb20e 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/doc.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/doc.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go index 12677f64b..99758be01 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/doc.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/doc.go index 87af68273..ba3753967 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/doc.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/doc.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go index f8a30576c..f008f0e20 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/doc.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/doc.go index e39212eab..91c1c1d8a 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/doc.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/doc.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/doc.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/doc.go index 24ecc2be0..1964e2084 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/doc.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/doc.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroute.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroute.go index cedfa74a2..2c0a1494b 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroutetcp.go index 841e394ae..623fd5985 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressrouteudp.go index bf60f14d8..0b9913d47 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middleware.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middleware.go index 5b126d564..ef909746c 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middleware.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middlewaretcp.go index 475b7279e..23d4e6703 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_serverstransport.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_serverstransport.go index 4a711e791..289081537 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsoption.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsoption.go index 8d884f993..2dc3fa3ab 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsstore.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsstore.go index 15bf1e1e5..1d20311c1 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikcontainous_client.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikcontainous_client.go index 0ccf55f19..05cbeee51 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikcontainous_client.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikcontainous_client.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikservice.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikservice.go index 5a1a390c7..6e5f5b2ed 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/fake/fake_traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/generated_expansion.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/generated_expansion.go index aeaaec294..59b56c32f 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/generated_expansion.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/generated_expansion.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroute.go index 9ae05fd02..1ad1af049 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroutetcp.go index f75f54834..ec4814207 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressrouteudp.go index ad4f3b150..d7a7ebbb8 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middleware.go index dd2694341..b23e8df36 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middlewaretcp.go index 32a478b35..9cf0fd2f9 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/serverstransport.go index ada49856c..ed9ea93ea 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsoption.go index c340d8b64..f1d66a882 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsstore.go index 91d86684e..74b2f4045 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikcontainous_client.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikcontainous_client.go index 237a5f48f..c24b091eb 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikcontainous_client.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikcontainous_client.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikservice.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikservice.go index 344f26651..f52ff7aab 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikcontainous/v1alpha1/traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/doc.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/doc.go index e39212eab..91c1c1d8a 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/doc.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/doc.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/doc.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/doc.go index 24ecc2be0..1964e2084 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/doc.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/doc.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroute.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroute.go index 364113084..2f0bb8d60 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroutetcp.go index dcca789ae..c7dd8fbf7 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressrouteudp.go index 815811762..ed0c3a23c 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middleware.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middleware.go index d2ce41e27..7385b7985 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middleware.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middlewaretcp.go index d026a2a81..8c90d221c 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_serverstransport.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_serverstransport.go index 8c04de8bd..08d1f6a1c 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsoption.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsoption.go index ba23bef83..99132f297 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsstore.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsstore.go index 9dd04322c..2868030e7 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikio_client.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikio_client.go index 1b5d8233a..e2c81f799 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikio_client.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikio_client.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikservice.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikservice.go index 50a18e86d..fdb18b474 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/fake/fake_traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/generated_expansion.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/generated_expansion.go index aeaaec294..59b56c32f 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/generated_expansion.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/generated_expansion.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroute.go index 710c59a37..2c8ed2ce1 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroutetcp.go index 1d24bbc61..a8a5407f6 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressrouteudp.go index c98226d1a..e1adfe4e7 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middleware.go index c9cc8d4a1..6282b8d35 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middlewaretcp.go index 86d4af855..2d61da310 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/serverstransport.go index a9a824e90..a9dd020c2 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsoption.go index e782549be..e7404ad46 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsstore.go index 401559371..14cb0f0c7 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikio_client.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikio_client.go index 20ec249fa..96e6e9e05 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikio_client.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikio_client.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikservice.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikservice.go index cf1503d1d..47682e416 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/typed/traefikio/v1alpha1/traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go index 0b9aebf6e..5c2375b97 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/generic.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/generic.go index 553bf72db..dfbcf0bfd 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/generic.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/generic.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/internalinterfaces/factory_interfaces.go index 5abe4a64d..f37301acc 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/interface.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/interface.go index e462260b5..115a745a0 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/interface.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/interface.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroute.go index 500091592..ecfaf25f6 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroutetcp.go index b8382e1c2..f80a1b76a 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressrouteudp.go index 69bdd520c..1fee049a8 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/interface.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/interface.go index 9edba3953..83653f484 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/interface.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/interface.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middleware.go index 71c08243e..84343dc6c 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middlewaretcp.go index f80484e92..3c4a85a82 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/serverstransport.go index 29ae57c7e..64b342142 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsoption.go index 3fe6f8dc7..11b3dd710 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsstore.go index b27961285..36df0adb8 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/traefikservice.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/traefikservice.go index 501710f13..851b664bd 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikcontainous/v1alpha1/traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/interface.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/interface.go index 726ceb16f..0c0321cbb 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/interface.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/interface.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroute.go index ac1ece6b0..cd67e24df 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroutetcp.go index d86c7ca9d..71c54cb62 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressrouteudp.go index fb2b8a9ae..28a28f0d5 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/interface.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/interface.go index 9edba3953..83653f484 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/interface.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/interface.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middleware.go index 11de7184c..7d3573441 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middlewaretcp.go index db9c5e47b..1ee175d6a 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/serverstransport.go index 90f2dfbcd..c4cb27940 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsoption.go index f81a0a265..0da9e2b2d 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsstore.go index 338a72501..93685d299 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/traefikservice.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/traefikservice.go index e24a89fb8..9c63a8cba 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/traefikio/v1alpha1/traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/expansion_generated.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/expansion_generated.go index 341744ace..e2badc3a1 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/expansion_generated.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/expansion_generated.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroute.go index 6b0238b9c..f9bf671aa 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroutetcp.go index 84907b741..773c31f32 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressrouteudp.go index e6a14e6fa..b791006ee 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middleware.go index 4905d7741..d00224c93 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middlewaretcp.go index b556c030e..e7f0caa75 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/serverstransport.go index b29ee49ae..b357654ea 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsoption.go index 4ff720db9..aa10d4c13 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsstore.go index 4964646a6..545ec82a6 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/traefikservice.go b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/traefikservice.go index cc9d26831..f01f936bf 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikcontainous/v1alpha1/traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/expansion_generated.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/expansion_generated.go index 341744ace..e2badc3a1 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/expansion_generated.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/expansion_generated.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroute.go index 2a853bea1..762ad5fe3 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroute.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroutetcp.go index a6c69a805..932d48713 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressroutetcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressrouteudp.go index 5b5df603d..56ea4d6e1 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/ingressrouteudp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middleware.go index ab6a8d0e9..712ba96f3 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middleware.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middlewaretcp.go index 192a0c682..a4a0ccfa4 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/middlewaretcp.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/serverstransport.go index 5784d0ae6..9b7f60371 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/serverstransport.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsoption.go index 3d1145b91..e32c107b1 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsoption.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsstore.go index 2af005be1..f8922e437 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/tlsstore.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/traefikservice.go b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/traefikservice.go index 2ebc6533d..686ac967a 100644 --- a/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/traefikservice.go +++ b/pkg/provider/kubernetes/crd/generated/listers/traefikio/v1alpha1/traefikservice.go @@ -1,7 +1,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go index 03ddabec3..a91c5cfc1 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go @@ -4,7 +4,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go index 03ddabec3..a91c5cfc1 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go @@ -4,7 +4,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/tls/zz_generated.deepcopy.go b/pkg/tls/zz_generated.deepcopy.go index 95438c468..6050777a6 100644 --- a/pkg/tls/zz_generated.deepcopy.go +++ b/pkg/tls/zz_generated.deepcopy.go @@ -4,7 +4,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/pkg/types/zz_generated.deepcopy.go b/pkg/types/zz_generated.deepcopy.go index 8c55ace87..f2853fdfc 100644 --- a/pkg/types/zz_generated.deepcopy.go +++ b/pkg/types/zz_generated.deepcopy.go @@ -4,7 +4,7 @@ /* The MIT License (MIT) -Copyright (c) 2016-2020 Containous SAS; 2020-2023 Traefik Labs +Copyright (c) 2016-2020 Containous SAS; 2020-2024 Traefik Labs Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal From 60123a8f3ff380b4dfde89877c329464607980a2 Mon Sep 17 00:00:00 2001 From: Baptiste Mayelle Date: Tue, 2 Jan 2024 15:52:05 +0100 Subject: [PATCH 04/17] Hash WRR sticky cookies Co-authored-by: Romain --- pkg/server/service/loadbalancer/wrr/wrr.go | 55 +++++++++++-------- .../service/loadbalancer/wrr/wrr_test.go | 31 +++++++++++ 2 files changed, 64 insertions(+), 22 deletions(-) diff --git a/pkg/server/service/loadbalancer/wrr/wrr.go b/pkg/server/service/loadbalancer/wrr/wrr.go index d7261d95b..95c374842 100644 --- a/pkg/server/service/loadbalancer/wrr/wrr.go +++ b/pkg/server/service/loadbalancer/wrr/wrr.go @@ -5,6 +5,7 @@ import ( "context" "errors" "fmt" + "hash/fnv" "net/http" "sync" @@ -34,7 +35,9 @@ type Balancer struct { stickyCookie *stickyCookie wantsHealthCheck bool - mutex sync.RWMutex + handlersMu sync.RWMutex + // References all the handlers by name and also by the hashed value of the name. + handlerMap map[string]*namedHandler handlers []*namedHandler curDeadline float64 // status is a record of which child services of the Balancer are healthy, keyed @@ -51,6 +54,7 @@ type Balancer struct { func New(sticky *dynamic.Sticky, hc *dynamic.HealthCheck) *Balancer { balancer := &Balancer{ status: make(map[string]struct{}), + handlerMap: make(map[string]*namedHandler), wantsHealthCheck: hc != nil, } if sticky != nil && sticky.Cookie != nil { @@ -60,6 +64,7 @@ func New(sticky *dynamic.Sticky, hc *dynamic.HealthCheck) *Balancer { httpOnly: sticky.Cookie.HTTPOnly, } } + return balancer } @@ -97,8 +102,8 @@ func (b *Balancer) Pop() interface{} { // SetStatus sets on the balancer that its given child is now of the given // status. balancerName is only needed for logging purposes. func (b *Balancer) SetStatus(ctx context.Context, childName string, up bool) { - b.mutex.Lock() - defer b.mutex.Unlock() + b.handlersMu.Lock() + defer b.handlersMu.Unlock() upBefore := len(b.status) > 0 @@ -147,8 +152,8 @@ func (b *Balancer) RegisterStatusUpdater(fn func(up bool)) error { var errNoAvailableServer = errors.New("no available server") func (b *Balancer) nextServer() (*namedHandler, error) { - b.mutex.Lock() - defer b.mutex.Unlock() + b.handlersMu.Lock() + defer b.handlersMu.Unlock() if len(b.handlers) == 0 { return nil, fmt.Errorf("no servers in the pool") @@ -185,22 +190,18 @@ func (b *Balancer) ServeHTTP(w http.ResponseWriter, req *http.Request) { } if err == nil && cookie != nil { - for _, handler := range b.handlers { - if handler.name != cookie.Value { - continue - } + b.handlersMu.RLock() + handler, ok := b.handlerMap[cookie.Value] + b.handlersMu.RUnlock() - b.mutex.RLock() - _, ok := b.status[handler.name] - b.mutex.RUnlock() - if !ok { - // because we already are in the only iteration that matches the cookie, so none - // of the following iterations are going to be a match for the cookie anyway. - break + if ok && handler != nil { + b.handlersMu.RLock() + _, isHealthy := b.status[handler.name] + b.handlersMu.RUnlock() + if isHealthy { + handler.ServeHTTP(w, req) + return } - - handler.ServeHTTP(w, req) - return } } } @@ -216,7 +217,7 @@ func (b *Balancer) ServeHTTP(w http.ResponseWriter, req *http.Request) { } if b.stickyCookie != nil { - cookie := &http.Cookie{Name: b.stickyCookie.name, Value: server.name, Path: "/", HttpOnly: b.stickyCookie.httpOnly, Secure: b.stickyCookie.secure} + cookie := &http.Cookie{Name: b.stickyCookie.name, Value: hash(server.name), Path: "/", HttpOnly: b.stickyCookie.httpOnly, Secure: b.stickyCookie.secure} http.SetCookie(w, cookie) } @@ -237,9 +238,19 @@ func (b *Balancer) AddService(name string, handler http.Handler, weight *int) { h := &namedHandler{Handler: handler, name: name, weight: float64(w)} - b.mutex.Lock() + b.handlersMu.Lock() h.deadline = b.curDeadline + 1/h.weight heap.Push(b, h) b.status[name] = struct{}{} - b.mutex.Unlock() + b.handlerMap[name] = h + b.handlerMap[hash(name)] = h + b.handlersMu.Unlock() +} + +func hash(input string) string { + hasher := fnv.New64() + // We purposely ignore the error because the implementation always returns nil. + _, _ = hasher.Write([]byte(input)) + + return fmt.Sprintf("%x", hasher.Sum64()) } diff --git a/pkg/server/service/loadbalancer/wrr/wrr_test.go b/pkg/server/service/loadbalancer/wrr/wrr_test.go index ac5f7e15b..7328fd98d 100644 --- a/pkg/server/service/loadbalancer/wrr/wrr_test.go +++ b/pkg/server/service/loadbalancer/wrr/wrr_test.go @@ -254,6 +254,8 @@ func TestSticky(t *testing.T) { req := httptest.NewRequest(http.MethodGet, "/", nil) for i := 0; i < 3; i++ { for _, cookie := range recorder.Result().Cookies() { + assert.NotContains(t, "test=first", cookie.Value) + assert.NotContains(t, "test=second", cookie.Value) req.AddCookie(cookie) } recorder.ResponseRecorder = httptest.NewRecorder() @@ -265,6 +267,35 @@ func TestSticky(t *testing.T) { assert.Equal(t, 3, recorder.save["second"]) } +func TestSticky_FallBack(t *testing.T) { + balancer := New(&dynamic.Sticky{ + Cookie: &dynamic.Cookie{Name: "test"}, + }, nil) + + balancer.AddService("first", http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + rw.Header().Set("server", "first") + rw.WriteHeader(http.StatusOK) + }), Int(1)) + + balancer.AddService("second", http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + rw.Header().Set("server", "second") + rw.WriteHeader(http.StatusOK) + }), Int(2)) + + recorder := &responseRecorder{ResponseRecorder: httptest.NewRecorder(), save: map[string]int{}} + + req := httptest.NewRequest(http.MethodGet, "/", nil) + req.AddCookie(&http.Cookie{Name: "test", Value: "second"}) + for i := 0; i < 3; i++ { + recorder.ResponseRecorder = httptest.NewRecorder() + + balancer.ServeHTTP(recorder, req) + } + + assert.Equal(t, 0, recorder.save["first"]) + assert.Equal(t, 3, recorder.save["second"]) +} + // TestBalancerBias makes sure that the WRR algorithm spreads elements evenly right from the start, // and that it does not "over-favor" the high-weighted ones with a biased start-up regime. func TestBalancerBias(t *testing.T) { From 3dfaa3d5fa3d18d3db2a9e2b538237460bc409d9 Mon Sep 17 00:00:00 2001 From: Baptiste Mayelle Date: Tue, 2 Jan 2024 16:16:05 +0100 Subject: [PATCH 05/17] Add Redis Sentinel support Co-authored-by: Romain --- docs/content/providers/redis.md | 163 +++++++++++++++ .../reference/static-configuration/cli-ref.md | 21 ++ .../reference/static-configuration/env-ref.md | 21 ++ .../reference/static-configuration/file.toml | 8 + .../reference/static-configuration/file.yaml | 8 + go.mod | 5 +- go.sum | 12 +- integration/fixtures/redis/sentinel.toml | 19 ++ integration/redis_test.go | 196 +++++++++++++++++- .../compose/config/sentinel_template.conf | 5 + .../resources/compose/redis_sentinel.yml | 61 ++++++ pkg/provider/kv/redis/redis.go | 36 ++++ 12 files changed, 543 insertions(+), 12 deletions(-) create mode 100644 integration/fixtures/redis/sentinel.toml create mode 100644 integration/resources/compose/config/sentinel_template.conf create mode 100644 integration/resources/compose/redis_sentinel.yml diff --git a/docs/content/providers/redis.md b/docs/content/providers/redis.md index bd61e103c..309531423 100644 --- a/docs/content/providers/redis.md +++ b/docs/content/providers/redis.md @@ -229,3 +229,166 @@ providers: ```bash tab="CLI" --providers.redis.tls.insecureSkipVerify=true ``` + +### `sentinel` + +_Optional_ + +Defines the Sentinel configuration used to interact with Redis Sentinel. + +#### `masterName` + +_Required_ + +`masterName` is the name of the Sentinel master. + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + masterName: my-master +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] + masterName = "my-master" +``` + +```bash tab="CLI" +--providers.redis.sentinel.masterName=my-master +``` + +#### `username` + +_Optional_ + +`username` is the username for Sentinel authentication. + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + username: user +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] + username = "user" +``` + +```bash tab="CLI" +--providers.redis.sentinel.username=user +``` + +#### `password` + +_Optional_ + +`password` is the password for Sentinel authentication. + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + password: password +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] + password = "password" +``` + +```bash tab="CLI" +--providers.redis.sentinel.password=password +``` + +#### `latencyStrategy` + +_Optional, Default=false_ + +`latencyStrategy` defines whether to route commands to the closest master or replica nodes +(mutually exclusive with RandomStrategy and ReplicaStrategy). + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + latencyStrategy: true +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] +latencyStrategy = true +``` + +```bash tab="CLI" +--providers.redis.sentinel.latencyStrategy=true +``` + +#### `randomStrategy` + +_Optional, Default=false_ + +`randomStrategy` defines whether to route commands randomly to master or replica nodes +(mutually exclusive with LatencyStrategy and ReplicaStrategy). + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + randomStrategy: true +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] +randomStrategy = true +``` + +```bash tab="CLI" +--providers.redis.sentinel.randomStrategy=true +``` + +#### `replicaStrategy` + +_Optional, Default=false_ + +`replicaStrategy` Defines whether to route all commands to replica nodes +(mutually exclusive with LatencyStrategy and RandomStrategy). + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + replicaStrategy: true +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] +replicaStrategy = true +``` + +```bash tab="CLI" +--providers.redis.sentinel.replicaStrategy=true +``` + +#### `useDisconnectedReplicas` + +_Optional, Default=false_ + +`useDisconnectedReplicas` defines whether to use replicas disconnected with master when cannot get connected replicas. + +```yaml tab="File (YAML)" +providers: + redis: + sentinel: + useDisconnectedReplicas: true +``` + +```toml tab="File (TOML)" +[providers.redis.sentinel] +useDisconnectedReplicas = true +``` + +```bash tab="CLI" +--providers.redis.sentinel.useDisconnectedReplicas=true +``` diff --git a/docs/content/reference/static-configuration/cli-ref.md b/docs/content/reference/static-configuration/cli-ref.md index fbc3eb389..a0415e1b4 100644 --- a/docs/content/reference/static-configuration/cli-ref.md +++ b/docs/content/reference/static-configuration/cli-ref.md @@ -906,6 +906,27 @@ Password for authentication. `--providers.redis.rootkey`: Root key used for KV store. (Default: ```traefik```) +`--providers.redis.sentinel.latencystrategy`: +Defines whether to route commands to the closest master or replica nodes (mutually exclusive with RandomStrategy and ReplicaStrategy). (Default: ```false```) + +`--providers.redis.sentinel.mastername`: +Name of the master. + +`--providers.redis.sentinel.password`: +Password for Sentinel authentication. + +`--providers.redis.sentinel.randomstrategy`: +Defines whether to route commands randomly to master or replica nodes (mutually exclusive with LatencyStrategy and ReplicaStrategy). (Default: ```false```) + +`--providers.redis.sentinel.replicastrategy`: +Defines whether to route all commands to replica nodes (mutually exclusive with LatencyStrategy and RandomStrategy). (Default: ```false```) + +`--providers.redis.sentinel.usedisconnectedreplicas`: +Use replicas disconnected with master when cannot get connected replicas. (Default: ```false```) + +`--providers.redis.sentinel.username`: +Username for Sentinel authentication. + `--providers.redis.tls.ca`: TLS CA diff --git a/docs/content/reference/static-configuration/env-ref.md b/docs/content/reference/static-configuration/env-ref.md index 9f59741ce..a7b3ace47 100644 --- a/docs/content/reference/static-configuration/env-ref.md +++ b/docs/content/reference/static-configuration/env-ref.md @@ -906,6 +906,27 @@ Password for authentication. `TRAEFIK_PROVIDERS_REDIS_ROOTKEY`: Root key used for KV store. (Default: ```traefik```) +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_LATENCYSTRATEGY`: +Defines whether to route commands to the closest master or replica nodes (mutually exclusive with RandomStrategy and ReplicaStrategy). (Default: ```false```) + +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_MASTERNAME`: +Name of the master. + +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_PASSWORD`: +Password for Sentinel authentication. + +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_RANDOMSTRATEGY`: +Defines whether to route commands randomly to master or replica nodes (mutually exclusive with LatencyStrategy and ReplicaStrategy). (Default: ```false```) + +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_REPLICASTRATEGY`: +Defines whether to route all commands to replica nodes (mutually exclusive with LatencyStrategy and RandomStrategy). (Default: ```false```) + +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_USEDISCONNECTEDREPLICAS`: +Use replicas disconnected with master when cannot get connected replicas. (Default: ```false```) + +`TRAEFIK_PROVIDERS_REDIS_SENTINEL_USERNAME`: +Username for Sentinel authentication. + `TRAEFIK_PROVIDERS_REDIS_TLS_CA`: TLS CA diff --git a/docs/content/reference/static-configuration/file.toml b/docs/content/reference/static-configuration/file.toml index c33fbf309..42dda1fbf 100644 --- a/docs/content/reference/static-configuration/file.toml +++ b/docs/content/reference/static-configuration/file.toml @@ -247,6 +247,14 @@ cert = "foobar" key = "foobar" insecureSkipVerify = true + [providers.redis.sentinel] + masterName = "foobar" + username = "foobar" + password = "foobar" + latencyStrategy = true + randomStrategy = true + replicaStrategy = true + useDisconnectedReplicas = true [providers.http] endpoint = "foobar" pollInterval = "42s" diff --git a/docs/content/reference/static-configuration/file.yaml b/docs/content/reference/static-configuration/file.yaml index 67cf11398..1497f57e5 100644 --- a/docs/content/reference/static-configuration/file.yaml +++ b/docs/content/reference/static-configuration/file.yaml @@ -275,6 +275,14 @@ providers: cert: foobar key: foobar insecureSkipVerify: true + sentinel: + masterName: foobar + username: foobar + password: foobar + latencyStrategy: true + randomStrategy: true + replicaStrategy: true + useDisconnectedReplicas: true http: endpoint: foobar pollInterval: 42s diff --git a/go.mod b/go.mod index 22eb59b22..62ac8306b 100644 --- a/go.mod +++ b/go.mod @@ -37,7 +37,7 @@ require ( github.com/klauspost/compress v1.17.1 github.com/kvtools/consul v1.0.2 github.com/kvtools/etcdv3 v1.0.2 - github.com/kvtools/redis v1.0.2 + github.com/kvtools/redis v1.1.0 github.com/kvtools/valkeyrie v1.0.0 github.com/kvtools/zookeeper v1.0.2 github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f @@ -189,7 +189,6 @@ require ( github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/jsonreference v0.20.0 // indirect github.com/go-openapi/swag v0.19.14 // indirect - github.com/go-redis/redis/v8 v8.11.5 // indirect github.com/go-resty/resty/v2 v2.7.0 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/go-zookeeper/zk v1.0.3 // indirect @@ -278,6 +277,7 @@ require ( github.com/nrdcg/nodion v0.1.0 // indirect github.com/nrdcg/porkbun v0.2.0 // indirect github.com/nzdjb/go-metaname v1.0.0 // indirect + github.com/onsi/ginkgo v1.16.5 // indirect github.com/onsi/ginkgo/v2 v2.9.5 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.0.2 // indirect @@ -294,6 +294,7 @@ require ( github.com/prometheus/procfs v0.8.0 // indirect github.com/quic-go/qpack v0.4.0 // indirect github.com/quic-go/qtls-go1-20 v0.3.4 // indirect + github.com/redis/go-redis/v9 v9.2.1 // indirect github.com/sacloud/api-client-go v0.2.8 // indirect github.com/sacloud/go-http v0.1.6 // indirect github.com/sacloud/iaas-api-go v1.11.1 // indirect diff --git a/go.sum b/go.sum index b4a954782..ea218e429 100644 --- a/go.sum +++ b/go.sum @@ -287,6 +287,10 @@ github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8 github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= +github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs= +github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c= +github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA= +github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= github.com/buger/goterm v1.0.0 h1:ZB6uUlY8+sjJyFGzz2WpRqX2XYPeXVgtZAOJMwOsTWM= github.com/buger/goterm v1.0.0/go.mod h1:16STi3LquiscTIHA8SXUNKEa/Cnu4ZHBH8NsCaWgso0= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= @@ -741,8 +745,6 @@ github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+ github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= -github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI= -github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY= github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I= github.com/go-sql-driver/mysql v1.3.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= @@ -1169,8 +1171,8 @@ github.com/kvtools/consul v1.0.2 h1:ltPgs4Ld09Xaa7zrOJ/TewBYKAsr11/LRFpErdkb8AA= github.com/kvtools/consul v1.0.2/go.mod h1:bFnzfGJ5ZIRRXCBGBmwhJlLdEWOlrjOcS1WjyAQzaJA= github.com/kvtools/etcdv3 v1.0.2 h1:EB0mAtzqe1folE7m7Q6wnCXcGwaOmrYmsVmF3hNsTKI= github.com/kvtools/etcdv3 v1.0.2/go.mod h1:Xr6DbwqjuCEcXAIWmXxw0DX+N5BhuvablXgN90XeqMM= -github.com/kvtools/redis v1.0.2 h1:D3GjGGtssJF2w8mniWtIxcT/YX9YnRc4jNCm0hrVygQ= -github.com/kvtools/redis v1.0.2/go.mod h1:wuUNwwKOHi2TYxDxj1sGF74Jdg0jywydnatXtnOR3hA= +github.com/kvtools/redis v1.1.0 h1:nXRAyh2nsaWiJyrX449/qHMc3SvGUqRqRXcrA/MplEo= +github.com/kvtools/redis v1.1.0/go.mod h1:cqg3esJOIYMQ1qy5LVIbPZz9kuiBBcFREP2N5b9+Dn0= github.com/kvtools/valkeyrie v1.0.0 h1:LAITop2wPoYCMitR24GZZsW0b57hmI+ePD18VRTtOf0= github.com/kvtools/valkeyrie v1.0.0/go.mod h1:bDi/OdhJCSbGPMsCgUQl881yuEweKCSItAtTBI+ZjpU= github.com/kvtools/zookeeper v1.0.2 h1:uK0CzQa+mtKGxDDH+DeqXo2HC1Kx4hWXZ7pX/zS4aTo= @@ -1586,6 +1588,8 @@ github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac/go.mod github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/redis/go-redis/v9 v9.2.1 h1:WlYJg71ODF0dVspZZCpYmoF1+U1Jjk9Rwd7pq6QmlCg= +github.com/redis/go-redis/v9 v9.2.