Merge branch 'v3.0' of github.com:traefik/traefik
This commit is contained in:
commit
b4dfa60c1e
102 changed files with 5961 additions and 1669 deletions
|
@ -179,3 +179,7 @@ issues:
|
|||
text: 'Duplicate words \(sub\) found'
|
||||
linters:
|
||||
- dupword
|
||||
- path: pkg/provider/kubernetes/crd/kubernetes.go
|
||||
text: "Function 'loadConfigurationFromCRD' has too many statements"
|
||||
linters:
|
||||
- funlen
|
||||
|
|
|
@ -28,6 +28,10 @@ func NewTraefikConfiguration() *TraefikCmdConfiguration {
|
|||
ServersTransport: &static.ServersTransport{
|
||||
MaxIdleConnsPerHost: 200,
|
||||
},
|
||||
TCPServersTransport: &static.TCPServersTransport{
|
||||
DialTimeout: ptypes.Duration(30 * time.Second),
|
||||
DialKeepAlive: ptypes.Duration(15 * time.Second),
|
||||
},
|
||||
},
|
||||
ConfigFile: "",
|
||||
}
|
||||
|
|
|
@ -41,6 +41,7 @@ import (
|
|||
"github.com/traefik/traefik/v2/pkg/server"
|
||||
"github.com/traefik/traefik/v2/pkg/server/middleware"
|
||||
"github.com/traefik/traefik/v2/pkg/server/service"
|
||||
"github.com/traefik/traefik/v2/pkg/tcp"
|
||||
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
||||
"github.com/traefik/traefik/v2/pkg/tracing"
|
||||
"github.com/traefik/traefik/v2/pkg/tracing/jaeger"
|
||||
|
@ -269,6 +270,7 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
|||
}
|
||||
|
||||
roundTripperManager := service.NewRoundTripperManager(spiffeX509Source)
|
||||
dialerManager := tcp.NewDialerManager(spiffeX509Source)
|
||||
acmeHTTPHandler := getHTTPChallengeHandler(acmeProviders, httpChallengeProvider)
|
||||
managerFactory := service.NewManagerFactory(*staticConfiguration, routinesPool, metricsRegistry, roundTripperManager, acmeHTTPHandler)
|
||||
|
||||
|
@ -278,7 +280,7 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
|||
tracer := setupTracing(staticConfiguration.Tracing)
|
||||
|
||||
chainBuilder := middleware.NewChainBuilder(metricsRegistry, accessLog, tracer)
|
||||
routerFactory := server.NewRouterFactory(*staticConfiguration, managerFactory, tlsManager, chainBuilder, pluginBuilder, metricsRegistry)
|
||||
routerFactory := server.NewRouterFactory(*staticConfiguration, managerFactory, tlsManager, chainBuilder, pluginBuilder, metricsRegistry, dialerManager)
|
||||
|
||||
// Watcher
|
||||
|
||||
|
@ -309,6 +311,7 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
|||
// Server Transports
|
||||
watcher.AddListener(func(conf dynamic.Configuration) {
|
||||
roundTripperManager.Update(conf.HTTP.ServersTransports)
|
||||
dialerManager.Update(conf.TCP.ServersTransports)
|
||||
})
|
||||
|
||||
// Switch router
|
||||
|
|
|
@ -28,7 +28,9 @@ The `workloadAPIAddr` configuration defines the address of the SPIFFE [Workload
|
|||
!!! info "Enabling SPIFFE in ServersTransports"
|
||||
|
||||
Enabling SPIFFE does not imply that backend connections are going to use it automatically.
|
||||
Each [ServersTransport](../routing/services/index.md#serverstransport_1) that is meant to be secured with SPIFFE must [explicitly](../routing/services/index.md#spiffe) enable it.
|
||||
Each [ServersTransport](../routing/services/index.md#serverstransport_1) or [TCPServersTransport](../routing/services/index.md#serverstransport_2),
|
||||
that is meant to be secured with SPIFFE,
|
||||
must explicitly enable it (see [SPIFFE with ServersTransport](../routing/services/index.md#spiffe) or [SPIFFE with TCPServersTransport](../routing/services/index.md#spiffe_1)).
|
||||
|
||||
!!! warning "SPIFFE can cause Traefik to stall"
|
||||
When using SPIFFE,
|
||||
|
|
|
@ -55,3 +55,13 @@ One should use the `ContentType` middleware to enable the `Content-Type` header
|
|||
|
||||
In v3, HTTP/3 is no longer an experimental feature.
|
||||
The `experimental.http3` option has been removed from the static configuration.
|
||||
|
||||
## TCP ServersTransport
|
||||
|
||||
In v3, the support of `TCPServersTransport` has been introduced.
|
||||
When using the KubernetesCRD provider, it is therefore necessary to update [RBAC](../reference/dynamic-configuration/kubernetes-crd.md#rbac) and [CRD](../reference/dynamic-configuration/kubernetes-crd.md) manifests.
|
||||
|
||||
### TCP LoadBalancer `terminationDelay` option
|
||||
|
||||
The TCP LoadBalancer `terminationDelay` option has been removed.
|
||||
This option can now be configured directly on the `TCPServersTransport` level, please take a look at this [documentation](../routing/services/index.md#terminationdelay)
|
||||
|
|
|
@ -190,8 +190,9 @@
|
|||
- "traefik.tcp.routers.tcprouter1.tls.options=foobar"
|
||||
- "traefik.tcp.routers.tcprouter1.tls.passthrough=true"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version=42"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay=42"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.server.tls=true"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.serverstransport=foobar"
|
||||
- "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar"
|
||||
- "traefik.udp.routers.udprouter0.service=foobar"
|
||||
- "traefik.udp.routers.udprouter1.entrypoints=foobar, foobar"
|
||||
|
|
|
@ -377,15 +377,17 @@
|
|||
[tcp.services]
|
||||
[tcp.services.TCPService01]
|
||||
[tcp.services.TCPService01.loadBalancer]
|
||||
terminationDelay = 42
|
||||
serversTransport = "foobar"
|
||||
[tcp.services.TCPService01.loadBalancer.proxyProtocol]
|
||||
version = 42
|
||||
|
||||
[[tcp.services.TCPService01.loadBalancer.servers]]
|
||||
address = "foobar"
|
||||
tls = true
|
||||
|
||||
[[tcp.services.TCPService01.loadBalancer.servers]]
|
||||
address = "foobar"
|
||||
tls = true
|
||||
[tcp.services.TCPService02]
|
||||
[tcp.services.TCPService02.weighted]
|
||||
|
||||
|
@ -396,6 +398,7 @@
|
|||
[[tcp.services.TCPService02.weighted.services]]
|
||||
name = "foobar"
|
||||
weight = 42
|
||||
|
||||
[tcp.middlewares]
|
||||
[tcp.middlewares.TCPMiddleware00]
|
||||
[tcp.middlewares.TCPMiddleware00.ipAllowList]
|
||||
|
@ -404,6 +407,53 @@
|
|||
[tcp.middlewares.TCPMiddleware01.inFlightConn]
|
||||
amount = 42
|
||||
|
||||
[tcp.serversTransports]
|
||||
[tcp.serversTransports.TCPServersTransport0]
|
||||
dialTimeout = "42s"
|
||||
dialKeepAlive = "42s"
|
||||
terminationDelay = "42s"
|
||||
|
||||
[tcp.serversTransports.TCPServersTransport0.tls]
|
||||
serverName = "foobar"
|
||||
insecureSkipVerify = true
|
||||
rootCAs = ["foobar", "foobar"]
|
||||
peerCertURI = "foobar"
|
||||
|
||||
[[tcp.serversTransports.TCPServersTransport0.tls.certificates]]
|
||||
certFile = "foobar"
|
||||
keyFile = "foobar"
|
||||
|
||||
[[tcp.serversTransports.TCPServersTransport0.tls.certificates]]
|
||||
certFile = "foobar"
|
||||
keyFile = "foobar"
|
||||
|
||||
[tcp.serversTransports.TCPServersTransport0.spiffe]
|
||||
ids = ["foobar", "foobar"]
|
||||
trustDomain = "foobar"
|
||||
|
||||
[tcp.serversTransports.TCPServersTransport1]
|
||||
dialTimeout = "42s"
|
||||
dialKeepAlive = "42s"
|
||||
terminationDelay = "42s"
|
||||
|
||||
[tcp.serversTransports.TCPServersTransport1.tls]
|
||||
serverName = "foobar"
|
||||
insecureSkipVerify = true
|
||||
rootCAs = ["foobar", "foobar"]
|
||||
peerCertURI = "foobar"
|
||||
|
||||
[[tcp.serversTransports.TCPServersTransport1.tls.certificates]]
|
||||
certFile = "foobar"
|
||||
keyFile = "foobar"
|
||||
|
||||
[[tcp.serversTransports.TCPServersTransport1.tls.certificates]]
|
||||
certFile = "foobar"
|
||||
keyFile = "foobar"
|
||||
|
||||
[tcp.serversTransports.TCPServersTransport1.spiffe]
|
||||
ids = ["foobar", "foobar"]
|
||||
trustDomain = "foobar"
|
||||
|
||||
[udp]
|
||||
[udp.routers]
|
||||
[udp.routers.UDPRouter0]
|
||||
|
|
|
@ -426,12 +426,14 @@ tcp:
|
|||
services:
|
||||
TCPService01:
|
||||
loadBalancer:
|
||||
terminationDelay: 42
|
||||
serversTransport: foobar
|
||||
proxyProtocol:
|
||||
version: 42
|
||||
servers:
|
||||
- address: foobar
|
||||
tls: true
|
||||
- address: foobar
|
||||
tls: true
|
||||
TCPService02:
|
||||
weighted:
|
||||
services:
|
||||
|
@ -448,6 +450,49 @@ tcp:
|
|||
TCPMiddleware01:
|
||||
inFlightConn:
|
||||
amount: 42
|
||||
serversTransports:
|
||||
TCPServersTransport0:
|
||||
dialTimeout: 42s
|
||||
dialKeepAlive: 42s
|
||||
terminationDelay: 42s
|
||||
tls:
|
||||
serverName: foobar
|
||||
insecureSkipVerify: true
|
||||
rootCAs:
|
||||
- foobar
|
||||
- foobar
|
||||
certificates:
|
||||
- certFile: foobar
|
||||
keyFile: foobar
|
||||
- certFile: foobar
|
||||
keyFile: foobar
|
||||
peerCertURI: foobar
|
||||
spiffe:
|
||||
ids:
|
||||
- foobar
|
||||
- foobar
|
||||
trustDomain: foobar
|
||||
TCPServersTransport1:
|
||||
dialTimeout: 42s
|
||||
dialKeepAlive: 42s
|
||||
terminationDelay: 42s
|
||||
tls:
|
||||
serverName: foobar
|
||||
insecureSkipVerify: true
|
||||
rootCAs:
|
||||
- foobar
|
||||
- foobar
|
||||
certificates:
|
||||
- certFile: foobar
|
||||
keyFile: foobar
|
||||
- certFile: foobar
|
||||
keyFile: foobar
|
||||
peerCertURI: foobar
|
||||
spiffe:
|
||||
ids:
|
||||
- foobar
|
||||
- foobar
|
||||
trustDomain: foobar
|
||||
udp:
|
||||
routers:
|
||||
UDPRouter0:
|
||||
|
|
|
@ -373,15 +373,16 @@ spec:
|
|||
to use.
|
||||
type: integer
|
||||
type: object
|
||||
terminationDelay:
|
||||
description: TerminationDelay defines the deadline that
|
||||
the proxy sets, after one of its connected peers indicates
|
||||
it has closed the writing capability of its connection,
|
||||
to close the reading capability as well, hence fully
|
||||
terminating the connection. It is a duration in milliseconds,
|
||||
defaulting to 100. A negative value means an infinite
|
||||
deadline (i.e. the reading capability is never closed).
|
||||
type: integer
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransportTCP
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
type: string
|
||||
tls:
|
||||
description: TLS determines whether to use TLS when dialing
|
||||
with the backend.
|
||||
type: boolean
|
||||
weight:
|
||||
description: Weight defines the weight used when balancing
|
||||
requests between multiple Kubernetes Service.
|
||||
|
@ -1684,6 +1685,128 @@ status:
|
|||
conditions: []
|
||||
storedVersions: []
|
||||
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.6.2
|
||||
creationTimestamp: null
|
||||
name: serverstransporttcps.traefik.containo.us
|
||||
spec:
|
||||
group: traefik.containo.us
|
||||
names:
|
||||
kind: ServersTransportTCP
|
||||
listKind: ServersTransportTCPList
|
||||
plural: serverstransporttcps
|
||||
singular: serverstransporttcp
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||
If no tcpServersTransport is specified, a default one named default@internal
|
||||
will be used. The default@internal tcpServersTransport can be configured
|
||||
in the static configuration. More info: https://doc.traefik.io/traefik/v2.9/routing/services/#serverstransport_3'
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
|
||||
properties:
|
||||
dialKeepAlive:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: DialKeepAlive is the interval between keep-alive probes
|
||||
for an active network connection. If zero, keep-alive probes are
|
||||
sent with a default value (currently 15 seconds), if supported by
|
||||
the protocol and operating system. Network protocols or operating
|
||||
systems that do not support keep-alives ignore this field. If negative,
|
||||
keep-alive probes are disabled.
|
||||
x-kubernetes-int-or-string: true
|
||||
dialTimeout:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: DialTimeout is the amount of time to wait until a connection
|
||||
to a backend server can be established.
|
||||
x-kubernetes-int-or-string: true
|
||||
terminationDelay:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: TerminationDelay defines the delay to wait before fully
|
||||
terminating the connection, after one connected peer has closed
|
||||
its writing capability.
|
||||
x-kubernetes-int-or-string: true
|
||||
tls:
|
||||
description: TLS defines the TLS configuration
|
||||
properties:
|
||||
certificatesSecrets:
|
||||
description: CertificatesSecrets defines a list of secret storing
|
||||
client certificates for mTLS.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
insecureSkipVerify:
|
||||
description: InsecureSkipVerify disables TLS certificate verification.
|
||||
type: boolean
|
||||
peerCertURI:
|
||||
description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
|
||||
to keep per-host. PeerCertURI defines the peer cert URI used
|
||||
to match against SAN URI during the peer certificate verification.
|
||||
type: string
|
||||
rootCAsSecrets:
|
||||
description: RootCAsSecrets defines a list of CA secret used to
|
||||
validate self-signed certificates.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
serverName:
|
||||
description: ServerName defines the server name used to contact
|
||||
the server.
|
||||
type: string
|
||||
spiffe:
|
||||
description: Spiffe defines the SPIFFE configuration.
|
||||
properties:
|
||||
ids:
|
||||
description: IDs defines the allowed SPIFFE IDs (takes precedence
|
||||
over the SPIFFE TrustDomain).
