diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index 8f0bd2fe6..f4b9c8efc 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -348,7 +348,7 @@ It is therefore necessary to update [RBAC](../reference/dynamic-configuration/ku ### Non-ASCII Domain Names -In `v2.4.8` we introduced a new check on domain names used in HTTP router rule `Host` and `HostRegexp` expressions, +In `v2.4.8`, we introduced a new check on domain names used in HTTP router rule `Host` and `HostRegexp` expressions, and in TCP router rule `HostSNI` expression. This check ensures that provided domain names don't contain non-ASCII characters. If not, an error is raised, and the associated router will be shown as invalid in the dashboard. @@ -359,6 +359,12 @@ It doesn't change the support for non-ASCII domain names in routers rules, which In order to use non-ASCII domain names in a router's rule, one should use the Punycode form of the domain name. For more information, please read the [HTTP routers rule](../routing/routers/index.md#rule) part or [TCP router rules](../routing/routers/index.md#rule_1) part of the documentation. +## v2.4.8 to v2.4.9 + +### Tracing Span + +In `v2.4.9`, we changed span error to log only server errors (>= 500). + ## v2.4 to v2.5 ### Kubernetes CRD diff --git a/docs/content/providers/kubernetes-gateway.md b/docs/content/providers/kubernetes-gateway.md index 7835ad24d..7c5c37d08 100644 --- a/docs/content/providers/kubernetes-gateway.md +++ b/docs/content/providers/kubernetes-gateway.md @@ -71,7 +71,7 @@ This provider is proposed as an experimental feature and partially supports the --8<-- "content/reference/dynamic-configuration/kubernetes-gateway-rbac.yml" ``` -The Kubernetes Gateway API project provides several [guides](https://gateway-api.sigs.k8s.io/guides/) on how to use the APIs. +The Kubernetes Gateway API project provides several guides on how to use the APIs. These guides can help you to go further than the example above. The [getting started guide](https://gateway-api.sigs.k8s.io/guides/getting-started/) details how to install the CRDs from their repository. diff --git a/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_endpoint.yml b/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_endpoint.yml new file mode 100644 index 000000000..dfe20f52d --- /dev/null +++ b/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_endpoint.yml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Endpoints +metadata: + name: service1 + namespace: testing +subsets: + - addresses: + - ip: 10.0.0.1 + nodeName: admin.whoami.service1 + ports: + - name: http-admin + port: 8079 + protocol: TCP + - addresses: + - ip: 10.0.0.1 + nodeName: whoami.service1 +# targetRef: + ports: + - name: http + port: 8080 + protocol: TCP diff --git a/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_ingress.yml b/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_ingress.yml new file mode 100644 index 000000000..12c508feb --- /dev/null +++ b/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_ingress.yml @@ -0,0 +1,15 @@ +kind: Ingress +apiVersion: networking.k8s.io/v1beta1 +metadata: + name: "" + namespace: testing + +spec: + rules: + - host: traefik.port + http: + paths: + - path: /port + backend: + serviceName: service1 + servicePort: 8080 diff --git a/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_service.yml b/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_service.yml new file mode 100644 index 000000000..d83acc42f --- /dev/null +++ b/pkg/provider/kubernetes/ingress/fixtures/Ingress-with-port-invalid-for-one-service_service.yml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: service1 + namespace: testing + +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: http-api + - name: http-admin + port: 8079 + protocol: TCP + targetPort: http-admin + selector: + app: foo + sessionAffinity: None + type: ClusterIP diff --git a/pkg/provider/kubernetes/ingress/kubernetes.go b/pkg/provider/kubernetes/ingress/kubernetes.go index a1386a6ef..31fe71aa0 100644 --- a/pkg/provider/kubernetes/ingress/kubernetes.go +++ b/pkg/provider/kubernetes/ingress/kubernetes.go @@ -548,7 +548,7 @@ func loadService(client Client, namespace string, backend networkingv1.IngressBa } if port == 0 { - return nil, errors.New("cannot define a port") + continue } protocol := getProtocol(portSpec, portName, svcConfig) @@ -562,6 +562,10 @@ func loadService(client Client, namespace string, backend networkingv1.IngressBa } } + if len(svc.LoadBalancer.Servers) == 0 { + return nil, errors.New("no valid subset found") + } + return svc, nil } diff --git a/pkg/provider/kubernetes/ingress/kubernetes_test.go b/pkg/provider/kubernetes/ingress/kubernetes_test.go index 4a47fb731..66d05c9f5 100644 --- a/pkg/provider/kubernetes/ingress/kubernetes_test.go +++ b/pkg/provider/kubernetes/ingress/kubernetes_test.go @@ -729,6 +729,33 @@ func TestLoadConfigurationFromIngresses(t *testing.T) { }, }, }, + { + desc: "Ingress with port invalid for one service", + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{}, + HTTP: &dynamic.HTTPConfiguration{ + Middlewares: map[string]*dynamic.Middleware{}, + Routers: map[string]*dynamic.Router{ + "testing-traefik-port-port": { + Rule: "Host(`traefik.port`) && PathPrefix(`/port`)", + Service: "testing-service1-8080", + }, + }, + Services: map[string]*dynamic.Service{ + "testing-service1-8080": { + LoadBalancer: &dynamic.ServersLoadBalancer{ + PassHostHeader: Bool(true), + Servers: []dynamic.Server{ + { + URL: "http://10.0.0.1:8080", + }, + }, + }, + }, + }, + }, + }, + }, { desc: "Ingress with IPv6 endpoints", expected: &dynamic.Configuration{ diff --git a/pkg/tracing/tracing.go b/pkg/tracing/tracing.go index 02fab9c5d..498a26348 100644 --- a/pkg/tracing/tracing.go +++ b/pkg/tracing/tracing.go @@ -117,7 +117,7 @@ func LogRequest(span opentracing.Span, r *http.Request) { func LogResponseCode(span opentracing.Span, code int) { if span != nil { ext.HTTPStatusCode.Set(span, uint16(code)) - if code >= 400 { + if code >= http.StatusInternalServerError { ext.Error.Set(span, true) } }