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= github.com/richardartoul/molecule v1.0.1-0.20221107223329-32cfee06a052 h1:Qp27Idfgi6ACvFQat5+VJvlYToylpM/hcyLBI3WaKPA= github.com/richardartoul/molecule v1.0.1-0.20221107223329-32cfee06a052/go.mod h1:uvX/8buq8uVeiZiFht+0lqSLBHF+uGV8BrTv8W/SIwk= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= diff --git a/integration/fixtures/redis/sentinel.toml b/integration/fixtures/redis/sentinel.toml new file mode 100644 index 000000000..3d5a59ec4 --- /dev/null +++ b/integration/fixtures/redis/sentinel.toml @@ -0,0 +1,19 @@ +[global] + checkNewVersion = false + sendAnonymousUsage = false + +[log] + level = "DEBUG" + +[entryPoints.web] + address = ":8000" + +[api] + insecure = true + +[providers.redis] + rootKey = "traefik" + endpoints = ["{{ .RedisAddress }}"] + +[providers.redis.sentinel] + masterName = "mymaster" diff --git a/integration/redis_test.go b/integration/redis_test.go index b642691c4..6407a3a35 100644 --- a/integration/redis_test.go +++ b/integration/redis_test.go @@ -4,12 +4,18 @@ import ( "bytes" "context" "encoding/json" + "errors" + "fmt" + "io/fs" "net" "net/http" "os" "path/filepath" + "strings" + "text/template" "time" + "github.com/fatih/structs" "github.com/go-check/check" "github.com/kvtools/redis" "github.com/kvtools/valkeyrie" @@ -23,24 +29,36 @@ import ( // Redis test suites. type RedisSuite struct { BaseSuite - kvClient store.Store - redisAddr string + kvClient store.Store + redisEndpoints []string +} + +func (s *RedisSuite) TearDownSuite(c *check.C) { + s.composeDown(c) + + for _, filename := range []string{"sentinel1.conf", "sentinel2.conf", "sentinel3.conf"} { + err := os.Remove(filepath.Join(".", "resources", "compose", "config", filename)) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + c.Fatal("unable to clean configuration file for sentinel: ", err) + } + } } func (s *RedisSuite) setupStore(c *check.C) { s.createComposeProject(c, "redis") s.composeUp(c) - s.redisAddr = net.JoinHostPort(s.getComposeServiceIP(c, "redis"), "6379") + s.redisEndpoints = []string{} + s.redisEndpoints = append(s.redisEndpoints, net.JoinHostPort(s.getComposeServiceIP(c, "redis"), "6379")) kv, err := valkeyrie.NewStore( context.Background(), redis.StoreName, - []string{s.redisAddr}, + s.redisEndpoints, &redis.Config{}, ) if err != nil { - c.Fatal("Cannot create store redis") + c.Fatal("Cannot create store redis: ", err) } s.kvClient = kv @@ -52,7 +70,173 @@ func (s *RedisSuite) setupStore(c *check.C) { func (s *RedisSuite) TestSimpleConfiguration(c *check.C) { s.setupStore(c) - file := s.adaptFile(c, "fixtures/redis/simple.toml", struct{ RedisAddress string }{s.redisAddr}) + file := s.adaptFile(c, "fixtures/redis/simple.toml", struct{ RedisAddress string }{ + RedisAddress: strings.Join(s.redisEndpoints, ","), + }) + defer os.Remove(file) + + data := map[string]string{ + "traefik/http/routers/Router0/entryPoints/0": "web", + "traefik/http/routers/Router0/middlewares/0": "compressor", + "traefik/http/routers/Router0/middlewares/1": "striper", + "traefik/http/routers/Router0/service": "simplesvc", + "traefik/http/routers/Router0/rule": "Host(`kv1.localhost`)", + "traefik/http/routers/Router0/priority": "42", + "traefik/http/routers/Router0/tls": "true", + + "traefik/http/routers/Router1/rule": "Host(`kv2.localhost`)", + "traefik/http/routers/Router1/priority": "42", + "traefik/http/routers/Router1/tls/domains/0/main": "aaa.localhost", + "traefik/http/routers/Router1/tls/domains/0/sans/0": "aaa.aaa.localhost", + "traefik/http/routers/Router1/tls/domains/0/sans/1": "bbb.aaa.localhost", + "traefik/http/routers/Router1/tls/domains/1/main": "bbb.localhost", + "traefik/http/routers/Router1/tls/domains/1/sans/0": "aaa.bbb.localhost", + "traefik/http/routers/Router1/tls/domains/1/sans/1": "bbb.bbb.localhost", + "traefik/http/routers/Router1/entryPoints/0": "web", + "traefik/http/routers/Router1/service": "simplesvc", + + "traefik/http/services/simplesvc/loadBalancer/servers/0/url": "http://10.0.1.1:8888", + "traefik/http/services/simplesvc/loadBalancer/servers/1/url": "http://10.0.1.1:8889", + + "traefik/http/services/srvcA/loadBalancer/servers/0/url": "http://10.0.1.2:8888", + "traefik/http/services/srvcA/loadBalancer/servers/1/url": "http://10.0.1.2:8889", + + "traefik/http/services/srvcB/loadBalancer/servers/0/url": "http://10.0.1.3:8888", + "traefik/http/services/srvcB/loadBalancer/servers/1/url": "http://10.0.1.3:8889", + + "traefik/http/services/mirror/mirroring/service": "simplesvc", + "traefik/http/services/mirror/mirroring/mirrors/0/name": "srvcA", + "traefik/http/services/mirror/mirroring/mirrors/0/percent": "42", + "traefik/http/services/mirror/mirroring/mirrors/1/name": "srvcB", + "traefik/http/services/mirror/mirroring/mirrors/1/percent": "42", + + "traefik/http/services/Service03/weighted/services/0/name": "srvcA", + "traefik/http/services/Service03/weighted/services/0/weight": "42", + "traefik/http/services/Service03/weighted/services/1/name": "srvcB", + "traefik/http/services/Service03/weighted/services/1/weight": "42", + + "traefik/http/middlewares/compressor/compress": "true", + "traefik/http/middlewares/striper/stripPrefix/prefixes/0": "foo", + "traefik/http/middlewares/striper/stripPrefix/prefixes/1": "bar", + "traefik/http/middlewares/striper/stripPrefix/forceSlash": "true", + } + + for k, v := range data { + err := s.kvClient.Put(context.Background(), k, []byte(v), nil) + c.Assert(err, checker.IsNil) + } + + cmd, display := s.traefikCmd(withConfigFile(file)) + defer display(c) + err := cmd.Start() + c.Assert(err, checker.IsNil) + defer s.killCmd(cmd) + + // wait for traefik + err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 2*time.Second, + try.BodyContains(`"striper@redis":`, `"compressor@redis":`, `"srvcA@redis":`, `"srvcB@redis":`), + ) + c.Assert(err, checker.IsNil) + + resp, err := http.Get("http://127.0.0.1:8080/api/rawdata") + c.Assert(err, checker.IsNil) + + var obtained api.RunTimeRepresentation + err = json.NewDecoder(resp.Body).Decode(&obtained) + c.Assert(err, checker.IsNil) + got, err := json.MarshalIndent(obtained, "", " ") + c.Assert(err, checker.IsNil) + + expectedJSON := filepath.FromSlash("testdata/rawdata-redis.json") + + if *updateExpected { + err = os.WriteFile(expectedJSON, got, 0o666) + c.Assert(err, checker.IsNil) + } + + expected, err := os.ReadFile(expectedJSON) + c.Assert(err, checker.IsNil) + + if !bytes.Equal(expected, got) { + diff := difflib.UnifiedDiff{ + FromFile: "Expected", + A: difflib.SplitLines(string(expected)), + ToFile: "Got", + B: difflib.SplitLines(string(got)), + Context: 3, + } + + text, err := difflib.GetUnifiedDiffString(diff) + c.Assert(err, checker.IsNil) + c.Error(text) + } +} + +func (s *RedisSuite) setupSentinelStore(c *check.C) { + s.setupSentinelConfiguration(c, []string{"26379", "36379", "46379"}) + + s.createComposeProject(c, "redis_sentinel") + s.composeUp(c) + + s.redisEndpoints = []string{ + net.JoinHostPort(s.getComposeServiceIP(c, "sentinel1"), "26379"), + net.JoinHostPort(s.getComposeServiceIP(c, "sentinel2"), "36379"), + net.JoinHostPort(s.getComposeServiceIP(c, "sentinel3"), "46379"), + } + + kv, err := valkeyrie.NewStore( + context.Background(), + redis.StoreName, + s.redisEndpoints, + &redis.Config{ + Sentinel: &redis.Sentinel{ + MasterName: "mymaster", + }, + }, + ) + if err != nil { + c.Fatal("Cannot create store redis sentinel") + } + s.kvClient = kv + + // wait for redis + err = try.Do(60*time.Second, try.KVExists(kv, "test")) + c.Assert(err, checker.IsNil) +} + +func (s *RedisSuite) setupSentinelConfiguration(c *check.C, ports []string) { + for i, port := range ports { + templateValue := struct{ SentinelPort string }{SentinelPort: port} + + // Load file + templateFile := "resources/compose/config/sentinel_template.conf" + tmpl, err := template.ParseFiles(templateFile) + c.Assert(err, checker.IsNil) + + folder, prefix := filepath.Split(templateFile) + + fileName := fmt.Sprintf("%s/sentinel%d.conf", folder, i+1) + tmpFile, err := os.Create(fileName) + c.Assert(err, checker.IsNil) + defer tmpFile.Close() + + model := structs.Map(templateValue) + model["SelfFilename"] = tmpFile.Name() + + err = tmpl.ExecuteTemplate(tmpFile, prefix, model) + c.Assert(err, checker.IsNil) + + err = tmpFile.Sync() + c.Assert(err, checker.IsNil) + } +} + +func (s *RedisSuite) TestSentinelConfiguration(c *check.C) { + s.setupSentinelStore(c) + + file := s.adaptFile(c, "fixtures/redis/sentinel.toml", struct{ RedisAddress string }{ + RedisAddress: strings.Join(s.redisEndpoints, `","`), + }) defer os.Remove(file) data := map[string]string{ diff --git a/integration/resources/compose/config/sentinel_template.conf b/integration/resources/compose/config/sentinel_template.conf new file mode 100644 index 000000000..c9f5acf6d --- /dev/null +++ b/integration/resources/compose/config/sentinel_template.conf @@ -0,0 +1,5 @@ +port {{ .SentinelPort }} +dir "/tmp" +sentinel resolve-hostnames yes +sentinel monitor mymaster master 6380 2 +sentinel deny-scripts-reconfig yes diff --git a/integration/resources/compose/redis_sentinel.yml b/integration/resources/compose/redis_sentinel.yml new file mode 100644 index 000000000..261e694e5 --- /dev/null +++ b/integration/resources/compose/redis_sentinel.yml @@ -0,0 +1,61 @@ +version: "3.8" +services: + master: + image: redis + container_name: redis-master + command: redis-server --port 6380 + ports: + - 6380:6380 + healthcheck: + test: redis-cli -p 6380 ping + node1: + image: redis + container_name: redis-node-1 + ports: + - 6381:6381 + command: redis-server --port 6381 --slaveof redis-master 6380 + healthcheck: + test: redis-cli -p 6381 ping + node2: + image: redis + container_name: redis-node-2 + ports: + - 6382:6382 + command: redis-server --port 6382 --slaveof redis-master 6380 + healthcheck: + test: redis-cli -p 6382 ping + sentinel1: + image: redis + container_name: redis-sentinel-1 + ports: + - 26379:26379 + command: redis-sentinel /usr/local/etc/redis/conf/sentinel1.conf + healthcheck: + test: redis-cli -p 26379 ping + volumes: + - ./resources/compose/config:/usr/local/etc/redis/conf + sentinel2: + image: redis + container_name: redis-sentinel-2 + ports: + - 36379:26379 + command: redis-sentinel /usr/local/etc/redis/conf/sentinel2.conf + healthcheck: + test: redis-cli -p 36379 ping + volumes: + - ./resources/compose/config:/usr/local/etc/redis/conf + sentinel3: + image: redis + container_name: redis-sentinel-3 + ports: + - 46379:26379 + command: redis-sentinel /usr/local/etc/redis/conf/sentinel3.conf + healthcheck: + test: redis-cli -p 46379 ping + volumes: + - ./resources/compose/config:/usr/local/etc/redis/conf + +networks: + default: + name: traefik-test-network + external: true diff --git a/pkg/provider/kv/redis/redis.go b/pkg/provider/kv/redis/redis.go index 23f432bb1..3005c8f2d 100644 --- a/pkg/provider/kv/redis/redis.go +++ b/pkg/provider/kv/redis/redis.go @@ -2,6 +2,7 @@ package redis import ( "context" + "errors" "fmt" "github.com/kvtools/redis" @@ -20,6 +21,20 @@ type Provider struct { Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"` Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"` DB int `description:"Database to be selected after connecting to the server." json:"db,omitempty" toml:"db,omitempty" yaml:"db,omitempty"` + Sentinel *Sentinel `description:"Enable Sentinel support." json:"sentinel,omitempty" toml:"sentinel,omitempty" yaml:"sentinel,omitempty"` +} + +// Sentinel holds the Redis Sentinel configuration. +type Sentinel struct { + MasterName string `description:"Name of the master." json:"masterName,omitempty" toml:"masterName,omitempty" yaml:"masterName,omitempty" export:"true"` + Username string `description:"Username for Sentinel authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" export:"true"` + Password string `description:"Password for Sentinel authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" export:"true"` + + LatencyStrategy bool `description:"Defines whether to route commands to the closest master or replica nodes (mutually exclusive with RandomStrategy and ReplicaStrategy)." json:"latencyStrategy,omitempty" toml:"latencyStrategy,omitempty" yaml:"latencyStrategy,omitempty" export:"true"` + RandomStrategy bool `description:"Defines whether to route commands randomly to master or replica nodes (mutually exclusive with LatencyStrategy and ReplicaStrategy)." json:"randomStrategy,omitempty" toml:"randomStrategy,omitempty" yaml:"randomStrategy,omitempty" export:"true"` + ReplicaStrategy bool `description:"Defines whether to route all commands to replica nodes (mutually exclusive with LatencyStrategy and RandomStrategy)." json:"replicaStrategy,omitempty" toml:"replicaStrategy,omitempty" yaml:"replicaStrategy,omitempty" export:"true"` + + UseDisconnectedReplicas bool `description:"Use replicas disconnected with master when cannot get connected replicas." json:"useDisconnectedReplicas,omitempty" toml:"useDisconnectedReplicas,omitempty" yaml:"useDisconnectedReplicas,omitempty" export:"true"` } // SetDefaults sets the default values. @@ -44,5 +59,26 @@ func (p *Provider) Init() error { } } + if p.Sentinel != nil { + switch { + case p.Sentinel.LatencyStrategy && !(p.Sentinel.RandomStrategy || p.Sentinel.ReplicaStrategy): + case p.Sentinel.RandomStrategy && !(p.Sentinel.LatencyStrategy || p.Sentinel.ReplicaStrategy): + case p.Sentinel.ReplicaStrategy && !(p.Sentinel.RandomStrategy || p.Sentinel.LatencyStrategy): + return errors.New("latencyStrategy, randomStrategy and replicaStrategy options are mutually exclusive, please use only one of those options") + } + + clusterClient := p.Sentinel.LatencyStrategy || p.Sentinel.RandomStrategy + config.Sentinel = &redis.Sentinel{ + MasterName: p.Sentinel.MasterName, + Username: p.Sentinel.Username, + Password: p.Sentinel.Password, + ClusterClient: clusterClient, + RouteByLatency: p.Sentinel.LatencyStrategy, + RouteRandomly: p.Sentinel.RandomStrategy, + ReplicaOnly: p.Sentinel.ReplicaStrategy, + UseDisconnectedReplicas: p.Sentinel.UseDisconnectedReplicas, + } + } + return p.Provider.Init(redis.StoreName, "redis", config) } From 9662cdca648fd2c7e7002e18cc73a29769d3901f Mon Sep 17 00:00:00 2001 From: Julien Salleyron Date: Tue, 2 Jan 2024 16:40:06 +0100 Subject: [PATCH 06/17] Add KeepAliveMaxTime and KeepAliveMaxRequests features to entrypoints --- .../reference/static-configuration/cli-ref.md | 6 ++ .../reference/static-configuration/env-ref.md | 6 ++ .../reference/static-configuration/file.toml | 2 + .../reference/static-configuration/file.yaml | 2 + docs/content/routing/entrypoints.md | 70 +++++++++++++-- pkg/config/static/entrypoints.go | 6 +- pkg/server/keep_alive_middleware.go | 29 ++++++ pkg/server/server_entrypoint_tcp.go | 56 ++++++++++++ pkg/server/server_entrypoint_tcp_test.go | 88 +++++++++++++++++++ 9 files changed, 258 insertions(+), 7 deletions(-) create mode 100644 pkg/server/keep_alive_middleware.go diff --git a/docs/content/reference/static-configuration/cli-ref.md b/docs/content/reference/static-configuration/cli-ref.md index a0415e1b4..03409a1c3 100644 --- a/docs/content/reference/static-configuration/cli-ref.md +++ b/docs/content/reference/static-configuration/cli-ref.md @@ -171,6 +171,12 @@ Trust all. (Default: ```false```) `--entrypoints..proxyprotocol.trustedips`: Trust only selected IPs. +`--entrypoints..transport.keepalivemaxrequests`: +Maximum number of requests before closing a keep-alive connection. (Default: ```0```) + +`--entrypoints..transport.keepalivemaxtime`: +Maximum duration before closing a keep-alive connection. (Default: ```0```) + `--entrypoints..transport.lifecycle.gracetimeout`: Duration to give active requests a chance to finish before Traefik stops. (Default: ```10```) diff --git a/docs/content/reference/static-configuration/env-ref.md b/docs/content/reference/static-configuration/env-ref.md index a7b3ace47..d3de13a66 100644 --- a/docs/content/reference/static-configuration/env-ref.md +++ b/docs/content/reference/static-configuration/env-ref.md @@ -171,6 +171,12 @@ Trust all. (Default: ```false```) `TRAEFIK_ENTRYPOINTS__PROXYPROTOCOL_TRUSTEDIPS`: Trust only selected IPs. +`TRAEFIK_ENTRYPOINTS__TRANSPORT_KEEPALIVEMAXREQUESTS`: +Maximum number of requests before closing a keep-alive connection. (Default: ```0```) + +`TRAEFIK_ENTRYPOINTS__TRANSPORT_KEEPALIVEMAXTIME`: +Maximum duration before closing a keep-alive connection. (Default: ```0```) + `TRAEFIK_ENTRYPOINTS__TRANSPORT_LIFECYCLE_GRACETIMEOUT`: Duration to give active requests a chance to finish before Traefik stops. (Default: ```10```) diff --git a/docs/content/reference/static-configuration/file.toml b/docs/content/reference/static-configuration/file.toml index 42dda1fbf..dc38a2cea 100644 --- a/docs/content/reference/static-configuration/file.toml +++ b/docs/content/reference/static-configuration/file.toml @@ -15,6 +15,8 @@ [entryPoints.EntryPoint0] address = "foobar" [entryPoints.EntryPoint0.transport] + keepAliveMaxRequests = 42 + keepAliveMaxTime = "42s" [entryPoints.EntryPoint0.transport.lifeCycle] requestAcceptGraceTimeout = "42s" graceTimeOut = "42s" diff --git a/docs/content/reference/static-configuration/file.yaml b/docs/content/reference/static-configuration/file.yaml index 1497f57e5..6a0cb264b 100644 --- a/docs/content/reference/static-configuration/file.yaml +++ b/docs/content/reference/static-configuration/file.yaml @@ -15,6 +15,8 @@ entryPoints: EntryPoint0: address: foobar transport: + keepAliveMaxRequests: 42 + keepAliveMaxTime: 42s lifeCycle: requestAcceptGraceTimeout: 42s graceTimeOut: 42s diff --git a/docs/content/routing/entrypoints.md b/docs/content/routing/entrypoints.md index 305e69cd1..c77c8e406 100644 --- a/docs/content/routing/entrypoints.md +++ b/docs/content/routing/entrypoints.md @@ -589,17 +589,77 @@ Controls the behavior of Traefik during the shutdown phase. --entryPoints.name.transport.lifeCycle.graceTimeOut=42 ``` +#### `keepAliveMaxRequests` + +_Optional, Default=0_ + +The maximum number of requests Traefik can handle before sending a `Connection: Close` header to the client (for HTTP2, Traefik sends a GOAWAY). Zero means no limit. + + ```yaml tab="File (YAML)" + ## Static configuration + entryPoints: + name: + address: ":8888" + transport: + keepAliveMaxRequests: 42 + ``` + + ```toml tab="File (TOML)" + ## Static configuration + [entryPoints] + [entryPoints.name] + address = ":8888" + [entryPoints.name.transport] + keepAliveMaxRequests = 42 + ``` + + ```bash tab="CLI" + ## Static configuration + --entryPoints.name.address=:8888 + --entryPoints.name.transport.keepAliveRequests=42 + ``` + +#### `keepAliveMaxTime` + +_Optional, Default=0s_ + +The maximum duration Traefik can handle requests before sending a `Connection: Close` header to the client (for HTTP2, Traefik sends a GOAWAY). Zero means no limit. + + ```yaml tab="File (YAML)" + ## Static configuration + entryPoints: + name: + address: ":8888" + transport: + keepAliveMaxTime: 42s + ``` + + ```toml tab="File (TOML)" + ## Static configuration + [entryPoints] + [entryPoints.name] + address = ":8888" + [entryPoints.name.transport] + keepAliveMaxTime = 42s + ``` + + ```bash tab="CLI" + ## Static configuration + --entryPoints.name.address=:8888 + --entryPoints.name.transport.keepAliveTime=42s + ``` + ### ProxyProtocol -Traefik supports [ProxyProtocol](https://www.haproxy.org/download/2.0/doc/proxy-protocol.txt) version 1 and 2. +Traefik supports [PROXY protocol](https://www.haproxy.org/download/2.0/doc/proxy-protocol.txt) version 1 and 2. -If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. +If PROXY protocol header parsing is enabled for the entry point, this entry point can accept connections with or without PROXY protocol headers. -If the Proxy Protocol header is passed, then the version is determined automatically. +If the PROXY protocol header is passed, then the version is determined automatically. ??? info "`proxyProtocol.trustedIPs`" - Enabling Proxy Protocol with Trusted IPs. + Enabling PROXY protocol with Trusted IPs. ```yaml tab="File (YAML)" ## Static configuration @@ -662,7 +722,7 @@ If the Proxy Protocol header is passed, then the version is determined automatic !!! warning "Queuing Traefik behind Another Load Balancer" - When queuing Traefik behind another load-balancer, make sure to configure Proxy Protocol on both sides. + When queuing Traefik behind another load-balancer, make sure to configure PROXY protocol on both sides. Not doing so could introduce a security risk in your system (enabling request forgery). ## HTTP Options diff --git a/pkg/config/static/entrypoints.go b/pkg/config/static/entrypoints.go index 68ac9285e..b2243aa3f 100644 --- a/pkg/config/static/entrypoints.go +++ b/pkg/config/static/entrypoints.go @@ -122,8 +122,10 @@ type EntryPoints map[string]*EntryPoint // EntryPointsTransport configures communication between clients and Traefik. type EntryPointsTransport struct { - LifeCycle *LifeCycle `description:"Timeouts influencing the server life cycle." json:"lifeCycle,omitempty" toml:"lifeCycle,omitempty" yaml:"lifeCycle,omitempty" export:"true"` - RespondingTimeouts *RespondingTimeouts `description:"Timeouts for incoming requests to the Traefik instance." json:"respondingTimeouts,omitempty" toml:"respondingTimeouts,omitempty" yaml:"respondingTimeouts,omitempty" export:"true"` + LifeCycle *LifeCycle `description:"Timeouts influencing the server life cycle." json:"lifeCycle,omitempty" toml:"lifeCycle,omitempty" yaml:"lifeCycle,omitempty" export:"true"` + RespondingTimeouts *RespondingTimeouts `description:"Timeouts for incoming requests to the Traefik instance." json:"respondingTimeouts,omitempty" toml:"respondingTimeouts,omitempty" yaml:"respondingTimeouts,omitempty" export:"true"` + KeepAliveMaxTime ptypes.Duration `description:"Maximum duration before closing a keep-alive connection." json:"keepAliveMaxTime,omitempty" toml:"keepAliveMaxTime,omitempty" yaml:"keepAliveMaxTime,omitempty" export:"true"` + KeepAliveMaxRequests int `description:"Maximum number of requests before closing a keep-alive connection." json:"keepAliveMaxRequests,omitempty" toml:"keepAliveMaxRequests,omitempty" yaml:"keepAliveMaxRequests,omitempty" export:"true"` } // SetDefaults sets the default values. diff --git a/pkg/server/keep_alive_middleware.go b/pkg/server/keep_alive_middleware.go new file mode 100644 index 000000000..73b2159b1 --- /dev/null +++ b/pkg/server/keep_alive_middleware.go @@ -0,0 +1,29 @@ +package server + +import ( + "net/http" + "time" + + ptypes "github.com/traefik/paerser/types" + "github.com/traefik/traefik/v2/pkg/log" +) + +func newKeepAliveMiddleware(next http.Handler, maxRequests int, maxTime ptypes.Duration) http.Handler { + return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + state, ok := req.Context().Value(connStateKey).(*connState) + if ok { + state.HTTPRequestCount++ + if maxRequests > 0 && state.HTTPRequestCount >= maxRequests { + log.WithoutContext().Debug("Close because of too many requests") + state.KeepAliveState = "Close because of too many requests" + rw.Header().Set("Connection", "close") + } + if maxTime > 0 && time.Now().After(state.Start.Add(time.Duration(maxTime))) { + log.WithoutContext().Debug("Close because of too long connection") + state.KeepAliveState = "Close because of too long connection" + rw.Header().Set("Connection", "close") + } + } + next.ServeHTTP(rw, req) + }) +} diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go index b33c955ee..e3e22998e 100644 --- a/pkg/server/server_entrypoint_tcp.go +++ b/pkg/server/server_entrypoint_tcp.go @@ -3,6 +3,7 @@ package server import ( "context" "errors" + "expvar" "fmt" stdlog "log" "net" @@ -34,6 +35,25 @@ import ( var httpServerLogger = stdlog.New(log.WithoutContext().WriterLevel(logrus.DebugLevel), "", 0) +type key string + +const ( + connStateKey key = "connState" + debugConnectionEnv string = "DEBUG_CONNECTION" +) + +var ( + clientConnectionStates = map[string]*connState{} + clientConnectionStatesMu = sync.RWMutex{} +) + +type connState struct { + State string + KeepAliveState string + Start time.Time + HTTPRequestCount int +} + type httpForwarder struct { net.Listener connChan chan net.Conn @@ -68,6 +88,12 @@ type TCPEntryPoints map[string]*TCPEntryPoint // NewTCPEntryPoints creates a new TCPEntryPoints. func NewTCPEntryPoints(entryPointsConfig static.EntryPoints, hostResolverConfig *types.HostResolverConfig) (TCPEntryPoints, error) { + if os.Getenv(debugConnectionEnv) != "" { + expvar.Publish("clientConnectionStates", expvar.Func(func() any { + return clientConnectionStates + })) + } + serverEntryPointsTCP := make(TCPEntryPoints) for entryPointName, config := range entryPointsConfig { protocol, err := config.GetProtocol() @@ -548,6 +574,11 @@ func createHTTPServer(ctx context.Context, ln net.Listener, configuration *stati }) } + debugConnection := os.Getenv(debugConnectionEnv) != "" + if debugConnection || (configuration.Transport != nil && (configuration.Transport.KeepAliveMaxTime > 0 || configuration.Transport.KeepAliveMaxRequests > 0)) { + handler = newKeepAliveMiddleware(handler, configuration.Transport.KeepAliveMaxRequests, configuration.Transport.KeepAliveMaxTime) + } + serverHTTP := &http.Server{ Handler: handler, ErrorLog: httpServerLogger, @@ -555,6 +586,27 @@ func createHTTPServer(ctx context.Context, ln net.Listener, configuration *stati WriteTimeout: time.Duration(configuration.Transport.RespondingTimeouts.WriteTimeout), IdleTimeout: time.Duration(configuration.Transport.RespondingTimeouts.IdleTimeout), } + if debugConnection || (configuration.Transport != nil && (configuration.Transport.KeepAliveMaxTime > 0 || configuration.Transport.KeepAliveMaxRequests > 0)) { + serverHTTP.ConnContext = func(ctx context.Context, c net.Conn) context.Context { + cState := &connState{Start: time.Now()} + if debugConnection { + clientConnectionStatesMu.Lock() + clientConnectionStates[getConnKey(c)] = cState + clientConnectionStatesMu.Unlock() + } + return context.WithValue(ctx, connStateKey, cState) + } + + if debugConnection { + serverHTTP.ConnState = func(c net.Conn, state http.ConnState) { + clientConnectionStatesMu.Lock() + if clientConnectionStates[getConnKey(c)] != nil { + clientConnectionStates[getConnKey(c)].State = state.String() + } + clientConnectionStatesMu.Unlock() + } + } + } // ConfigureServer configures HTTP/2 with the MaxConcurrentStreams option for the given server. // Also keeping behavior the same as @@ -584,6 +636,10 @@ func createHTTPServer(ctx context.Context, ln net.Listener, configuration *stati }, nil } +func getConnKey(conn net.Conn) string { + return fmt.Sprintf("%s => %s", conn.RemoteAddr(), conn.LocalAddr()) +} + func newTrackedConnection(conn tcp.WriteCloser, tracker *connectionTracker) *trackedConnection { tracker.AddConnection(conn) return &trackedConnection{ diff --git a/pkg/server/server_entrypoint_tcp_test.go b/pkg/server/server_entrypoint_tcp_test.go index 342d7d9fa..9d66c44e0 100644 --- a/pkg/server/server_entrypoint_tcp_test.go +++ b/pkg/server/server_entrypoint_tcp_test.go @@ -230,3 +230,91 @@ func TestReadTimeoutWithFirstByte(t *testing.T) { t.Error("Timeout while read") } } + +func TestKeepAliveMaxRequests(t *testing.T) { + epConfig := &static.EntryPointsTransport{} + epConfig.SetDefaults() + epConfig.KeepAliveMaxRequests = 3 + + entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{ + Address: ":0", + Transport: epConfig, + ForwardedHeaders: &static.ForwardedHeaders{}, + HTTP2: &static.HTTP2Config{}, + }, nil) + require.NoError(t, err) + + router := &tcprouter.Router{} + router.SetHTTPHandler(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + rw.WriteHeader(http.StatusOK) + })) + + conn, err := startEntrypoint(entryPoint, router) + require.NoError(t, err) + + http.DefaultClient.Transport = &http.Transport{ + DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { + return conn, nil + }, + } + + resp, err := http.Get("http://" + entryPoint.listener.Addr().String()) + require.NoError(t, err) + require.False(t, resp.Close) + err = resp.Body.Close() + require.NoError(t, err) + + resp, err = http.Get("http://" + entryPoint.listener.Addr().String()) + require.NoError(t, err) + require.False(t, resp.Close) + err = resp.Body.Close() + require.NoError(t, err) + + resp, err = http.Get("http://" + entryPoint.listener.Addr().String()) + require.NoError(t, err) + require.True(t, resp.Close) + err = resp.Body.Close() + require.NoError(t, err) +} + +func TestKeepAliveMaxTime(t *testing.T) { + epConfig := &static.EntryPointsTransport{} + epConfig.SetDefaults() + epConfig.KeepAliveMaxTime = ptypes.Duration(time.Millisecond) + + entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{ + Address: ":0", + Transport: epConfig, + ForwardedHeaders: &static.ForwardedHeaders{}, + HTTP2: &static.HTTP2Config{}, + }, nil) + require.NoError(t, err) + + router := &tcprouter.Router{} + router.SetHTTPHandler(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + rw.WriteHeader(http.StatusOK) + })) + + conn, err := startEntrypoint(entryPoint, router) + require.NoError(t, err) + + http.DefaultClient.Transport = &http.Transport{ + DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { + return conn, nil + }, + } + + resp, err := http.Get("http://" + entryPoint.listener.Addr().String()) + require.NoError(t, err) + require.False(t, resp.Close) + err = resp.Body.Close() + require.NoError(t, err) + + time.Sleep(time.Millisecond) + + resp, err = http.Get("http://" + entryPoint.listener.Addr().String()) + require.NoError(t, err) + require.True(t, resp.Close) + err = resp.Body.Close() + require.NoError(t, err) +} From 0e92b0247415c00dccdd5634ac20ea61fa4af869 Mon Sep 17 00:00:00 2001 From: Landry Benguigui Date: Tue, 2 Jan 2024 17:04:06 +0100 Subject: [PATCH 07/17] Deprecate IPWhiteList middleware in favor of IPAllowList Co-authored-by: Kevin Pollet --- docs/content/middlewares/http/ipallowlist.md | 195 ++++++++++++++++++ docs/content/middlewares/http/ipwhitelist.md | 8 +- docs/content/middlewares/tcp/ipallowlist.md | 60 ++++++ docs/content/middlewares/tcp/ipwhitelist.md | 6 +- docs/content/migration/v2.md | 10 + .../dynamic-configuration/docker-labels.yml | 4 + .../reference/dynamic-configuration/file.toml | 6 + .../reference/dynamic-configuration/file.yaml | 15 ++ .../kubernetes-crd-definition-v1.yml | 114 ++++++++-- .../kubernetes-crd-resource.yml | 2 +- .../reference/dynamic-configuration/kv-ref.md | 5 + .../marathon-labels.json | 4 + .../traefik.containo.us_middlewares.yaml | 41 +++- .../traefik.containo.us_middlewaretcps.yaml | 16 +- .../traefik.io_middlewares.yaml | 41 +++- .../traefik.io_middlewaretcps.yaml | 16 +- docs/mkdocs.yml | 6 +- integration/fixtures/k8s/01-traefik-crd.yml | 114 ++++++++-- integration/fixtures/simple_allowlist.toml | 18 ++ integration/resources/compose/allowlist.yml | 41 ++++ integration/simple_test.go | 70 +++++++ pkg/config/dynamic/middlewares.go | 15 +- pkg/config/dynamic/tcp_middlewares.go | 10 +- pkg/config/dynamic/zz_generated.deepcopy.go | 57 +++++ pkg/middlewares/ipallowlist/ip_allowlist.go | 88 ++++++++ .../ipallowlist/ip_allowlist_test.go | 100 +++++++++ .../tcp/ipallowlist/ip_allowlist.go | 65 ++++++ .../tcp/ipallowlist/ip_allowlist_test.go | 139 +++++++++++++ pkg/provider/kubernetes/crd/kubernetes.go | 2 + .../traefikcontainous/v1alpha1/middleware.go | 1 + .../v1alpha1/middlewaretcp.go | 7 + .../v1alpha1/zz_generated.deepcopy.go | 10 + .../crd/traefikio/v1alpha1/middleware.go | 1 + .../crd/traefikio/v1alpha1/middlewaretcp.go | 7 + .../v1alpha1/zz_generated.deepcopy.go | 10 + pkg/server/middleware/middlewares.go | 14 ++ 36 files changed, 1268 insertions(+), 50 deletions(-) create mode 100644 docs/content/middlewares/http/ipallowlist.md create mode 100644 docs/content/middlewares/tcp/ipallowlist.md create mode 100644 integration/fixtures/simple_allowlist.toml create mode 100644 integration/resources/compose/allowlist.yml create mode 100644 pkg/middlewares/ipallowlist/ip_allowlist.go create mode 100644 pkg/middlewares/ipallowlist/ip_allowlist_test.go create mode 100644 pkg/middlewares/tcp/ipallowlist/ip_allowlist.go create mode 100644 pkg/middlewares/tcp/ipallowlist/ip_allowlist_test.go diff --git a/docs/content/middlewares/http/ipallowlist.md b/docs/content/middlewares/http/ipallowlist.md new file mode 100644 index 000000000..d62e253bb --- /dev/null +++ b/docs/content/middlewares/http/ipallowlist.md @@ -0,0 +1,195 @@ +--- +title: "Traefik HTTP Middlewares IPAllowList" +description: "Learn how to use IPAllowList in HTTP middleware for limiting clients to specific IPs in Traefik Proxy. Read the technical documentation." +--- + +# IPAllowList + +Limiting Clients to Specific IPs +{: .subtitle } + +IPAllowList accepts / refuses requests based on the client IP. + +## Configuration Examples + +```yaml tab="Docker & Swarm" +# Accepts request from defined IP +labels: + - "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7" +``` + +```yaml tab="Kubernetes" +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: test-ipallowlist +spec: + ipAllowList: + sourceRange: + - 127.0.0.1/32 + - 192.168.1.7 +``` + +```yaml tab="Consul Catalog" +# Accepts request from defined IP +- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7" +``` + +```yaml tab="File (YAML)" +# Accepts request from defined IP +http: + middlewares: + test-ipallowlist: + ipAllowList: + sourceRange: + - "127.0.0.1/32" + - "192.168.1.7" +``` + +```toml tab="File (TOML)" +# Accepts request from defined IP +[http.middlewares] + [http.middlewares.test-ipallowlist.ipAllowList] + sourceRange = ["127.0.0.1/32", "192.168.1.7"] +``` + +## Configuration Options + +### `sourceRange` + +The `sourceRange` option sets the allowed IPs (or ranges of allowed IPs by using CIDR notation). + +### `ipStrategy` + +The `ipStrategy` option defines two parameters that set how Traefik determines the client IP: `depth`, and `excludedIPs`. +If no strategy is set, the default behavior is to match `sourceRange` against the Remote address found in the request. + +!!! important "As a middleware, whitelisting happens before the actual proxying to the backend takes place. In addition, the previous network hop only gets appended to `X-Forwarded-For` during the last stages of proxying, i.e. after it has already passed through whitelisting. Therefore, during whitelisting, as the previous network hop is not yet present in `X-Forwarded-For`, it cannot be matched against `sourceRange`." + +#### `ipStrategy.depth` + +The `depth` option tells Traefik to use the `X-Forwarded-For` header and take the IP located at the `depth` position (starting from the right). + +- If `depth` is greater than the total number of IPs in `X-Forwarded-For`, then the client IP will be empty. +- `depth` is ignored if its value is less than or equal to 0. + +!!! example "Examples of Depth & X-Forwarded-For" + + If `depth` is set to 2, and the request `X-Forwarded-For` header is `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` then the "real" client IP is `"10.0.0.1"` (at depth 4) but the IP used is `"12.0.0.1"` (`depth=2`). + + | `X-Forwarded-For` | `depth` | clientIP | + |-----------------------------------------|---------|--------------| + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `1` | `"13.0.0.1"` | + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `3` | `"11.0.0.1"` | + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `5` | `""` | + +```yaml tab="Docker & Swarm" +# Allowlisting Based on `X-Forwarded-For` with `depth=2` +labels: + - "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7" + - "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.depth=2" +``` + +```yaml tab="Kubernetes" +# Allowlisting Based on `X-Forwarded-For` with `depth=2` +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: test-ipallowlist +spec: + ipAllowList: + sourceRange: + - 127.0.0.1/32 + - 192.168.1.7 + ipStrategy: + depth: 2 +``` + +```yaml tab="Consul Catalog" +# Allowlisting Based on `X-Forwarded-For` with `depth=2` +- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7" +- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.depth=2" +``` + +```yaml tab="File (YAML)" +# Allowlisting Based on `X-Forwarded-For` with `depth=2` +http: + middlewares: + test-ipallowlist: + ipAllowList: + sourceRange: + - "127.0.0.1/32" + - "192.168.1.7" + ipStrategy: + depth: 2 +``` + +```toml tab="File (TOML)" +# Allowlisting Based on `X-Forwarded-For` with `depth=2` +[http.middlewares] + [http.middlewares.test-ipallowlist.ipAllowList] + sourceRange = ["127.0.0.1/32", "192.168.1.7"] + [http.middlewares.test-ipallowlist.ipAllowList.ipStrategy] + depth = 2 +``` + +#### `ipStrategy.excludedIPs` + +`excludedIPs` configures Traefik to scan the `X-Forwarded-For` header and select the first IP not in the list. + +!!! important "If `depth` is specified, `excludedIPs` is ignored." + +!!! example "Example of ExcludedIPs & X-Forwarded-For" + + | `X-Forwarded-For` | `excludedIPs` | clientIP | + |-----------------------------------------|-----------------------|--------------| + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `"12.0.0.1,13.0.0.1"` | `"11.0.0.1"` | + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `"15.0.0.1,13.0.0.1"` | `"12.0.0.1"` | + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `"10.0.0.1,13.0.0.1"` | `"12.0.0.1"` | + | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `"15.0.0.1,16.0.0.1"` | `"13.0.0.1"` | + | `"10.0.0.1,11.0.0.1"` | `"10.0.0.1,11.0.0.1"` | `""` | + +```yaml tab="Docker & Swarm" +# Exclude from `X-Forwarded-For` +labels: + - "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7" +``` + +```yaml tab="Kubernetes" +# Exclude from `X-Forwarded-For` +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: test-ipallowlist +spec: + ipAllowList: + ipStrategy: + excludedIPs: + - 127.0.0.1/32 + - 192.168.1.7 +``` + +```yaml tab="Consul Catalog" +# Exclude from `X-Forwarded-For` +- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7" +``` + +```yaml tab="File (YAML)" +# Exclude from `X-Forwarded-For` +http: + middlewares: + test-ipallowlist: + ipAllowList: + ipStrategy: + excludedIPs: + - "127.0.0.1/32" + - "192.168.1.7" +``` + +```toml tab="File (TOML)" +# Exclude from `X-Forwarded-For` +[http.middlewares] + [http.middlewares.test-ipallowlist.ipAllowList] + [http.middlewares.test-ipallowlist.ipAllowList.ipStrategy] + excludedIPs = ["127.0.0.1/32", "192.168.1.7"] +``` diff --git a/docs/content/middlewares/http/ipwhitelist.md b/docs/content/middlewares/http/ipwhitelist.md index 979791de0..eaf761541 100644 --- a/docs/content/middlewares/http/ipwhitelist.md +++ b/docs/content/middlewares/http/ipwhitelist.md @@ -8,9 +8,13 @@ description: "Learn how to use IPWhiteList in HTTP middleware for limiting clien Limiting Clients to Specific IPs {: .subtitle } -![IpWhiteList](../../assets/img/middleware/ipwhitelist.png) +![IPWhiteList](../../assets/img/middleware/ipwhitelist.png) -IPWhitelist accepts / refuses requests based on the client IP. +IPWhiteList accepts / refuses requests based on the client IP. + +!!! warning + + This middleware is deprecated, please use the [IPAllowList](./ipallowlist.md) middleware instead. ## Configuration Examples diff --git a/docs/content/middlewares/tcp/ipallowlist.md b/docs/content/middlewares/tcp/ipallowlist.md new file mode 100644 index 000000000..e8466b94e --- /dev/null +++ b/docs/content/middlewares/tcp/ipallowlist.md @@ -0,0 +1,60 @@ +--- +title: "Traefik TCP Middlewares IPAllowList" +description: "Learn how to use IPAllowList in TCP middleware for limiting clients to specific IPs in Traefik Proxy. Read the technical documentation." +--- + +# IPAllowList + +Limiting Clients to Specific IPs +{: .subtitle } + +IPAllowList accepts / refuses connections based on the client IP. + +## Configuration Examples + +```yaml tab="Docker & Swarm" +# Accepts connections from defined IP +labels: + - "traefik.tcp.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7" +``` + +```yaml tab="Kubernetes" +apiVersion: traefik.io/v1alpha1 +kind: MiddlewareTCP +metadata: + name: test-ipallowlist +spec: + ipAllowList: + sourceRange: + - 127.0.0.1/32 + - 192.168.1.7 +``` + +```yaml tab="Consul Catalog" +# Accepts request from defined IP +- "traefik.tcp.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7" +``` + +```toml tab="File (TOML)" +# Accepts request from defined IP +[tcp.middlewares] + [tcp.middlewares.test-ipallowlist.ipAllowList] + sourceRange = ["127.0.0.1/32", "192.168.1.7"] +``` + +```yaml tab="File (YAML)" +# Accepts request from defined IP +tcp: + middlewares: + test-ipallowlist: + ipAllowList: + sourceRange: + - "127.0.0.1/32" + - "192.168.1.7" +``` + +## Configuration Options + +### `sourceRange` + +The `sourceRange` option sets the allowed IPs (or ranges of allowed IPs by using CIDR notation). diff --git a/docs/content/middlewares/tcp/ipwhitelist.md b/docs/content/middlewares/tcp/ipwhitelist.md index 5926cc65a..9133c5f37 100644 --- a/docs/content/middlewares/tcp/ipwhitelist.md +++ b/docs/content/middlewares/tcp/ipwhitelist.md @@ -8,7 +8,11 @@ description: "Learn how to use IPWhiteList in TCP middleware for limiting client Limiting Clients to Specific IPs {: .subtitle } -IPWhitelist accepts / refuses connections based on the client IP. +IPWhiteList accepts / refuses connections based on the client IP. + +!!! warning + + This middleware is deprecated, please use the [IPAllowList](./ipallowlist.md) middleware instead. ## Configuration Examples diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index fdf1f6aa2..9fc05c38f 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -523,3 +523,13 @@ kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/co ### Traefik Hub In `v2.10`, Traefik Hub configuration has been removed because Traefik Hub v2 doesn't require this configuration. + +## v2.11 + +### IPWhiteList (HTTP) + +In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowList](../middlewares/http/ipallowlist.md) middleware instead. + +### IPWhiteList (TCP) + +In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowList](../middlewares/tcp/ipallowlist.md) middleware instead. diff --git a/docs/content/reference/dynamic-configuration/docker-labels.yml b/docs/content/reference/dynamic-configuration/docker-labels.yml index c413f27bd..723d4b049 100644 --- a/docs/content/reference/dynamic-configuration/docker-labels.yml +++ b/docs/content/reference/dynamic-configuration/docker-labels.yml @@ -121,6 +121,9 @@ - "traefik.http.middlewares.middleware21.stripprefix.forceslash=true" - "traefik.http.middlewares.middleware21.stripprefix.prefixes=foobar, foobar" - "traefik.http.middlewares.middleware22.stripprefixregex.regex=foobar, foobar" +- "traefik.http.middlewares.middleware23.ipallowlist.ipstrategy.depth=42" +- "traefik.http.middlewares.middleware23.ipallowlist.ipstrategy.excludedips=foobar, foobar" +- "traefik.http.middlewares.middleware23.ipallowlist.sourcerange=foobar, foobar" - "traefik.http.routers.router0.entrypoints=foobar, foobar" - "traefik.http.routers.router0.middlewares=foobar, foobar" - "traefik.http.routers.router0.priority=42" @@ -167,6 +170,7 @@ - "traefik.http.services.service01.loadbalancer.server.scheme=foobar" - "traefik.tcp.middlewares.tcpmiddleware00.ipwhitelist.sourcerange=foobar, foobar" - "traefik.tcp.middlewares.tcpmiddleware01.inflightconn.amount=42" +- "traefik.tcp.middlewares.tcpmiddleware02.ipallowlist.sourcerange=foobar, foobar" - "traefik.tcp.routers.tcprouter0.entrypoints=foobar, foobar" - "traefik.tcp.routers.tcprouter0.middlewares=foobar, foobar" - "traefik.tcp.routers.tcprouter0.rule=foobar" diff --git a/docs/content/reference/dynamic-configuration/file.toml b/docs/content/reference/dynamic-configuration/file.toml index 895a1f97f..7b00cffa2 100644 --- a/docs/content/reference/dynamic-configuration/file.toml +++ b/docs/content/reference/dynamic-configuration/file.toml @@ -284,6 +284,12 @@ [http.middlewares.Middleware22] [http.middlewares.Middleware22.stripPrefixRegex] regex = ["foobar", "foobar"] + [http.middlewares.Middleware23] + [http.middlewares.Middleware23.ipAllowList] + sourceRange = ["foobar", "foobar"] + [http.middlewares.Middleware23.ipAllowList.ipStrategy] + depth = 42 + excludedIPs = ["foobar", "foobar"] [http.serversTransports] [http.serversTransports.ServersTransport0] serverName = "foobar" diff --git a/docs/content/reference/dynamic-configuration/file.yaml b/docs/content/reference/dynamic-configuration/file.yaml index ec3081778..a19859e0b 100644 --- a/docs/content/reference/dynamic-configuration/file.yaml +++ b/docs/content/reference/dynamic-configuration/file.yaml @@ -323,6 +323,16 @@ http: regex: - foobar - foobar + Middleware23: + ipAllowList: + sourceRange: + - foobar + - foobar + ipStrategy: + depth: 42 + excludedIPs: + - foobar + - foobar serversTransports: ServersTransport0: serverName: foobar @@ -437,6 +447,11 @@ tcp: TCPMiddleware01: inFlightConn: amount: 42 + TCPMiddleware02: + ipAllowList: + sourceRange: + - foobar + - foobar udp: routers: UDPRouter0: diff --git a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml index 07b7eb3da..960f98fe7 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml @@ -1151,7 +1151,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1176,14 +1176,43 @@ spec: type: boolean type: object type: object - ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + ipAllowList: + description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + Deprecated: please use IPAllowList instead.' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1347,7 +1376,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1535,8 +1564,22 @@ spec: format: int64 type: integer type: object + ipAllowList: + description: 'IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object ipWhiteList: - description: IPWhiteList defines the IPWhiteList middleware configuration. + description: 'IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3415,7 +3458,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3440,14 +3483,43 @@ spec: type: boolean type: object type: object - ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + ipAllowList: + description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + Deprecated: please use IPAllowList instead.' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3611,7 +3683,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3799,8 +3871,22 @@ spec: format: int64 type: integer type: object + ipAllowList: + description: 'IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object ipWhiteList: - description: IPWhiteList defines the IPWhiteList middleware configuration. + description: 'IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/content/reference/dynamic-configuration/kubernetes-crd-resource.yml b/docs/content/reference/dynamic-configuration/kubernetes-crd-resource.yml index a7fccce89..b1385cda2 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-crd-resource.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-resource.yml @@ -148,7 +148,7 @@ spec: - name: whoamitcp port: 8080 middlewares: - - name: ipwhitelist + - name: ipallowlist tls: secretName: foosecret passthrough: false diff --git a/docs/content/reference/dynamic-configuration/kv-ref.md b/docs/content/reference/dynamic-configuration/kv-ref.md index c12162ccc..13029dd50 100644 --- a/docs/content/reference/dynamic-configuration/kv-ref.md +++ b/docs/content/reference/dynamic-configuration/kv-ref.md @@ -140,6 +140,11 @@ | `traefik/http/middlewares/Middleware21/stripPrefix/prefixes/1` | `foobar` | | `traefik/http/middlewares/Middleware22/stripPrefixRegex/regex/0` | `foobar` | | `traefik/http/middlewares/Middleware22/stripPrefixRegex/regex/1` | `foobar` | +| `traefik/http/middlewares/Middleware23/ipAllowList/ipStrategy/depth` | `42` | +| `traefik/http/middlewares/Middleware23/ipAllowList/ipStrategy/excludedIPs/0` | `foobar` | +| `traefik/http/middlewares/Middleware23/ipAllowList/ipStrategy/excludedIPs/1` | `foobar` | +| `traefik/http/middlewares/Middleware23/ipAllowList/sourceRange/0` | `foobar` | +| `traefik/http/middlewares/Middleware23/ipAllowList/sourceRange/1` | `foobar` | | `traefik/http/routers/Router0/entryPoints/0` | `foobar` | | `traefik/http/routers/Router0/entryPoints/1` | `foobar` | | `traefik/http/routers/Router0/middlewares/0` | `foobar` | diff --git a/docs/content/reference/dynamic-configuration/marathon-labels.json b/docs/content/reference/dynamic-configuration/marathon-labels.json index 5da004819..8d4768f8f 100644 --- a/docs/content/reference/dynamic-configuration/marathon-labels.json +++ b/docs/content/reference/dynamic-configuration/marathon-labels.json @@ -121,6 +121,9 @@ "traefik.http.middlewares.middleware21.stripprefix.forceslash": "true", "traefik.http.middlewares.middleware21.stripprefix.prefixes": "foobar, foobar", "traefik.http.middlewares.middleware22.stripprefixregex.regex": "foobar, foobar", +"traefik.http.middlewares.middleware23.ipallowlist.ipstrategy.depth": "42", +"traefik.http.middlewares.middleware23.ipallowlist.ipstrategy.excludedips": "foobar, foobar", +"traefik.http.middlewares.middleware23.ipallowlist.sourcerange": "foobar, foobar", "traefik.http.routers.router0.entrypoints": "foobar, foobar", "traefik.http.routers.router0.middlewares": "foobar, foobar", "traefik.http.routers.router0.priority": "42", @@ -167,6 +170,7 @@ "traefik.http.services.service01.loadbalancer.server.scheme": "foobar", "traefik.tcp.middlewares.tcpmiddleware00.ipwhitelist.sourcerange": "foobar, foobar", "traefik.tcp.middlewares.tcpmiddleware01.inflightconn.amount": "42", +"traefik.tcp.middlewares.tcpmiddleware02.ipallowlist.sourcerange": "foobar, foobar", "traefik.tcp.routers.tcprouter0.entrypoints": "foobar, foobar", "traefik.tcp.routers.tcprouter0.middlewares": "foobar, foobar", "traefik.tcp.routers.tcprouter0.rule": "foobar", diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml index f96dafdc9..ad53a5e9a 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml @@ -577,7 +577,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -602,14 +602,43 @@ spec: type: boolean type: object type: object - ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + ipAllowList: + description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + Deprecated: please use IPAllowList instead.' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -773,7 +802,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml index 45ac8aee2..025dd2f7b 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml @@ -45,8 +45,22 @@ spec: format: int64 type: integer type: object + ipAllowList: + description: 'IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object ipWhiteList: - description: IPWhiteList defines the IPWhiteList middleware configuration. + description: 'IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml index 0ba7bb31b..868a8f3ac 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml @@ -577,7 +577,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -602,14 +602,43 @@ spec: type: boolean type: object type: object - ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + ipAllowList: + description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + Deprecated: please use IPAllowList instead.' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -773,7 +802,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For diff --git a/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml index cd2988194..3439ea445 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml @@ -45,8 +45,22 @@ spec: format: int64 type: integer type: object + ipAllowList: + description: 'IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object ipWhiteList: - description: IPWhiteList defines the IPWhiteList middleware configuration. + description: 'IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index f588c1d80..05e913a2b 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -124,7 +124,8 @@ nav: - 'Errors': 'middlewares/http/errorpages.md' - 'ForwardAuth': 'middlewares/http/forwardauth.md' - 'Headers': 'middlewares/http/headers.md' - - 'IpWhitelist': 'middlewares/http/ipwhitelist.md' + - 'IPWhiteList': 'middlewares/http/ipwhitelist.md' + - 'IPAllowList': 'middlewares/http/ipallowlist.md' - 'InFlightReq': 'middlewares/http/inflightreq.md' - 'PassTLSClientCert': 'middlewares/http/passtlsclientcert.md' - 'RateLimit': 'middlewares/http/ratelimit.md' @@ -138,7 +139,8 @@ nav: - 'TCP': - 'Overview': 'middlewares/tcp/overview.md' - 'InFlightConn': 'middlewares/tcp/inflightconn.md' - - 'IpWhitelist': 'middlewares/tcp/ipwhitelist.md' + - 'IPWhiteList': 'middlewares/tcp/ipwhitelist.md' + - 'IPAllowList': 'middlewares/tcp/ipallowlist.md' - 'Plugins & Plugin Catalog': 'plugins/index.md' - 'Operations': - 'CLI': 'operations/cli.md' diff --git a/integration/fixtures/k8s/01-traefik-crd.yml b/integration/fixtures/k8s/01-traefik-crd.yml index 07b7eb3da..960f98fe7 100644 --- a/integration/fixtures/k8s/01-traefik-crd.yml +++ b/integration/fixtures/k8s/01-traefik-crd.yml @@ -1151,7 +1151,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1176,14 +1176,43 @@ spec: type: boolean type: object type: object - ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + ipAllowList: + description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + Deprecated: please use IPAllowList instead.' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1347,7 +1376,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1535,8 +1564,22 @@ spec: format: int64 type: integer type: object + ipAllowList: + description: 'IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object ipWhiteList: - description: IPWhiteList defines the IPWhiteList middleware configuration. + description: 'IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3415,7 +3458,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3440,14 +3483,43 @@ spec: type: boolean type: object type: object - ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + ipAllowList: + description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + Deprecated: please use IPAllowList instead.' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3611,7 +3683,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3799,8 +3871,22 @@ spec: format: int64 type: integer type: object + ipAllowList: + description: 'IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object ipWhiteList: - description: IPWhiteList defines the IPWhiteList middleware configuration. + description: 'IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/integration/fixtures/simple_allowlist.toml b/integration/fixtures/simple_allowlist.toml new file mode 100644 index 000000000..03fa451e4 --- /dev/null +++ b/integration/fixtures/simple_allowlist.toml @@ -0,0 +1,18 @@ +[global] + checkNewVersion = false + sendAnonymousUsage = false + +[log] + level = "DEBUG" + +[entryPoints] + [entryPoints.web] + address = ":8000" + [entryPoints.web.ForwardedHeaders] + insecure = true + +[api] + insecure = true + +[providers] + [providers.docker] diff --git a/integration/resources/compose/allowlist.yml b/integration/resources/compose/allowlist.yml new file mode 100644 index 000000000..02e3761ca --- /dev/null +++ b/integration/resources/compose/allowlist.yml @@ -0,0 +1,41 @@ +version: "3.8" +services: + noOverrideAllowlist: + image: traefik/whoami + labels: + traefik.enable: true + traefik.http.routers.rt1.rule: Host(`no.override.allowlist.docker.local`) + traefik.http.routers.rt1.middlewares: wl1 + traefik.http.middlewares.wl1.ipallowlist.sourceRange: 8.8.8.8 + + overrideIPStrategyRemoteAddrAllowlist: + image: traefik/whoami + labels: + traefik.enable: true + traefik.http.routers.rt2.rule: Host(`override.remoteaddr.allowlist.docker.local`) + traefik.http.routers.rt2.middlewares: wl2 + traefik.http.middlewares.wl2.ipallowlist.sourceRange: 8.8.8.8 + traefik.http.middlewares.wl2.ipallowlist.ipStrategy: true + + overrideIPStrategyDepthAllowlist: + image: traefik/whoami + labels: + traefik.enable: true + traefik.http.routers.rt3.rule: Host(`override.depth.allowlist.docker.local`) + traefik.http.routers.rt3.middlewares: wl3 + traefik.http.middlewares.wl3.ipallowlist.sourceRange: 8.8.8.8 + traefik.http.middlewares.wl3.ipallowlist.ipStrategy.depth: 3 + + overrideIPStrategyExcludedIPsAllowlist: + image: traefik/whoami + labels: + traefik.enable: true + traefik.http.routers.rt4.rule: Host(`override.excludedips.allowlist.docker.local`) + traefik.http.routers.rt4.middlewares: wl4 + traefik.http.middlewares.wl4.ipallowlist.sourceRange: 8.8.8.8 + traefik.http.middlewares.wl4.ipallowlist.ipStrategy.excludedIPs: 10.0.0.1,10.0.0.2 + +networks: + default: + name: traefik-test-network + external: true diff --git a/integration/simple_test.go b/integration/simple_test.go index f88afb9e4..3284a5a81 100644 --- a/integration/simple_test.go +++ b/integration/simple_test.go @@ -546,6 +546,76 @@ func (s *SimpleSuite) TestIPStrategyWhitelist(c *check.C) { } } +func (s *SimpleSuite) TestIPStrategyAllowlist(c *check.C) { + s.createComposeProject(c, "allowlist") + + s.composeUp(c) + defer s.composeDown(c) + + cmd, output := s.traefikCmd(withConfigFile("fixtures/simple_allowlist.toml")) + defer output(c) + + err := cmd.Start() + c.Assert(err, checker.IsNil) + defer s.killCmd(cmd) + + err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 2*time.Second, try.BodyContains("override")) + c.Assert(err, checker.IsNil) + + err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 2*time.Second, try.BodyContains("override.remoteaddr.allowlist.docker.local")) + c.Assert(err, checker.IsNil) + + testCases := []struct { + desc string + xForwardedFor string + host string + expectedStatusCode int + }{ + { + desc: "override remote addr reject", + xForwardedFor: "8.8.8.8,8.8.8.8", + host: "override.remoteaddr.allowlist.docker.local", + expectedStatusCode: 403, + }, + { + desc: "override depth accept", + xForwardedFor: "8.8.8.8,10.0.0.1,127.0.0.1", + host: "override.depth.allowlist.docker.local", + expectedStatusCode: 200, + }, + { + desc: "override depth reject", + xForwardedFor: "10.0.0.1,8.8.8.8,127.0.0.1", + host: "override.depth.allowlist.docker.local", + expectedStatusCode: 403, + }, + { + desc: "override excludedIPs reject", + xForwardedFor: "10.0.0.3,10.0.0.1,10.0.0.2", + host: "override.excludedips.allowlist.docker.local", + expectedStatusCode: 403, + }, + { + desc: "override excludedIPs accept", + xForwardedFor: "8.8.8.8,10.0.0.1,10.0.0.2", + host: "override.excludedips.allowlist.docker.local", + expectedStatusCode: 200, + }, + } + + for _, test := range testCases { + req := httptest.NewRequest(http.MethodGet, "http://127.0.0.1:8000", nil) + req.Header.Set("X-Forwarded-For", test.xForwardedFor) + req.Host = test.host + req.RequestURI = "" + + err = try.Request(req, 1*time.Second, try.StatusCodeIs(test.expectedStatusCode)) + if err != nil { + c.Fatalf("Error while %s: %v", test.desc, err) + } + } +} + func (s *SimpleSuite) TestXForwardedHeaders(c *check.C) { s.createComposeProject(c, "whitelist") diff --git a/pkg/config/dynamic/middlewares.go b/pkg/config/dynamic/middlewares.go index c2ec1ba44..714c459a6 100644 --- a/pkg/config/dynamic/middlewares.go +++ b/pkg/config/dynamic/middlewares.go @@ -19,6 +19,7 @@ type Middleware struct { ReplacePathRegex *ReplacePathRegex `json:"replacePathRegex,omitempty" toml:"replacePathRegex,omitempty" yaml:"replacePathRegex,omitempty" export:"true"` Chain *Chain `json:"chain,omitempty" toml:"chain,omitempty" yaml:"chain,omitempty" export:"true"` IPWhiteList *IPWhiteList `json:"ipWhiteList,omitempty" toml:"ipWhiteList,omitempty" yaml:"ipWhiteList,omitempty" export:"true"` + IPAllowList *IPAllowList `json:"ipAllowList,omitempty" toml:"ipAllowList,omitempty" yaml:"ipAllowList,omitempty" export:"true"` Headers *Headers `json:"headers,omitempty" toml:"headers,omitempty" yaml:"headers,omitempty" export:"true"` Errors *ErrorPage `json:"errors,omitempty" toml:"errors,omitempty" yaml:"errors,omitempty" export:"true"` RateLimit *RateLimit `json:"rateLimit,omitempty" toml:"rateLimit,omitempty" yaml:"rateLimit,omitempty" export:"true"` @@ -346,7 +347,7 @@ func (h *Headers) HasSecureHeadersDefined() bool { // +k8s:deepcopy-gen=true // IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy +// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy type IPStrategy struct { // Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right). Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"` @@ -388,6 +389,7 @@ func (s *IPStrategy) Get() (ip.Strategy, error) { // IPWhiteList holds the IP whitelist middleware configuration. // This middleware accepts / refuses requests based on the client IP. // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ +// Deprecated: please use IPAllowList instead. type IPWhiteList struct { // SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"` @@ -396,6 +398,17 @@ type IPWhiteList struct { // +k8s:deepcopy-gen=true +// IPAllowList holds the IP allowlist middleware configuration. +// This middleware accepts / refuses requests based on the client IP. +// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/ +type IPAllowList struct { + // SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). + SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"` + IPStrategy *IPStrategy `json:"ipStrategy,omitempty" toml:"ipStrategy,omitempty" yaml:"ipStrategy,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"` +} + +// +k8s:deepcopy-gen=true + // InFlightReq holds the in-flight request middleware configuration. // This middleware limits the number of requests being processed and served concurrently. // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/ diff --git a/pkg/config/dynamic/tcp_middlewares.go b/pkg/config/dynamic/tcp_middlewares.go index e0cf31919..f4052cd82 100644 --- a/pkg/config/dynamic/tcp_middlewares.go +++ b/pkg/config/dynamic/tcp_middlewares.go @@ -6,6 +6,7 @@ package dynamic type TCPMiddleware struct { InFlightConn *TCPInFlightConn `json:"inFlightConn,omitempty" toml:"inFlightConn,omitempty" yaml:"inFlightConn,omitempty" export:"true"` IPWhiteList *TCPIPWhiteList `json:"ipWhiteList,omitempty" toml:"ipWhiteList,omitempty" yaml:"ipWhiteList,omitempty" export:"true"` + IPAllowList *TCPIPAllowList `json:"ipAllowList,omitempty" toml:"ipAllowList,omitempty" yaml:"ipAllowList,omitempty" export:"true"` } // +k8s:deepcopy-gen=true @@ -23,8 +24,15 @@ type TCPInFlightConn struct { // +k8s:deepcopy-gen=true // TCPIPWhiteList holds the TCP IPWhiteList middleware configuration. -// This middleware accepts/refuses connections based on the client IP. type TCPIPWhiteList struct { // SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation). SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"` } + +// +k8s:deepcopy-gen=true + +// TCPIPAllowList holds the TCP IPAllowList middleware configuration. +type TCPIPAllowList struct { + // SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation). + SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"` +} diff --git a/pkg/config/dynamic/zz_generated.deepcopy.go b/pkg/config/dynamic/zz_generated.deepcopy.go index f897f6f31..fee40799c 100644 --- a/pkg/config/dynamic/zz_generated.deepcopy.go +++ b/pkg/config/dynamic/zz_generated.deepcopy.go @@ -532,6 +532,32 @@ func (in *HealthCheck) DeepCopy() *HealthCheck { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPAllowList) DeepCopyInto(out *IPAllowList) { + *out = *in + if in.SourceRange != nil { + in, out := &in.SourceRange, &out.SourceRange + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.IPStrategy != nil { + in, out := &in.IPStrategy, &out.IPStrategy + *out = new(IPStrategy) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPAllowList. +func (in *IPAllowList) DeepCopy() *IPAllowList { + if in == nil { + return nil + } + out := new(IPAllowList) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPStrategy) DeepCopyInto(out *IPStrategy) { *out = *in @@ -659,6 +685,11 @@ func (in *Middleware) DeepCopyInto(out *Middleware) { *out = new(IPWhiteList) (*in).DeepCopyInto(*out) } + if in.IPAllowList != nil { + in, out := &in.IPAllowList, &out.IPAllowList + *out = new(IPAllowList) + (*in).DeepCopyInto(*out) + } if in.Headers != nil { in, out := &in.Headers, &out.Headers *out = new(Headers) @@ -1355,6 +1386,27 @@ func (in *TCPConfiguration) DeepCopy() *TCPConfiguration { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPIPAllowList) DeepCopyInto(out *TCPIPAllowList) { + *out = *in + if in.SourceRange != nil { + in, out := &in.SourceRange, &out.SourceRange + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPIPAllowList. +func (in *TCPIPAllowList) DeepCopy() *TCPIPAllowList { + if in == nil { + return nil + } + out := new(TCPIPAllowList) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TCPIPWhiteList) DeepCopyInto(out *TCPIPWhiteList) { *out = *in @@ -1405,6 +1457,11 @@ func (in *TCPMiddleware) DeepCopyInto(out *TCPMiddleware) { *out = new(TCPIPWhiteList) (*in).DeepCopyInto(*out) } + if in.IPAllowList != nil { + in, out := &in.IPAllowList, &out.IPAllowList + *out = new(TCPIPAllowList) + (*in).DeepCopyInto(*out) + } return } diff --git a/pkg/middlewares/ipallowlist/ip_allowlist.go b/pkg/middlewares/ipallowlist/ip_allowlist.go new file mode 100644 index 000000000..d700a9279 --- /dev/null +++ b/pkg/middlewares/ipallowlist/ip_allowlist.go @@ -0,0 +1,88 @@ +package ipallowlist + +import ( + "context" + "errors" + "fmt" + "net/http" + + "github.com/opentracing/opentracing-go/ext" + "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/ip" + "github.com/traefik/traefik/v2/pkg/log" + "github.com/traefik/traefik/v2/pkg/middlewares" + "github.com/traefik/traefik/v2/pkg/tracing" +) + +const ( + typeName = "IPAllowLister" +) + +// ipAllowLister is a middleware that provides Checks of the Requesting IP against a set of Allowlists. +type ipAllowLister struct { + next http.Handler + allowLister *ip.Checker + strategy ip.Strategy + name string +} + +// New builds a new IPAllowLister given a list of CIDR-Strings to allow. +func New(ctx context.Context, next http.Handler, config dynamic.IPAllowList, name string) (http.Handler, error) { + logger := log.FromContext(middlewares.GetLoggerCtx(ctx, name, typeName)) + logger.Debug("Creating middleware") + + if len(config.SourceRange) == 0 { + return nil, errors.New("sourceRange is empty, IPAllowLister not created") + } + + checker, err := ip.NewChecker(config.SourceRange) + if err != nil { + return nil, fmt.Errorf("cannot parse CIDRs %s: %w", config.SourceRange, err) + } + + strategy, err := config.IPStrategy.Get() + if err != nil { + return nil, err + } + + logger.Debugf("Setting up IPAllowLister with sourceRange: %s", config.SourceRange) + + return &ipAllowLister{ + strategy: strategy, + allowLister: checker, + next: next, + name: name, + }, nil +} + +func (al *ipAllowLister) GetTracingInformation() (string, ext.SpanKindEnum) { + return al.name, tracing.SpanKindNoneEnum +} + +func (al *ipAllowLister) ServeHTTP(rw http.ResponseWriter, req *http.Request) { + ctx := middlewares.GetLoggerCtx(req.Context(), al.name, typeName) + logger := log.FromContext(ctx) + + clientIP := al.strategy.GetIP(req) + err := al.allowLister.IsAuthorized(clientIP) + if err != nil { + msg := fmt.Sprintf("Rejecting IP %s: %v", clientIP, err) + logger.Debug(msg) + tracing.SetErrorWithEvent(req, msg) + reject(ctx, rw) + return + } + logger.Debugf("Accepting IP %s", clientIP) + + al.next.ServeHTTP(rw, req) +} + +func reject(ctx context.Context, rw http.ResponseWriter) { + statusCode := http.StatusForbidden + + rw.WriteHeader(statusCode) + _, err := rw.Write([]byte(http.StatusText(statusCode))) + if err != nil { + log.FromContext(ctx).Error(err) + } +} diff --git a/pkg/middlewares/ipallowlist/ip_allowlist_test.go b/pkg/middlewares/ipallowlist/ip_allowlist_test.go new file mode 100644 index 000000000..df2e49835 --- /dev/null +++ b/pkg/middlewares/ipallowlist/ip_allowlist_test.go @@ -0,0 +1,100 @@ +package ipallowlist + +import ( + "context" + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/traefik/traefik/v2/pkg/config/dynamic" +) + +func TestNewIPAllowLister(t *testing.T) { + testCases := []struct { + desc string + allowList dynamic.IPAllowList + expectedError bool + }{ + { + desc: "invalid IP", + allowList: dynamic.IPAllowList{ + SourceRange: []string{"foo"}, + }, + expectedError: true, + }, + { + desc: "valid IP", + allowList: dynamic.IPAllowList{ + SourceRange: []string{"10.10.10.10"}, + }, + }, + } + + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}) + allowLister, err := New(context.Background(), next, test.allowList, "traefikTest") + + if test.expectedError { + assert.Error(t, err) + } else { + require.NoError(t, err) + assert.NotNil(t, allowLister) + } + }) + } +} + +func TestIPAllowLister_ServeHTTP(t *testing.T) { + testCases := []struct { + desc string + allowList dynamic.IPAllowList + remoteAddr string + expected int + }{ + { + desc: "authorized with remote address", + allowList: dynamic.IPAllowList{ + SourceRange: []string{"20.20.20.20"}, + }, + remoteAddr: "20.20.20.20:1234", + expected: 200, + }, + { + desc: "non authorized with remote address", + allowList: dynamic.IPAllowList{ + SourceRange: []string{"20.20.20.20"}, + }, + remoteAddr: "20.20.20.21:1234", + expected: 