baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Allow configuring rule syntax with Kubernetes Ingress annotation

Browse source
This commit is contained in:
Romain 2024-08-12 14:28:04 +02:00 committed by GitHub
parent 8d9ff0c441
commit ad613e58cd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 30 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
docs/content/migration/v2-to-v3-details.md
View file

@ -541,6 +541,19 @@ it is now unsupported and would prevent Traefik to start.
All Pilot related configuration should be removed from the static configuration.
### Kubernetes Ingress Path Matching
In v3, the Kubernetes Ingress default path matching does not support regexes anymore.
#### Remediation
Two levels of remediation are possible:
- Interpret the default path matcher `PathPrefix` with v2 syntax.
This can done globally for all routers with the [static configuration](#configure-the-default-syntax-in-static-configuration) or on a per-router basis by using the [traefik.ingress.kubernetes.io/router.rulesyntax](../routing/providers/kubernetes-ingress.md#annotations) annotation.
- Adapt the path regex to be compatible with the Go regex syntax and change the default path matcher to use the `PathRegexp` matcher with the [`traefik.ingress.kubernetes.io/router.pathmatcher`](../routing/providers/kubernetes-ingress.md#annotations) annotation.
## Operations Changes
### Traefik RBAC Update

10
docs/content/routing/providers/kubernetes-ingress.md
View file

@ -229,10 +229,18 @@ which in turn will create the resulting routers, services, handlers, etc.
traefik.ingress.kubernetes.io/router.priority: "42"
```
??? info "`traefik.ingress.kubernetes.io/router.rulesyntax`"
See [rule syntax](../routers/index.md#rulesyntax) for more information.
```yaml
traefik.ingress.kubernetes.io/router.rulesyntax: "v2"
```
??? info "`traefik.ingress.kubernetes.io/router.pathmatcher`"
Overrides the default router rule type used for a path.
Only path-related matcher name can be specified: `Path`, `PathPrefix`.
Only path-related matcher name should be specified: `Path`, `PathPrefix` or `PathRegexp`.
Default `PathPrefix`

1
pkg/provider/kubernetes/ingress/annotations.go
View file

@ -26,6 +26,7 @@ type RouterIng struct {
EntryPoints []string `json:"entryPoints,omitempty"`
Middlewares []string `json:"middlewares,omitempty"`
Priority int `json:"priority,omitempty"`
RuleSyntax string `json:"ruleSyntax,omitempty"`
TLS *dynamic.RouterTLSConfig `json:"tls,omitempty" label:"allowEmpty"`
}

4
pkg/provider/kubernetes/ingress/annotations_test.go
View file

@ -24,6 +24,7 @@ func Test_parseRouterConfig(t *testing.T) {
"traefik.ingress.kubernetes.io/router.entrypoints": "foobar,foobar",
"traefik.ingress.kubernetes.io/router.middlewares": "foobar,foobar",
"traefik.ingress.kubernetes.io/router.priority": "42",
"traefik.ingress.kubernetes.io/router.rulesyntax": "foobar",
"traefik.ingress.kubernetes.io/router.tls": "true",
"traefik.ingress.kubernetes.io/router.tls.certresolver": "foobar",
"traefik.ingress.kubernetes.io/router.tls.domains.0.main": "foobar",
@ -38,6 +39,7 @@ func Test_parseRouterConfig(t *testing.T) {
EntryPoints: []string{"foobar", "foobar"},
Middlewares: []string{"foobar", "foobar"},
Priority: 42,
RuleSyntax: "foobar",
TLS: &dynamic.RouterTLSConfig{
CertResolver: "foobar",
Domains: []types.Domain{
@ -180,6 +182,7 @@ func Test_convertAnnotations(t *testing.T) {
"traefik.ingress.kubernetes.io/router.entrypoints": "foobar,foobar",
"traefik.ingress.kubernetes.io/router.middlewares": "foobar,foobar",
"traefik.ingress.kubernetes.io/router.priority": "42",
"traefik.ingress.kubernetes.io/router.rulesyntax": "foobar",
"traefik.ingress.kubernetes.io/router.tls": "true",
"traefik.ingress.kubernetes.io/router.tls.certresolver": "foobar",
"traefik.ingress.kubernetes.io/router.tls.domains.0.main": "foobar",
@ -194,6 +197,7 @@ func Test_convertAnnotations(t *testing.T) {
"traefik.router.entrypoints": "foobar,foobar",
"traefik.router.middlewares": "foobar,foobar",
"traefik.router.priority": "42",
"traefik.router.rulesyntax": "foobar",
"traefik.router.tls": "true",
"traefik.router.tls.certresolver": "foobar",
"traefik.router.tls.domains[0].main": "foobar",

1
pkg/provider/kubernetes/ingress/fixtures/Ingress-with-annotations.yml
View file

@ -10,6 +10,7 @@ metadata:
traefik.ingress.kubernetes.io/router.entrypoints: ep1,ep2
traefik.ingress.kubernetes.io/router.middlewares: md1,md2
traefik.ingress.kubernetes.io/router.priority: "42"
traefik.ingress.kubernetes.io/router.rulesyntax: "v2"
traefik.ingress.kubernetes.io/router.tls: "true"
traefik.ingress.kubernetes.io/router.tls.certresolver: foobar
traefik.ingress.kubernetes.io/router.tls.domains.0.main: domain.com

1
pkg/provider/kubernetes/ingress/kubernetes.go
View file

@ -760,6 +760,7 @@ func loadRouter(rule netv1.IngressRule, pa netv1.HTTPIngressPath, rtConfig *Rout
}
if rtConfig != nil && rtConfig.Router != nil {
rt.RuleSyntax = rtConfig.Router.RuleSyntax
rt.Priority = rtConfig.Router.Priority
rt.EntryPoints = rtConfig.Router.EntryPoints
rt.Middlewares = rtConfig.Router.Middlewares

1
pkg/provider/kubernetes/ingress/kubernetes_test.go
View file

@ -96,6 +96,7 @@ func TestLoadConfigurationFromIngresses(t *testing.T) {
Service: "testing-service1-80",
Middlewares: []string{"md1", "md2"},
Priority: 42,
RuleSyntax: "v2",
TLS: &dynamic.RouterTLSConfig{
CertResolver: "foobar",
Domains: []types.Domain{