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
trustDomain:
|
||||
description: TrustDomain defines the allowed SPIFFE trust
|
||||
domain.
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- metadata
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
|
|
|
@ -43,6 +43,7 @@ rules:
|
|||
- tlsoptions
|
||||
- tlsstores
|
||||
- serverstransports
|
||||
- serverstransporttcps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
|
|
|
@ -147,6 +147,7 @@ spec:
|
|||
services:
|
||||
- name: whoamitcp
|
||||
port: 8080
|
||||
serversTransport: mytransporttcp
|
||||
middlewares:
|
||||
- name: ipallowlist
|
||||
tls:
|
||||
|
@ -213,9 +214,30 @@ spec:
|
|||
certificatesSecrets:
|
||||
- foobar
|
||||
- foobar
|
||||
peerCertURI: foobar
|
||||
maxIdleConnsPerHost: 1
|
||||
forwardingTimeouts:
|
||||
dialTimeout: 42s
|
||||
responseHeaderTimeout: 42s
|
||||
idleConnTimeout: 42s
|
||||
disableHTTP2: true
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransporttcp
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
serverName: foobar
|
||||
insecureSkipVerify: true
|
||||
rootCAsSecrets:
|
||||
- foobar
|
||||
- foobar
|
||||
certificatesSecrets:
|
||||
- foobar
|
||||
- foobar
|
||||
peerCertURI: foobar
|
||||
dialTimeout: 42s
|
||||
dialKeepAlive: 42s
|
||||
|
|
|
@ -278,10 +278,42 @@
|
|||
| `traefik/tcp/routers/TCPRouter1/tls/domains/1/sans/1` | `foobar` |
|
||||
| `traefik/tcp/routers/TCPRouter1/tls/options` | `foobar` |
|
||||
| `traefik/tcp/routers/TCPRouter1/tls/passthrough` | `true` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/dialKeepAlive` | `42s` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/dialTimeout` | `42s` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/spiffe/ids/0` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/spiffe/ids/1` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/spiffe/trustDomain` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/terminationDelay` | `42s` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/certificates/0/certFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/certificates/0/keyFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/certificates/1/certFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/certificates/1/keyFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/insecureSkipVerify` | `true` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/peerCertURI` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/rootCAs/0` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/rootCAs/1` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport0/tls/serverName` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/dialKeepAlive` | `42s` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/dialTimeout` | `42s` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/spiffe/ids/0` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/spiffe/ids/1` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/spiffe/trustDomain` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/terminationDelay` | `42s` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/certificates/0/certFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/certificates/0/keyFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/certificates/1/certFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/certificates/1/keyFile` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/insecureSkipVerify` | `true` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/peerCertURI` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/rootCAs/0` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/rootCAs/1` | `foobar` |
|
||||
| `traefik/tcp/serversTransports/TCPServersTransport1/tls/serverName` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/proxyProtocol/version` | `42` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/servers/0/address` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/servers/0/tls` | `true` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/address` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/terminationDelay` | `42` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/tls` | `true` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/serversTransport` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService02/weighted/services/0/name` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService02/weighted/services/0/weight` | `42` |
|
||||
| `traefik/tcp/services/TCPService02/weighted/services/1/name` | `foobar` |
|
||||
|
|
|
@ -190,8 +190,9 @@
|
|||
"traefik.tcp.routers.tcprouter1.tls.options": "foobar",
|
||||
"traefik.tcp.routers.tcprouter1.tls.passthrough": "true",
|
||||
"traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version": "42",
|
||||
"traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay": "42",
|
||||
"traefik.tcp.services.tcpservice01.loadbalancer.server.port": "foobar",
|
||||
"traefik.tcp.services.tcpservice01.loadbalancer.server.tls": "true",
|
||||
"traefik.tcp.services.tcpservice01.loadbalancer.serverstransport": "foobar",
|
||||
"traefik.udp.routers.udprouter0.entrypoints": "foobar, foobar",
|
||||
"traefik.udp.routers.udprouter0.service": "foobar",
|
||||
"traefik.udp.routers.udprouter1.entrypoints": "foobar, foobar",
|
||||
|
|
|
@ -105,15 +105,16 @@ spec:
|
|||
to use.
|
||||
type: integer
|
||||
type: object
|
||||
terminationDelay:
|
||||
description: TerminationDelay defines the deadline that
|
||||
the proxy sets, after one of its connected peers indicates
|
||||
it has closed the writing capability of its connection,
|
||||
to close the reading capability as well, hence fully
|
||||
terminating the connection. It is a duration in milliseconds,
|
||||
defaulting to 100. A negative value means an infinite
|
||||
deadline (i.e. the reading capability is never closed).
|
||||
type: integer
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransportTCP
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
type: string
|
||||
tls:
|
||||
description: TLS determines whether to use TLS when dialing
|
||||
with the backend.
|
||||
type: boolean
|
||||
weight:
|
||||
description: Weight defines the weight used when balancing
|
||||
requests between multiple Kubernetes Service.
|
||||
|
|
|
@ -0,0 +1,122 @@
|
|||
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.6.2
|
||||
creationTimestamp: null
|
||||
name: serverstransporttcps.traefik.containo.us
|
||||
spec:
|
||||
group: traefik.containo.us
|
||||
names:
|
||||
kind: ServersTransportTCP
|
||||
listKind: ServersTransportTCPList
|
||||
plural: serverstransporttcps
|
||||
singular: serverstransporttcp
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||
If no tcpServersTransport is specified, a default one named default@internal
|
||||
will be used. The default@internal tcpServersTransport can be configured
|
||||
in the static configuration. More info: https://doc.traefik.io/traefik/v2.9/routing/services/#serverstransport_3'
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
|
||||
properties:
|
||||
dialKeepAlive:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: DialKeepAlive is the interval between keep-alive probes
|
||||
for an active network connection. If zero, keep-alive probes are
|
||||
sent with a default value (currently 15 seconds), if supported by
|
||||
the protocol and operating system. Network protocols or operating
|
||||
systems that do not support keep-alives ignore this field. If negative,
|
||||
keep-alive probes are disabled.
|
||||
x-kubernetes-int-or-string: true
|
||||
dialTimeout:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: DialTimeout is the amount of time to wait until a connection
|
||||
to a backend server can be established.
|
||||
x-kubernetes-int-or-string: true
|
||||
terminationDelay:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: TerminationDelay defines the delay to wait before fully
|
||||
terminating the connection, after one connected peer has closed
|
||||
its writing capability.
|
||||
x-kubernetes-int-or-string: true
|
||||
tls:
|
||||
description: TLS defines the TLS configuration
|
||||
properties:
|
||||
certificatesSecrets:
|
||||
description: CertificatesSecrets defines a list of secret storing
|
||||
client certificates for mTLS.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
insecureSkipVerify:
|
||||
description: InsecureSkipVerify disables TLS certificate verification.
|
||||
type: boolean
|
||||
peerCertURI:
|
||||
description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
|
||||
to keep per-host. PeerCertURI defines the peer cert URI used
|
||||
to match against SAN URI during the peer certificate verification.
|
||||
type: string
|
||||
rootCAsSecrets:
|
||||
description: RootCAsSecrets defines a list of CA secret used to
|
||||
validate self-signed certificates.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
serverName:
|
||||
description: ServerName defines the server name used to contact
|
||||
the server.
|
||||
type: string
|
||||
spiffe:
|
||||
description: Spiffe defines the SPIFFE configuration.
|
||||
properties:
|
||||
ids:
|
||||
description: IDs defines the allowed SPIFFE IDs (takes precedence
|
||||
over the SPIFFE TrustDomain).
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
trustDomain:
|
||||
description: TrustDomain defines the allowed SPIFFE trust
|
||||
domain.
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- metadata
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
|
@ -1020,6 +1020,33 @@ Defines the allowed SPIFFE trust domain.
|
|||
`--spiffe.workloadapiaddr`:
|
||||
Defines the workload API address.
|
||||
|
||||
`--tcpserverstransport.dialkeepalive`:
|
||||
Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled (Default: ```15```)
|
||||
|
||||
`--tcpserverstransport.dialtimeout`:
|
||||
Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```)
|
||||
|
||||
`--tcpserverstransport.terminationdelay`:
|
||||
Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability. (Default: ```0```)
|
||||
|
||||
`--tcpserverstransport.tls`:
|
||||
Defines the TLS configuration. (Default: ```false```)
|
||||
|
||||
`--tcpserverstransport.tls.insecureskipverify`:
|
||||
Disables SSL certificate verification. (Default: ```false```)
|
||||
|
||||
`--tcpserverstransport.tls.rootcas`:
|
||||
Defines a list of CA secret used to validate self-signed certificate
|
||||
|
||||
`--tcpserverstransport.tls.spiffe`:
|
||||
Defines the SPIFFE TLS configuration. (Default: ```false```)
|
||||
|
||||
`--tcpserverstransport.tls.spiffe.ids`:
|
||||
Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain).
|
||||
|
||||
`--tcpserverstransport.tls.spiffe.trustdomain`:
|
||||
Defines the allowed SPIFFE trust domain.
|
||||
|
||||
`--tracing`:
|
||||
OpenTracing configuration. (Default: ```false```)
|
||||
|
||||
|
|
|
@ -1020,6 +1020,33 @@ Defines the allowed SPIFFE trust domain.
|
|||
`TRAEFIK_SPIFFE_WORKLOADAPIADDR`:
|
||||
Defines the workload API address.
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_DIALKEEPALIVE`:
|
||||
Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled (Default: ```15```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_DIALTIMEOUT`:
|
||||
Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TERMINATIONDELAY`:
|
||||
Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability. (Default: ```0```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS`:
|
||||
Defines the TLS configuration. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_INSECURESKIPVERIFY`:
|
||||
Disables SSL certificate verification. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_ROOTCAS`:
|
||||
Defines a list of CA secret used to validate self-signed certificate
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_SPIFFE`:
|
||||
Defines the SPIFFE TLS configuration. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_SPIFFE_IDS`:
|
||||
Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain).
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_SPIFFE_TRUSTDOMAIN`:
|
||||
Defines the allowed SPIFFE trust domain.
|
||||
|
||||
`TRAEFIK_TRACING`:
|
||||
OpenTracing configuration. (Default: ```false```)
|
||||
|
||||
|
|
|
@ -6,10 +6,29 @@
|
|||
insecureSkipVerify = true
|
||||
rootCAs = ["foobar", "foobar"]
|
||||
maxIdleConnsPerHost = 42
|
||||
|
||||
[serversTransport.forwardingTimeouts]
|
||||
dialTimeout = "42s"
|
||||
responseHeaderTimeout = "42s"
|
||||
idleConnTimeout = "42s"
|
||||
readIdleTimeout = "42s"
|
||||
pingTimeout = "42s"
|
||||
|
||||
[serversTransport.spiffe]
|
||||
ids = ["foobar", "foobar"]
|
||||
trustDomain = "foobar"
|
||||
|
||||
[tcpServersTransport]
|
||||
dialTimeout = "42s"
|
||||
dialKeepAlive = "42s"
|
||||
|
||||
[tcpServersTransport.tls]
|
||||
insecureSkipVerify = true
|
||||
rootCAs = ["foobar", "foobar"]
|
||||
|
||||
[tcpServersTransport.tls.spiffe]
|
||||
ids = ["foobar", "foobar"]
|
||||
trustDomain = "foobar"
|
||||
|
||||
[entryPoints]
|
||||
[entryPoints.EntryPoint0]
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
global:
|
||||
checkNewVersion: true
|
||||
sendAnonymousUsage: true
|
||||
serversTransport:
|
||||
serversTransports:
|
||||
insecureSkipVerify: true
|
||||
rootCAs:
|
||||
- foobar
|
||||
|
@ -11,6 +11,26 @@ serversTransport:
|
|||
dialTimeout: 42s
|
||||
responseHeaderTimeout: 42s
|
||||
idleConnTimeout: 42s
|
||||
readIdleTimeout: 42s
|
||||
pingTimeout: 42s
|
||||
spiffe:
|
||||
ids:
|
||||
- foobar
|
||||
- foobar
|
||||
trustDomain: foobar
|
||||
tcpServersTransport:
|
||||
dialTimeout: 42s
|
||||
dialKeepAlive: 42s
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
rootCAs:
|
||||
- foobar
|
||||
- foobar
|
||||
spiffe:
|
||||
ids:
|
||||
- foobar
|
||||
- foobar
|
||||
trustDomain: foobar
|
||||
entryPoints:
|
||||
EntryPoint0:
|
||||
address: foobar
|
||||
|
|
|
@ -250,10 +250,12 @@ and then between Traefik and the backend servers, is configured through the
|
|||
|
||||
In addition, a few parameters are dedicated to configuring globally
|
||||
what happens with the connections between Traefik and the backends.