403, + }, + } + + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}) + allowLister, err := New(context.Background(), next, test.allowList, "traefikTest") + require.NoError(t, err) + + recorder := httptest.NewRecorder() + + req := httptest.NewRequest(http.MethodGet, "http://10.10.10.10", nil) + + if len(test.remoteAddr) > 0 { + req.RemoteAddr = test.remoteAddr + } + + allowLister.ServeHTTP(recorder, req) + + assert.Equal(t, test.expected, recorder.Code) + }) + } +} diff --git a/pkg/middlewares/tcp/ipallowlist/ip_allowlist.go b/pkg/middlewares/tcp/ipallowlist/ip_allowlist.go new file mode 100644 index 000000000..dd5d14d43 --- /dev/null +++ b/pkg/middlewares/tcp/ipallowlist/ip_allowlist.go @@ -0,0 +1,65 @@ +package ipallowlist + +import ( + "context" + "errors" + "fmt" + + "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/ip" + "github.com/traefik/traefik/v2/pkg/log" + "github.com/traefik/traefik/v2/pkg/middlewares" + "github.com/traefik/traefik/v2/pkg/tcp" +) + +const ( + typeName = "IPAllowListerTCP" +) + +// ipAllowLister is a middleware that provides Checks of the Requesting IP against a set of Allowlists. +type ipAllowLister struct { + next tcp.Handler + allowLister *ip.Checker + name string +} + +// New builds a new TCP IPAllowLister given a list of CIDR-Strings to allow. +func New(ctx context.Context, next tcp.Handler, config dynamic.TCPIPAllowList, name string) (tcp.Handler, error) { + logger := log.FromContext(middlewares.GetLoggerCtx(ctx, name, typeName)) + logger.Debug("Creating middleware") + + if len(config.SourceRange) == 0 { + return nil, errors.New("sourceRange is empty, IPAllowLister not created") + } + + checker, err := ip.NewChecker(config.SourceRange) + if err != nil { + return nil, fmt.Errorf("cannot parse CIDRs %s: %w", config.SourceRange, err) + } + + logger.Debugf("Setting up IPAllowLister with sourceRange: %s", config.SourceRange) + + return &ipAllowLister{ + allowLister: checker, + next: next, + name: name, + }, nil +} + +func (al *ipAllowLister) ServeTCP(conn tcp.WriteCloser) { + ctx := middlewares.GetLoggerCtx(context.Background(), al.name, typeName) + logger := log.FromContext(ctx) + + addr := conn.RemoteAddr().String() + + err := al.allowLister.IsAuthorized(addr) + if err != nil { + logger.Errorf("Connection from %s rejected: %v", addr, err) + conn.Close() + return + } + + logger.Debugf("Connection from %s accepted", addr) + + al.next.ServeTCP(conn) +} diff --git a/pkg/middlewares/tcp/ipallowlist/ip_allowlist_test.go b/pkg/middlewares/tcp/ipallowlist/ip_allowlist_test.go new file mode 100644 index 000000000..4f3b59e15 --- /dev/null +++ b/pkg/middlewares/tcp/ipallowlist/ip_allowlist_test.go @@ -0,0 +1,139 @@ +package ipallowlist + +import ( + "context" + "io" + "net" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tcp" +) + +func TestNewIPAllowLister(t *testing.T) { + testCases := []struct { + desc string + allowList dynamic.TCPIPAllowList + expectedError bool + }{ + { + desc: "Empty config", + allowList: dynamic.TCPIPAllowList{}, + expectedError: true, + }, + { + desc: "invalid IP", + allowList: dynamic.TCPIPAllowList{ + SourceRange: []string{"foo"}, + }, + expectedError: true, + }, + { + desc: "valid IP", + allowList: dynamic.TCPIPAllowList{ + SourceRange: []string{"10.10.10.10"}, + }, + }, + } + + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + next := tcp.HandlerFunc(func(conn tcp.WriteCloser) {}) + allowLister, err := New(context.Background(), next, test.allowList, "traefikTest") + + if test.expectedError { + assert.Error(t, err) + } else { + require.NoError(t, err) + assert.NotNil(t, allowLister) + } + }) + } +} + +func TestIPAllowLister_ServeHTTP(t *testing.T) { + testCases := []struct { + desc string + allowList dynamic.TCPIPAllowList + remoteAddr string + expected string + }{ + { + desc: "authorized with remote address", + allowList: dynamic.TCPIPAllowList{ + SourceRange: []string{"20.20.20.20"}, + }, + remoteAddr: "20.20.20.20:1234", + expected: "OK", + }, + { + desc: "non authorized with remote address", + allowList: dynamic.TCPIPAllowList{ + SourceRange: []string{"20.20.20.20"}, + }, + remoteAddr: "20.20.20.21:1234", + }, + } + + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + next := tcp.HandlerFunc(func(conn tcp.WriteCloser) { + write, err := conn.Write([]byte("OK")) + require.NoError(t, err) + assert.Equal(t, 2, write) + + err = conn.Close() + require.NoError(t, err) + }) + + allowLister, err := New(context.Background(), next, test.allowList, "traefikTest") + require.NoError(t, err) + + server, client := net.Pipe() + + go func() { + allowLister.ServeTCP(&contextWriteCloser{client, addr{test.remoteAddr}}) + }() + + read, err := io.ReadAll(server) + require.NoError(t, err) + + assert.Equal(t, test.expected, string(read)) + }) + } +} + +type contextWriteCloser struct { + net.Conn + addr +} + +type addr struct { + remoteAddr string +} + +func (a addr) Network() string { + panic("implement me") +} + +func (a addr) String() string { + return a.remoteAddr +} + +func (c contextWriteCloser) CloseWrite() error { + panic("implement me") +} + +func (c contextWriteCloser) RemoteAddr() net.Addr { return c.addr } + +func (c contextWriteCloser) Context() context.Context { + return context.Background() +} diff --git a/pkg/provider/kubernetes/crd/kubernetes.go b/pkg/provider/kubernetes/crd/kubernetes.go index 2759055ef..03807ac9c 100644 --- a/pkg/provider/kubernetes/crd/kubernetes.go +++ b/pkg/provider/kubernetes/crd/kubernetes.go @@ -288,6 +288,7 @@ func (p *Provider) loadConfigurationFromCRD(ctx context.Context, client Client) ReplacePathRegex: middleware.Spec.ReplacePathRegex, Chain: createChainMiddleware(ctxMid, middleware.Namespace, middleware.Spec.Chain), IPWhiteList: middleware.Spec.IPWhiteList, + IPAllowList: middleware.Spec.IPAllowList, Headers: middleware.Spec.Headers, Errors: errorPage, RateLimit: rateLimit, @@ -313,6 +314,7 @@ func (p *Provider) loadConfigurationFromCRD(ctx context.Context, client Client) conf.TCP.Middlewares[id] = &dynamic.TCPMiddleware{ InFlightConn: middlewareTCP.Spec.InFlightConn, IPWhiteList: middlewareTCP.Spec.IPWhiteList, + IPAllowList: middlewareTCP.Spec.IPAllowList, } } diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go index 54dbe07e6..65b969540 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go @@ -33,6 +33,7 @@ type MiddlewareSpec struct { ReplacePathRegex *dynamic.ReplacePathRegex `json:"replacePathRegex,omitempty"` Chain *Chain `json:"chain,omitempty"` IPWhiteList *dynamic.IPWhiteList `json:"ipWhiteList,omitempty"` + IPAllowList *dynamic.IPAllowList `json:"ipAllowList,omitempty"` Headers *dynamic.Headers `json:"headers,omitempty"` Errors *ErrorPage `json:"errors,omitempty"` RateLimit *RateLimit `json:"rateLimit,omitempty"` diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go index c903a8ca7..923c3d404 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go @@ -26,7 +26,14 @@ type MiddlewareTCPSpec struct { // InFlightConn defines the InFlightConn middleware configuration. InFlightConn *dynamic.TCPInFlightConn `json:"inFlightConn,omitempty"` // IPWhiteList defines the IPWhiteList middleware configuration. + // This middleware accepts/refuses connections based on the client IP. + // Deprecated: please use IPAllowList instead. + // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/ IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"` + // IPAllowList defines the IPAllowList middleware configuration. + // This middleware accepts/refuses connections based on the client IP. + // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/ + IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go index a91c5cfc1..0b0126432 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/zz_generated.deepcopy.go @@ -694,6 +694,11 @@ func (in *MiddlewareSpec) DeepCopyInto(out *MiddlewareSpec) { *out = new(dynamic.IPWhiteList) (*in).DeepCopyInto(*out) } + if in.IPAllowList != nil { + in, out := &in.IPAllowList, &out.IPAllowList + *out = new(dynamic.IPAllowList) + (*in).DeepCopyInto(*out) + } if in.Headers != nil { in, out := &in.Headers, &out.Headers *out = new(dynamic.Headers) @@ -862,6 +867,11 @@ func (in *MiddlewareTCPSpec) DeepCopyInto(out *MiddlewareTCPSpec) { *out = new(dynamic.TCPIPWhiteList) (*in).DeepCopyInto(*out) } + if in.IPAllowList != nil { + in, out := &in.IPAllowList, &out.IPAllowList + *out = new(dynamic.TCPIPAllowList) + (*in).DeepCopyInto(*out) + } return } diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go index 54dbe07e6..65b969540 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go @@ -33,6 +33,7 @@ type MiddlewareSpec struct { ReplacePathRegex *dynamic.ReplacePathRegex `json:"replacePathRegex,omitempty"` Chain *Chain `json:"chain,omitempty"` IPWhiteList *dynamic.IPWhiteList `json:"ipWhiteList,omitempty"` + IPAllowList *dynamic.IPAllowList `json:"ipAllowList,omitempty"` Headers *dynamic.Headers `json:"headers,omitempty"` Errors *ErrorPage `json:"errors,omitempty"` RateLimit *RateLimit `json:"rateLimit,omitempty"` diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go index c903a8ca7..923c3d404 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go @@ -26,7 +26,14 @@ type MiddlewareTCPSpec struct { // InFlightConn defines the InFlightConn middleware configuration. InFlightConn *dynamic.TCPInFlightConn `json:"inFlightConn,omitempty"` // IPWhiteList defines the IPWhiteList middleware configuration. + // This middleware accepts/refuses connections based on the client IP. + // Deprecated: please use IPAllowList instead. + // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/ IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"` + // IPAllowList defines the IPAllowList middleware configuration. + // This middleware accepts/refuses connections based on the client IP. + // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/ + IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go index a91c5cfc1..0b0126432 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/zz_generated.deepcopy.go @@ -694,6 +694,11 @@ func (in *MiddlewareSpec) DeepCopyInto(out *MiddlewareSpec) { *out = new(dynamic.IPWhiteList) (*in).DeepCopyInto(*out) } + if in.IPAllowList != nil { + in, out := &in.IPAllowList, &out.IPAllowList + *out = new(dynamic.IPAllowList) + (*in).DeepCopyInto(*out) + } if in.Headers != nil { in, out := &in.Headers, &out.Headers *out = new(dynamic.Headers) @@ -862,6 +867,11 @@ func (in *MiddlewareTCPSpec) DeepCopyInto(out *MiddlewareTCPSpec) { *out = new(dynamic.TCPIPWhiteList) (*in).DeepCopyInto(*out) } + if in.IPAllowList != nil { + in, out := &in.IPAllowList, &out.IPAllowList + *out = new(dynamic.TCPIPAllowList) + (*in).DeepCopyInto(*out) + } return } diff --git a/pkg/server/middleware/middlewares.go b/pkg/server/middleware/middlewares.go index 0f666c996..073843472 100644 --- a/pkg/server/middleware/middlewares.go +++ b/pkg/server/middleware/middlewares.go @@ -10,6 +10,7 @@ import ( "github.com/containous/alice" "github.com/traefik/traefik/v2/pkg/config/runtime" + "github.com/traefik/traefik/v2/pkg/log" "github.com/traefik/traefik/v2/pkg/middlewares/addprefix" "github.com/traefik/traefik/v2/pkg/middlewares/auth" "github.com/traefik/traefik/v2/pkg/middlewares/buffering" @@ -19,6 +20,7 @@ import ( "github.com/traefik/traefik/v2/pkg/middlewares/customerrors" "github.com/traefik/traefik/v2/pkg/middlewares/headers" "github.com/traefik/traefik/v2/pkg/middlewares/inflightreq" + "github.com/traefik/traefik/v2/pkg/middlewares/ipallowlist" "github.com/traefik/traefik/v2/pkg/middlewares/ipwhitelist" "github.com/traefik/traefik/v2/pkg/middlewares/passtlsclientcert" "github.com/traefik/traefik/v2/pkg/middlewares/ratelimiter" @@ -231,6 +233,8 @@ func (b *Builder) buildConstructor(ctx context.Context, middlewareName string) ( // IPWhiteList if config.IPWhiteList != nil { + log.FromContext(ctx).Warn("IPWhiteList is deprecated, please use IPAllowList instead.") + if middleware != nil { return nil, badConf } @@ -239,6 +243,16 @@ func (b *Builder) buildConstructor(ctx context.Context, middlewareName string) ( } } + // IPAllowList + if config.IPAllowList != nil { + if middleware != nil { + return nil, badConf + } + middleware = func(next http.Handler) (http.Handler, error) { + return ipallowlist.New(ctx, next, *config.IPAllowList, middlewareName) + } + } + // InFlightReq if config.InFlightReq != nil { if middleware != nil { From cd7d324295e45627a586c4ed7ef074e93e4d9193 Mon Sep 17 00:00:00 2001 From: sven Date: Tue, 2 Jan 2024 17:30:06 +0100 Subject: [PATCH 08/17] Documentation enhancements --- .../getting-started/configuration-overview.md | 4 +-- docs/content/getting-started/faq.md | 16 ++++----- .../getting-started/install-traefik.md | 8 ++--- .../quick-start-with-kubernetes.md | 36 +++++++++---------- docs/content/getting-started/quick-start.md | 14 ++++---- docs/content/index.md | 2 +- docs/content/operations/dashboard.md | 6 ++-- docs/content/operations/ping.md | 9 ++--- 8 files changed, 48 insertions(+), 47 deletions(-) diff --git a/docs/content/getting-started/configuration-overview.md b/docs/content/getting-started/configuration-overview.md index 2ecf93b74..2e5e10c50 100644 --- a/docs/content/getting-started/configuration-overview.md +++ b/docs/content/getting-started/configuration-overview.md @@ -82,11 +82,11 @@ docker run traefik[:version] --help # ex: docker run traefik:v2.10 --help ``` -All available arguments can also be found [here](../reference/static-configuration/cli.md). +Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments. ### Environment Variables -All available environment variables can be found [here](../reference/static-configuration/env.md) +All available environment variables can be found in the [static configuration environment overview](../reference/static-configuration/env.md). ## Available Configuration Options diff --git a/docs/content/getting-started/faq.md b/docs/content/getting-started/faq.md index caa82058f..761e8d3a7 100644 --- a/docs/content/getting-started/faq.md +++ b/docs/content/getting-started/faq.md @@ -29,7 +29,7 @@ Not to mention that dynamic configuration changes potentially make that kind of Therefore, in this dynamic context, the static configuration of an `entryPoint` does not give any hint whatsoever about how the traffic going through that `entryPoint` is going to be routed. Or whether it's even going to be routed at all, -i.e. whether there is a Router matching the kind of traffic going through it. +that is whether there is a Router matching the kind of traffic going through it. ### `404 Not found` @@ -71,7 +71,7 @@ Traefik returns a `502` response code when an error happens while contacting the ### `503 Service Unavailable` -Traefik returns a `503` response code when a Router has been matched +Traefik returns a `503` response code when a Router has been matched, but there are no servers ready to handle the request. This situation is encountered when a service has been explicitly configured without servers, @@ -84,7 +84,7 @@ Sometimes, the `404` response code doesn't play well with other parties or servi In these situations, you may want Traefik to always reply with a `503` response code, instead of a `404` response code. -To achieve this behavior, a simple catchall router, +To achieve this behavior, a catchall router, with the lowest possible priority and routing to a service without servers, can handle all the requests when no other router has been matched. @@ -130,7 +130,7 @@ http: the principle of the above example above (a catchall router) still stands, but the `unavailable` service should be adapted to fit such a need. -## Why Is My TLS Certificate Not Reloaded When Its Contents Change? +## Why Is My TLS Certificate Not Reloaded When Its Contents Change? With the file provider, a configuration update is only triggered when one of the [watched](../providers/file.md#provider-configuration) configuration files is modified. @@ -216,7 +216,7 @@ error: field not found, node: -badField- The "field not found" error occurs, when an unknown property is encountered in the dynamic or static configuration. -One easy way to check whether a configuration file is well-formed, is to validate it with: +One way to check whether a configuration file is well-formed, is to validate it with: - [JSON Schema of the static configuration](https://json.schemastore.org/traefik-v2.json) - [JSON Schema of the dynamic configuration](https://json.schemastore.org/traefik-v2-file-provider.json) @@ -226,11 +226,11 @@ One easy way to check whether a configuration file is well-formed, is to validat As a common tip, if a resource is dropped/not created by Traefik after the dynamic configuration was evaluated, one should look for an error in the logs. -If found, the error obviously confirms that something went wrong while creating the resource, +If found, the error confirms that something went wrong while creating the resource, and the message should help in figuring out the mistake(s) in the configuration, and how to fix it. When using the file provider, -one easy way to check if the dynamic configuration is well-formed is to validate it with the [JSON Schema of the dynamic configuration](https://json.schemastore.org/traefik-v2-file-provider.json). +one way to check if the dynamic configuration is well-formed is to validate it with the [JSON Schema of the dynamic configuration](https://json.schemastore.org/traefik-v2-file-provider.json). ## Why does Let's Encrypt wildcard certificate renewal/generation with DNS challenge fail? @@ -248,6 +248,6 @@ then it could be due to `CNAME` support. In which case, you should make sure your infrastructure is properly set up for a `DNS` challenge that does not rely on `CNAME`, and you should try disabling `CNAME` support with: -```bash +```shell LEGO_DISABLE_CNAME_SUPPORT=true ``` diff --git a/docs/content/getting-started/install-traefik.md b/docs/content/getting-started/install-traefik.md index 007d609c6..57dea428c 100644 --- a/docs/content/getting-started/install-traefik.md +++ b/docs/content/getting-started/install-traefik.md @@ -19,7 +19,7 @@ Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and * [YAML](https://raw.githubusercontent.com/traefik/traefik/v2.10/traefik.sample.yml) * [TOML](https://raw.githubusercontent.com/traefik/traefik/v2.10/traefik.sample.toml) -```bash +```shell docker run -d -p 8080:8080 -p 80:80 \ -v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v2.10 ``` @@ -59,7 +59,7 @@ You can update the chart repository by running: helm repo update ``` -And install it with the `helm` command line: +And install it with the Helm command line: ```bash helm install traefik traefik/traefik @@ -69,7 +69,7 @@ helm install traefik traefik/traefik All [Helm features](https://helm.sh/docs/intro/using_helm/) are supported. - Examples are provided [here](https://github.com/traefik/traefik-helm-chart/blob/master/EXAMPLES.md). + Examples are provided [here](https://github.com/traefik/traefik-helm-chart/blob/master/EXAMPLES.md). For instance, installing the chart in a dedicated namespace: @@ -106,7 +106,7 @@ helm install traefik traefik/traefik ### Exposing the Traefik dashboard -This HelmChart does not expose the Traefik dashboard by default, for security concerns. +This Helm chart does not expose the Traefik dashboard by default, for security concerns. Thus, there are multiple ways to expose the dashboard. For instance, the dashboard access could be achieved through a port-forward: diff --git a/docs/content/getting-started/quick-start-with-kubernetes.md b/docs/content/getting-started/quick-start-with-kubernetes.md index d1920690d..8359bc6ef 100644 --- a/docs/content/getting-started/quick-start-with-kubernetes.md +++ b/docs/content/getting-started/quick-start-with-kubernetes.md @@ -1,23 +1,23 @@ --- title: "Traefik Getting Started With Kubernetes" -description: "Looking to get started with Traefik Proxy? Read the technical documentation to learn a simple use case that leverages Kubernetes." +description: "Get started with Traefik Proxy and Kubernetes." --- # Quick Start -A Simple Use Case of Traefik Proxy and Kubernetes +A Use Case of Traefik Proxy and Kubernetes {: .subtitle } -This guide is an introduction to using Traefik Proxy in a Kubernetes environment. -The objective is to learn how to run an application behind a Traefik reverse proxy in Kubernetes. +This guide is an introduction to using Traefik Proxy in a Kubernetes environment. +The objective is to learn how to run an application behind a Traefik reverse proxy in Kubernetes. It presents and explains the basic blocks required to start with Traefik such as Ingress Controller, Ingresses, Deployments, static, and dynamic configuration. ## Permissions and Accesses Traefik uses the Kubernetes API to discover running services. -In order to use the Kubernetes API, Traefik needs some permissions. -This [permission mechanism](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) is based on roles defined by the cluster administrator. +To use the Kubernetes API, Traefik needs some permissions. +This [permission mechanism](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) is based on roles defined by the cluster administrator. The role is then bound to an account used by an application, in this case, Traefik Proxy. The first step is to create the role. @@ -88,7 +88,7 @@ roleRef: subjects: - kind: ServiceAccount name: traefik-account - namespace: default # Using "default" because we did not specify a namespace when creating the ClusterAccount. + namespace: default # This tutorial uses the "default" K8s namespace. ``` !!! info "`roleRef` is the Kubernetes reference to the role created in `00-role.yml`." @@ -102,7 +102,7 @@ subjects: !!! info "This section can be managed with the help of the [Traefik Helm chart](../install-traefik/#use-the-helm-chart)." The [ingress controller](https://traefik.io/glossary/kubernetes-ingress-and-ingress-controller-101/#what-is-a-kubernetes-ingress-controller) -is a software that runs in the same way as any other application on a cluster. +is a software that runs in the same way as any other application on a cluster. To start Traefik on the Kubernetes cluster, a [`Deployment`](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/deployment-v1/) resource must exist to describe how to configure and scale containers horizontally to support larger workloads. @@ -141,12 +141,12 @@ spec: containerPort: 8080 ``` -The deployment contains an important attribute for customizing Traefik: `args`. -These arguments are the static configuration for Traefik. +The deployment contains an important attribute for customizing Traefik: `args`. +These arguments are the static configuration for Traefik. From here, it is possible to enable the dashboard, configure entry points, select dynamic configuration providers, -and [more](../reference/static-configuration/cli.md)... +and [more](../reference/static-configuration/cli.md). In this deployment, the static configuration enables the Traefik dashboard, @@ -159,10 +159,10 @@ and uses Kubernetes native Ingress resources as router definitions to route inco !!! info "When enabling the [`api.insecure`](../../operations/api/#insecure) mode, Traefik exposes the dashboard on the port `8080`." A deployment manages scaling and then can create lots of containers, called [Pods](https://kubernetes.io/docs/concepts/workloads/pods/). -Each Pod is configured following the `spec` field in the deployment. +Each Pod is configured following the `spec` field in the deployment. Given that, a Deployment can run multiple Traefik Proxy Pods, a piece is required to forward the traffic to any of the instance: -namely a [`Service`](https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#Service). +namely a [`Service`](https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#Service). Create a file called `02-traefik-services.yml` and insert the two `Service` resources: ```yaml tab="02-traefik-services.yml" @@ -195,7 +195,7 @@ spec: !!! warning "It is possible to expose a service in different ways." - Depending on your working environment and use case, the `spec.type` might change. + Depending on your working environment and use case, the `spec.type` might change. It is strongly recommended to understand the available [service types](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) before proceeding to the next step. It is now time to apply those files on your cluster to start Traefik. @@ -210,11 +210,11 @@ kubectl apply -f 00-role.yml \ ## Proxying applications -The only part still missing is the business application behind the reverse proxy. +The only part still missing is the business application behind the reverse proxy. For this guide, we use the example application [traefik/whoami](https://github.com/traefik/whoami), but the principles are applicable to any other application. -The `whoami` application is a simple HTTP server running on port 80 which answers host-related information to the incoming requests. +The `whoami` application is an HTTP server running on port 80 which answers host-related information to the incoming requests. As usual, start by creating a file called `03-whoami.yml` and paste the following `Deployment` resource: ```yaml tab="03-whoami.yml" @@ -262,8 +262,8 @@ spec: ``` Thanks to the Kubernetes API, -Traefik is notified when an Ingress resource is created, updated, or deleted. -This makes the process dynamic. +Traefik is notified when an Ingress resource is created, updated, or deleted. +This makes the process dynamic. The ingresses are, in a way, the [dynamic configuration](../../providers/kubernetes-ingress/) for Traefik. !!! tip diff --git a/docs/content/getting-started/quick-start.md b/docs/content/getting-started/quick-start.md index 4c1a59eae..08e173011 100644 --- a/docs/content/getting-started/quick-start.md +++ b/docs/content/getting-started/quick-start.md @@ -1,11 +1,11 @@ --- title: "Traefik Getting Started Quickly" -description: "Looking to get started with Traefik Proxy quickly? Read the technical documentation to learn a simple use case that leverages Docker." +description: "Get started with Traefik Proxy and Docker." --- # Quick Start -A Simple Use Case Using Docker +A Use Case Using Docker {: .subtitle } ![quickstart-diagram](../assets/img/quickstart-diagram.png) @@ -41,11 +41,11 @@ Start your `reverse-proxy` with the following command: docker-compose up -d reverse-proxy ``` -You can open a browser and go to `http://localhost:8080/api/rawdata` to see Traefik's API rawdata (we'll go back there once we have launched a service in step 2). +You can open a browser and go to `http://localhost:8080/api/rawdata` to see Traefik's API rawdata (you'll go back there once you have launched a service in step 2). ## Traefik Detects New Services and Creates the Route for You -Now that we have a Traefik instance up and running, we will deploy new services. +Now that you have a Traefik instance up and running, you will deploy new services. Edit your `docker-compose.yml` file and add the following at the end of your file. @@ -63,7 +63,7 @@ services: - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)" ``` -The above defines `whoami`: a simple web service that outputs information about the machine it is deployed on (its IP address, host, and so on). +The above defines `whoami`: a web service that outputs information about the machine it is deployed on (its IP address, host, and others). Start the `whoami` service with the following command: @@ -73,7 +73,7 @@ docker-compose up -d whoami Go back to your browser (`http://localhost:8080/api/rawdata`) and see that Traefik has automatically detected the new container and updated its own configuration. -When Traefik detects new services, it creates the corresponding routes so you can call them ... _let's see!_ (Here, we're using curl) +When Traefik detects new services, it creates the corresponding routes so you can call them ... _let's see!_ (Here, you're using curl) ```shell curl -H Host:whoami.docker.localhost http://127.0.0.1 @@ -103,7 +103,7 @@ Finally, see that Traefik load-balances between the two instances of your servic curl -H Host:whoami.docker.localhost http://127.0.0.1 ``` -The output will show alternatively one of the followings: +The output will show alternatively one of the following: ```yaml Hostname: a656c8ddca6c diff --git a/docs/content/index.md b/docs/content/index.md index 6bb820f50..f4b16c8ff 100644 --- a/docs/content/index.md +++ b/docs/content/index.md @@ -18,7 +18,7 @@ Traefik is natively compliant with every major cluster technology, such as Kuber With Traefik, there is no need to maintain and synchronize a separate configuration file: everything happens automatically, in real time (no restarts, no connection interruptions). With Traefik, you spend time developing and deploying new features to your system, not on configuring and maintaining its working state. -Developing Traefik, our main goal is to make it simple to use, and we're sure you'll enjoy it. +Developing Traefik, our main goal is to make it effortless to use, and we're sure you'll enjoy it. -- The Traefik Maintainer Team diff --git a/docs/content/operations/dashboard.md b/docs/content/operations/dashboard.md index c838f0afd..8c3902cc8 100644 --- a/docs/content/operations/dashboard.md +++ b/docs/content/operations/dashboard.md @@ -71,11 +71,11 @@ with a router attached to the service `api@internal` in the to allow defining: - One or more security features through [middlewares](../middlewares/overview.md) - like authentication ([basicAuth](../middlewares/http/basicauth.md) , [digestAuth](../middlewares/http/digestauth.md), + like authentication ([basicAuth](../middlewares/http/basicauth.md), [digestAuth](../middlewares/http/digestauth.md), [forwardAuth](../middlewares/http/forwardauth.md)) or [whitelisting](../middlewares/http/ipwhitelist.md). - A [router rule](#dashboard-router-rule) for accessing the dashboard, - through Traefik itself (sometimes referred as "Traefik-ception"). + through Traefik itself (sometimes referred to as "Traefik-ception"). ### Dashboard Router Rule @@ -83,7 +83,7 @@ As underlined in the [documentation for the `api.dashboard` option](./api.md#das the [router rule](../routing/routers/index.md#rule) defined for Traefik must match the path prefixes `/api` and `/dashboard`. -We recommend to use a "Host Based rule" as ```Host(`traefik.example.com`)``` to match everything on the host domain, +We recommend using a "Host Based rule" as ```Host(`traefik.example.com`)``` to match everything on the host domain, or to make sure that the defined rule captures both prefixes: ```bash tab="Host Rule" diff --git a/docs/content/operations/ping.md b/docs/content/operations/ping.md index 3dc1de3d9..a2b4577f3 100644 --- a/docs/content/operations/ping.md +++ b/docs/content/operations/ping.md @@ -33,7 +33,7 @@ whose default value is `traefik` (port `8080`). | Path | Method | Description | |---------|---------------|-----------------------------------------------------------------------------------------------------| -| `/ping` | `GET`, `HEAD` | A simple endpoint to check for Traefik process liveness. Return a code `200` with the content: `OK` | +| `/ping` | `GET`, `HEAD` | An endpoint to check for Traefik process liveness. Return a code `200` with the content: `OK` | !!! note The `cli` comes with a [`healthcheck`](./cli.md#healthcheck) command which can be used for calling this endpoint. @@ -92,10 +92,11 @@ ping: _Optional, Default=503_ During the period in which Traefik is gracefully shutting down, the ping handler -returns a 503 status code by default. If Traefik is behind e.g. a load-balancer +returns a `503` status code by default. +If Traefik is behind, for example a load-balancer doing health checks (such as the Kubernetes LivenessProbe), another code might -be expected as the signal for graceful termination. In which case, the -terminatingStatusCode can be used to set the code returned by the ping +be expected as the signal for graceful termination. +In that case, the terminatingStatusCode can be used to set the code returned by the ping handler during termination. ```yaml tab="File (YAML)" From 6df9578acec8cb202d320fb170fbd5df36752ecf Mon Sep 17 00:00:00 2001 From: sven Date: Tue, 2 Jan 2024 17:56:06 +0100 Subject: [PATCH 09/17] Update wording of compose example --- .../docker-compose/basic-example/index.md | 66 +++++++++++-------- 1 file changed, 38 insertions(+), 28 deletions(-) diff --git a/docs/content/user-guides/docker-compose/basic-example/index.md b/docs/content/user-guides/docker-compose/basic-example/index.md index f91520fae..65b5e3d7a 100644 --- a/docs/content/user-guides/docker-compose/basic-example/index.md +++ b/docs/content/user-guides/docker-compose/basic-example/index.md @@ -1,16 +1,15 @@ --- title: "Traefik Docker Documentation" -description: "This guide covers a Docker Compose file exposing a service using the Docker provider in Traefik Proxy. Read the technical documentation." +description: "Learn how to use Docker Compose to expose a service with Traefik Proxy." --- # Docker Compose example -In this section, we quickly go over a Docker Compose file exposing a service using the Docker provider. -This will also be used as a starting point for the other Docker Compose guides. +In this section, you will learn how to use [Docker Compose](https://docs.docker.com/compose/ "Link to Docker Compose") to expose a service using the Docker provider. ## Setup -- Edit a `docker-compose.yml` file with the following content: +Create a `docker-compose.yml` file with the following content: ```yaml --8<-- "content/user-guides/docker-compose/basic-example/docker-compose.yml" @@ -45,33 +44,44 @@ This will also be used as a starting point for the other Docker Compose guides. ``` -- Replace `whoami.localhost` by your **own domain** within the `traefik.http.routers.whoami.rule` label of the `whoami` service. -- Run `docker-compose up -d` within the folder where you created the previous file. -- Wait a bit and visit `http://your_own_domain` to confirm everything went fine. - You should see the output of the whoami service. Something similar to: +Replace `whoami.localhost` by your **own domain** within the `traefik.http.routers.whoami.rule` label of the `whoami` service. - ```text - Hostname: d7f919e54651 - IP: 127.0.0.1 - IP: 192.168.64.2 - GET / HTTP/1.1 - Host: whoami.localhost - User-Agent: curl/7.52.1 - Accept: */* - Accept-Encoding: gzip - X-Forwarded-For: 192.168.64.1 - X-Forwarded-Host: whoami.localhost - X-Forwarded-Port: 80 - X-Forwarded-Proto: http - X-Forwarded-Server: 7f0c797dbc51 - X-Real-Ip: 192.168.64.1 - ``` +Now run `docker-compose up -d` within the folder where you created the previous file. +This will start Docker Compose in background mode. + +!!! info "This can take a moment" + + Docker Compose will now create and start the services declared in the `docker-compose.yml`. + +Wait a bit and visit `http://your_own_domain` to confirm everything went fine. + +You should see the output of the whoami service. +It should be similar to the following example: + +```text +Hostname: d7f919e54651 +IP: 127.0.0.1 +IP: 192.168.64.2 +GET / HTTP/1.1 +Host: whoami.localhost +User-Agent: curl/7.52.1 +Accept: */* +Accept-Encoding: gzip +X-Forwarded-For: 192.168.64.1 +X-Forwarded-Host: whoami.localhost +X-Forwarded-Port: 80 +X-Forwarded-Proto: http +X-Forwarded-Server: 7f0c797dbc51 +X-Real-Ip: 192.168.64.1 +``` ## Details -- As an example, we use [whoami](https://github.com/traefik/whoami "Link to the GitHub repo of whoami") (a tiny Go server that prints OS information and HTTP request to output) which was used to define our `simple-service` container. +Let's break it down and go through it, step-by-step. -- We define an entry point, along with the exposure of the matching port within Docker Compose, which allow us to "open and accept" HTTP traffic: +You use [whoami](https://github.com/traefik/whoami "Link to the GitHub repo of whoami"), a tiny Go server that prints OS information and HTTP request to output as service container. + +Second, you define an entry point, along with the exposure of the matching port within Docker Compose, which allows to "open and accept" HTTP traffic: ```yaml command: @@ -82,7 +92,7 @@ ports: - "80:80" ``` -- We expose the Traefik API to be able to check the configuration if needed: +Third, you expose the Traefik API to be able to check the configuration if needed: ```yaml command: @@ -101,7 +111,7 @@ ports: curl -s 127.0.0.1:8080/api/rawdata | jq . ``` -- We allow Traefik to gather configuration from Docker: +Fourth, you allow Traefik to gather configuration from Docker: ```yaml traefik: From 74ab88d47e5a5e0fff1e9171fff9baea7e3322bf Mon Sep 17 00:00:00 2001 From: Ari Yonaty Date: Tue, 2 Jan 2024 09:20:06 -0800 Subject: [PATCH 10/17] docs: fix description for anonymous usage statistics references --- docs/content/reference/static-configuration/cli-ref.md | 2 +- docs/content/reference/static-configuration/env-ref.md | 2 +- pkg/config/static/static_config.