|
||||
This is done through the `serversTransport` section of the configuration,
|
||||
which features these options:
|
||||
This is done through the [`serversTransport`](#http-servers-transports) and [`tcpServersTransport`](#tcp-servers-transports)
|
||||
sections of the configuration, which features these options:
|
||||
|
||||
### `insecureSkipVerify`
|
||||
### HTTP Servers Transports
|
||||
|
||||
#### `insecureSkipVerify`
|
||||
|
||||
_Optional, Default=false_
|
||||
|
||||
|
@ -276,7 +278,7 @@ serversTransport:
|
|||
--serversTransport.insecureSkipVerify=true
|
||||
```
|
||||
|
||||
### `rootCAs`
|
||||
#### `rootCAs`
|
||||
|
||||
_Optional_
|
||||
|
||||
|
@ -302,7 +304,7 @@ serversTransport:
|
|||
--serversTransport.rootCAs=foo.crt,bar.crt
|
||||
```
|
||||
|
||||
### `maxIdleConnsPerHost`
|
||||
#### `maxIdleConnsPerHost`
|
||||
|
||||
_Optional, Default=2_
|
||||
|
||||
|
@ -325,7 +327,7 @@ serversTransport:
|
|||
--serversTransport.maxIdleConnsPerHost=7
|
||||
```
|
||||
|
||||
### `spiffe`
|
||||
#### `spiffe`
|
||||
|
||||
Please note that [SPIFFE](../https/spiffe.md) must be enabled in the static configuration
|
||||
before using it to secure the connection between Traefik and the backends.
|
||||
|
@ -380,7 +382,7 @@ serversTransport:
|
|||
--serversTransport.spiffe.trustDomain=spiffe://trust-domain
|
||||
```
|
||||
|
||||
### `forwardingTimeouts`
|
||||
#### `forwardingTimeouts`
|
||||
|
||||
`forwardingTimeouts` is about a number of timeouts relevant to when forwarding requests to the backend servers.
|
||||
|
||||
|
@ -462,4 +464,186 @@ serversTransport:
|
|||
--serversTransport.forwardingTimeouts.idleConnTimeout=1s
|
||||
```
|
||||
|
||||
### TCP Servers Transports
|
||||
|
||||
#### `dialTimeout`
|
||||
|
||||
_Optional, Default="30s"_
|
||||
|
||||
`dialTimeout` is the maximum duration allowed for a connection to a backend server to be established.
|
||||
Zero means no timeout.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
dialTimeout: 30s
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport]
|
||||
dialTimeout = "30s"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.dialTimeout=30s
|
||||
```
|
||||
|
||||
#### `dialKeepAlive`
|
||||
|
||||
_Optional, Default="15s"_
|
||||
|
||||
`dialKeepAlive` defines the interval between keep-alive probes sent on an active network connection.
|
||||
If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and
|
||||
operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative,
|
||||
keep-alive probes are disabled.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
dialKeepAlive: 30s
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport]
|
||||
dialKeepAlive = "30s"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.dialKeepAlive=30s
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
`tls` defines the TLS configuration to connect with TCP backends.
|
||||
|
||||
_Optional_
|
||||
|
||||
An empty `tls` section enables TLS.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
tls: {}
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport.tls]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.tls=true
|
||||
```
|
||||
|
||||
#### `tls.insecureSkipVerify`
|
||||
|
||||
_Optional_
|
||||
|
||||
`insecureSkipVerify` disables the server's certificate chain and host name verification.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport.tls]
|
||||
insecureSkipVerify = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.tls.insecureSkipVerify=true
|
||||
```
|
||||
|
||||
#### `tls.rootCAs`
|
||||
|
||||
_Optional_
|
||||
|
||||
`rootCAs` defines the set of Root Certificate Authorities (as file paths, or data bytes)
|
||||
to use when verifying self-signed TLS server certificates.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
tls:
|
||||
rootCAs:
|
||||
- foo.crt
|
||||
- bar.crt
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport.tls]
|
||||
rootCAs = ["foo.crt", "bar.crt"]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.tls.rootCAs=foo.crt,bar.crt
|
||||
```
|
||||
|
||||
#### `spiffe`
|
||||
|
||||
Please note that [SPIFFE](../https/spiffe.md) must be enabled in the static configuration
|
||||
before using it to secure the connection between Traefik and the backends.
|
||||
|
||||
#### `spiffe.ids`
|
||||
|
||||
_Optional_
|
||||
|
||||
`ids` defines the allowed SPIFFE IDs.
|
||||
This takes precedence over the SPIFFE TrustDomain.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
spiffe:
|
||||
ids:
|
||||
- spiffe://trust-domain/id1
|
||||
- spiffe://trust-domain/id2
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport.spiffe]
|
||||
ids = ["spiffe://trust-domain/id1", "spiffe://trust-domain/id2"]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.spiffe.ids=spiffe://trust-domain/id1,spiffe://trust-domain/id2
|
||||
```
|
||||
|
||||
#### `spiffe.trustDomain`
|
||||
|
||||
_Optional_
|
||||
|
||||
`trustDomain` defines the allowed SPIFFE trust domain.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
tcpServersTransport:
|
||||
trustDomain: spiffe://trust-domain
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[tcpServersTransport.spiffe]
|
||||
trustDomain = "spiffe://trust-domain"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--tcpServersTransport.spiffe.trustDomain=spiffe://trust-domain
|
||||
```
|
||||
|
||||
{!traefik-for-business-applications.md!}
|
||||
|
|
|
@ -404,12 +404,12 @@ You can declare TCP Routers and/or Services using tags.
|
|||
traefik.tcp.services.mytcpservice.loadbalancer.server.port=423
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
Determines whether to use TLS when dialing with the backend.
|
||||
|
||||
```yaml
|
||||
traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100
|
||||
traefik.tcp.services.mytcpservice.loadbalancer.server.tls=true
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
||||
|
@ -420,6 +420,15 @@ You can declare TCP Routers and/or Services using tags.
|
|||
traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
```yaml
|
||||
traefik.tcp.services.myservice.loadbalancer.serverstransport=foobar@file
|
||||
```
|
||||
|
||||
### UDP
|
||||
|
||||
You can declare UDP Routers and/or Services using tags.
|
||||
|
|
|
@ -577,12 +577,12 @@ You can declare TCP Routers and/or Services using labels.
|
|||
- "traefik.tcp.services.mytcpservice.loadbalancer.server.port=423"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
Determines whether to use TLS when dialing with the backend.
|
||||
|
||||
```yaml
|
||||
- "traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100"
|
||||
- "traefik.tcp.services.mytcpservice.loadbalancer.server.tls=true"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
||||
|
@ -593,6 +593,15 @@ You can declare TCP Routers and/or Services using labels.
|
|||
- "traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
```yaml
|
||||
- "traefik.tcp.services.<service_name>.loadbalancer.serverstransport=foobar@file"
|
||||
```
|
||||
|
||||
### UDP
|
||||
|
||||
You can declare UDP Routers and/or Services using labels.
|
||||
|
|
|
@ -418,12 +418,12 @@ You can declare TCP Routers and/or Services using labels.
|
|||
traefik.tcp.services.mytcpservice.loadbalancer.server.port=423
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
Determines whether to use TLS when dialing with the backend.
|
||||
|
||||
```yaml
|
||||
traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100
|
||||
traefik.tcp.services.mytcpservice.loadbalancer.server.tls=true
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
||||
|
@ -434,6 +434,15 @@ You can declare TCP Routers and/or Services using labels.
|
|||
traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
```yaml
|
||||
traefik.tcp.services.<service_name>.loadbalancer.serverstransport=foobar@file
|
||||
```
|
||||
|
||||
### UDP
|
||||
|
||||
You can declare UDP Routers and/or Services using tags.
|
||||
|
|
|
@ -296,7 +296,7 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
|
|||
You can find an excerpt of the available custom resources in the table below:
|
||||
|
||||
| Kind | Purpose | Concept Behind |
|
||||
|--------------------------------------------|--------------------------------------------------------------------|----------------------------------------------------------------|
|
||||
|--------------------------------------------------|--------------------------------------------------------------------|----------------------------------------------------------------|
|
||||
| [IngressRoute](#kind-ingressroute) | HTTP Routing | [HTTP router](../routers/index.md#configuring-http-routers) |
|
||||
| [Middleware](#kind-middleware) | Tweaks the HTTP requests before they are sent to your service | [HTTP Middlewares](../../middlewares/http/overview.md) |
|
||||
| [TraefikService](#kind-traefikservice) | Abstraction for HTTP loadbalancing/mirroring | [HTTP service](../services/index.md#configuring-http-services) |
|
||||
|
@ -306,6 +306,7 @@ You can find an excerpt of the available custom resources in the table below:
|
|||
| [TLSOptions](#kind-tlsoption) | Allows to configure some parameters of the TLS connection | [TLSOptions](../../https/tls.md#tls-options) |
|
||||
| [TLSStores](#kind-tlsstore) | Allows to configure the default TLS store | [TLSStores](../../https/tls.md#certificates-stores) |
|
||||
| [ServersTransport](#kind-serverstransport) | Allows to configure the transport between Traefik and the backends | [ServersTransport](../../services/#serverstransport_1) |
|
||||
| [ServersTransportTCP](#kind-serverstransporttcp) | Allows to configure the transport between Traefik and the backends | [TCP ServersTransport](../../services/#serverstransport_3) |
|
||||
|
||||
### Kind: `IngressRoute`
|
||||
|
||||
|
@ -1100,9 +1101,9 @@ Register the `IngressRouteTCP` [kind](../../reference/dynamic-configuration/kube
|
|||
- name: foo # [8]
|
||||
port: 8080 # [9]
|
||||
weight: 10 # [10]
|
||||
terminationDelay: 400 # [11]
|
||||
proxyProtocol: # [12]
|
||||
version: 1 # [13]
|
||||
proxyProtocol: # [11]
|
||||
version: 1 # [12]
|
||||
serversTransport: transport # [13]
|
||||
tls: # [14]
|
||||
secretName: supersecret # [15]
|
||||
options: # [16]
|
||||
|
@ -1118,7 +1119,7 @@ Register the `IngressRouteTCP` [kind](../../reference/dynamic-configuration/kube
|
|||
```
|
||||
|
||||
| Ref | Attribute | Purpose |
|
||||
|------|--------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
|------|-------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| [1] | `entryPoints` | List of [entrypoints](../routers/index.md#entrypoints_1) names |
|
||||
| [2] | `routes` | List of routes |
|
||||
| [3] | `routes[n].match` | Defines the [rule](../routers/index.md#rule_1) of the underlying router |
|
||||
|
@ -1129,18 +1130,18 @@ Register the `IngressRouteTCP` [kind](../../reference/dynamic-configuration/kube
|
|||
| [8] | `services[n].name` | Defines the name of a [Kubernetes service](https://kubernetes.io/docs/concepts/services-networking/service/) |
|
||||
| [9] | `services[n].port` | Defines the port of a [Kubernetes service](https://kubernetes.io/docs/concepts/services-networking/service/). This can be a reference to a named port. |
|
||||
| [10] | `services[n].weight` | Defines the weight to apply to the server load balancing |
|
||||
| [11] | `services[n].terminationDelay` | corresponds to the deadline that the proxy sets, after one of its connected peers indicates it has closed the writing capability of its connection, to close the reading capability as well, hence fully terminating the connection. It is a duration in milliseconds, defaulting to 100. A negative value means an infinite deadline (i.e. the reading capability is never closed). |
|
||||
| [12] | `proxyProtocol` | Defines the [PROXY protocol](../services/index.md#proxy-protocol) configuration |
|
||||
| [13] | `version` | Defines the [PROXY protocol](../services/index.md#proxy-protocol) version |
|
||||
| [11] | `services[n].proxyProtocol` | Defines the [PROXY protocol](../services/index.md#proxy-protocol) configuration |
|
||||
| [12] | `services[n].proxyProtocol.version` | Defines the [PROXY protocol](../services/index.md#proxy-protocol) version |
|
||||
| [13] | `services[n].serversTransport` | Defines the reference to a [ServersTransportTCP](#kind-serverstransporttcp). The ServersTransport namespace is assumed to be the [Kubernetes service](https://kubernetes.io/docs/concepts/services-networking/service/) namespace (see [ServersTransport reference](#serverstransport-reference)). |
|
||||
| [14] | `tls` | Defines [TLS](../routers/index.md#tls_1) certificate configuration |
|
||||
| [15] | `tls.secretName` | Defines the [secret](https://kubernetes.io/docs/concepts/configuration/secret/) name used to store the certificate (in the `IngressRoute` namespace) |
|
||||
| [16] | `tls.options` | Defines the reference to a [TLSOption](#kind-tlsoption) |
|
||||
| [17] | `options.name` | Defines the [TLSOption](#kind-tlsoption) name |
|
||||
| [18] | `options.namespace` | Defines the [TLSOption](#kind-tlsoption) namespace |
|
||||
| [17] | `tls.options.name` | Defines the [TLSOption](#kind-tlsoption) name |
|
||||
| [18] | `tls.options.namespace` | Defines the [TLSOption](#kind-tlsoption) namespace |
|
||||
| [19] | `tls.certResolver` | Defines the reference to a [CertResolver](../routers/index.md#certresolver_1) |
|
||||
| [20] | `tls.domains` | List of [domains](../routers/index.md#domains_1) |
|
||||
| [21] | `domains[n].main` | Defines the main domain name |
|
||||
| [22] | `domains[n].sans` | List of SANs (alternative domains) |
|
||||
| [21] | `tls.domains[n].main` | Defines the main domain name |
|
||||
| [22] | `tls.domains[n].sans` | List of SANs (alternative domains) |
|
||||
| [23] | `tls.passthrough` | If `true`, delegates the TLS termination to the backend |
|
||||
|
||||
??? example "Declaring an IngressRouteTCP"
|
||||
|
@ -1161,11 +1162,9 @@ Register the `IngressRouteTCP` [kind](../../reference/dynamic-configuration/kube
|
|||
services:
|
||||
- name: foo
|
||||
port: 8080
|
||||
terminationDelay: 400
|
||||
weight: 10
|
||||
- name: bar
|
||||
port: 8081
|
||||
terminationDelay: 500
|
||||
weight: 10
|
||||
tls:
|
||||
certResolver: foo
|
||||
|
@ -1689,7 +1688,7 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
|
|||
|
||||
!!! important "Default serversTransport"
|
||||
If no `serversTransport` is specified, the `default@internal` will be used.
|
||||
The `default@internal` serversTransport is created from the [static configuration](../overview.md#transport-configuration).
|
||||
The `default@internal` serversTransport is created from the [static configuration](../overview.md#http-servers-transports).
|
||||
|
||||
!!! info "ServersTransport Attributes"
|
||||
|
||||
|
@ -1716,6 +1715,11 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
|
|||
idleConnTimeout: 42s # [9]
|
||||
peerCertURI: foobar # [10]
|
||||
disableHTTP2: true # [11]
|
||||
spiffe: # [12]
|
||||
ids: # [13]
|
||||
- spiffe://trust-domain/id1
|
||||
- spiffe://trust-domain/id2
|
||||
trustDomain: "spiffe://trust-domain" # [14]
|
||||
```
|
||||
|
||||
| Ref | Attribute | Purpose |
|
||||
|
@ -1731,6 +1735,9 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
|
|||
| [9] | `idleConnTimeout` | The maximum amount of time an idle (keep-alive) connection will remain idle before closing itself. If zero, no timeout exists. |
|
||||
| [10] | `peerCertURI` | URI used to match against SAN URIs during the server's certificate verification. |
|
||||
| [11] | `disableHTTP2` | Disables HTTP/2 for connections with servers. |
|
||||
| [12] | `spiffe` | The spiffe configuration. |
|
||||
| [13] | `ids` | Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain). |
|
||||
| [14] | `trustDomain` | Defines the allowed SPIFFE trust domain. |
|
||||
|
||||
!!! info "CA Secret"
|
||||
|
||||
|
@ -1775,10 +1782,110 @@ By default, the referenced ServersTransport CRD must be defined in the same [Kub
|
|||
|
||||
To reference a ServersTransport CRD from another namespace,
|
||||
the value must be of form `namespace-name@kubernetescrd`,
|
||||
and the [cross-namespace](../../../providers/kubernetes-crd/#allowcrossnamespace) option must be enabled.
|
||||
and the [allowCrossNamespace](../../../providers/kubernetes-crd/#allowcrossnamespace) option must be enabled.
|
||||
|
||||
If the ServersTransport CRD is defined in another provider the cross-provider format `name@provider` should be used.
|
||||
|
||||
### Kind: `ServersTransportTCP`
|
||||
|
||||
`ServersTransportTCP` is the CRD implementation of a [ServersTransportTCP](../services/index.md#serverstransport_2).
|
||||
|
||||
!!! important "Default serversTransportTCP"
|
||||
If no `serversTransportTCP` is specified, the `default@internal` will be used.
|
||||
The `default@internal` serversTransportTCP is created from the [static configuration](../overview.md#tcp-servers-transports).
|
||||
|
||||
!!! info "ServersTransportTCP Attributes"
|
||||
|
||||
```yaml tab="ServersTransportTCP"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
dialTimeout: 42s # [1]
|
||||
dialKeepAlive: 42s # [2]
|
||||
terminationDelay: 42s # [3]
|
||||
tls: # [4]
|
||||
serverName: foobar # [5]
|
||||
insecureSkipVerify: true # [6]
|
||||
peerCertURI: foobar # [7]
|
||||
rootCAsSecrets: # [8]
|
||||
- foobar
|
||||
- foobar
|
||||
certificatesSecrets: # [9]
|
||||
- foobar
|
||||
- foobar
|
||||
spiffe: # [10]
|
||||
ids: # [11]
|
||||
- spiffe://trust-domain/id1
|
||||
- spiffe://trust-domain/id2
|
||||
trustDomain: "spiffe://trust-domain" # [12]
|
||||
```
|
||||
|
||||
| Ref | Attribute | Purpose |
|
||||
|------|-----------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| [1] | `dialTimeout` | The amount of time to wait until a connection to a server can be established. If zero, no timeout exists. |
|
||||
| [2] | `dialKeepAlive` | The interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled. |
|
||||
| [3] | `terminationDelay` | Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability. |
|
||||
| [4] | `tls` | The TLS configuration. |
|
||||
| [5] | `serverName` | ServerName used to contact the server. |
|
||||
| [6] | `insecureSkipVerify` | Controls whether the server's certificate chain and host name is verified. |
|
||||
| [7] | `peerCertURI` | URI used to match against SAN URIs during the server's certificate verification. |
|
||||
| [8] | `rootCAsSecrets` | Defines the set of root certificate authorities to use when verifying server certificates. The secret must contain a certificate under either a tls.ca or a ca.crt key. |
|
||||
| [9] | `certificatesSecrets` | Certificates to present to the server for mTLS. |
|
||||
| [10] | `spiffe` | The SPIFFE configuration. |
|
||||
| [11] | `ids` | Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain). |
|
||||
| [12] | `trustDomain` | Defines the allowed SPIFFE trust domain. |
|
||||
|
||||
!!! info "CA Secret"
|
||||
|
||||
The CA secret must contain a base64 encoded certificate under either a `tls.ca` or a `ca.crt` key.
|
||||
|
||||
??? example "Declaring and referencing a ServersTransportTCP"
|
||||
|
||||
```yaml tab="ServersTransportTCP"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
serverName: example.org
|
||||
insecureSkipVerify: true
|
||||
```
|
||||
|
||||
```yaml tab="IngressRouteTCP"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: testroute
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- tcpep
|
||||
routes:
|
||||
- match: HostSNI(`bar`)
|
||||
services:
|
||||
- name: whoamitcp
|
||||
port: 8080
|
||||
serversTransport: mytransport
|
||||
```
|
||||
|
||||
#### ServersTransportTCP reference
|
||||
|
||||
By default, the referenced ServersTransportTCP CRD must be defined in the same [Kubernetes service](https://kubernetes.io/docs/concepts/services-networking/service/) namespace.
|
||||
|
||||
To reference a ServersTransportTCP CRD from another namespace,
|
||||
the value must be of form `namespace-name@kubernetescrd`,
|
||||
and the [allowCrossNamespace](../../../providers/kubernetes-crd/#allowcrossnamespace) option must be enabled.
|
||||
|
||||
If the ServersTransportTCP CRD is defined in another provider the cross-provider format `name@provider` should be used.
|
||||
|
||||
## Further
|
||||
|
||||
Also see the [full example](../../user-guides/crd-acme/index.md) with Let's Encrypt.
|
||||
|
|
|
@ -414,14 +414,6 @@ You can declare TCP Routers and/or Services using KV.
|
|||
|--------------------------------------------------------------------|------------------|
|
||||
| `traefik/tcp/services/mytcpservice/loadbalancer/servers/0/address` | `xx.xx.xx.xx:xx` |
|
||||
|
||||
??? info "`traefik/tcp/services/<service_name>/loadbalancer/terminationdelay`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
|
||||
| Key (Path) | Value |
|
||||
|-------------------------------------------------------------------|-------|
|
||||
| `traefik/tcp/services/mytcpservice/loadbalancer/terminationdelay` | `100` |
|
||||
|
||||
??? info "`traefik/tcp/services/<service_name>/loadbalancer/proxyprotocol/version`"
|
||||
|
||||
See [PROXY protocol](../services/index.md#proxy-protocol) for more information.
|
||||
|
@ -430,6 +422,15 @@ You can declare TCP Routers and/or Services using KV.
|
|||
|------------------------------------------------------------------------|-------|
|
||||
| `traefik/tcp/services/mytcpservice/loadbalancer/proxyprotocol/version` | `1` |
|
||||
|
||||
??? info "`traefik/tcp/services/<service_name>/loadbalancer/serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
| Key (Path) | Value |
|
||||
|-----------------------------------------------------------------|---------------|
|
||||
| `traefik/tcp/services/myservice/loadbalancer/serverstransport` | `foobar@file` |
|
||||
|
||||
??? info "`traefik/tcp/services/<service_name>/weighted/services/<n>/name`"
|
||||
|
||||
| Key (Path) | Value |
|
||||
|
|
|
@ -451,12 +451,12 @@ You can declare TCP Routers and/or Services using labels.
|
|||
"traefik.tcp.services.mytcpservice.loadbalancer.server.port": "423"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
Determines whether to use TLS when dialing with the backend.
|
||||
|
||||
```json
|
||||
"traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay": "100"
|
||||
"traefik.tcp.services.mytcpservice.loadbalancer.server.tls": "true"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
||||
|
@ -467,6 +467,15 @@ You can declare TCP Routers and/or Services using labels.
|
|||
"traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version": "1"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
```json
|
||||
"traefik.tcp.services.<service_name>.loadbalancer.serverstransport": "foobar@file"
|
||||
```
|
||||
|
||||
### UDP
|
||||
|
||||
You can declare UDP Routers and/or Services using labels.
|
||||
|
|
|
@ -396,12 +396,12 @@ You can declare TCP Routers and/or Services using tags.
|
|||
traefik.tcp.services.mytcpservice.loadbalancer.server.port=423
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
Determines whether to use TLS when dialing with the backend.
|
||||
|
||||
```yaml
|
||||
traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100
|
||||
traefik.tcp.services.mytcpservice.loadbalancer.server.tls=true
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
||||
|
@ -412,6 +412,15 @@ You can declare TCP Routers and/or Services using tags.
|
|||
traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
```yaml
|
||||
traefik.tcp.services.myservice.loadbalancer.serverstransport=foobar@file
|
||||
```
|
||||
|
||||
### UDP
|
||||
|
||||
You can declare UDP Routers and/or Services using tags.
|
||||
|
|
|
@ -454,12 +454,12 @@ You can declare TCP Routers and/or Services using labels.
|
|||
- "traefik.tcp.services.mytcpservice.loadbalancer.server.port=423"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.tls`"
|
||||
|
||||
See [termination delay](../services/index.md#termination-delay) for more information.
|
||||
Determines whether to use TLS when dialing with the backend.
|
||||
|
||||
```yaml
|
||||
- "traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100"
|
||||
- "traefik.tcp.services.mytcpservice.loadbalancer.server.tls=true"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.proxyprotocol.version`"
|
||||
|
@ -470,6 +470,15 @@ You can declare TCP Routers and/or Services using labels.
|
|||
- "traefik.tcp.services.mytcpservice.loadbalancer.proxyprotocol.version=1"
|
||||
```
|
||||
|
||||
??? info "`traefik.tcp.services.<service_name>.loadbalancer.serverstransport`"
|
||||
|
||||
Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
|
||||
See [serverstransport](../services/index.md#serverstransport_2) for more information.
|
||||
|
||||
```yaml
|
||||
- "traefik.tcp.services.<service_name>.loadbalancer.serverstransport=foobar@file"
|
||||
```
|
||||
|
||||
### UDP
|
||||
|
||||
You can declare UDP Routers and/or Services using labels.
|
||||
|
|
|
@ -473,9 +473,9 @@ By default, `passHostHeader` is true.
|
|||
|
||||
#### ServersTransport
|
||||
|
||||
`serversTransport` allows to reference a [ServersTransport](./index.md#serverstransport_1) configuration for the communication between Traefik and your servers.
|
||||
`serversTransport` allows to reference an [HTTP ServersTransport](./index.md#serverstransport_1) configuration for the communication between Traefik and your servers.
|
||||
|
||||
??? example "Specify a transport -- Using the [File Provider](../../providers/file.md)"
|
||||
??? example "Specify an HTTP transport -- Using the [File Provider](../../providers/file.md)"
|
||||
|
||||
```yaml tab="YAML"
|
||||
## Dynamic configuration
|
||||
|
@ -494,9 +494,9 @@ By default, `passHostHeader` is true.
|
|||
serversTransport = "mytransport"
|
||||
```
|
||||
|
||||
!!! info default serversTransport
|
||||
!!! info Default Servers Transport
|
||||
If no serversTransport is specified, the `default@internal` will be used.
|
||||
The `default@internal` serversTransport is created from the [static configuration](../overview.md#transport-configuration).
|
||||
The `default@internal` serversTransport is created from the [static configuration](../overview.md#http-servers-transports).
|
||||
|
||||
#### Response Forwarding
|
||||
|
||||
|
@ -532,9 +532,9 @@ Below are the available options for the Response Forwarding mechanism:
|
|||
|
||||
### ServersTransport
|
||||
|
||||
ServersTransport allows to configure the transport between Traefik and your servers.
|
||||
ServersTransport allows to configure the transport between Traefik and your HTTP servers.
|
||||
|
||||
#### `ServerName`
|
||||
#### `serverName`
|
||||
|
||||
_Optional_
|
||||
|
||||
|
@ -565,7 +565,7 @@ spec:
|
|||
serverName: "test"
|
||||
```
|
||||
|
||||
#### `Certificates`
|
||||
#### `certificates`
|
||||
|
||||
_Optional_
|
||||
|
||||
|
@ -606,7 +606,7 @@ kind: Secret
|
|||
metadata:
|
||||
name: mycert
|
||||
|
||||
data:
|
||||
data:
|
||||
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
||||
tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0=
|
||||
```
|
||||
|
@ -680,7 +680,7 @@ kind: Secret
|
|||
metadata:
|
||||
name: myca
|
||||
|
||||
data:
|
||||
data:
|
||||
ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
||||
```
|
||||
|
||||
|
@ -721,12 +721,6 @@ _Optional, Default=false_
|
|||
|
||||
`disableHTTP2` disables HTTP/2 for connections with servers.