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/content/reference/static-configuration/cli-ref.md b/docs/content/reference/static-configuration/cli-ref.md index 03409a1c3..f67a3b3c1 100644 --- a/docs/content/reference/static-configuration/cli-ref.md +++ b/docs/content/reference/static-configuration/cli-ref.md @@ -217,7 +217,7 @@ plugin's version. Periodically check if a new version has been released. (Default: ```true```) `--global.sendanonymoususage`: -Periodically send anonymous usage statistics. If the option is not specified, it will be enabled by default. (Default: ```false```) +Periodically send anonymous usage statistics. If the option is not specified, it will be disabled by default. (Default: ```false```) `--hostresolver`: Enable CNAME Flattening. (Default: ```false```) diff --git a/docs/content/reference/static-configuration/env-ref.md b/docs/content/reference/static-configuration/env-ref.md index d3de13a66..41eb2697f 100644 --- a/docs/content/reference/static-configuration/env-ref.md +++ b/docs/content/reference/static-configuration/env-ref.md @@ -217,7 +217,7 @@ plugin's version. Periodically check if a new version has been released. (Default: ```true```) `TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE`: -Periodically send anonymous usage statistics. If the option is not specified, it will be enabled by default. (Default: ```false```) +Periodically send anonymous usage statistics. If the option is not specified, it will be disabled by default. (Default: ```false```) `TRAEFIK_HOSTRESOLVER`: Enable CNAME Flattening. (Default: ```false```) diff --git a/pkg/config/static/static_config.go b/pkg/config/static/static_config.go index e3419fd7a..669226083 100644 --- a/pkg/config/static/static_config.go +++ b/pkg/config/static/static_config.go @@ -91,7 +91,7 @@ type CertificateResolver struct { // Global holds the global configuration. type Global struct { CheckNewVersion bool `description:"Periodically check if a new version has been released." json:"checkNewVersion,omitempty" toml:"checkNewVersion,omitempty" yaml:"checkNewVersion,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` - SendAnonymousUsage bool `description:"Periodically send anonymous usage statistics. If the option is not specified, it will be enabled by default." json:"sendAnonymousUsage,omitempty" toml:"sendAnonymousUsage,omitempty" yaml:"sendAnonymousUsage,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` + SendAnonymousUsage bool `description:"Periodically send anonymous usage statistics. If the option is not specified, it will be disabled by default." json:"sendAnonymousUsage,omitempty" toml:"sendAnonymousUsage,omitempty" yaml:"sendAnonymousUsage,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` } // ServersTransport options to configure communication between Traefik and the servers. From 004256267888302b5478074a05ba62034a78c7d3 Mon Sep 17 00:00:00 2001 From: Domenico Andreoli Date: Tue, 2 Jan 2024 18:46:05 +0100 Subject: [PATCH 11/17] docs: fix the explanation of the TLS challenge --- .../user-guides/docker-compose/acme-dns/index.md | 10 +++++----- .../user-guides/docker-compose/acme-http/index.md | 10 +++++----- .../user-guides/docker-compose/acme-tls/index.md | 8 ++++---- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/content/user-guides/docker-compose/acme-dns/index.md b/docs/content/user-guides/docker-compose/acme-dns/index.md index 59872c44e..56f32ed33 100644 --- a/docs/content/user-guides/docker-compose/acme-dns/index.md +++ b/docs/content/user-guides/docker-compose/acme-dns/index.md @@ -3,9 +3,9 @@ title: "Traefik Docker DNS Challenge Documentation" description: "Learn how to create a certificate with the Let's Encrypt DNS challenge to use HTTPS on a Service exposed with Traefik Proxy. Read the tehnical documentation." --- -# Docker-compose with let's encrypt: DNS Challenge +# Docker-compose with Let's Encrypt: DNS Challenge -This guide aim to demonstrate how to create a certificate with the let's encrypt DNS challenge to use https on a simple service exposed with Traefik. +This guide aim to demonstrate how to create a certificate with the Let's Encrypt DNS challenge to use https on a simple service exposed with Traefik. Please also read the [basic example](../basic-example) for details on how to expose such a service. ## Prerequisite @@ -52,7 +52,7 @@ For the DNS challenge, you'll need: !!! Note If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good. - (It is the staging environment intermediate certificate used by let's encrypt). + (It is the staging environment intermediate certificate used by Let's Encrypt). You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate. ## Explanation @@ -69,7 +69,7 @@ ports: - "443:443" ``` -- We configure the DNS let's encrypt challenge: +- We configure the DNS Let's Encrypt challenge: ```yaml command: @@ -77,7 +77,7 @@ command: - "--certificatesresolvers.myresolver.acme.dnschallenge=true" # Tell which provider to use - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh" - # The email to provide to let's encrypt + # The email to provide to Let's Encrypt - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com" ``` diff --git a/docs/content/user-guides/docker-compose/acme-http/index.md b/docs/content/user-guides/docker-compose/acme-http/index.md index 7f8a05873..67808853e 100644 --- a/docs/content/user-guides/docker-compose/acme-http/index.md +++ b/docs/content/user-guides/docker-compose/acme-http/index.md @@ -3,9 +3,9 @@ title: "Traefik Docker HTTP Challenge Documentation" description: "Learn how to create a certificate with the Let's Encrypt HTTP challenge to use HTTPS on a Service exposed with Traefik Proxy. Read the technical documentation." --- -# Docker-compose with let's encrypt : HTTP Challenge +# Docker-compose with Let's Encrypt : HTTP Challenge -This guide aim to demonstrate how to create a certificate with the let's encrypt HTTP challenge to use https on a simple service exposed with Traefik. +This guide aim to demonstrate how to create a certificate with the Let's Encrypt HTTP challenge to use https on a simple service exposed with Traefik. Please also read the [basic example](../basic-example) for details on how to expose such a service. ## Prerequisite @@ -38,7 +38,7 @@ For the HTTP challenge you will need: !!! Note If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good. - (It is the staging environment intermediate certificate used by let's encrypt). + (It is the staging environment intermediate certificate used by Let's Encrypt). You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate. ## Explanation @@ -55,7 +55,7 @@ ports: - "443:443" ``` -- We configure the HTTPS let's encrypt challenge: +- We configure the HTTPS Let's Encrypt challenge: ```yaml command: @@ -63,7 +63,7 @@ command: - "--certificatesresolvers.myresolver.acme.httpchallenge=true" # Tell it to use our predefined entrypoint named "web" - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" - # The email to provide to let's encrypt + # The email to provide to Let's Encrypt - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com" ``` diff --git a/docs/content/user-guides/docker-compose/acme-tls/index.md b/docs/content/user-guides/docker-compose/acme-tls/index.md index 3457b6ae1..b201a4c95 100644 --- a/docs/content/user-guides/docker-compose/acme-tls/index.md +++ b/docs/content/user-guides/docker-compose/acme-tls/index.md @@ -3,9 +3,9 @@ title: "Traefik Docker TLS Challenge Documentation" description: "Learn how to create a certificate with the Let's Encrypt TLS challenge to use HTTPS on a service exposed with Traefik Proxy. Read the technical documentation." --- -# Docker-compose with let's encrypt: TLS Challenge +# Docker-compose with Let's Encrypt: TLS Challenge -This guide aim to demonstrate how to create a certificate with the let's encrypt TLS challenge to use https on a simple service exposed with Traefik. +This guide aim to demonstrate how to create a certificate with the Let's Encrypt TLS challenge to use https on a simple service exposed with Traefik. Please also read the [basic example](../basic-example) for details on how to expose such a service. ## Prerequisite @@ -38,7 +38,7 @@ For the TLS challenge you will need: !!! Note If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good. - (It is the staging environment intermediate certificate used by let's encrypt). + (It is the staging environment intermediate certificate used by Let's Encrypt). You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate. ## Explanation @@ -55,7 +55,7 @@ ports: - "443:443" ``` -- We configure the Https let's encrypt challenge: +- We configure the TLS Let's Encrypt challenge: ```yaml command: From 2a9471d2781dfb5e66e874811ff221983df4e8ee Mon Sep 17 00:00:00 2001 From: youpsla Date: Tue, 2 Jan 2024 19:12:06 +0100 Subject: [PATCH 12/17] docs: fix typo --- docs/content/user-guides/docker-compose/acme-dns/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/user-guides/docker-compose/acme-dns/index.md b/docs/content/user-guides/docker-compose/acme-dns/index.md index 56f32ed33..84fc9c8dc 100644 --- a/docs/content/user-guides/docker-compose/acme-dns/index.md +++ b/docs/content/user-guides/docker-compose/acme-dns/index.md @@ -175,7 +175,7 @@ services: - "ovh_consumer_key" ``` -- The environment variable within our `whoami` service are suffixed by `_FILE` which allow us to point to files containing the value, instead of exposing the value itself. +- The environment variable within our `traefik` service are suffixed by `_FILE` which allow us to point to files containing the value, instead of exposing the value itself. The acme client will read the content of those file to get the required configuration values. ```yaml From a84d5c0ef1379b9e863d0c32927a614d3478761e Mon Sep 17 00:00:00 2001 From: Romain Date: Tue, 2 Jan 2024 20:04:06 +0100 Subject: [PATCH 13/17] Adjust deprecation notice for Kubernetes CRD provider Co-authored-by: Baptiste Mayelle --- docs/content/deprecation/features.md | 24 +++++++++++------------ pkg/provider/kubernetes/crd/kubernetes.go | 1 - 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/docs/content/deprecation/features.md b/docs/content/deprecation/features.md index c9e54134f..1ae7e8b93 100644 --- a/docs/content/deprecation/features.md +++ b/docs/content/deprecation/features.md @@ -2,14 +2,14 @@ This page is maintained and updated periodically to reflect our roadmap and any decisions around feature deprecation. -| Feature | Deprecated | End of Support | Removal | -|-----------------------------------------------------------------------------------------------------|------------|----------------|---------| -| [Pilot](#pilot) | 2.7 | 2.8 | 2.9 | -| [Consul Enterprise Namespace](#consul-enterprise-namespace) | 2.8 | N/A | 3.0 | -| [TLS 1.0 and 1.1 Support](#tls-10-and-11) | N/A | 2.8 | N/A | -| [Nomad Namespace](#nomad-namespace) | 2.10 | N/A | 3.0 | -| [Kubernetes CRDs API Group `traefik.containo.us`](#kubernetes-crds-api-group-traefikcontainous) | 2.10 | N/A | 3.0 | -| [Kubernetes CRDs API Version `traefik.io/v1alpha1`](#kubernetes-crds-api-version-traefikiov1alpha1) | N/A | N/A | 3.0 | +| Feature | Deprecated | End of Support | Removal | +|-------------------------------------------------------------------------------------------------------------|------------|----------------|---------| +| [Pilot](#pilot) | 2.7 | 2.8 | 2.9 | +| [Consul Enterprise Namespace](#consul-enterprise-namespace) | 2.8 | N/A | 3.0 | +| [TLS 1.0 and 1.1 Support](#tls-10-and-11) | N/A | 2.8 | N/A | +| [Nomad Namespace](#nomad-namespace) | 2.10 | N/A | 3.0 | +| [Kubernetes CRDs API Group `traefik.containo.us`](#kubernetes-crd-provider-api-group-traefikcontainous) | 2.10 | N/A | 3.0 | +| [Kubernetes CRDs API Version `traefik.io/v1alpha1`](#kubernetes-crd-provider-api-version-traefikiov1alpha1) | 3.0 | N/A | 4.0 | ## Impact @@ -35,10 +35,10 @@ Starting on 2.8 the default TLS options will use the minimum version of TLS 1.2. Starting on 2.10 the `namespace` option of the Nomad provider is deprecated, please use the `namespaces` options instead. -### Kubernetes CRDs API Group `traefik.containo.us` +### Kubernetes CRD Provider API Group `traefik.containo.us` -In v2.10, the Kubernetes CRDs API Group `traefik.containo.us` is deprecated, and its support will end starting with Traefik v3. Please use the API Group `traefik.io` instead. +In v2.10, the Kubernetes CRD provider API Group `traefik.containo.us` is deprecated, and its support will end starting with Traefik v3. Please use the API Group `traefik.io` instead. -### Kubernetes CRDs API Version `traefik.io/v1alpha1` +### Kubernetes CRD Provider API Version `traefik.io/v1alpha1` -The newly introduced Kubernetes CRD API Version `traefik.io/v1alpha1` will subsequently be removed in Traefik v3. The following version will be `traefik.io/v1`. +The Kubernetes CRD provider API Version `traefik.io/v1alpha1` will subsequently be deprecated in Traefik v3. The next version will be `traefik.io/v1`. diff --git a/pkg/provider/kubernetes/crd/kubernetes.go b/pkg/provider/kubernetes/crd/kubernetes.go index 03807ac9c..65f859215 100644 --- a/pkg/provider/kubernetes/crd/kubernetes.go +++ b/pkg/provider/kubernetes/crd/kubernetes.go @@ -123,7 +123,6 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe. logger := log.FromContext(ctxLog) logger.Warn("CRDs API Group \"traefik.containo.us\" is deprecated, and its support will end starting with Traefik v3. Please use the API Group \"traefik.io\" instead.") - logger.Warn("CRDs API Version \"traefik.io/v1alpha1\" will not be supported in Traefik v3 itself. However, an automatic migration path to the next version will be available.") k8sClient, err := p.newK8sClient(ctxLog) if err != nil { From 7345afd8b630a0cedb5271205b98efbffb178caf Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Tue, 2 Jan 2024 20:36:06 +0100 Subject: [PATCH 14/17] Update quic-go to v0.40.1 --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 62ac8306b..b46d2528a 100644 --- a/go.mod +++ b/go.mod @@ -53,7 +53,7 @@ require ( github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 github.com/prometheus/client_golang v1.14.0 github.com/prometheus/client_model v0.3.0 - github.com/quic-go/quic-go v0.39.1 + github.com/quic-go/quic-go v0.40.1 github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 @@ -293,7 +293,7 @@ require ( github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect github.com/quic-go/qpack v0.4.0 // indirect - github.com/quic-go/qtls-go1-20 v0.3.4 // indirect + github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/redis/go-redis/v9 v9.2.1 // indirect github.com/sacloud/api-client-go v0.2.8 // indirect github.com/sacloud/go-http v0.1.6 // indirect diff --git a/go.sum b/go.sum index ea218e429..136bd54ec 100644 --- a/go.sum +++ b/go.sum @@ -1579,10 +1579,10 @@ github.com/qri-io/jsonpointer v0.1.0/go.mod h1:DnJPaYgiKu56EuDp8TU5wFLdZIcAnb/uH github.com/qri-io/jsonschema v0.1.1/go.mod h1:QpzJ6gBQ0GYgGmh7mDQ1YsvvhSgE4rYj0k8t5MBOmUY= github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo= github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A= -github.com/quic-go/qtls-go1-20 v0.3.4 h1:MfFAPULvst4yoMgY9QmtpYmfij/em7O8UUi+bNVm7Cg= -github.com/quic-go/qtls-go1-20 v0.3.4/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.39.1 h1:d/m3oaN/SD2c+f7/yEjZxe2zEVotXprnrCCJ2y/ZZFE= -github.com/quic-go/quic-go v0.39.1/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= +github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5nfFs= +github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= +github.com/quic-go/quic-go v0.40.1 h1:X3AGzUNFs0jVuO3esAGnTfvdgvL4fq655WaOi1snv1Q= +github.com/quic-go/quic-go v0.40.1/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac h1:wBGhHdXKICZmvAPWS8gQoMyOWDH7QAi9bU4Z1nDWnFU= github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac/go.mod h1:67sLWL17mVlO1HFROaTBmU71NB4R8UNCesFHhg0f6LQ= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= From 5be13802dcb7f3d4599a89f7a399f6eb4454363d Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Tue, 2 Jan 2024 20:58:06 +0100 Subject: [PATCH 15/17] chore: update github.com/fsnotify/fsnotify to v1.7.0 --- go.mod | 3 +-- go.sum | 6 ++---- pkg/provider/file/file.go | 2 +- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index b46d2528a..96545f462 100644 --- a/go.mod +++ b/go.mod @@ -18,6 +18,7 @@ require ( github.com/docker/docker v20.10.21+incompatible github.com/docker/go-connections v0.4.0 github.com/fatih/structs v1.1.0 + github.com/fsnotify/fsnotify v1.7.0 github.com/gambol99/go-marathon v0.0.0-20180614232016-99a156b96fb2 github.com/go-acme/lego/v4 v4.14.0 github.com/go-check/check v0.0.0-00010101000000-000000000000 @@ -76,7 +77,6 @@ require ( golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 google.golang.org/grpc v1.58.3 gopkg.in/DataDog/dd-trace-go.v1 v1.56.1 - gopkg.in/fsnotify.v1 v1.4.7 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.26.3 k8s.io/apiextensions-apiserver v0.26.3 @@ -179,7 +179,6 @@ require ( github.com/evanphx/json-patch v4.12.0+incompatible // indirect github.com/exoscale/egoscale v0.100.1 // indirect github.com/fatih/color v1.15.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/fvbommel/sortorder v1.0.1 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-errors/errors v1.0.1 // indirect diff --git a/go.sum b/go.sum index 136bd54ec..23db178eb 100644 --- a/go.sum +++ b/go.sum @@ -672,8 +672,8 @@ github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= github.com/fvbommel/sortorder v1.0.1 h1:dSnXLt4mJYH25uDDGa3biZNQsozaUWDSWeKJ0qqFfzE= github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= @@ -2227,7 +2227,6 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -2515,7 +2514,6 @@ gopkg.in/dancannon/gorethink.v3 v3.0.5/go.mod h1:GXsi1e3N2OcKhcP6nsYABTiUejbWMFO gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fatih/pool.v2 v2.0.0 h1:xIFeWtxifuQJGk/IEPKsTduEKcKvPmhoiVDGpC40nKg= gopkg.in/fatih/pool.v2 v2.0.0/go.mod h1:8xVGeu1/2jr2wm5V9SPuMht2H5AEmf5aFMGSQixtjTY= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= diff --git a/pkg/provider/file/file.go b/pkg/provider/file/file.go index 548f0cbc4..21599431c 100644 --- a/pkg/provider/file/file.go +++ b/pkg/provider/file/file.go @@ -11,13 +11,13 @@ import ( "text/template" "github.com/Masterminds/sprig/v3" + "github.com/fsnotify/fsnotify" "github.com/traefik/paerser/file" "github.com/traefik/traefik/v2/pkg/config/dynamic" "github.com/traefik/traefik/v2/pkg/log" "github.com/traefik/traefik/v2/pkg/provider" "github.com/traefik/traefik/v2/pkg/safe" "github.com/traefik/traefik/v2/pkg/tls" - "gopkg.in/fsnotify.v1" ) const providerName = "file" From 56e2110dc586f468c9b5c68dabe41f38fcd6d0ff Mon Sep 17 00:00:00 2001 From: Julien Salleyron Date: Tue, 2 Jan 2024 22:02:05 +0100 Subject: [PATCH 16/17] Fix readHeaderTimeout in proxyproto --- pkg/server/server_entrypoint_tcp.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go index e3e22998e..26b417293 100644 --- a/pkg/server/server_entrypoint_tcp.go +++ b/pkg/server/server_entrypoint_tcp.go @@ -418,7 +418,12 @@ func (ln tcpKeepAliveListener) Accept() (net.Conn, error) { } func buildProxyProtocolListener(ctx context.Context, entryPoint *static.EntryPoint, listener net.Listener) (net.Listener, error) { - proxyListener := &proxyproto.Listener{Listener: listener} + timeout := entryPoint.Transport.RespondingTimeouts.ReadTimeout + // proxyproto use 200ms if ReadHeaderTimeout is set to 0 and not no timeout + if timeout == 0 { + timeout = -1 + } + proxyListener := &proxyproto.Listener{Listener: listener, ReadHeaderTimeout: time.Duration(timeout)} if entryPoint.ProxyProtocol.Insecure { log.FromContext(ctx).Infof("Enabling ProxyProtocol without trusted IPs: Insecure") From 9adf0fb638d9c252a079459263c1b2635302331e Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 3 Jan 2024 11:12:05 +0100 Subject: [PATCH 17/17] Prepare release v2.11.0-rc1 --- .github/PULL_REQUEST_TEMPLATE.md | 4 +- .semaphore/semaphore.yml | 2 +- CHANGELOG.md | 22 ++ .../getting-started/configuration-overview.md | 2 +- .../getting-started/install-traefik.md | 8 +- .../quick-start-with-kubernetes.md | 2 +- docs/content/getting-started/quick-start.md | 2 +- docs/content/observability/access-logs.md | 2 +- docs/content/providers/docker.md | 2 +- docs/content/providers/kubernetes-crd.md | 4 +- docs/content/providers/kubernetes-ingress.md | 2 +- .../kubernetes-crd-definition-v1.yml | 276 +++++++++--------- .../kubernetes-gateway-traefik-lb-svc.yml | 2 +- .../traefik.containo.us_ingressroutes.yaml | 26 +- .../traefik.containo.us_ingressroutetcps.yaml | 16 +- .../traefik.containo.us_ingressrouteudps.yaml | 2 +- .../traefik.containo.us_middlewares.yaml | 66 ++--- .../traefik.containo.us_middlewaretcps.yaml | 6 +- ...traefik.containo.us_serverstransports.yaml | 2 +- .../traefik.containo.us_tlsoptions.yaml | 8 +- .../traefik.containo.us_tlsstores.yaml | 2 +- .../traefik.containo.us_traefikservices.yaml | 10 +- .../traefik.io_ingressroutes.yaml | 26 +- .../traefik.io_ingressroutetcps.yaml | 16 +- .../traefik.io_ingressrouteudps.yaml | 2 +- .../traefik.io_middlewares.yaml | 66 ++--- .../traefik.io_middlewaretcps.yaml | 6 +- .../traefik.io_serverstransports.yaml | 2 +- .../traefik.io_tlsoptions.yaml | 8 +- .../traefik.io_tlsstores.yaml | 2 +- .../traefik.io_traefikservices.yaml | 10 +- .../routing/providers/kubernetes-crd.md | 2 +- .../routing/providers/kubernetes-ingress.md | 6 +- .../user-guides/crd-acme/03-deployments.yml | 2 +- docs/content/user-guides/crd-acme/index.md | 12 +- docs/content/user-guides/crd-acme/k3s.yml | 2 +- .../acme-dns/docker-compose.yml | 2 +- .../acme-dns/docker-compose_secrets.yml | 2 +- .../acme-http/docker-compose.yml | 2 +- .../acme-tls/docker-compose.yml | 2 +- .../basic-example/docker-compose.yml | 2 +- .../docker-compose/basic-example/index.md | 2 +- integration/fixtures/k8s/01-traefik-crd.yml | 276 +++++++++--------- pkg/config/dynamic/middlewares.go | 50 ++-- pkg/config/dynamic/tcp_config.go | 2 +- pkg/config/dynamic/tcp_middlewares.go | 2 +- .../v1alpha1/ingressroute.go | 28 +- .../v1alpha1/ingressroutetcp.go | 18 +- .../v1alpha1/ingressrouteudp.go | 2 +- .../traefikcontainous/v1alpha1/middleware.go | 24 +- .../v1alpha1/middlewaretcp.go | 6 +- .../v1alpha1/serverstransport.go | 2 +- .../crd/traefikcontainous/v1alpha1/service.go | 8 +- .../traefikcontainous/v1alpha1/tlsoption.go | 8 +- .../traefikcontainous/v1alpha1/tlsstore.go | 2 +- .../crd/traefikio/v1alpha1/ingressroute.go | 28 +- .../crd/traefikio/v1alpha1/ingressroutetcp.go | 18 +- .../crd/traefikio/v1alpha1/ingressrouteudp.go | 2 +- .../crd/traefikio/v1alpha1/middleware.go | 24 +- .../crd/traefikio/v1alpha1/middlewaretcp.go | 6 +- .../traefikio/v1alpha1/serverstransport.go | 2 +- .../crd/traefikio/v1alpha1/service.go | 8 +- .../crd/traefikio/v1alpha1/tlsoption.go | 8 +- .../crd/traefikio/v1alpha1/tlsstore.go | 2 +- script/gcg/traefik-bugfix.toml | 10 +- script/gcg/traefik-final-release-part1.toml | 10 +- script/gcg/traefik-final-release-part2.toml | 8 +- script/gcg/traefik-rc-first.toml | 6 +- script/gcg/traefik-rc-new.toml | 10 +- 69 files changed, 617 insertions(+), 595 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index b01448af0..1cade3ff1 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -2,11 +2,11 @@ PLEASE READ THIS MESSAGE. Documentation fixes or enhancements: -- for Traefik v2: use branch v2.10 +- for Traefik v2: use branch v2.11 - for Traefik v3: use branch v3.0 Bug fixes: -- for Traefik v2: use branch v2.10 +- for Traefik v2: use branch v2.11 - for Traefik v3: use branch v3.0 Enhancements: diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml index a4a01946f..d9a63e1f7 100644 --- a/.semaphore/semaphore.yml +++ b/.semaphore/semaphore.yml @@ -64,7 +64,7 @@ blocks: - name: GH_VERSION value: 2.32.1 - name: CODENAME - value: "saintmarcelin" + value: "mimolette" - name: IN_DOCKER value: "" prologue: diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d40ab83e..a38879596 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,25 @@ +## [v2.11.0-rc1](https://github.com/traefik/traefik/tree/v2.11.0-rc1) (2024-01-02) +[All Commits](https://github.com/traefik/traefik/compare/0a7964300166d167f68d5502bc245b3b9c8842b4...v2.11.0-rc1) + +**Enhancements:** +- **[middleware]** Deprecate IPWhiteList middleware in favor of IPAllowList ([#10249](https://github.com/traefik/traefik/pull/10249) by [lbenguigui](https://github.com/lbenguigui)) +- **[redis]** Add Redis Sentinel support ([#10245](https://github.com/traefik/traefik/pull/10245) by [youkoulayley](https://github.com/youkoulayley)) +- **[server]** Add KeepAliveMaxTime and KeepAliveMaxRequests features to entrypoints ([#10247](https://github.com/traefik/traefik/pull/10247) by [juliens](https://github.com/juliens)) +- **[sticky-session]** Hash WRR sticky cookies ([#10243](https://github.com/traefik/traefik/pull/10243) by [youkoulayley](https://github.com/youkoulayley)) + +**Bug fixes:** +- **[file]** Update github.com/fsnotify/fsnotify to v1.7.0 ([#10313](https://github.com/traefik/traefik/pull/10313) by [ldez](https://github.com/ldez)) +- **[http3]** Update quic-go to v0.40.1 ([#10296](https://github.com/traefik/traefik/pull/10296) by [ldez](https://github.com/ldez)) +- **[server]** Fix ReadHeaderTimeout for PROXY protocol ([#10320](https://github.com/traefik/traefik/pull/10320) by [juliens](https://github.com/juliens)) + +**Documentation:** +- **[acme]** Fix TLS challenge explanation ([#10293](https://github.com/traefik/traefik/pull/10293) by [cavokz](https://github.com/cavokz)) +- **[docker,acme]** Fix typo ([#10294](https://github.com/traefik/traefik/pull/10294) by [youpsla](https://github.com/youpsla)) +- **[docker]** Update wording of compose example ([#10276](https://github.com/traefik/traefik/pull/10276) by [svx](https://github.com/svx)) +- **[k8s/crd]** Adjust deprecation notice for Kubernetes CRD provider ([#10317](https://github.com/traefik/traefik/pull/10317) by [rtribotte](https://github.com/rtribotte)) +- Fix description for anonymous usage statistics references ([#10287](https://github.com/traefik/traefik/pull/10287) by [ariyonaty](https://github.com/ariyonaty)) +- Documentation enhancements ([#10261](https://github.com/traefik/traefik/pull/10261) by [svx](https://github.com/svx)) + ## [v2.10.7](https://github.com/traefik/traefik/tree/v2.10.7) (2023-12-06) [All Commits](https://github.com/traefik/traefik/compare/v2.10.6...v2.10.7) diff --git a/docs/content/getting-started/configuration-overview.md b/docs/content/getting-started/configuration-overview.md index 2e5e10c50..734e29871 100644 --- a/docs/content/getting-started/configuration-overview.md +++ b/docs/content/getting-started/configuration-overview.md @@ -79,7 +79,7 @@ traefik --help # or docker run traefik[:version] --help -# ex: docker run traefik:v2.10 --help +# ex: docker run traefik:v2.11 --help ``` Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments. diff --git a/docs/content/getting-started/install-traefik.md b/docs/content/getting-started/install-traefik.md index 57dea428c..b97a8fc32 100644 --- a/docs/content/getting-started/install-traefik.md +++ b/docs/content/getting-started/install-traefik.md @@ -16,12 +16,12 @@ You can install Traefik with the following flavors: Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file: -* [YAML](https://raw.githubusercontent.com/traefik/traefik/v2.10/traefik.sample.yml) -* [TOML](https://raw.githubusercontent.com/traefik/traefik/v2.10/traefik.sample.toml) +* [YAML](https://raw.githubusercontent.com/traefik/traefik/v2.11/traefik.sample.yml) +* [TOML](https://raw.githubusercontent.com/traefik/traefik/v2.11/traefik.sample.toml) ```shell docker run -d -p 8080:8080 -p 80:80 \ - -v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v2.10 + -v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v2.11 ``` For more details, go to the [Docker provider documentation](../providers/docker.md) @@ -29,7 +29,7 @@ For more details, go to the [Docker provider documentation](../providers/docker. !!! tip * Prefer a fixed version than the latest that could be an unexpected version. - ex: `traefik:v2.10` + ex: `traefik:v2.11` * Docker images are based from the [Alpine Linux Official image](https://hub.docker.com/_/alpine). * Any orchestrator using docker images can fetch the official Traefik docker image. diff --git a/docs/content/getting-started/quick-start-with-kubernetes.md b/docs/content/getting-started/quick-start-with-kubernetes.md index 8359bc6ef..e81cd07b0 100644 --- a/docs/content/getting-started/quick-start-with-kubernetes.md +++ b/docs/content/getting-started/quick-start-with-kubernetes.md @@ -130,7 +130,7 @@ spec: serviceAccountName: traefik-account containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --api.insecure - --providers.kubernetesingress diff --git a/docs/content/getting-started/quick-start.md b/docs/content/getting-started/quick-start.md index 08e173011..6ebb1b065 100644 --- a/docs/content/getting-started/quick-start.md +++ b/docs/content/getting-started/quick-start.md @@ -20,7 +20,7 @@ version: '3' services: reverse-proxy: # The official v2 Traefik docker image - image: traefik:v2.10 + image: traefik:v2.11 # Enables the web UI and tells Traefik to listen to docker command: --api.insecure=true --providers.docker ports: diff --git a/docs/content/observability/access-logs.md b/docs/content/observability/access-logs.md index 73c581ece..f96473a95 100644 --- a/docs/content/observability/access-logs.md +++ b/docs/content/observability/access-logs.md @@ -254,7 +254,7 @@ version: "3.7" services: traefik: - image: traefik:v2.10 + image: traefik:v2.11 environment: - TZ=US/Alaska command: diff --git a/docs/content/providers/docker.md b/docs/content/providers/docker.md index e3fc985fc..d6a121965 100644 --- a/docs/content/providers/docker.md +++ b/docs/content/providers/docker.md @@ -267,7 +267,7 @@ See the sections [Docker API Access](#docker-api-access) and [Docker Swarm API A services: traefik: - image: traefik:v2.10 # The official v2 Traefik docker image + image: traefik:v2.11 # The official v2 Traefik docker image ports: - "80:80" volumes: diff --git a/docs/content/providers/kubernetes-crd.md b/docs/content/providers/kubernetes-crd.md index f0c2635bc..9c9707ded 100644 --- a/docs/content/providers/kubernetes-crd.md +++ b/docs/content/providers/kubernetes-crd.md @@ -35,10 +35,10 @@ the Traefik engineering team developed a [Custom Resource Definition](https://ku ```bash # Install Traefik Resource Definitions: - kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml + kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml # Install RBAC for Traefik: - kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml + kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml ``` ## Resource Configuration diff --git a/docs/content/providers/kubernetes-ingress.md b/docs/content/providers/kubernetes-ingress.md index c9e9d8289..f9fcd7e61 100644 --- a/docs/content/providers/kubernetes-ingress.md +++ b/docs/content/providers/kubernetes-ingress.md @@ -502,6 +502,6 @@ providers: ### Further To learn more about the various aspects of the Ingress specification that Traefik supports, -many examples of Ingresses definitions are located in the test [examples](https://github.com/traefik/traefik/tree/v2.10/pkg/provider/kubernetes/ingress/fixtures) of the Traefik repository. +many examples of Ingresses definitions are located in the test [examples](https://github.com/traefik/traefik/tree/v2.11/pkg/provider/kubernetes/ingress/fixtures) of the Traefik repository. {!traefik-for-business-applications.md!