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[http.serversTransports.mytransport]
|
||||
disableHTTP2 = true
|
||||
```
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
http:
|
||||
|
@ -735,6 +729,12 @@ http:
|
|||
disableHTTP2: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[http.serversTransports.mytransport]
|
||||
disableHTTP2 = true
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransport
|
||||
|
@ -752,12 +752,6 @@ _Optional, Default=false_
|
|||
|
||||
`peerCertURI` defines the URI used to match against SAN URIs during the server's certificate verification.
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[http.serversTransports.mytransport]
|
||||
peerCertURI = "foobar"
|
||||
```
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
http:
|
||||
|
@ -766,6 +760,12 @@ http:
|
|||
peerCertURI: foobar
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[http.serversTransports.mytransport]
|
||||
peerCertURI = "foobar"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransport
|
||||
|
@ -1469,6 +1469,9 @@ The servers load balancer is in charge of balancing the requests between the ser
|
|||
#### Servers
|
||||
|
||||
Servers declare a single instance of your program.
|
||||
|
||||
#### `address`
|
||||
|
||||
The `address` option (IP:Port) point to a specific instance.
|
||||
|
||||
??? example "A Service with One Server -- Using the [File Provider](../../providers/file.md)"
|
||||
|
@ -1491,6 +1494,60 @@ The `address` option (IP:Port) point to a specific instance.
|
|||
address = "xx.xx.xx.xx:xx"
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
The `tls` determines whether to use TLS when dialing with the backend.
|
||||
|
||||
??? example "A Service with One Server Using TLS -- Using the [File Provider](../../providers/file.md)"
|
||||
|
||||
```yaml tab="YAML"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
services:
|
||||
my-service:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- address: "xx.xx.xx.xx:xx"
|
||||
tls: true
|
||||
```
|
||||
|
||||
```toml tab="TOML"
|
||||
## Dynamic configuration
|
||||
[tcp.services]
|
||||
[tcp.services.my-service.loadBalancer]
|
||||
[[tcp.services.my-service.loadBalancer.servers]]
|
||||
address = "xx.xx.xx.xx:xx"
|
||||
tls = true
|
||||
```
|
||||
|
||||
#### ServersTransport
|
||||
|
||||
`serversTransport` allows to reference a [TCP ServersTransport](./index.md#serverstransport_3) configuration for the communication between Traefik and your servers.
|
||||
|
||||
??? example "Specify a TCP transport -- Using the [File Provider](../../providers/file.md)"
|
||||
|
||||
```yaml tab="YAML"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
services:
|
||||
Service01:
|
||||
loadBalancer:
|
||||
serversTransport: mytransport
|
||||
```
|
||||
|
||||
```toml tab="TOML"
|
||||
## Dynamic configuration
|
||||
[tcp.services]
|
||||
[tcp.services.Service01]
|
||||
[tcp.services.Service01.loadBalancer]
|
||||
serversTransport = "mytransport"
|
||||
```
|
||||
|
||||
!!! info "Default Servers Transport"
|
||||
|
||||
If no serversTransport is specified, the `default@internal` will be used.
|
||||
The `default@internal` serversTransport is created from the [static configuration](../overview.md#tcp-servers-transports).
|
||||
|
||||
#### PROXY Protocol
|
||||
|
||||
Traefik supports [PROXY Protocol](https://www.haproxy.org/download/2.0/doc/proxy-protocol.txt) version 1 and 2 on TCP Services.
|
||||
|
@ -1524,39 +1581,6 @@ Below are the available options for the PROXY protocol:
|
|||
version = 1
|
||||
```
|
||||
|
||||
#### Termination Delay
|
||||
|
||||
As a proxy between a client and a server, it can happen that either side (e.g. client side) decides to terminate its writing capability on the connection (i.e. issuance of a FIN packet).
|
||||
The proxy needs to propagate that intent to the other side, and so when that happens, it also does the same on its connection with the other side (e.g. backend side).
|
||||
|
||||
However, if for some reason (bad implementation, or malicious intent) the other side does not eventually do the same as well,
|
||||
the connection would stay half-open, which would lock resources for however long.
|
||||
|
||||
To that end, as soon as the proxy enters this termination sequence, it sets a deadline on fully terminating the connections on both sides.
|
||||
|
||||
The termination delay controls that deadline.
|
||||
It is a duration in milliseconds, defaulting to 100.
|
||||
A negative value means an infinite deadline (i.e. the connection is never fully terminated by the proxy itself).
|
||||
|
||||
??? example "A Service with a termination delay -- Using the [File Provider](../../providers/file.md)"
|
||||
|
||||
```yaml tab="YAML"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
services:
|
||||
my-service:
|
||||
loadBalancer:
|
||||
terminationDelay: 200
|
||||
```
|
||||
|
||||
```toml tab="TOML"
|
||||
## Dynamic configuration
|
||||
[tcp.services]
|
||||
[tcp.services.my-service.loadBalancer]
|
||||
[[tcp.services.my-service.loadBalancer]]
|
||||
terminationDelay = 200
|
||||
```
|
||||
|
||||
### Weighted Round Robin
|
||||
|
||||
The Weighted Round Robin (alias `WRR`) load-balancer of services is in charge of balancing the requests between multiple services based on provided weights.
|
||||
|
@ -1612,6 +1636,414 @@ tcp:
|
|||
address = "private-ip-server-2:8080/"
|
||||
```
|
||||
|
||||
### ServersTransport
|
||||
|
||||
ServersTransport allows to configure the transport between Traefik and your TCP servers.
|
||||
|
||||
#### `dialTimeout`
|
||||
|
||||
_Optional, Default="30s"_
|
||||
|
||||
`dialTimeout` defines the timeout when dialing the backend TCP service. If zero, no timeout exists.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
dialTimeout: 30s
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport]
|
||||
dialTimeout = "30s"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
dialTimeout: 30s
|
||||
```
|
||||
|
||||
#### `dialKeepAlive`
|
||||
|
||||
_Optional, Default="15s"_
|
||||
|
||||
`dialKeepAlive` defines the interval between keep-alive probes for an active network connection.
|
||||
If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and
|
||||
operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative,
|
||||
keep-alive probes are disabled.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
dialKeepAlive: 30s
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport]
|
||||
dialKeepAlive = "30s"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
dialKeepAlive: 30s
|
||||
```
|
||||
|
||||
#### `terminationDelay`
|
||||
|
||||
_Optional, Default="100ms"_
|
||||
|
||||
As a proxy between a client and a server, it can happen that either side (e.g. client side) decides to terminate its writing capability on the connection (i.e. issuance of a FIN packet).
|
||||
The proxy needs to propagate that intent to the other side, and so when that happens, it also does the same on its connection with the other side (e.g. backend side).
|
||||
|
||||
However, if for some reason (bad implementation, or malicious intent) the other side does not eventually do the same as well,
|
||||
the connection would stay half-open, which would lock resources for however long.
|
||||
|
||||
To that end, as soon as the proxy enters this termination sequence, it sets a deadline on fully terminating the connections on both sides.
|
||||
|
||||
The termination delay controls that deadline.
|
||||
A negative value means an infinite deadline (i.e. the connection is never fully terminated by the proxy itself).
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
terminationDelay: 100ms
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport]
|
||||
terminationDelay = "100ms"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
terminationDelay: 100ms
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
`tls` defines the TLS configuration.
|
||||
|
||||
_Optional_
|
||||
|
||||
An empty `tls` section enables TLS.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
tls: {}
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.tls]
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls: {}
|
||||
```
|
||||
|
||||
#### `tls.serverName`
|
||||
|
||||
_Optional_
|
||||
|
||||
`tls.serverName` configure the server name that will be used for SNI.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
tls:
|
||||
serverName: "myhost"
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.tls]
|
||||
serverName = "myhost"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
serverName: "test"
|
||||
```
|
||||
|
||||
#### `tls.certificates`
|
||||
|
||||
_Optional_
|
||||
|
||||
`tls.certificates` is the list of certificates (as file paths, or data bytes)
|
||||
that will be set as client certificates for mTLS.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
tls:
|
||||
certificates:
|
||||
- certFile: foo.crt
|
||||
keyFile: bar.crt
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[[tcp.serversTransports.mytransport.tls.certificates]]
|
||||
certFile = "foo.crt"
|
||||
keyFile = "bar.crt"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
certificatesSecrets:
|
||||
- mycert
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mycert
|
||||
|
||||
data:
|
||||
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
||||
tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0=
|
||||
```
|
||||
|
||||
#### `tls.insecureSkipVerify`
|
||||
|
||||
_Optional_
|
||||
|
||||
`tls.insecureSkipVerify` controls whether the server's certificate chain and host name is verified.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.tls]
|
||||
insecureSkipVerify = true
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
```
|
||||
|
||||
#### `tls.rootCAs`
|
||||
|
||||
_Optional_
|
||||
|
||||
`tls.rootCAs` defines the set of root certificate authorities (as file paths, or data bytes) to use when verifying server certificates.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
tls:
|
||||
rootCAs:
|
||||
- foo.crt
|
||||
- bar.crt
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.tls]
|
||||
rootCAs = ["foo.crt", "bar.crt"]
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
rootCAsSecrets:
|
||||
- myca
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: myca
|
||||
|
||||
data:
|
||||
ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
||||
```
|
||||
|
||||
#### `tls.peerCertURI`
|
||||
|
||||
_Optional, Default=false_
|
||||
|
||||
`tls.peerCertURI` defines the URI used to match against SAN URIs during the server's certificate verification.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
tls:
|
||||
peerCertURI: foobar
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.tls]
|
||||
peerCertURI = "foobar"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
peerCertURI: foobar
|
||||
```
|
||||
|
||||
#### `spiffe`
|
||||
|
||||
Please note that [SPIFFE](../../https/spiffe.md) must be enabled in the static configuration
|
||||
before using it to secure the connection between Traefik and the backends.
|
||||
|
||||
##### `spiffe.ids`
|
||||
|
||||
_Optional_
|
||||
|
||||
`ids` defines the allowed SPIFFE IDs.
|
||||
This takes precedence over the SPIFFE TrustDomain.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
spiffe:
|
||||
ids:
|
||||
- spiffe://trust-domain/id1
|
||||
- spiffe://trust-domain/id2
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.spiffe]
|
||||
ids = ["spiffe://trust-domain/id1", "spiffe://trust-domain/id2"]
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
spiffe:
|
||||
ids:
|
||||
- spiffe://trust-domain/id1
|
||||
- spiffe://trust-domain/id2
|
||||
```
|
||||
|
||||
##### `spiffe.trustDomain`
|
||||
|
||||
_Optional_
|
||||
|
||||
`trustDomain` defines the allowed SPIFFE trust domain.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
serversTransports:
|
||||
mytransport:
|
||||
spiffe:
|
||||
trustDomain: spiffe://trust-domain
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Dynamic configuration
|
||||
[tcp.serversTransports.mytransport.spiffe]
|
||||
trustDomain = "spiffe://trust-domain"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: mytransport
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
spiffe:
|
||||
trustDomain: "spiffe://trust-domain"
|
||||
```
|
||||
|
||||
## Configuring UDP Services
|
||||
|
||||
### General
|
||||
|
|
|
@ -373,15 +373,16 @@ spec:
|
|||
to use.
|
||||
type: integer
|
||||
type: object
|
||||
terminationDelay:
|
||||
description: TerminationDelay defines the deadline that
|
||||
the proxy sets, after one of its connected peers indicates
|
||||
it has closed the writing capability of its connection,
|
||||
to close the reading capability as well, hence fully
|
||||
terminating the connection. It is a duration in milliseconds,
|
||||
defaulting to 100. A negative value means an infinite
|
||||
deadline (i.e. the reading capability is never closed).