} diff --git a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml index 960f98fe7..d92afbe86 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -54,11 +54,11 @@ spec: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' type: string middlewares: description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' items: description: MiddlewareRef is a reference to a Middleware resource. @@ -77,7 +77,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' type: integer services: description: Services defines the list of Service. It can contain @@ -150,7 +150,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -195,16 +195,16 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -222,15 +222,15 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string required: - name @@ -246,11 +246,11 @@ spec: properties: name: description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string required: - name @@ -304,7 +304,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -315,7 +315,7 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -338,7 +338,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' type: integer services: description: Services defines the list of TCP services. @@ -370,7 +370,7 @@ spec: x-kubernetes-int-or-string: true proxyProtocol: description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' properties: version: description: Version defines the PROXY Protocol version @@ -401,16 +401,16 @@ spec: type: array tls: description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -428,7 +428,7 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: Name defines the name of the referenced Traefik @@ -514,7 +514,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -592,7 +592,7 @@ spec: schema: openAPIV3Schema: description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -612,7 +612,7 @@ spec: addPrefix: description: 'AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' properties: prefix: description: Prefix is the string to add before the current path @@ -622,11 +622,11 @@ spec: basicAuth: description: 'BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -646,7 +646,7 @@ spec: buffering: description: 'Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' properties: maxRequestBodyBytes: description: 'MaxRequestBodyBytes defines the maximum allowed @@ -679,13 +679,13 @@ spec: retryExpression: description: 'RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' type: string type: object chain: description: 'Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -739,7 +739,7 @@ spec: compress: description: 'Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -773,11 +773,11 @@ spec: digestAuth: description: 'DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -796,7 +796,7 @@ spec: errors: description: 'ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' properties: query: description: Query defines the URL for the error page (hosted @@ -805,7 +805,7 @@ spec: type: string service: description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' properties: kind: description: Kind defines the kind of the Service. @@ -869,7 +869,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -918,7 +918,7 @@ spec: forwardAuth: description: 'ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' properties: address: description: Address defines the authentication server address. @@ -941,7 +941,7 @@ spec: description: 'AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' type: string tls: description: TLS defines the configuration used to secure the @@ -972,7 +972,7 @@ spec: headers: description: 'Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -1133,7 +1133,7 @@ spec: inFlightReq: description: 'InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' properties: amount: description: Amount defines the maximum amount of allowed simultaneous @@ -1147,11 +1147,11 @@ spec: group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1179,11 +1179,11 @@ spec: ipAllowList: description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1207,12 +1207,12 @@ spec: ipWhiteList: description: 'IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ Deprecated: please use IPAllowList instead.' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1236,7 +1236,7 @@ spec: passTLSClientCert: description: 'PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' properties: info: description: Info selects the specific client certificate details @@ -1343,7 +1343,7 @@ spec: rateLimit: description: 'RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' properties: average: description: Average is the maximum rate, by default in requests/s, @@ -1376,7 +1376,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1404,7 +1404,7 @@ spec: redirectRegex: description: 'RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1422,7 +1422,7 @@ spec: redirectScheme: description: 'RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1438,7 +1438,7 @@ spec: replacePath: description: 'ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' properties: path: description: Path defines the path to use as replacement in the @@ -1448,7 +1448,7 @@ spec: replacePathRegex: description: 'ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' properties: regex: description: Regex defines the regular expression used to match @@ -1464,7 +1464,7 @@ spec: middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' properties: attempts: description: Attempts defines how many times the request should @@ -1484,7 +1484,7 @@ spec: stripPrefix: description: 'StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' properties: forceSlash: description: 'ForceSlash ensures that the resulting stripped path @@ -1501,7 +1501,7 @@ spec: stripPrefixRegex: description: 'StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' properties: regex: description: Regex defines the regular expression to match the @@ -1537,7 +1537,7 @@ spec: schema: openAPIV3Schema: description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1567,7 +1567,7 @@ spec: ipAllowList: description: 'IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1579,7 +1579,7 @@ spec: ipWhiteList: description: 'IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1617,7 +1617,7 @@ spec: description: 'ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1736,7 +1736,7 @@ spec: openAPIV3Schema: description: 'TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1756,13 +1756,13 @@ spec: alpnProtocols: description: 'ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' items: type: string type: array cipherSuites: description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' items: type: string type: array @@ -1789,7 +1789,7 @@ spec: type: object curvePreferences: description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' items: type: string type: array @@ -1842,7 +1842,7 @@ spec: description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1932,7 +1932,7 @@ spec: openAPIV3Schema: description: 'TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -2038,7 +2038,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2129,7 +2129,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2236,7 +2236,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2275,7 +2275,7 @@ spec: type: array sticky: description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2344,7 +2344,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -2361,11 +2361,11 @@ spec: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' type: string middlewares: description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' items: description: MiddlewareRef is a reference to a Middleware resource. @@ -2384,7 +2384,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' type: integer services: description: Services defines the list of Service. It can contain @@ -2457,7 +2457,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2502,16 +2502,16 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -2529,15 +2529,15 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string required: - name @@ -2553,11 +2553,11 @@ spec: properties: name: description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string required: - name @@ -2611,7 +2611,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -2622,7 +2622,7 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -2645,7 +2645,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' type: integer services: description: Services defines the list of TCP services. @@ -2677,7 +2677,7 @@ spec: x-kubernetes-int-or-string: true proxyProtocol: description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' properties: version: description: Version defines the PROXY Protocol version @@ -2708,16 +2708,16 @@ spec: type: array tls: description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -2735,7 +2735,7 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: Name defines the name of the referenced Traefik @@ -2821,7 +2821,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -2899,7 +2899,7 @@ spec: schema: openAPIV3Schema: description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -2919,7 +2919,7 @@ spec: addPrefix: description: 'AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' properties: prefix: description: Prefix is the string to add before the current path @@ -2929,11 +2929,11 @@ spec: basicAuth: description: 'BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -2953,7 +2953,7 @@ spec: buffering: description: 'Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' properties: maxRequestBodyBytes: description: 'MaxRequestBodyBytes defines the maximum allowed @@ -2986,13 +2986,13 @@ spec: retryExpression: description: 'RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' type: string type: object chain: description: 'Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -3046,7 +3046,7 @@ spec: compress: description: 'Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -3080,11 +3080,11 @@ spec: digestAuth: description: 'DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -3103,7 +3103,7 @@ spec: errors: description: 'ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' properties: query: description: Query defines the URL for the error page (hosted @@ -3112,7 +3112,7 @@ spec: type: string service: description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' properties: kind: description: Kind defines the kind of the Service. @@ -3176,7 +3176,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -3225,7 +3225,7 @@ spec: forwardAuth: description: 'ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' properties: address: description: Address defines the authentication server address. @@ -3248,7 +3248,7 @@ spec: description: 'AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' type: string tls: description: TLS defines the configuration used to secure the @@ -3279,7 +3279,7 @@ spec: headers: description: 'Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -3440,7 +3440,7 @@ spec: inFlightReq: description: 'InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' properties: amount: description: Amount defines the maximum amount of allowed simultaneous @@ -3454,11 +3454,11 @@ spec: group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3486,11 +3486,11 @@ spec: ipAllowList: description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3514,12 +3514,12 @@ spec: ipWhiteList: description: 'IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ Deprecated: please use IPAllowList instead.' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3543,7 +3543,7 @@ spec: passTLSClientCert: description: 'PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' properties: info: description: Info selects the specific client certificate details @@ -3650,7 +3650,7 @@ spec: rateLimit: description: 'RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' properties: average: description: Average is the maximum rate, by default in requests/s, @@ -3683,7 +3683,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3711,7 +3711,7 @@ spec: redirectRegex: description: 'RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3729,7 +3729,7 @@ spec: redirectScheme: description: 'RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3745,7 +3745,7 @@ spec: replacePath: description: 'ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' properties: path: description: Path defines the path to use as replacement in the @@ -3755,7 +3755,7 @@ spec: replacePathRegex: description: 'ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' properties: regex: description: Regex defines the regular expression used to match @@ -3771,7 +3771,7 @@ spec: middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' properties: attempts: description: Attempts defines how many times the request should @@ -3791,7 +3791,7 @@ spec: stripPrefix: description: 'StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' properties: forceSlash: description: 'ForceSlash ensures that the resulting stripped path @@ -3808,7 +3808,7 @@ spec: stripPrefixRegex: description: 'StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' properties: regex: description: Regex defines the regular expression to match the @@ -3844,7 +3844,7 @@ spec: schema: openAPIV3Schema: description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -3874,7 +3874,7 @@ spec: ipAllowList: description: 'IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3886,7 +3886,7 @@ spec: ipWhiteList: description: 'IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3924,7 +3924,7 @@ spec: description: 'ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4043,7 +4043,7 @@ spec: openAPIV3Schema: description: 'TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4063,13 +4063,13 @@ spec: alpnProtocols: description: 'ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' items: type: string type: array cipherSuites: description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' items: type: string type: array @@ -4096,7 +4096,7 @@ spec: type: object curvePreferences: description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' items: type: string type: array @@ -4149,7 +4149,7 @@ spec: description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4239,7 +4239,7 @@ spec: openAPIV3Schema: description: 'TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4345,7 +4345,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4436,7 +4436,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4543,7 +4543,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4582,7 +4582,7 @@ spec: type: array sticky: description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' properties: cookie: description: Cookie defines the sticky cookie configuration. diff --git a/docs/content/reference/dynamic-configuration/kubernetes-gateway-traefik-lb-svc.yml b/docs/content/reference/dynamic-configuration/kubernetes-gateway-traefik-lb-svc.yml index d1316a0a0..be0c7e225 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-gateway-traefik-lb-svc.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-gateway-traefik-lb-svc.yml @@ -25,7 +25,7 @@ spec: serviceAccountName: traefik-controller containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --entrypoints.web.address=:80 - --entrypoints.websecure.address=:443 diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml index 1d4ef4537..1d2d5e891 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -54,11 +54,11 @@ spec: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' type: string middlewares: description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' items: description: MiddlewareRef is a reference to a Middleware resource. @@ -77,7 +77,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' type: integer services: description: Services defines the list of Service. It can contain @@ -150,7 +150,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -195,16 +195,16 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -222,15 +222,15 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string required: - name @@ -246,11 +246,11 @@ spec: properties: name: description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string required: - name diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml index 7fed7a23d..7bc51acf2 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -48,7 +48,7 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -71,7 +71,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' type: integer services: description: Services defines the list of TCP services. @@ -103,7 +103,7 @@ spec: x-kubernetes-int-or-string: true proxyProtocol: description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' properties: version: description: Version defines the PROXY Protocol version @@ -134,16 +134,16 @@ spec: type: array tls: description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -161,7 +161,7 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: Name defines the name of the referenced Traefik diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml index 718f73312..d6fd93be3 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml index ad53a5e9a..1299b14d9 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml @@ -18,7 +18,7 @@ spec: schema: openAPIV3Schema: description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -38,7 +38,7 @@ spec: addPrefix: description: 'AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' properties: prefix: description: Prefix is the string to add before the current path @@ -48,11 +48,11 @@ spec: basicAuth: description: 'BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -72,7 +72,7 @@ spec: buffering: description: 'Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' properties: maxRequestBodyBytes: description: 'MaxRequestBodyBytes defines the maximum allowed @@ -105,13 +105,13 @@ spec: retryExpression: description: 'RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' type: string type: object chain: description: 'Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -165,7 +165,7 @@ spec: compress: description: 'Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -199,11 +199,11 @@ spec: digestAuth: description: 'DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -222,7 +222,7 @@ spec: errors: description: 'ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' properties: query: description: Query defines the URL for the error page (hosted @@ -231,7 +231,7 @@ spec: type: string service: description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' properties: kind: description: Kind defines the kind of the Service. @@ -295,7 +295,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -344,7 +344,7 @@ spec: forwardAuth: description: 'ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' properties: address: description: Address defines the authentication server address. @@ -367,7 +367,7 @@ spec: description: 'AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' type: string tls: description: TLS defines the configuration used to secure the @@ -398,7 +398,7 @@ spec: headers: description: 'Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -559,7 +559,7 @@ spec: inFlightReq: description: 'InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' properties: amount: description: Amount defines the maximum amount of allowed simultaneous @@ -573,11 +573,11 @@ spec: group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -605,11 +605,11 @@ spec: ipAllowList: description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -633,12 +633,12 @@ spec: ipWhiteList: description: 'IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ Deprecated: please use IPAllowList instead.' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -662,7 +662,7 @@ spec: passTLSClientCert: description: 'PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' properties: info: description: Info selects the specific client certificate details @@ -769,7 +769,7 @@ spec: rateLimit: description: 'RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' properties: average: description: Average is the maximum rate, by default in requests/s, @@ -802,7 +802,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -830,7 +830,7 @@ spec: redirectRegex: description: 'RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -848,7 +848,7 @@ spec: redirectScheme: description: 'RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -864,7 +864,7 @@ spec: replacePath: description: 'ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' properties: path: description: Path defines the path to use as replacement in the @@ -874,7 +874,7 @@ spec: replacePathRegex: description: 'ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' properties: regex: description: Regex defines the regular expression used to match @@ -890,7 +890,7 @@ spec: middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' properties: attempts: description: Attempts defines how many times the request should @@ -910,7 +910,7 @@ spec: stripPrefix: description: 'StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' properties: forceSlash: description: 'ForceSlash ensures that the resulting stripped path @@ -927,7 +927,7 @@ spec: stripPrefixRegex: description: 'StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' properties: regex: description: Regex defines the regular expression to match the diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml index 025dd2f7b..95912a7c2 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml @@ -18,7 +18,7 @@ spec: schema: openAPIV3Schema: description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -48,7 +48,7 @@ spec: ipAllowList: description: 'IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -60,7 +60,7 @@ spec: ipWhiteList: description: 'IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml index 6d555f91b..3fea058aa 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml @@ -20,7 +20,7 @@ spec: description: 'ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml index a8308332f..7676fcbc5 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml @@ -19,7 +19,7 @@ spec: openAPIV3Schema: description: 'TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -39,13 +39,13 @@ spec: alpnProtocols: description: 'ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' items: type: string type: array cipherSuites: description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' items: type: string type: array @@ -72,7 +72,7 @@ spec: type: object curvePreferences: description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' items: type: string type: array diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml index b5f669621..df54837af 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml @@ -20,7 +20,7 @@ spec: description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml index 431b8d92e..78b78cb9a 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml @@ -19,7 +19,7 @@ spec: openAPIV3Schema: description: 'TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -125,7 +125,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -216,7 +216,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -323,7 +323,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -362,7 +362,7 @@ spec: type: array sticky: description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' properties: cookie: description: Cookie defines the sticky cookie configuration. diff --git a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml index 3b78294f3..67878499c 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -54,11 +54,11 @@ spec: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' type: string middlewares: description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' items: description: MiddlewareRef is a reference to a Middleware resource. @@ -77,7 +77,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' type: integer services: description: Services defines the list of Service. It can contain @@ -150,7 +150,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -195,16 +195,16 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -222,15 +222,15 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string required: - name @@ -246,11 +246,11 @@ spec: properties: name: description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string required: - name diff --git a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml index 6a17c70c5..1fdfe7109 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -48,7 +48,7 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -71,7 +71,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' type: integer services: description: Services defines the list of TCP services. @@ -103,7 +103,7 @@ spec: x-kubernetes-int-or-string: true proxyProtocol: description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' properties: version: description: Version defines the PROXY Protocol version @@ -134,16 +134,16 @@ spec: type: array tls: description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -161,7 +161,7 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: Name defines the name of the referenced Traefik diff --git a/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml index cd30cd43c..a65c27547 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string diff --git a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml index 868a8f3ac..8060217f5 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml @@ -18,7 +18,7 @@ spec: schema: openAPIV3Schema: description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -38,7 +38,7 @@ spec: addPrefix: description: 'AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' properties: prefix: description: Prefix is the string to add before the current path @@ -48,11 +48,11 @@ spec: basicAuth: description: 'BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -72,7 +72,7 @@ spec: buffering: description: 'Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' properties: maxRequestBodyBytes: description: 'MaxRequestBodyBytes defines the maximum allowed @@ -105,13 +105,13 @@ spec: retryExpression: description: 'RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' type: string type: object chain: description: 'Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -165,7 +165,7 @@ spec: compress: description: 'Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -199,11 +199,11 @@ spec: digestAuth: description: 'DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -222,7 +222,7 @@ spec: errors: description: 'ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' properties: query: description: Query defines the URL for the error page (hosted @@ -231,7 +231,7 @@ spec: type: string service: description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' properties: kind: description: Kind defines the kind of the Service. @@ -295,7 +295,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -344,7 +344,7 @@ spec: forwardAuth: description: 'ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' properties: address: description: Address defines the authentication server address. @@ -367,7 +367,7 @@ spec: description: 'AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' type: string tls: description: TLS defines the configuration used to secure the @@ -398,7 +398,7 @@ spec: headers: description: 'Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -559,7 +559,7 @@ spec: inFlightReq: description: 'InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' properties: amount: description: Amount defines the maximum amount of allowed simultaneous @@ -573,11 +573,11 @@ spec: group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -605,11 +605,11 @@ spec: ipAllowList: description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -633,12 +633,12 @@ spec: ipWhiteList: description: 'IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ Deprecated: please use IPAllowList instead.' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -662,7 +662,7 @@ spec: passTLSClientCert: description: 'PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' properties: info: description: Info selects the specific client certificate details @@ -769,7 +769,7 @@ spec: rateLimit: description: 'RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' properties: average: description: Average is the maximum rate, by default in requests/s, @@ -802,7 +802,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -830,7 +830,7 @@ spec: redirectRegex: description: 'RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -848,7 +848,7 @@ spec: redirectScheme: description: 'RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -864,7 +864,7 @@ spec: replacePath: description: 'ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' properties: path: description: Path defines the path to use as replacement in the @@ -874,7 +874,7 @@ spec: replacePathRegex: description: 'ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' properties: regex: description: Regex defines the regular expression used to match @@ -890,7 +890,7 @@ spec: middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' properties: attempts: description: Attempts defines how many times the request should @@ -910,7 +910,7 @@ spec: stripPrefix: description: 'StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' properties: forceSlash: description: 'ForceSlash ensures that the resulting stripped path @@ -927,7 +927,7 @@ spec: stripPrefixRegex: description: 'StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' properties: regex: description: Regex defines the regular expression to match the diff --git a/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml index 3439ea445..e393b6c35 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml @@ -18,7 +18,7 @@ spec: schema: openAPIV3Schema: description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -48,7 +48,7 @@ spec: ipAllowList: description: 'IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -60,7 +60,7 @@ spec: ipWhiteList: description: 'IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml b/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml index 01bf9758c..3fe6f987e 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml @@ -20,7 +20,7 @@ spec: description: 'ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml index 754eb0339..5f6341b70 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml @@ -19,7 +19,7 @@ spec: openAPIV3Schema: description: 'TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -39,13 +39,13 @@ spec: alpnProtocols: description: 'ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' items: type: string type: array cipherSuites: description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' items: type: string type: array @@ -72,7 +72,7 @@ spec: type: object curvePreferences: description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' items: type: string type: array diff --git a/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml b/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml index f9b03d99b..bda4fe94f 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml @@ -20,7 +20,7 @@ spec: description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml b/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml index 187d1d1c6..64aca355c 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml @@ -19,7 +19,7 @@ spec: openAPIV3Schema: description: 'TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -125,7 +125,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -216,7 +216,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -323,7 +323,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -362,7 +362,7 @@ spec: type: array sticky: description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' properties: cookie: description: Cookie defines the sticky cookie configuration. diff --git a/docs/content/routing/providers/kubernetes-crd.md b/docs/content/routing/providers/kubernetes-crd.md index 17f8bf8e5..98963bd09 100644 --- a/docs/content/routing/providers/kubernetes-crd.md +++ b/docs/content/routing/providers/kubernetes-crd.md @@ -48,7 +48,7 @@ The Kubernetes Ingress Controller, The Custom Resource Way. serviceAccountName: traefik-ingress-controller containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --log.level=DEBUG - --api diff --git a/docs/content/routing/providers/kubernetes-ingress.md b/docs/content/routing/providers/kubernetes-ingress.md index 9156cc67e..65730bc91 100644 --- a/docs/content/routing/providers/kubernetes-ingress.md +++ b/docs/content/routing/providers/kubernetes-ingress.md @@ -147,7 +147,7 @@ which in turn will create the resulting routers, services, handlers, etc. serviceAccountName: traefik-ingress-controller containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --entrypoints.web.address=:80 - --providers.kubernetesingress @@ -550,7 +550,7 @@ This way, any Ingress attached to this Entrypoint will have TLS termination by d serviceAccountName: traefik-ingress-controller containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --entrypoints.websecure.address=:443 - --entrypoints.websecure.http.tls @@ -760,7 +760,7 @@ For more options, please refer to the available [annotations](#on-ingress). serviceAccountName: traefik-ingress-controller containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --entrypoints.websecure.address=:443 - --providers.kubernetesingress diff --git a/docs/content/user-guides/crd-acme/03-deployments.yml b/docs/content/user-guides/crd-acme/03-deployments.yml index 81e806bd9..55cff5009 100644 --- a/docs/content/user-guides/crd-acme/03-deployments.yml +++ b/docs/content/user-guides/crd-acme/03-deployments.yml @@ -26,7 +26,7 @@ spec: serviceAccountName: traefik-ingress-controller containers: - name: traefik - image: traefik:v2.10 + image: traefik:v2.11 args: - --api.insecure - --accesslog diff --git a/docs/content/user-guides/crd-acme/index.md b/docs/content/user-guides/crd-acme/index.md index d75e42e7b..c291675f7 100644 --- a/docs/content/user-guides/crd-acme/index.md +++ b/docs/content/user-guides/crd-acme/index.md @@ -49,10 +49,10 @@ and the RBAC authorization resources which will be referenced through the `servi ```bash # Install Traefik Resource Definitions: -kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml # Install RBAC for Traefik: -kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml +kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml ``` ### Services @@ -60,7 +60,7 @@ kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/co Then, the services. One for Traefik itself, and one for the app it routes for, i.e. in this case our demo HTTP server: [whoami](https://github.com/traefik/whoami). ```bash -kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/user-guides/crd-acme/02-services.yml +kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/user-guides/crd-acme/02-services.yml ``` ```yaml @@ -73,7 +73,7 @@ Next, the deployments, i.e. the actual pods behind the services. Again, one pod for Traefik, and one for the whoami app. ```bash -kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/user-guides/crd-acme/03-deployments.yml +kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/user-guides/crd-acme/03-deployments.yml ``` ```yaml @@ -100,7 +100,7 @@ Look it up. We can now finally apply the actual ingressRoutes, with: ```bash -kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/user-guides/crd-acme/04-ingressroutes.yml +kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/user-guides/crd-acme/04-ingressroutes.yml ``` ```yaml @@ -126,7 +126,7 @@ Nowadays, TLS v1.0 and v1.1 are deprecated. In order to force TLS v1.2 or later on all your IngressRoute, you can define the `default` TLSOption: ```bash -kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/user-guides/crd-acme/05-tlsoption.yml +kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.11/docs/content/user-guides/crd-acme/05-tlsoption.yml ``` ```yaml diff --git a/docs/content/user-guides/crd-acme/k3s.yml b/docs/content/user-guides/crd-acme/k3s.yml index 71f4b7158..84c989499 100644 --- a/docs/content/user-guides/crd-acme/k3s.yml +++ b/docs/content/user-guides/crd-acme/k3s.yml @@ -26,5 +26,5 @@ node: - K3S_CLUSTER_SECRET=somethingtotallyrandom volumes: # this is where you would place a alternative traefik image (saved as a .tar file with - # 'docker save'), if you want to use it, instead of the traefik:v2.10 image. + # 'docker save'), if you want to use it, instead of the traefik:v2.11 image. - /somewhere/on/your/host/custom-image:/var/lib/rancher/k3s/agent/images diff --git a/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml b/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml index 1e69fdb9e..13beb1e9e 100644 --- a/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml +++ b/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml @@ -3,7 +3,7 @@ version: "3.3" services: traefik: - image: "traefik:v2.10" + image: "traefik:v2.11" container_name: "traefik" command: #- "--log.level=DEBUG" diff --git a/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml b/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml index f2b7dd0f3..c98f67b67 100644 --- a/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml +++ b/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml @@ -13,7 +13,7 @@ secrets: services: traefik: - image: "traefik:v2.10" + image: "traefik:v2.11" container_name: "traefik" command: #- "--log.level=DEBUG" diff --git a/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml b/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml index 249356bda..d4db80f53 100644 --- a/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml +++ b/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml @@ -3,7 +3,7 @@ version: "3.3" services: traefik: - image: "traefik:v2.10" + image: "traefik:v2.11" container_name: "traefik" command: #- "--log.level=DEBUG" diff --git a/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml b/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml index 008b7610f..7e9bec323 100644 --- a/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml +++ b/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml @@ -3,7 +3,7 @@ version: "3.3" services: traefik: - image: "traefik:v2.10" + image: "traefik:v2.11" container_name: "traefik" command: #- "--log.level=DEBUG" diff --git a/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml b/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml index b93afdd3a..c040750cd 100644 --- a/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml +++ b/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml @@ -3,7 +3,7 @@ version: "3.3" services: traefik: - image: "traefik:v2.10" + image: "traefik:v2.11" container_name: "traefik" command: #- "--log.level=DEBUG" diff --git a/docs/content/user-guides/docker-compose/basic-example/index.md b/docs/content/user-guides/docker-compose/basic-example/index.md index 65b5e3d7a..4efef3bcb 100644 --- a/docs/content/user-guides/docker-compose/basic-example/index.md +++ b/docs/content/user-guides/docker-compose/basic-example/index.md @@ -31,7 +31,7 @@ Create a `docker-compose.yml` file with the following content: services: traefik: - image: "traefik:v2.10" + image: "traefik:v2.11" ... networks: - traefiknet diff --git a/integration/fixtures/k8s/01-traefik-crd.yml b/integration/fixtures/k8s/01-traefik-crd.yml index 960f98fe7..d92afbe86 100644 --- a/integration/fixtures/k8s/01-traefik-crd.yml +++ b/integration/fixtures/k8s/01-traefik-crd.yml @@ -37,7 +37,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -54,11 +54,11 @@ spec: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' type: string middlewares: description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' items: description: MiddlewareRef is a reference to a Middleware resource. @@ -77,7 +77,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' type: integer services: description: Services defines the list of Service. It can contain @@ -150,7 +150,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -195,16 +195,16 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -222,15 +222,15 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string required: - name @@ -246,11 +246,11 @@ spec: properties: name: description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string required: - name @@ -304,7 +304,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -315,7 +315,7 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -338,7 +338,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' type: integer services: description: Services defines the list of TCP services. @@ -370,7 +370,7 @@ spec: x-kubernetes-int-or-string: true proxyProtocol: description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' properties: version: description: Version defines the PROXY Protocol version @@ -401,16 +401,16 @@ spec: type: array tls: description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -428,7 +428,7 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: Name defines the name of the referenced Traefik @@ -514,7 +514,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -592,7 +592,7 @@ spec: schema: openAPIV3Schema: description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -612,7 +612,7 @@ spec: addPrefix: description: 'AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' properties: prefix: description: Prefix is the string to add before the current path @@ -622,11 +622,11 @@ spec: basicAuth: description: 'BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -646,7 +646,7 @@ spec: buffering: description: 'Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' properties: maxRequestBodyBytes: description: 'MaxRequestBodyBytes defines the maximum allowed @@ -679,13 +679,13 @@ spec: retryExpression: description: 'RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' type: string type: object chain: description: 'Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -739,7 +739,7 @@ spec: compress: description: 'Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -773,11 +773,11 @@ spec: digestAuth: description: 'DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -796,7 +796,7 @@ spec: errors: description: 'ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' properties: query: description: Query defines the URL for the error page (hosted @@ -805,7 +805,7 @@ spec: type: string service: description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' properties: kind: description: Kind defines the kind of the Service. @@ -869,7 +869,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -918,7 +918,7 @@ spec: forwardAuth: description: 'ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' properties: address: description: Address defines the authentication server address. @@ -941,7 +941,7 @@ spec: description: 'AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' type: string tls: description: TLS defines the configuration used to secure the @@ -972,7 +972,7 @@ spec: headers: description: 'Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -1133,7 +1133,7 @@ spec: inFlightReq: description: 'InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' properties: amount: description: Amount defines the maximum amount of allowed simultaneous @@ -1147,11 +1147,11 @@ spec: group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1179,11 +1179,11 @@ spec: ipAllowList: description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1207,12 +1207,12 @@ spec: ipWhiteList: description: 'IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ Deprecated: please use IPAllowList instead.' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1236,7 +1236,7 @@ spec: passTLSClientCert: description: 'PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' properties: info: description: Info selects the specific client certificate details @@ -1343,7 +1343,7 @@ spec: rateLimit: description: 'RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' properties: average: description: Average is the maximum rate, by default in requests/s, @@ -1376,7 +1376,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1404,7 +1404,7 @@ spec: redirectRegex: description: 'RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1422,7 +1422,7 @@ spec: redirectScheme: description: 'RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1438,7 +1438,7 @@ spec: replacePath: description: 'ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' properties: path: description: Path defines the path to use as replacement in the @@ -1448,7 +1448,7 @@ spec: replacePathRegex: description: 'ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' properties: regex: description: Regex defines the regular expression used to match @@ -1464,7 +1464,7 @@ spec: middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' properties: attempts: description: Attempts defines how many times the request should @@ -1484,7 +1484,7 @@ spec: stripPrefix: description: 'StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' properties: forceSlash: description: 'ForceSlash ensures that the resulting stripped path @@ -1501,7 +1501,7 @@ spec: stripPrefixRegex: description: 'StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' properties: regex: description: Regex defines the regular expression to match the @@ -1537,7 +1537,7 @@ spec: schema: openAPIV3Schema: description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1567,7 +1567,7 @@ spec: ipAllowList: description: 'IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1579,7 +1579,7 @@ spec: ipWhiteList: description: 'IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1617,7 +1617,7 @@ spec: description: 'ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1736,7 +1736,7 @@ spec: openAPIV3Schema: description: 'TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1756,13 +1756,13 @@ spec: alpnProtocols: description: 'ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' items: type: string type: array cipherSuites: description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' items: type: string type: array @@ -1789,7 +1789,7 @@ spec: type: object curvePreferences: description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' items: type: string type: array @@ -1842,7 +1842,7 @@ spec: description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1932,7 +1932,7 @@ spec: openAPIV3Schema: description: 'TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -2038,7 +2038,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2129,7 +2129,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2236,7 +2236,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2275,7 +2275,7 @@ spec: type: array sticky: description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2344,7 +2344,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -2361,11 +2361,11 @@ spec: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' type: string middlewares: description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' items: description: MiddlewareRef is a reference to a Middleware resource. @@ -2384,7 +2384,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' type: integer services: description: Services defines the list of Service. It can contain @@ -2457,7 +2457,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2502,16 +2502,16 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -2529,15 +2529,15 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' type: string required: - name @@ -2553,11 +2553,11 @@ spec: properties: name: description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string namespace: description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' type: string required: - name @@ -2611,7 +2611,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -2622,7 +2622,7 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -2645,7 +2645,7 @@ spec: type: array priority: description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' type: integer services: description: Services defines the list of TCP services. @@ -2677,7 +2677,7 @@ spec: x-kubernetes-int-or-string: true proxyProtocol: description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' properties: version: description: Version defines the PROXY Protocol version @@ -2708,16 +2708,16 @@ spec: type: array tls: description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' properties: certResolver: description: 'CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' type: string domains: description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' items: description: Domain holds a domain name with SANs. properties: @@ -2735,7 +2735,7 @@ spec: options: description: 'Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: name: description: Name defines the name of the referenced Traefik @@ -2821,7 +2821,7 @@ spec: entryPoints: description: 'EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ Default: all.' items: type: string @@ -2899,7 +2899,7 @@ spec: schema: openAPIV3Schema: description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -2919,7 +2919,7 @@ spec: addPrefix: description: 'AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' properties: prefix: description: Prefix is the string to add before the current path @@ -2929,11 +2929,11 @@ spec: basicAuth: description: 'BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -2953,7 +2953,7 @@ spec: buffering: description: 'Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' properties: maxRequestBodyBytes: description: 'MaxRequestBodyBytes defines the maximum allowed @@ -2986,13 +2986,13 @@ spec: retryExpression: description: 'RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' type: string type: object chain: description: 'Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -3046,7 +3046,7 @@ spec: compress: description: 'Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -3080,11 +3080,11 @@ spec: digestAuth: description: 'DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' properties: headerField: description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' type: string realm: description: 'Realm allows the protected resources on a server @@ -3103,7 +3103,7 @@ spec: errors: description: 'ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' properties: query: description: Query defines the URL for the error page (hosted @@ -3112,7 +3112,7 @@ spec: type: string service: description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' properties: kind: description: Kind defines the kind of the Service. @@ -3176,7 +3176,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -3225,7 +3225,7 @@ spec: forwardAuth: description: 'ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' properties: address: description: Address defines the authentication server address. @@ -3248,7 +3248,7 @@ spec: description: 'AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' type: string tls: description: TLS defines the configuration used to secure the @@ -3279,7 +3279,7 @@ spec: headers: description: 'Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -3440,7 +3440,7 @@ spec: inFlightReq: description: 'InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' properties: amount: description: Amount defines the maximum amount of allowed simultaneous @@ -3454,11 +3454,11 @@ spec: group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3486,11 +3486,11 @@ spec: ipAllowList: description: 'IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3514,12 +3514,12 @@ spec: ipWhiteList: description: 'IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ Deprecated: please use IPAllowList instead.' properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3543,7 +3543,7 @@ spec: passTLSClientCert: description: 'PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' properties: info: description: Info selects the specific client certificate details @@ -3650,7 +3650,7 @@ spec: rateLimit: description: 'RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' properties: average: description: Average is the maximum rate, by default in requests/s, @@ -3683,7 +3683,7 @@ spec: properties: ipStrategy: description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy' + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3711,7 +3711,7 @@ spec: redirectRegex: description: 'RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3729,7 +3729,7 @@ spec: redirectScheme: description: 'RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3745,7 +3745,7 @@ spec: replacePath: description: 'ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' properties: path: description: Path defines the path to use as replacement in the @@ -3755,7 +3755,7 @@ spec: replacePathRegex: description: 'ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' properties: regex: description: Regex defines the regular expression used to match @@ -3771,7 +3771,7 @@ spec: middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' properties: attempts: description: Attempts defines how many times the request should @@ -3791,7 +3791,7 @@ spec: stripPrefix: description: 'StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' properties: forceSlash: description: 'ForceSlash ensures that the resulting stripped path @@ -3808,7 +3808,7 @@ spec: stripPrefixRegex: description: 'StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' properties: regex: description: Regex defines the regular expression to match the @@ -3844,7 +3844,7 @@ spec: schema: openAPIV3Schema: description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -3874,7 +3874,7 @@ spec: ipAllowList: description: 'IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/' + IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3886,7 +3886,7 @@ spec: ipWhiteList: description: 'IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/' + IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3924,7 +3924,7 @@ spec: description: 'ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4043,7 +4043,7 @@ spec: openAPIV3Schema: description: 'TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4063,13 +4063,13 @@ spec: alpnProtocols: description: 'ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' items: type: string type: array cipherSuites: description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' items: type: string type: array @@ -4096,7 +4096,7 @@ spec: type: object curvePreferences: description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' items: type: string type: array @@ -4149,7 +4149,7 @@ spec: description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4239,7 +4239,7 @@ spec: openAPIV3Schema: description: 'TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4345,7 +4345,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4436,7 +4436,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4543,7 +4543,7 @@ spec: type: string sticky: description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4582,7 +4582,7 @@ spec: type: array sticky: description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' properties: cookie: description: Cookie defines the sticky cookie configuration. diff --git a/pkg/config/dynamic/middlewares.go b/pkg/config/dynamic/middlewares.go index 714c459a6..391f22de4 100644 --- a/pkg/config/dynamic/middlewares.go +++ b/pkg/config/dynamic/middlewares.go @@ -56,7 +56,7 @@ type ContentType struct { // AddPrefix holds the add prefix middleware configuration. // This middleware updates the path of a request before forwarding it. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ type AddPrefix struct { // Prefix is the string to add before the current path in the requested URL. // It should include a leading slash (/). @@ -67,7 +67,7 @@ type AddPrefix struct { // BasicAuth holds the basic auth middleware configuration. // This middleware restricts access to your services to known users. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ type BasicAuth struct { // Users is an array of authorized users. // Each user must be declared using the name:hashed-password format. @@ -82,7 +82,7 @@ type BasicAuth struct { // Default: false. RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"` // HeaderField defines a header field to store the authenticated user. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"` } @@ -90,7 +90,7 @@ type BasicAuth struct { // Buffering holds the buffering middleware configuration. // This middleware retries or limits the size of requests that can be forwarded to backends. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes type Buffering struct { // MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). // If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. @@ -108,7 +108,7 @@ type Buffering struct { MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"` // RetryExpression defines the retry conditions. // It is a logical combination of functions with operators AND (&&) and OR (||). - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"` } @@ -125,7 +125,7 @@ type Chain struct { // CircuitBreaker holds the circuit breaker middleware configuration. // This middleware protects the system from stacking requests to unhealthy services, resulting in cascading failures. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/circuitbreaker/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/circuitbreaker/ type CircuitBreaker struct { // Expression defines the expression that, once matched, opens the circuit breaker and applies the fallback mechanism instead of calling the services. Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"` @@ -148,7 +148,7 @@ func (c *CircuitBreaker) SetDefaults() { // Compress holds the compress middleware configuration. // This middleware compresses responses before sending them to the client, using gzip compression. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ type Compress struct { // ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing. ExcludedContentTypes []string `json:"excludedContentTypes,omitempty" toml:"excludedContentTypes,omitempty" yaml:"excludedContentTypes,omitempty" export:"true"` @@ -161,7 +161,7 @@ type Compress struct { // DigestAuth holds the digest auth middleware configuration. // This middleware restricts access to your services to known users. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ type DigestAuth struct { // Users defines the authorized users. // Each user should be declared using the name:realm:encoded-password format. @@ -174,7 +174,7 @@ type DigestAuth struct { // Default: traefik. Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"` // HeaderField defines a header field to store the authenticated user. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"` } @@ -200,7 +200,7 @@ type ErrorPage struct { // ForwardAuth holds the forward auth middleware configuration. // This middleware delegates the request authentication to a Service. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ type ForwardAuth struct { // Address defines the authentication server address. Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"` @@ -211,7 +211,7 @@ type ForwardAuth struct { // AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers. AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"` // AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"` // AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. // If not set or empty then all request headers are passed. @@ -222,7 +222,7 @@ type ForwardAuth struct { // Headers holds the headers middleware configuration. // This middleware manages the requests and responses headers. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders type Headers struct { // CustomRequestHeaders defines the header names and values to apply to the request. CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"` @@ -347,7 +347,7 @@ func (h *Headers) HasSecureHeadersDefined() bool { // +k8s:deepcopy-gen=true // IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/#ipstrategy +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy type IPStrategy struct { // Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right). Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"` @@ -388,7 +388,7 @@ func (s *IPStrategy) Get() (ip.Strategy, error) { // IPWhiteList holds the IP whitelist middleware configuration. // This middleware accepts / refuses requests based on the client IP. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ // Deprecated: please use IPAllowList instead. type IPWhiteList struct { // SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). @@ -400,7 +400,7 @@ type IPWhiteList struct { // IPAllowList holds the IP allowlist middleware configuration. // This middleware accepts / refuses requests based on the client IP. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipallowlist/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ type IPAllowList struct { // SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"` @@ -411,7 +411,7 @@ type IPAllowList struct { // InFlightReq holds the in-flight request middleware configuration. // This middleware limits the number of requests being processed and served concurrently. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ type InFlightReq struct { // Amount defines the maximum amount of allowed simultaneous in-flight request. // The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). @@ -419,7 +419,7 @@ type InFlightReq struct { // SourceCriterion defines what criterion is used to group requests as originating from a common source. // If several strategies are defined at the same time, an error will be raised. // If none are set, the default is to use the requestHost. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"` } @@ -427,7 +427,7 @@ type InFlightReq struct { // PassTLSClientCert holds the pass TLS client cert middleware configuration. // This middleware adds the selected data from the passed client TLS certificate to a header. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ type PassTLSClientCert struct { // PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate. PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"` @@ -483,7 +483,7 @@ func (r *RateLimit) SetDefaults() { // RedirectRegex holds the redirect regex middleware configuration. // This middleware redirects a request using regex matching and replacement. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex type RedirectRegex struct { // Regex defines the regex used to match and capture elements from the request URL. Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"` @@ -497,7 +497,7 @@ type RedirectRegex struct { // RedirectScheme holds the redirect scheme middleware configuration. // This middleware redirects requests from a scheme/port to another. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ type RedirectScheme struct { // Scheme defines the scheme of the new URL. Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"` @@ -511,7 +511,7 @@ type RedirectScheme struct { // ReplacePath holds the replace path middleware configuration. // This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ type ReplacePath struct { // Path defines the path to use as replacement in the request URL. Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"` @@ -521,7 +521,7 @@ type ReplacePath struct { // ReplacePathRegex holds the replace path regex middleware configuration. // This middleware replaces the path of a URL using regex matching and replacement. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ type ReplacePathRegex struct { // Regex defines the regular expression used to match and capture the path from the request URL. Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"` @@ -534,7 +534,7 @@ type ReplacePathRegex struct { // Retry holds the retry middleware configuration. // This middleware reissues requests a given number of times to a backend server if that server does not reply. // As soon as the server answers, the middleware stops retrying, regardless of the response status. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ type Retry struct { // Attempts defines how many times the request should be retried. Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"` @@ -550,7 +550,7 @@ type Retry struct { // StripPrefix holds the strip prefix middleware configuration. // This middleware removes the specified prefixes from the URL path. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ type StripPrefix struct { // Prefixes defines the prefixes to strip from the request URL. Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"` @@ -568,7 +568,7 @@ func (s *StripPrefix) SetDefaults() { // StripPrefixRegex holds the strip prefix regex middleware configuration. // This middleware removes the matching prefixes from the URL path. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ type StripPrefixRegex struct { // Regex defines the regular expression to match the path prefix from the request URL. Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"` diff --git a/pkg/config/dynamic/tcp_config.go b/pkg/config/dynamic/tcp_config.go index 2bd871d02..0403125bb 100644 --- a/pkg/config/dynamic/tcp_config.go +++ b/pkg/config/dynamic/tcp_config.go @@ -114,7 +114,7 @@ type TCPServer struct { // +k8s:deepcopy-gen=true // ProxyProtocol holds the PROXY Protocol configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol type ProxyProtocol struct { // Version defines the PROXY Protocol version to use. Version int `json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"` diff --git a/pkg/config/dynamic/tcp_middlewares.go b/pkg/config/dynamic/tcp_middlewares.go index f4052cd82..bf6dbdb25 100644 --- a/pkg/config/dynamic/tcp_middlewares.go +++ b/pkg/config/dynamic/tcp_middlewares.go @@ -14,7 +14,7 @@ type TCPMiddleware struct { // TCPInFlightConn holds the TCP InFlightConn middleware configuration. // This middleware prevents services from being overwhelmed with high load, // by limiting the number of allowed simultaneous connections for one IP. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/inflightconn/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/inflightconn/ type TCPInFlightConn struct { // Amount defines the maximum amount of allowed simultaneous connections. // The middleware closes the connection if there are already amount connections opened. diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroute.go index 27df9c505..ec86b458e 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroute.go @@ -13,72 +13,72 @@ type IngressRouteSpec struct { Routes []Route `json:"routes"` // EntryPoints defines the list of entry point names to bind to. // Entry points have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + // More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ // Default: all. EntryPoints []string `json:"entryPoints,omitempty"` // TLS defines the TLS configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls TLS *TLS `json:"tls,omitempty"` } // Route holds the HTTP route configuration. type Route struct { // Match defines the router's rule. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule Match string `json:"match"` // Kind defines the kind of the route. // Rule is the only supported kind. // +kubebuilder:validation:Enum=Rule Kind string `json:"kind"` // Priority defines the router's priority. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority Priority int `json:"priority,omitempty"` // Services defines the list of Service. // It can contain any combination of TraefikService and/or reference to a Kubernetes Service. Services []Service `json:"services,omitempty"` // Middlewares defines the list of references to Middleware resources. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware Middlewares []MiddlewareRef `json:"middlewares,omitempty"` } // TLS holds the TLS configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls +// More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls type TLS struct { // SecretName is the name of the referenced Kubernetes Secret to specify the certificate details. SecretName string `json:"secretName,omitempty"` // Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. // If not defined, the `default` TLSOption is used. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options Options *TLSOptionRef `json:"options,omitempty"` // Store defines the reference to the TLSStore, that will be used to store certificates. // Please note that only `default` TLSStore can be used. Store *TLSStoreRef `json:"store,omitempty"` // CertResolver defines the name of the certificate resolver to use. // Cert resolvers have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers + // More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers CertResolver string `json:"certResolver,omitempty"` // Domains defines the list of domains that will be used to issue certificates. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains Domains []types.Domain `json:"domains,omitempty"` } // TLSOptionRef is a reference to a TLSOption resource. type TLSOptionRef struct { // Name defines the name of the referenced TLSOption. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption Name string `json:"name"` // Namespace defines the namespace of the referenced TLSOption. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption Namespace string `json:"namespace,omitempty"` } // TLSStoreRef is a reference to a TLSStore resource. type TLSStoreRef struct { // Name defines the name of the referenced TLSStore. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore Name string `json:"name"` // Namespace defines the namespace of the referenced TLSStore. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore Namespace string `json:"namespace,omitempty"` } @@ -95,7 +95,7 @@ type LoadBalancerSpec struct { // Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. Namespace string `json:"namespace,omitempty"` // Sticky defines the sticky sessions configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions + // More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions Sticky *dynamic.Sticky `json:"sticky,omitempty"` // Port defines the port of a Kubernetes Service. // This can be a reference to a named port. diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroutetcp.go index acc3c94e7..17cd2f77a 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressroutetcp.go @@ -13,21 +13,21 @@ type IngressRouteTCPSpec struct { Routes []RouteTCP `json:"routes"` // EntryPoints defines the list of entry point names to bind to. // Entry points have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + // More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ // Default: all. EntryPoints []string `json:"entryPoints,omitempty"` // TLS defines the TLS configuration on a layer 4 / TCP Route. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1 + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 TLS *TLSTCP `json:"tls,omitempty"` } // RouteTCP holds the TCP route configuration. type RouteTCP struct { // Match defines the router's rule. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1 + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 Match string `json:"match"` // Priority defines the router's priority. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1 + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 Priority int `json:"priority,omitempty"` // Services defines the list of TCP services. Services []ServiceTCP `json:"services,omitempty"` @@ -36,7 +36,7 @@ type RouteTCP struct { } // TLSTCP holds the TLS configuration for an IngressRouteTCP. -// More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1 +// More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 type TLSTCP struct { // SecretName is the name of the referenced Kubernetes Secret to specify the certificate details. SecretName string `json:"secretName,omitempty"` @@ -44,17 +44,17 @@ type TLSTCP struct { Passthrough bool `json:"passthrough,omitempty"` // Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. // If not defined, the `default` TLSOption is used. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options Options *ObjectReference `json:"options,omitempty"` // Store defines the reference to the TLSStore, that will be used to store certificates. // Please note that only `default` TLSStore can be used. Store *ObjectReference `json:"store,omitempty"` // CertResolver defines the name of the certificate resolver to use. // Cert resolvers have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers + // More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers CertResolver string `json:"certResolver,omitempty"` // Domains defines the list of domains that will be used to issue certificates. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains Domains []types.Domain `json:"domains,omitempty"` } @@ -76,7 +76,7 @@ type ServiceTCP struct { // A negative value means an infinite deadline (i.e. the reading capability is never closed). TerminationDelay *int `json:"terminationDelay,omitempty"` // ProxyProtocol defines the PROXY protocol configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol + // More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"` // NativeLB controls, when creating the load-balancer, // whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressrouteudp.go index 84dd9b652..4c7c0dd5c 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/ingressrouteudp.go @@ -11,7 +11,7 @@ type IngressRouteUDPSpec struct { Routes []RouteUDP `json:"routes"` // EntryPoints defines the list of entry point names to bind to. // Entry points have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + // More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ // Default: all. EntryPoints []string `json:"entryPoints,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go index 65b969540..21c1e3cfb 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middleware.go @@ -12,7 +12,7 @@ import ( // +kubebuilder:storageversion // Middleware is the CRD implementation of a Traefik Middleware. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ type Middleware struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -58,7 +58,7 @@ type MiddlewareSpec struct { // ErrorPage holds the custom error middleware configuration. // This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ type ErrorPage struct { // Status defines which status or range of statuses should result in an error page. // It can be either a status code as a number (500), @@ -67,7 +67,7 @@ type ErrorPage struct { // or a combination of the two (404,418,500-599). Status []string `json:"status,omitempty"` // Service defines the reference to a Kubernetes Service that will serve the error page. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service Service Service `json:"service,omitempty"` // Query defines the URL for the error page (hosted by service). // The {status} variable can be used in order to insert the status code in the URL. @@ -92,7 +92,7 @@ type CircuitBreaker struct { // Chain holds the configuration of the chain middleware. // This middleware enables to define reusable combinations of other pieces of middleware. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ type Chain struct { // Middlewares is the list of MiddlewareRef which composes the chain. Middlewares []MiddlewareRef `json:"middlewares,omitempty"` @@ -102,7 +102,7 @@ type Chain struct { // BasicAuth holds the basic auth middleware configuration. // This middleware restricts access to your services to known users. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ type BasicAuth struct { // Secret is the name of the referenced Kubernetes Secret containing user credentials. Secret string `json:"secret,omitempty"` @@ -113,7 +113,7 @@ type BasicAuth struct { // Default: false. RemoveHeader bool `json:"removeHeader,omitempty"` // HeaderField defines a header field to store the authenticated user. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield HeaderField string `json:"headerField,omitempty"` } @@ -121,7 +121,7 @@ type BasicAuth struct { // DigestAuth holds the digest auth middleware configuration. // This middleware restricts access to your services to known users. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ type DigestAuth struct { // Secret is the name of the referenced Kubernetes Secret containing user credentials. Secret string `json:"secret,omitempty"` @@ -131,7 +131,7 @@ type DigestAuth struct { // Default: traefik. Realm string `json:"realm,omitempty"` // HeaderField defines a header field to store the authenticated user. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield HeaderField string `json:"headerField,omitempty"` } @@ -139,7 +139,7 @@ type DigestAuth struct { // ForwardAuth holds the forward auth middleware configuration. // This middleware delegates the request authentication to a Service. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ type ForwardAuth struct { // Address defines the authentication server address. Address string `json:"address,omitempty"` @@ -148,7 +148,7 @@ type ForwardAuth struct { // AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers. AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"` // AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"` // AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. // If not set or empty then all request headers are passed. @@ -174,7 +174,7 @@ type ClientTLS struct { // RateLimit holds the rate limit configuration. // This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ type RateLimit struct { // Average is the maximum rate, by default in requests/s, allowed for the given source. // It defaults to 0, which means no rate limiting. @@ -198,7 +198,7 @@ type RateLimit struct { // Retry holds the retry middleware configuration. // This middleware reissues requests a given number of times to a backend server if that server does not reply. // As soon as the server answers, the middleware stops retrying, regardless of the response status. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ type Retry struct { // Attempts defines how many times the request should be retried. Attempts int `json:"attempts,omitempty"` diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go index 923c3d404..82c126687 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/middlewaretcp.go @@ -9,7 +9,7 @@ import ( // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ type MiddlewareTCP struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -28,11 +28,11 @@ type MiddlewareTCPSpec struct { // IPWhiteList defines the IPWhiteList middleware configuration. // This middleware accepts/refuses connections based on the client IP. // Deprecated: please use IPAllowList instead. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/ + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"` // IPAllowList defines the IPAllowList middleware configuration. // This middleware accepts/refuses connections based on the client IP. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/ + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/serverstransport.go index be4d9decb..e36f2b285 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/serverstransport.go @@ -12,7 +12,7 @@ import ( // ServersTransport is the CRD implementation of a ServersTransport. // If no serversTransport is specified, the default@internal will be used. // The default@internal serversTransport is created from the static configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1 +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 type ServersTransport struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/service.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/service.go index b14625897..6ea8b492c 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/service.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/service.go @@ -13,7 +13,7 @@ import ( // TraefikService object allows to: // - Apply weight to Services on load-balancing // - Mirror traffic on services -// More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice +// More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice type TraefikService struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -49,7 +49,7 @@ type TraefikServiceSpec struct { // +k8s:deepcopy-gen=true // Mirroring holds the mirroring service configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#mirroring-service +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#mirroring-service type Mirroring struct { LoadBalancerSpec `json:",inline"` @@ -75,11 +75,11 @@ type MirrorService struct { // +k8s:deepcopy-gen=true // WeightedRoundRobin holds the weighted round-robin configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#weighted-round-robin-service +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#weighted-round-robin-service type WeightedRoundRobin struct { // Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight. Services []Service `json:"services,omitempty"` // Sticky defines whether sticky sessions are enabled. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing Sticky *dynamic.Sticky `json:"sticky,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go index 996e36a94..0e6e2274d 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go @@ -9,7 +9,7 @@ import ( // +kubebuilder:storageversion // TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. -// More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options +// More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options type TLSOption struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -32,10 +32,10 @@ type TLSOptionSpec struct { // Default: None. MaxVersion string `json:"maxVersion,omitempty"` // CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites CipherSuites []string `json:"cipherSuites,omitempty"` // CurvePreferences defines the preferred elliptic curves in a specific order. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences CurvePreferences []string `json:"curvePreferences,omitempty"` // ClientAuth defines the server's policy for TLS Client Authentication. ClientAuth ClientAuth `json:"clientAuth,omitempty"` @@ -46,7 +46,7 @@ type TLSOptionSpec struct { // Deprecated: https://github.com/golang/go/issues/45430 PreferServerCipherSuites bool `json:"preferServerCipherSuites,omitempty"` // ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols ALPNProtocols []string `json:"alpnProtocols,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsstore.go index 082dbc5b1..c6f5d293a 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsstore.go @@ -12,7 +12,7 @@ import ( // TLSStore is the CRD implementation of a Traefik TLS Store. // For the time being, only the TLSStore named default is supported. // This means that you cannot have two stores that are named default in different Kubernetes namespaces. -// More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores +// More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores type TLSStore struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroute.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroute.go index 27df9c505..ec86b458e 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroute.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroute.go @@ -13,72 +13,72 @@ type IngressRouteSpec struct { Routes []Route `json:"routes"` // EntryPoints defines the list of entry point names to bind to. // Entry points have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + // More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ // Default: all. EntryPoints []string `json:"entryPoints,omitempty"` // TLS defines the TLS configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls TLS *TLS `json:"tls,omitempty"` } // Route holds the HTTP route configuration. type Route struct { // Match defines the router's rule. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule Match string `json:"match"` // Kind defines the kind of the route. // Rule is the only supported kind. // +kubebuilder:validation:Enum=Rule Kind string `json:"kind"` // Priority defines the router's priority. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority Priority int `json:"priority,omitempty"` // Services defines the list of Service. // It can contain any combination of TraefikService and/or reference to a Kubernetes Service. Services []Service `json:"services,omitempty"` // Middlewares defines the list of references to Middleware resources. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware Middlewares []MiddlewareRef `json:"middlewares,omitempty"` } // TLS holds the TLS configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls +// More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls type TLS struct { // SecretName is the name of the referenced Kubernetes Secret to specify the certificate details. SecretName string `json:"secretName,omitempty"` // Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. // If not defined, the `default` TLSOption is used. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options Options *TLSOptionRef `json:"options,omitempty"` // Store defines the reference to the TLSStore, that will be used to store certificates. // Please note that only `default` TLSStore can be used. Store *TLSStoreRef `json:"store,omitempty"` // CertResolver defines the name of the certificate resolver to use. // Cert resolvers have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers + // More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers CertResolver string `json:"certResolver,omitempty"` // Domains defines the list of domains that will be used to issue certificates. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains Domains []types.Domain `json:"domains,omitempty"` } // TLSOptionRef is a reference to a TLSOption resource. type TLSOptionRef struct { // Name defines the name of the referenced TLSOption. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption Name string `json:"name"` // Namespace defines the namespace of the referenced TLSOption. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption Namespace string `json:"namespace,omitempty"` } // TLSStoreRef is a reference to a TLSStore resource. type TLSStoreRef struct { // Name defines the name of the referenced TLSStore. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore Name string `json:"name"` // Namespace defines the namespace of the referenced TLSStore. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore Namespace string `json:"namespace,omitempty"` } @@ -95,7 +95,7 @@ type LoadBalancerSpec struct { // Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. Namespace string `json:"namespace,omitempty"` // Sticky defines the sticky sessions configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions + // More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions Sticky *dynamic.Sticky `json:"sticky,omitempty"` // Port defines the port of a Kubernetes Service. // This can be a reference to a named port. diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroutetcp.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroutetcp.go index acc3c94e7..17cd2f77a 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroutetcp.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroutetcp.go @@ -13,21 +13,21 @@ type IngressRouteTCPSpec struct { Routes []RouteTCP `json:"routes"` // EntryPoints defines the list of entry point names to bind to. // Entry points have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + // More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ // Default: all. EntryPoints []string `json:"entryPoints,omitempty"` // TLS defines the TLS configuration on a layer 4 / TCP Route. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1 + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 TLS *TLSTCP `json:"tls,omitempty"` } // RouteTCP holds the TCP route configuration. type RouteTCP struct { // Match defines the router's rule. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1 + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 Match string `json:"match"` // Priority defines the router's priority. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1 + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 Priority int `json:"priority,omitempty"` // Services defines the list of TCP services. Services []ServiceTCP `json:"services,omitempty"` @@ -36,7 +36,7 @@ type RouteTCP struct { } // TLSTCP holds the TLS configuration for an IngressRouteTCP. -// More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1 +// More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 type TLSTCP struct { // SecretName is the name of the referenced Kubernetes Secret to specify the certificate details. SecretName string `json:"secretName,omitempty"` @@ -44,17 +44,17 @@ type TLSTCP struct { Passthrough bool `json:"passthrough,omitempty"` // Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. // If not defined, the `default` TLSOption is used. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options Options *ObjectReference `json:"options,omitempty"` // Store defines the reference to the TLSStore, that will be used to store certificates. // Please note that only `default` TLSStore can be used. Store *ObjectReference `json:"store,omitempty"` // CertResolver defines the name of the certificate resolver to use. // Cert resolvers have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers + // More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers CertResolver string `json:"certResolver,omitempty"` // Domains defines the list of domains that will be used to issue certificates. - // More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains + // More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains Domains []types.Domain `json:"domains,omitempty"` } @@ -76,7 +76,7 @@ type ServiceTCP struct { // A negative value means an infinite deadline (i.e. the reading capability is never closed). TerminationDelay *int `json:"terminationDelay,omitempty"` // ProxyProtocol defines the PROXY protocol configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol + // More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"` // NativeLB controls, when creating the load-balancer, // whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressrouteudp.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressrouteudp.go index 84dd9b652..4c7c0dd5c 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressrouteudp.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressrouteudp.go @@ -11,7 +11,7 @@ type IngressRouteUDPSpec struct { Routes []RouteUDP `json:"routes"` // EntryPoints defines the list of entry point names to bind to. // Entry points have to be configured in the static configuration. - // More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + // More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ // Default: all. EntryPoints []string `json:"entryPoints,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go index 65b969540..21c1e3cfb 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go @@ -12,7 +12,7 @@ import ( // +kubebuilder:storageversion // Middleware is the CRD implementation of a Traefik Middleware. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ type Middleware struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -58,7 +58,7 @@ type MiddlewareSpec struct { // ErrorPage holds the custom error middleware configuration. // This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ type ErrorPage struct { // Status defines which status or range of statuses should result in an error page. // It can be either a status code as a number (500), @@ -67,7 +67,7 @@ type ErrorPage struct { // or a combination of the two (404,418,500-599). Status []string `json:"status,omitempty"` // Service defines the reference to a Kubernetes Service that will serve the error page. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service Service Service `json:"service,omitempty"` // Query defines the URL for the error page (hosted by service). // The {status} variable can be used in order to insert the status code in the URL. @@ -92,7 +92,7 @@ type CircuitBreaker struct { // Chain holds the configuration of the chain middleware. // This middleware enables to define reusable combinations of other pieces of middleware. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ type Chain struct { // Middlewares is the list of MiddlewareRef which composes the chain. Middlewares []MiddlewareRef `json:"middlewares,omitempty"` @@ -102,7 +102,7 @@ type Chain struct { // BasicAuth holds the basic auth middleware configuration. // This middleware restricts access to your services to known users. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ type BasicAuth struct { // Secret is the name of the referenced Kubernetes Secret containing user credentials. Secret string `json:"secret,omitempty"` @@ -113,7 +113,7 @@ type BasicAuth struct { // Default: false. RemoveHeader bool `json:"removeHeader,omitempty"` // HeaderField defines a header field to store the authenticated user. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield HeaderField string `json:"headerField,omitempty"` } @@ -121,7 +121,7 @@ type BasicAuth struct { // DigestAuth holds the digest auth middleware configuration. // This middleware restricts access to your services to known users. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ type DigestAuth struct { // Secret is the name of the referenced Kubernetes Secret containing user credentials. Secret string `json:"secret,omitempty"` @@ -131,7 +131,7 @@ type DigestAuth struct { // Default: traefik. Realm string `json:"realm,omitempty"` // HeaderField defines a header field to store the authenticated user. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield HeaderField string `json:"headerField,omitempty"` } @@ -139,7 +139,7 @@ type DigestAuth struct { // ForwardAuth holds the forward auth middleware configuration. // This middleware delegates the request authentication to a Service. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ type ForwardAuth struct { // Address defines the authentication server address. Address string `json:"address,omitempty"` @@ -148,7 +148,7 @@ type ForwardAuth struct { // AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers. AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"` // AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"` // AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. // If not set or empty then all request headers are passed. @@ -174,7 +174,7 @@ type ClientTLS struct { // RateLimit holds the rate limit configuration. // This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ type RateLimit struct { // Average is the maximum rate, by default in requests/s, allowed for the given source. // It defaults to 0, which means no rate limiting. @@ -198,7 +198,7 @@ type RateLimit struct { // Retry holds the retry middleware configuration. // This middleware reissues requests a given number of times to a backend server if that server does not reply. // As soon as the server answers, the middleware stops retrying, regardless of the response status. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ type Retry struct { // Attempts defines how many times the request should be retried. Attempts int `json:"attempts,omitempty"` diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go index 923c3d404..82c126687 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go @@ -9,7 +9,7 @@ import ( // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. -// More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/ +// More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ type MiddlewareTCP struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -28,11 +28,11 @@ type MiddlewareTCPSpec struct { // IPWhiteList defines the IPWhiteList middleware configuration. // This middleware accepts/refuses connections based on the client IP. // Deprecated: please use IPAllowList instead. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipwhitelist/ + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"` // IPAllowList defines the IPAllowList middleware configuration. // This middleware accepts/refuses connections based on the client IP. - // More info: https://doc.traefik.io/traefik/v2.10/middlewares/tcp/ipallowlist/ + // More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/serverstransport.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/serverstransport.go index be4d9decb..e36f2b285 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/serverstransport.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/serverstransport.go @@ -12,7 +12,7 @@ import ( // ServersTransport is the CRD implementation of a ServersTransport. // If no serversTransport is specified, the default@internal will be used. // The default@internal serversTransport is created from the static configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1 +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 type ServersTransport struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/service.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/service.go index b14625897..6ea8b492c 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/service.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/service.go @@ -13,7 +13,7 @@ import ( // TraefikService object allows to: // - Apply weight to Services on load-balancing // - Mirror traffic on services -// More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice +// More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice type TraefikService struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -49,7 +49,7 @@ type TraefikServiceSpec struct { // +k8s:deepcopy-gen=true // Mirroring holds the mirroring service configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#mirroring-service +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#mirroring-service type Mirroring struct { LoadBalancerSpec `json:",inline"` @@ -75,11 +75,11 @@ type MirrorService struct { // +k8s:deepcopy-gen=true // WeightedRoundRobin holds the weighted round-robin configuration. -// More info: https://doc.traefik.io/traefik/v2.10/routing/services/#weighted-round-robin-service +// More info: https://doc.traefik.io/traefik/v2.11/routing/services/#weighted-round-robin-service type WeightedRoundRobin struct { // Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight. Services []Service `json:"services,omitempty"` // Sticky defines whether sticky sessions are enabled. - // More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing + // More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing Sticky *dynamic.Sticky `json:"sticky,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go index 996e36a94..0e6e2274d 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go @@ -9,7 +9,7 @@ import ( // +kubebuilder:storageversion // TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. -// More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options +// More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options type TLSOption struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. @@ -32,10 +32,10 @@ type TLSOptionSpec struct { // Default: None. MaxVersion string `json:"maxVersion,omitempty"` // CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites CipherSuites []string `json:"cipherSuites,omitempty"` // CurvePreferences defines the preferred elliptic curves in a specific order. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences CurvePreferences []string `json:"curvePreferences,omitempty"` // ClientAuth defines the server's policy for TLS Client Authentication. ClientAuth ClientAuth `json:"clientAuth,omitempty"` @@ -46,7 +46,7 @@ type TLSOptionSpec struct { // Deprecated: https://github.com/golang/go/issues/45430 PreferServerCipherSuites bool `json:"preferServerCipherSuites,omitempty"` // ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. - // More info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols + // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols ALPNProtocols []string `json:"alpnProtocols,omitempty"` } diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsstore.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsstore.go index 082dbc5b1..c6f5d293a 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsstore.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsstore.go @@ -12,7 +12,7 @@ import ( // TLSStore is the CRD implementation of a Traefik TLS Store. // For the time being, only the TLSStore named default is supported. // This means that you cannot have two stores that are named default in different Kubernetes namespaces. -// More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores +// More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores type TLSStore struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. diff --git a/script/gcg/traefik-bugfix.toml b/script/gcg/traefik-bugfix.toml index d1f7eed10..2ee1b473a 100644 --- a/script/gcg/traefik-bugfix.toml +++ b/script/gcg/traefik-bugfix.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example new bugfix v2.10.7 -CurrentRef = "v2.10" -PreviousRef = "v2.10.6" -BaseBranch = "v2.10" -FutureCurrentRefName = "v2.10.7" +# example new bugfix v2.11.1 +CurrentRef = "v2.11" +PreviousRef = "v2.11.0" +BaseBranch = "v2.11" +FutureCurrentRefName = "v2.11.1" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 diff --git a/script/gcg/traefik-final-release-part1.toml b/script/gcg/traefik-final-release-part1.toml index ee2bd3017..2e73738fb 100644 --- a/script/gcg/traefik-final-release-part1.toml +++ b/script/gcg/traefik-final-release-part1.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example final release of v2.10.0 -CurrentRef = "v2.10" -PreviousRef = "v2.10.0-rc1" -BaseBranch = "v2.10" -FutureCurrentRefName = "v2.10.0" +# example final release of v2.11.0 +CurrentRef = "v2.11" +PreviousRef = "v2.11.0-rc1" +BaseBranch = "v2.11" +FutureCurrentRefName = "v2.11.0" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 diff --git a/script/gcg/traefik-final-release-part2.toml b/script/gcg/traefik-final-release-part2.toml index 9f3abf827..bfd11e0f1 100644 --- a/script/gcg/traefik-final-release-part2.toml +++ b/script/gcg/traefik-final-release-part2.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example final release of v2.10.0 -CurrentRef = "v2.10.0-rc1" -PreviousRef = "v2.9.0-rc1" +# example final release of v2.11.0 +CurrentRef = "v2.11.0-rc1" +PreviousRef = "v2.10.0-rc1" BaseBranch = "master" -FutureCurrentRefName = "v2.10.0-rc1" +FutureCurrentRefName = "v2.11.0-rc1" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 diff --git a/script/gcg/traefik-rc-first.toml b/script/gcg/traefik-rc-first.toml index 67793a9c0..d49585928 100644 --- a/script/gcg/traefik-rc-first.toml +++ b/script/gcg/traefik-rc-first.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example RC1 of v2.9.0 +# example RC1 of v2.11.0 CurrentRef = "master" -PreviousRef = "v2.8.0-rc1" +PreviousRef = "v2.10.0-rc1" BaseBranch = "master" -FutureCurrentRefName = "v2.9.0-rc1" +FutureCurrentRefName = "v2.11.0-rc1" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 diff --git a/script/gcg/traefik-rc-new.toml b/script/gcg/traefik-rc-new.toml index 61363d378..eb3e59310 100644 --- a/script/gcg/traefik-rc-new.toml +++ b/script/gcg/traefik-rc-new.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example RC2 of v2.10.0 -CurrentRef = "v2.10" -PreviousRef = "v2.10.0-rc1" -BaseBranch = "v2.10" -FutureCurrentRefName = "v2.10.0-rc2" +# example RC2 of v2.11.0 +CurrentRef = "v2.11" +PreviousRef = "v2.11.0-rc1" +BaseBranch = "v2.11" +FutureCurrentRefName = "v2.11.0-rc2" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10