|
||||
type: integer
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransportTCP
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
type: string
|
||||
tls:
|
||||
description: TLS determines whether to use TLS when dialing
|
||||
with the backend.
|
||||
type: boolean
|
||||
weight:
|
||||
description: Weight defines the weight used when balancing
|
||||
requests between multiple Kubernetes Service.
|
||||
|
@ -1684,6 +1685,128 @@ status:
|
|||
conditions: []
|
||||
storedVersions: []
|
||||
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.6.2
|
||||
creationTimestamp: null
|
||||
name: serverstransporttcps.traefik.containo.us
|
||||
spec:
|
||||
group: traefik.containo.us
|
||||
names:
|
||||
kind: ServersTransportTCP
|
||||
listKind: ServersTransportTCPList
|
||||
plural: serverstransporttcps
|
||||
singular: serverstransporttcp
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||
If no tcpServersTransport is specified, a default one named default@internal
|
||||
will be used. The default@internal tcpServersTransport can be configured
|
||||
in the static configuration. More info: https://doc.traefik.io/traefik/v2.9/routing/services/#serverstransport_3'
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
|
||||
properties:
|
||||
dialKeepAlive:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: DialKeepAlive is the interval between keep-alive probes
|
||||
for an active network connection. If zero, keep-alive probes are
|
||||
sent with a default value (currently 15 seconds), if supported by
|
||||
the protocol and operating system. Network protocols or operating
|
||||
systems that do not support keep-alives ignore this field. If negative,
|
||||
keep-alive probes are disabled.
|
||||
x-kubernetes-int-or-string: true
|
||||
dialTimeout:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: DialTimeout is the amount of time to wait until a connection
|
||||
to a backend server can be established.
|
||||
x-kubernetes-int-or-string: true
|
||||
terminationDelay:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: TerminationDelay defines the delay to wait before fully
|
||||
terminating the connection, after one connected peer has closed
|
||||
its writing capability.
|
||||
x-kubernetes-int-or-string: true
|
||||
tls:
|
||||
description: TLS defines the TLS configuration
|
||||
properties:
|
||||
certificatesSecrets:
|
||||
description: CertificatesSecrets defines a list of secret storing
|
||||
client certificates for mTLS.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
insecureSkipVerify:
|
||||
description: InsecureSkipVerify disables TLS certificate verification.
|
||||
type: boolean
|
||||
peerCertURI:
|
||||
description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
|
||||
to keep per-host. PeerCertURI defines the peer cert URI used
|
||||
to match against SAN URI during the peer certificate verification.
|
||||
type: string
|
||||
rootCAsSecrets:
|
||||
description: RootCAsSecrets defines a list of CA secret used to
|
||||
validate self-signed certificates.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
serverName:
|
||||
description: ServerName defines the server name used to contact
|
||||
the server.
|
||||
type: string
|
||||
spiffe:
|
||||
description: Spiffe defines the SPIFFE configuration.
|
||||
properties:
|
||||
ids:
|
||||
description: IDs defines the allowed SPIFFE IDs (takes precedence
|
||||
over the SPIFFE TrustDomain).
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
trustDomain:
|
||||
description: TrustDomain defines the allowed SPIFFE trust
|
||||
domain.
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- metadata
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
|
|
2
integration/testdata/rawdata-crd.json
vendored
2
integration/testdata/rawdata-crd.json
vendored
|
@ -274,7 +274,6 @@
|
|||
"tcpServices": {
|
||||
"default-test3.route-673acf455cb2dab0b43a-externalname-svc-9090@kubernetescrd": {
|
||||
"loadBalancer": {
|
||||
"terminationDelay": 100,
|
||||
"servers": [
|
||||
{
|
||||
"address": "domain.com:9090"
|
||||
|
@ -285,7 +284,6 @@
|
|||
},
|
||||
"default-test3.route-673acf455cb2dab0b43a-whoamitcp-8080@kubernetescrd": {
|
||||
"loadBalancer": {
|
||||
"terminationDelay": 100,
|
||||
"servers": [
|
||||
{
|
||||
"address": "10.42.0.10:8080"
|
||||
|
|
1
integration/testdata/rawdata-gateway.json
vendored
1
integration/testdata/rawdata-gateway.json
vendored
|
@ -229,7 +229,6 @@
|
|||
},
|
||||
"default-whoamitcp-8080@kubernetesgateway": {
|
||||
"loadBalancer": {
|
||||
"terminationDelay": 100,
|
||||
"servers": [
|
||||
{
|
||||
"address": "10.42.0.2:8080"
|
||||
|
|
|
@ -34,6 +34,11 @@ func Append(router *mux.Router, customAssets fs.FS) {
|
|||
// allow iframes from our domains only
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src
|
||||
w.Header().Set("Content-Security-Policy", "frame-src 'self' https://traefik.io https://*.traefik.io;")
|
||||
|
||||
// The content type must be guessed by the file server.
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
w.Header().Del("Content-Type")
|
||||
|
||||
http.StripPrefix("/dashboard/", http.FileServer(http.FS(assets))).ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
|
|
@ -264,15 +264,15 @@ type HealthCheck struct{}
|
|||
|
||||
// ServersTransport options to configure communication between Traefik and the servers.
|
||||
type ServersTransport struct {
|
||||
ServerName string `description:"ServerName used to contact the server." json:"serverName,omitempty" toml:"serverName,omitempty" yaml:"serverName,omitempty"`
|
||||
InsecureSkipVerify bool `description:"Disable SSL certificate verification." json:"insecureSkipVerify,omitempty" toml:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty" export:"true"`
|
||||
RootCAs []traefiktls.FileOrContent `description:"Add cert file for self-signed certificate." json:"rootCAs,omitempty" toml:"rootCAs,omitempty" yaml:"rootCAs,omitempty"`
|
||||
Certificates traefiktls.Certificates `description:"Certificates for mTLS." json:"certificates,omitempty" toml:"certificates,omitempty" yaml:"certificates,omitempty" export:"true"`
|
||||
ServerName string `description:"Defines the serverName used to contact the server." json:"serverName,omitempty" toml:"serverName,omitempty" yaml:"serverName,omitempty"`
|
||||
InsecureSkipVerify bool `description:"Disables SSL certificate verification." json:"insecureSkipVerify,omitempty" toml:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty" export:"true"`
|
||||
RootCAs []traefiktls.FileOrContent `description:"Defines a list of CA secret used to validate self-signed certificate" json:"rootCAs,omitempty" toml:"rootCAs,omitempty" yaml:"rootCAs,omitempty"`
|
||||
Certificates traefiktls.Certificates `description:"Defines a list of secret storing client certificates for mTLS." json:"certificates,omitempty" toml:"certificates,omitempty" yaml:"certificates,omitempty" export:"true"`
|
||||
MaxIdleConnsPerHost int `description:"If non-zero, controls the maximum idle (keep-alive) to keep per-host. If zero, DefaultMaxIdleConnsPerHost is used" json:"maxIdleConnsPerHost,omitempty" toml:"maxIdleConnsPerHost,omitempty" yaml:"maxIdleConnsPerHost,omitempty" export:"true"`
|
||||
ForwardingTimeouts *ForwardingTimeouts `description:"Timeouts for requests forwarded to the backend servers." json:"forwardingTimeouts,omitempty" toml:"forwardingTimeouts,omitempty" yaml:"forwardingTimeouts,omitempty" export:"true"`
|
||||
DisableHTTP2 bool `description:"Disable HTTP/2 for connections with backend servers." json:"disableHTTP2,omitempty" toml:"disableHTTP2,omitempty" yaml:"disableHTTP2,omitempty" export:"true"`
|
||||
PeerCertURI string `description:"URI used to match against SAN URI during the peer certificate verification." json:"peerCertURI,omitempty" toml:"peerCertURI,omitempty" yaml:"peerCertURI,omitempty" export:"true"`
|
||||
Spiffe *Spiffe `description:"Define the SPIFFE configuration." json:"spiffe,omitempty" toml:"spiffe,omitempty" yaml:"spiffe,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
ForwardingTimeouts *ForwardingTimeouts `description:"Defines the timeouts for requests forwarded to the backend servers." json:"forwardingTimeouts,omitempty" toml:"forwardingTimeouts,omitempty" yaml:"forwardingTimeouts,omitempty" export:"true"`
|
||||
DisableHTTP2 bool `description:"Disables HTTP/2 for connections with backend servers." json:"disableHTTP2,omitempty" toml:"disableHTTP2,omitempty" yaml:"disableHTTP2,omitempty" export:"true"`
|
||||
PeerCertURI string `description:"Defines the URI used to match against SAN URI during the peer certificate verification." json:"peerCertURI,omitempty" toml:"peerCertURI,omitempty" yaml:"peerCertURI,omitempty" export:"true"`
|
||||
Spiffe *Spiffe `description:"Defines the SPIFFE configuration." json:"spiffe,omitempty" toml:"spiffe,omitempty" yaml:"spiffe,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
|
|
@ -2,7 +2,10 @@ package dynamic
|
|||
|
||||
import (
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
ptypes "github.com/traefik/paerser/types"
|
||||
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
||||
"github.com/traefik/traefik/v2/pkg/types"
|
||||
)
|
||||
|
||||
|
@ -13,6 +16,7 @@ type TCPConfiguration struct {
|
|||
Routers map[string]*TCPRouter `json:"routers,omitempty" toml:"routers,omitempty" yaml:"routers,omitempty" export:"true"`
|
||||
Services map[string]*TCPService `json:"services,omitempty" toml:"services,omitempty" yaml:"services,omitempty" export:"true"`
|
||||
Middlewares map[string]*TCPMiddleware `json:"middlewares,omitempty" toml:"middlewares,omitempty" yaml:"middlewares,omitempty" export:"true"`
|
||||
ServersTransports map[string]*TCPServersTransport `json:"serversTransports,omitempty" toml:"serversTransports,omitempty" yaml:"serversTransports,omitempty" label:"-" export:"true"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
@ -70,20 +74,9 @@ type RouterTCPTLSConfig struct {
|
|||
|
||||
// TCPServersLoadBalancer holds the LoadBalancerService configuration.
|
||||
type TCPServersLoadBalancer struct {
|
||||
// TerminationDelay, corresponds to the deadline that the proxy sets, after one
|
||||
// of its connected peers indicates it has closed the writing capability of its
|
||||
// connection, to close the reading capability as well, hence fully terminating the
|
||||
// connection. It is a duration in milliseconds, defaulting to 100. A negative value
|
||||
// means an infinite deadline (i.e. the reading capability is never closed).
|
||||
TerminationDelay *int `json:"terminationDelay,omitempty" toml:"terminationDelay,omitempty" yaml:"terminationDelay,omitempty" export:"true"`
|
||||
ProxyProtocol *ProxyProtocol `json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"`
|
||||
Servers []TCPServer `json:"servers,omitempty" toml:"servers,omitempty" yaml:"servers,omitempty" label-slice-as-struct:"server" export:"true"`
|
||||
}
|
||||
|
||||
// SetDefaults Default values for a TCPServersLoadBalancer.
|
||||
func (l *TCPServersLoadBalancer) SetDefaults() {
|
||||
defaultTerminationDelay := 100 // in milliseconds
|
||||
l.TerminationDelay = &defaultTerminationDelay
|
||||
ServersTransport string `json:"serversTransport,omitempty" toml:"serversTransport,omitempty" yaml:"serversTransport,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// Mergeable tells if the given service is mergeable.
|
||||
|
@ -109,6 +102,7 @@ func (l *TCPServersLoadBalancer) Mergeable(loadBalancer *TCPServersLoadBalancer)
|
|||
type TCPServer struct {
|
||||
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty" label:"-"`
|
||||
Port string `toml:"-" json:"-" yaml:"-"`
|
||||
TLS bool `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
@ -124,3 +118,37 @@ type ProxyProtocol struct {
|
|||
func (p *ProxyProtocol) SetDefaults() {
|
||||
p.Version = 2
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// TCPServersTransport options to configure communication between Traefik and the servers.
|
||||
type TCPServersTransport struct {
|
||||
DialKeepAlive ptypes.Duration `description:"Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled" json:"dialKeepAlive,omitempty" toml:"dialKeepAlive,omitempty" yaml:"dialKeepAlive,omitempty" export:"true"`
|
||||
DialTimeout ptypes.Duration `description:"Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists." json:"dialTimeout,omitempty" toml:"dialTimeout,omitempty" yaml:"dialTimeout,omitempty" export:"true"`
|
||||
// TerminationDelay, corresponds to the deadline that the proxy sets, after one
|
||||
// of its connected peers indicates it has closed the writing capability of its
|
||||
// connection, to close the reading capability as well, hence fully terminating the
|
||||
// connection. It is a duration in milliseconds, defaulting to 100. A negative value
|
||||
// means an infinite deadline (i.e. the reading capability is never closed).
|
||||
TerminationDelay ptypes.Duration `description:"Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability." json:"terminationDelay,omitempty" toml:"terminationDelay,omitempty" yaml:"terminationDelay,omitempty" export:"true"`
|
||||
TLS *TLSClientConfig `description:"Defines the TLS configuration." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// TLSClientConfig options to configure TLS communication between Traefik and the servers.
|
||||
type TLSClientConfig struct {
|
||||
ServerName string `description:"Defines the serverName used to contact the server." json:"serverName,omitempty" toml:"serverName,omitempty" yaml:"serverName,omitempty"`
|
||||
InsecureSkipVerify bool `description:"Disables SSL certificate verification." json:"insecureSkipVerify,omitempty" toml:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty" export:"true"`
|
||||
RootCAs []traefiktls.FileOrContent `description:"Defines a list of CA secret used to validate self-signed certificate" json:"rootCAs,omitempty" toml:"rootCAs,omitempty" yaml:"rootCAs,omitempty"`
|
||||
Certificates traefiktls.Certificates `description:"Defines a list of secret storing client certificates for mTLS." json:"certificates,omitempty" toml:"certificates,omitempty" yaml:"certificates,omitempty" export:"true"`
|
||||
PeerCertURI string `description:"Defines the URI used to match against SAN URI during the peer certificate verification." json:"peerCertURI,omitempty" toml:"peerCertURI,omitempty" yaml:"peerCertURI,omitempty" export:"true"`
|
||||
Spiffe *Spiffe `description:"Defines the SPIFFE TLS configuration." json:"spiffe,omitempty" toml:"spiffe,omitempty" yaml:"spiffe,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
}
|
||||
|
||||
// SetDefaults sets the default values for a TCPServersTransport.
|
||||
func (t *TCPServersTransport) SetDefaults() {
|
||||
t.DialTimeout = ptypes.Duration(30 * time.Second)
|
||||
t.DialKeepAlive = ptypes.Duration(15 * time.Second)
|
||||
t.TerminationDelay = ptypes.Duration(100 * time.Millisecond)
|
||||
}
|
||||
|
|
|
@ -1396,6 +1396,21 @@ func (in *TCPConfiguration) DeepCopyInto(out *TCPConfiguration) {
|
|||
(*out)[key] = outVal
|
||||
}
|
||||
}
|
||||
if in.ServersTransports != nil {
|
||||
in, out := &in.ServersTransports, &out.ServersTransports
|
||||
*out = make(map[string]*TCPServersTransport, len(*in))
|
||||
for key, val := range *in {
|
||||
var outVal *TCPServersTransport
|
||||
if val == nil {
|
||||
(*out)[key] = nil
|
||||
} else {
|
||||
in, out := &val, &outVal
|
||||
*out = new(TCPServersTransport)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
(*out)[key] = outVal
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -1522,11 +1537,6 @@ func (in *TCPServer) DeepCopy() *TCPServer {
|
|||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TCPServersLoadBalancer) DeepCopyInto(out *TCPServersLoadBalancer) {
|
||||
*out = *in
|
||||
if in.TerminationDelay != nil {
|
||||
in, out := &in.TerminationDelay, &out.TerminationDelay
|
||||
*out = new(int)
|
||||
**out = **in
|
||||
}
|
||||
if in.ProxyProtocol != nil {
|
||||
in, out := &in.ProxyProtocol, &out.ProxyProtocol
|
||||
*out = new(ProxyProtocol)
|
||||
|
@ -1550,6 +1560,27 @@ func (in *TCPServersLoadBalancer) DeepCopy() *TCPServersLoadBalancer {
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TCPServersTransport) DeepCopyInto(out *TCPServersTransport) {
|
||||
*out = *in
|
||||
if in.TLS != nil {
|
||||
in, out := &in.TLS, &out.TLS
|
||||
*out = new(TLSClientConfig)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPServersTransport.
|
||||
func (in *TCPServersTransport) DeepCopy() *TCPServersTransport {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(TCPServersTransport)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TCPService) DeepCopyInto(out *TCPService) {
|
||||
*out = *in
|
||||
|
@ -1678,6 +1709,37 @@ func (in *TLSClientCertificateSubjectDNInfo) DeepCopy() *TLSClientCertificateSub
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TLSClientConfig) DeepCopyInto(out *TLSClientConfig) {
|
||||
*out = *in
|
||||
if in.RootCAs != nil {
|
||||
in, out := &in.RootCAs, &out.RootCAs
|
||||
*out = make([]tls.FileOrContent, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.Certificates != nil {
|
||||
in, out := &in.Certificates, &out.Certificates
|
||||
*out = make(tls.Certificates, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.Spiffe != nil {
|
||||
in, out := &in.Spiffe, &out.Spiffe
|
||||
*out = new(Spiffe)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSClientConfig.
|
||||
func (in *TLSClientConfig) DeepCopy() *TLSClientConfig {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(TLSClientConfig)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TLSConfiguration) DeepCopyInto(out *TLSConfiguration) {
|
||||
*out = *in
|
||||
|
|
|
@ -157,6 +157,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.http.services.Service0.loadbalancer.server.port": "8080",
|
||||
"traefik.http.services.Service0.loadbalancer.sticky.cookie.name": "foobar",
|
||||
"traefik.http.services.Service0.loadbalancer.sticky.cookie.secure": "true",
|
||||
"traefik.http.services.Service0.loadbalancer.serversTransport": "foobar",
|
||||
"traefik.http.services.Service1.loadbalancer.healthcheck.headers.name0": "foobar",
|
||||
"traefik.http.services.Service1.loadbalancer.healthcheck.headers.name1": "foobar",
|
||||
"traefik.http.services.Service1.loadbalancer.healthcheck.hostname": "foobar",
|
||||
|
@ -175,6 +176,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.http.services.Service1.loadbalancer.server.port": "8080",
|
||||
"traefik.http.services.Service1.loadbalancer.sticky": "false",
|
||||
"traefik.http.services.Service1.loadbalancer.sticky.cookie.name": "fui",
|
||||
"traefik.http.services.Service1.loadbalancer.serversTransport": "foobar",
|
||||
|
||||
"traefik.tcp.middlewares.Middleware0.ipallowlist.sourcerange": "foobar, fiibar",
|
||||
"traefik.tcp.middlewares.Middleware2.inflightconn.amount": "42",
|
||||
|
@ -191,11 +193,11 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.tcp.routers.Router1.tls.options": "foo",
|
||||
"traefik.tcp.routers.Router1.tls.passthrough": "false",
|
||||
"traefik.tcp.services.Service0.loadbalancer.server.Port": "42",
|
||||
"traefik.tcp.services.Service0.loadbalancer.TerminationDelay": "42",
|
||||
"traefik.tcp.services.Service0.loadbalancer.proxyProtocol.version": "42",
|
||||
"traefik.tcp.services.Service0.loadbalancer.serversTransport": "foo",
|
||||
"traefik.tcp.services.Service1.loadbalancer.server.Port": "42",
|
||||
"traefik.tcp.services.Service1.loadbalancer.TerminationDelay": "42",
|
||||
"traefik.tcp.services.Service1.loadbalancer.proxyProtocol": "true",
|
||||
"traefik.tcp.services.Service1.loadbalancer.serversTransport": "foo",
|
||||
|
||||
"traefik.udp.routers.Router0.entrypoints": "foobar, fiibar",
|
||||
"traefik.udp.routers.Router0.service": "foobar",
|
||||
|
@ -258,8 +260,8 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
Port: "42",
|
||||
},
|
||||
},
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
ProxyProtocol: &dynamic.ProxyProtocol{Version: 42},
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
},
|
||||
"Service1": {
|
||||
|
@ -269,8 +271,8 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
Port: "42",
|
||||
},
|
||||
},
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
ProxyProtocol: &dynamic.ProxyProtocol{Version: 2},
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -659,6 +661,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||
FlushInterval: ptypes.Duration(time.Second),
|
||||
},
|
||||
ServersTransport: "foobar",
|
||||
},
|
||||
},
|
||||
"Service1": {
|
||||
|
@ -689,6 +692,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||
FlushInterval: ptypes.Duration(time.Second),
|
||||
},
|
||||
ServersTransport: "foobar",
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -696,6 +700,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
}
|
||||
|
||||
assert.Nil(t, configuration.HTTP.ServersTransports)
|
||||
assert.Nil(t, configuration.TCP.ServersTransports)
|
||||
assert.Equal(t, expected, configuration)
|
||||
}
|
||||
|
||||
|
@ -750,7 +755,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
Port: "42",
|
||||
},
|
||||
},
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
},
|
||||
"Service1": {
|
||||
|
@ -760,7 +765,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
Port: "42",
|
||||
},
|
||||
},
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -1145,6 +1150,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||
FlushInterval: ptypes.Duration(time.Second),
|
||||
},
|
||||
ServersTransport: "foobar",
|
||||
},
|
||||
},
|
||||
"Service1": {
|
||||
|
@ -1173,6 +1179,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
ResponseForwarding: &dynamic.ResponseForwarding{
|
||||
FlushInterval: ptypes.Duration(time.Second),
|
||||
},
|
||||
ServersTransport: "foobar",
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -1309,6 +1316,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Routers.Router1.Rule": "foobar",
|
||||
"traefik.HTTP.Routers.Router1.Service": "foobar",
|
||||
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.HealthCheck.Headers.name0": "foobar",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.HealthCheck.Headers.name1": "foobar",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.HealthCheck.Hostname": "foobar",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.HealthCheck.Interval": "1000000000",
|
||||
|
@ -1325,6 +1333,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Services.Service0.LoadBalancer.Sticky.Cookie.Name": "foobar",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.Sticky.Cookie.HTTPOnly": "true",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.Sticky.Cookie.Secure": "false",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.ServersTransport": "foobar",
|
||||
"traefik.HTTP.Services.Service1.LoadBalancer.HealthCheck.Headers.name0": "foobar",
|
||||
"traefik.HTTP.Services.Service1.LoadBalancer.HealthCheck.Headers.name1": "foobar",
|
||||
"traefik.HTTP.Services.Service1.LoadBalancer.HealthCheck.Hostname": "foobar",
|
||||
|
@ -1339,7 +1348,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Services.Service1.LoadBalancer.ResponseForwarding.FlushInterval": "1000000000",
|
||||
"traefik.HTTP.Services.Service1.LoadBalancer.server.Port": "8080",
|
||||
"traefik.HTTP.Services.Service1.LoadBalancer.server.Scheme": "foobar",
|
||||
"traefik.HTTP.Services.Service0.LoadBalancer.HealthCheck.Headers.name0": "foobar",
|
||||
"traefik.HTTP.Services.Service1.LoadBalancer.ServersTransport": "foobar",
|
||||
|
||||
"traefik.TCP.Middlewares.Middleware0.IPAllowList.SourceRange": "foobar, fiibar",
|
||||
"traefik.TCP.Middlewares.Middleware2.InFlightConn.Amount": "42",
|
||||
|
@ -1356,9 +1365,11 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.TCP.Routers.Router1.TLS.Passthrough": "false",
|
||||
"traefik.TCP.Routers.Router1.TLS.Options": "foo",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.server.Port": "42",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.TerminationDelay": "42",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.server.TLS": "false",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.ServersTransport": "foo",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.server.Port": "42",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.TerminationDelay": "42",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.server.TLS": "false",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.ServersTransport": "foo",
|
||||
|
||||
"traefik.UDP.Routers.Router0.EntryPoints": "foobar, fiibar",
|
||||
"traefik.UDP.Routers.Router0.Service": "foobar",
|
||||
|
|
|
@ -64,6 +64,7 @@ type Configuration struct {
|
|||
Global *Global `description:"Global configuration options" json:"global,omitempty" toml:"global,omitempty" yaml:"global,omitempty" export:"true"`
|
||||
|
||||
ServersTransport *ServersTransport `description:"Servers default transport." json:"serversTransport,omitempty" toml:"serversTransport,omitempty" yaml:"serversTransport,omitempty" export:"true"`
|
||||
TCPServersTransport *TCPServersTransport `description:"TCP servers default transport." json:"tcpServersTransport,omitempty" toml:"tcpServersTransport,omitempty" yaml:"tcpServersTransport,omitempty" export:"true"`
|
||||
EntryPoints EntryPoints `description:"Entry points definition." json:"entryPoints,omitempty" toml:"entryPoints,omitempty" yaml:"entryPoints,omitempty" export:"true"`
|
||||
Providers *Providers `description:"Providers configuration." json:"providers,omitempty" toml:"providers,omitempty" yaml:"providers,omitempty" export:"true"`
|
||||
|
||||
|
@ -118,6 +119,26 @@ type Spiffe struct {
|
|||
TrustDomain string `description:"Defines the allowed SPIFFE trust domain." json:"trustDomain,omitempty" yaml:"trustDomain,omitempty" toml:"trustDomain,omitempty"`
|
||||
}
|
||||
|
||||
// TCPServersTransport options to configure communication between Traefik and the servers.
|
||||
type TCPServersTransport struct {
|
||||
DialKeepAlive ptypes.Duration `description:"Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled" json:"dialKeepAlive,omitempty" toml:"dialKeepAlive,omitempty" yaml:"dialKeepAlive,omitempty" export:"true"`
|
||||
DialTimeout ptypes.Duration `description:"Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists." json:"dialTimeout,omitempty" toml:"dialTimeout,omitempty" yaml:"dialTimeout,omitempty" export:"true"`
|
||||
// TerminationDelay, corresponds to the deadline that the proxy sets, after one
|
||||
// of its connected peers indicates it has closed the writing capability of its
|
||||
// connection, to close the reading capability as well, hence fully terminating the
|
||||
// connection. It is a duration in milliseconds, defaulting to 100. A negative value
|
||||
// means an infinite deadline (i.e. the reading capability is never closed).
|
||||
TerminationDelay ptypes.Duration `description:"Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability." json:"terminationDelay,omitempty" toml:"terminationDelay,omitempty" yaml:"terminationDelay,omitempty" export:"true"`
|
||||
TLS *TLSClientConfig `description:"Defines the TLS configuration." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"`
|
||||
}
|
||||
|
||||
// TLSClientConfig options to configure TLS communication between Traefik and the servers.
|
||||
type TLSClientConfig struct {
|
||||
InsecureSkipVerify bool `description:"Disables SSL certificate verification." json:"insecureSkipVerify,omitempty" toml:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty" export:"true"`
|
||||
RootCAs []tls.FileOrContent `description:"Defines a list of CA secret used to validate self-signed certificate" json:"rootCAs,omitempty" toml:"rootCAs,omitempty" yaml:"rootCAs,omitempty"`
|
||||
Spiffe *Spiffe `description:"Defines the SPIFFE TLS configuration." json:"spiffe,omitempty" toml:"spiffe,omitempty" yaml:"spiffe,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
}
|
||||
|
||||
// API holds the API configuration.
|
||||
type API struct {
|
||||
Insecure bool `description:"Activate API directly on the entryPoint named traefik." json:"insecure,omitempty" toml:"insecure,omitempty" yaml:"insecure,omitempty" export:"true"`
|
||||
|
|
|
@ -30,6 +30,7 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration
|
|||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
Middlewares: make(map[string]*dynamic.TCPMiddleware),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: make(map[string]*dynamic.UDPRouter),
|
||||
|
@ -64,6 +65,9 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration
|
|||
transportsToDelete := map[string]struct{}{}
|
||||
transports := map[string][]string{}
|
||||
|
||||
transportsTCPToDelete := map[string]struct{}{}
|
||||
transportsTCP := map[string][]string{}
|
||||
|
||||
var sortedKeys []string
|
||||
for key := range configurations {
|
||||
sortedKeys = append(sortedKeys, key)
|
||||
|
@ -107,6 +111,13 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration
|
|||
}
|
||||
}
|
||||
|
||||
for transportName, transport := range conf.TCP.ServersTransports {
|
||||
transportsTCP[transportName] = append(transportsTCP[transportName], root)
|
||||
if !AddTransportTCP(configuration.TCP, transportName, transport) {
|
||||
transportsTCPToDelete[transportName] = struct{}{}
|
||||
}
|
||||
}
|
||||
|
||||
for serviceName, service := range conf.UDP.Services {
|
||||
servicesUDP[serviceName] = append(servicesUDP[serviceName], root)
|
||||
if !AddServiceUDP(configuration.UDP, serviceName, service) {
|
||||
|
@ -138,62 +149,78 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration
|
|||
|
||||
for serviceName := range servicesToDelete {
|
||||
logger.Error().Str(logs.ServiceName, serviceName).
|
||||
Msgf("Service defined multiple times with different configurations in %v", services[serviceName])
|
||||
Interface("configuration", services[serviceName]).
|
||||
Msg("Service defined multiple times with different configurations")
|
||||
delete(configuration.HTTP.Services, serviceName)
|
||||
}
|
||||
|
||||
for routerName := range routersToDelete {
|
||||
logger.Error().Str(logs.RouterName, routerName).
|
||||
Msgf("Router defined multiple times with different configurations in %v", routers[routerName])
|
||||
Interface("configuration", routers[routerName]).
|
||||
Msg("Router defined multiple times with different configurations")
|
||||
delete(configuration.HTTP.Routers, routerName)
|
||||
}
|
||||
|
||||
for transportName := range transportsToDelete {
|
||||
logger.Error().Str(logs.ServersTransportName, transportName).
|
||||
Msgf("ServersTransport defined multiple times with different configurations in %v", transports[transportName])
|
||||
Interface("configuration", transports[transportName]).
|
||||
Msg("ServersTransport defined multiple times with different configurations")
|
||||
delete(configuration.HTTP.ServersTransports, transportName)
|
||||
}
|
||||
|
||||
for serviceName := range servicesTCPToDelete {
|
||||
logger.Error().Str(logs.ServiceName, serviceName).
|
||||
Msgf("Service TCP defined multiple times with different configurations in %v", servicesTCP[serviceName])
|
||||
Interface("configuration", servicesTCP[serviceName]).
|
||||
Msg("Service TCP defined multiple times with different configurations")
|
||||
delete(configuration.TCP.Services, serviceName)
|
||||
}
|
||||
|
||||
for routerName := range routersTCPToDelete {
|
||||
logger.Error().Str(logs.RouterName, routerName).
|
||||
Msgf("Router TCP defined multiple times with different configurations in %v", routersTCP[routerName])
|
||||
Interface("configuration", routersTCP[routerName]).
|
||||
Msg("Router TCP defined multiple times with different configurations")
|
||||
delete(configuration.TCP.Routers, routerName)
|
||||
}
|
||||
|
||||
for transportName := range transportsTCPToDelete {
|
||||
logger.Error().Str(logs.ServersTransportName, transportName).
|
||||
Interface("configuration", transportsTCP[transportName]).
|
||||
Msg("ServersTransport TCP defined multiple times with different configurations")
|
||||
delete(configuration.TCP.ServersTransports, transportName)
|
||||
}
|
||||
|
||||
for serviceName := range servicesUDPToDelete {
|
||||
logger.Error().Str(logs.ServiceName, serviceName).
|
||||
Msgf("UDP service defined multiple times with different configurations in %v", servicesUDP[serviceName])
|
||||
Interface("configuration", servicesUDP[serviceName]).
|
||||
Msg("UDP service defined multiple times with different configurations")
|
||||
delete(configuration.UDP.Services, serviceName)
|
||||
}
|
||||
|
||||
for routerName := range routersUDPToDelete {
|
||||
logger.Error().Str(logs.RouterName, routerName).
|
||||
Msgf("UDP router defined multiple times with different configurations in %v", routersUDP[routerName])
|
||||
Interface("configuration", routersUDP[routerName]).
|
||||
Msg("UDP router defined multiple times with different configurations")
|
||||
delete(configuration.UDP.Routers, routerName)
|
||||
}
|
||||
|
||||
for middlewareName := range middlewaresToDelete {
|
||||
logger.Error().Str(logs.MiddlewareName, middlewareName).
|
||||
Msgf("Middleware defined multiple times with different configurations in %v", middlewares[middlewareName])
|
||||
Interface("configuration", middlewares[middlewareName]).
|
||||
Msg("Middleware defined multiple times with different configurations")
|
||||
delete(configuration.HTTP.Middlewares, middlewareName)
|
||||
}
|
||||
|
||||
for middlewareName := range middlewaresTCPToDelete {
|
||||
logger.Error().Str(logs.MiddlewareName, middlewareName).
|
||||
Msgf("TCP Middleware defined multiple times with different configurations in %v", middlewaresTCP[middlewareName])
|
||||
Interface("configuration", middlewaresTCP[middlewareName]).
|
||||
Msg("TCP Middleware defined multiple times with different configurations")
|
||||
delete(configuration.TCP.Middlewares, middlewareName)
|
||||
}
|
||||
|
||||
return configuration
|
||||
}
|
||||
|
||||
// AddServiceTCP Adds a service to a configurations.
|
||||
// AddServiceTCP adds a service to a configuration.
|
||||
func AddServiceTCP(configuration *dynamic.TCPConfiguration, serviceName string, service *dynamic.TCPService) bool {
|
||||
if _, ok := configuration.Services[serviceName]; !ok {
|
||||
configuration.Services[serviceName] = service
|
||||
|
@ -218,7 +245,7 @@ func AddServiceTCP(configuration *dynamic.TCPConfiguration, serviceName string,
|
|||
return true
|
||||
}
|
||||
|
||||
// AddRouterTCP Adds a router to a configurations.
|
||||
// AddRouterTCP adds a router to a configuration.
|
||||
func AddRouterTCP(configuration *dynamic.TCPConfiguration, routerName string, router *dynamic.TCPRouter) bool {
|
||||
if _, ok := configuration.Routers[routerName]; !ok {
|
||||
configuration.Routers[routerName] = router
|
||||
|
@ -228,7 +255,7 @@ func AddRouterTCP(configuration *dynamic.TCPConfiguration, routerName string, ro
|
|||
return reflect.DeepEqual(configuration.Routers[routerName], router)
|
||||
}
|
||||
|
||||
// AddMiddlewareTCP Adds a middleware to a configurations.
|
||||
// AddMiddlewareTCP adds a middleware to a configuration.
|
||||
func AddMiddlewareTCP(configuration *dynamic.TCPConfiguration, middlewareName string, middleware *dynamic.TCPMiddleware) bool {
|
||||
if _, ok := configuration.Middlewares[middlewareName]; !ok {
|
||||
configuration.Middlewares[middlewareName] = middleware
|
||||
|
@ -238,6 +265,16 @@ func AddMiddlewareTCP(configuration *dynamic.TCPConfiguration, middlewareName st
|
|||
return reflect.DeepEqual(configuration.Middlewares[middlewareName], middleware)
|
||||
}
|
||||
|
||||
// AddTransportTCP adds a servers transport to a configuration.
|
||||
func AddTransportTCP(configuration *dynamic.TCPConfiguration, transportName string, transport *dynamic.TCPServersTransport) bool {
|
||||
if _, ok := configuration.ServersTransports[transportName]; !ok {
|
||||
configuration.ServersTransports[transportName] = transport
|
||||
return true
|
||||
}
|
||||
|
||||
return reflect.DeepEqual(configuration.ServersTransports[transportName], transport)
|
||||
}
|
||||
|
||||
// AddServiceUDP adds a service to a configuration.
|
||||
func AddServiceUDP(configuration *dynamic.UDPConfiguration, serviceName string, service *dynamic.UDPService) bool {
|
||||
if _, ok := configuration.Services[serviceName]; !ok {
|
||||
|
@ -273,7 +310,7 @@ func AddRouterUDP(configuration *dynamic.UDPConfiguration, routerName string, ro
|
|||
return reflect.DeepEqual(configuration.Routers[routerName], router)
|
||||
}
|
||||
|
||||
// AddService Adds a service to a configurations.
|
||||
// AddService adds a service to a configuration.
|
||||
func AddService(configuration *dynamic.HTTPConfiguration, serviceName string, service *dynamic.Service) bool {
|
||||
if _, ok := configuration.Services[serviceName]; !ok {
|
||||
configuration.Services[serviceName] = service
|
||||
|
@ -298,7 +335,7 @@ func AddService(configuration *dynamic.HTTPConfiguration, serviceName string, se
|
|||
return true
|
||||
}
|
||||
|
||||
// AddRouter Adds a router to a configurations.
|
||||
// AddRouter adds a router to a configuration.
|
||||
func AddRouter(configuration *dynamic.HTTPConfiguration, routerName string, router *dynamic.Router) bool {
|
||||
if _, ok := configuration.Routers[routerName]; !ok {
|
||||
configuration.Routers[routerName] = router
|
||||
|
@ -308,7 +345,7 @@ func AddRouter(configuration *dynamic.HTTPConfiguration, routerName string, rout
|
|||
return reflect.DeepEqual(configuration.Routers[routerName], router)
|
||||
}
|
||||
|
||||
// AddTransport Adds a transport to a configurations.
|
||||
// AddTransport adds a servers transport to a configuration.
|
||||
func AddTransport(configuration *dynamic.HTTPConfiguration, transportName string, transport *dynamic.ServersTransport) bool {
|
||||
if _, ok := configuration.ServersTransports[transportName]; !ok {
|
||||
configuration.ServersTransports[transportName] = transport
|
||||
|
@ -318,7 +355,7 @@ func AddTransport(configuration *dynamic.HTTPConfiguration, transportName string
|
|||
return reflect.DeepEqual(configuration.ServersTransports[transportName], transport)
|
||||
}
|
||||
|
||||
// AddMiddleware Adds a middleware to a configurations.
|
||||
// AddMiddleware adds a middleware to a configuration.
|
||||
func AddMiddleware(configuration *dynamic.HTTPConfiguration, middlewareName string, middleware *dynamic.Middleware) bool {
|
||||
if _, ok := configuration.Middlewares[middlewareName]; !ok {
|
||||
configuration.Middlewares[middlewareName] = middleware
|
||||
|
|
|
@ -41,6 +41,17 @@ func (p *Provider) buildConfiguration(ctx context.Context, items []itemData, cer
|
|||
if len(confFromLabel.TCP.Routers) > 0 || len(confFromLabel.TCP.Services) > 0 {
|
||||
tcpOrUDP = true
|
||||
|
||||
if item.ExtraConf.ConsulCatalog.Connect {
|
||||
if confFromLabel.TCP.ServersTransports == nil {
|
||||
confFromLabel.TCP.ServersTransports = make(map[string]*dynamic.TCPServersTransport)
|
||||
}
|
||||
|
||||
serversTransportKey := itemServersTransportKey(item)
|
||||
if confFromLabel.TCP.ServersTransports[serversTransportKey] == nil {
|
||||
confFromLabel.TCP.ServersTransports[serversTransportKey] = certInfo.tcpServersTransport(item)
|
||||
}
|
||||
}
|
||||
|
||||
if err := p.buildTCPServiceConfiguration(item, confFromLabel.TCP); err != nil {
|
||||
logger.Error().Err(err).Send()
|
||||
continue
|
||||
|
@ -131,13 +142,10 @@ func (p *Provider) keepContainer(ctx context.Context, item itemData) bool {
|
|||
|
||||
func (p *Provider) buildTCPServiceConfiguration(item itemData, configuration *dynamic.TCPConfiguration) error {
|
||||
if len(configuration.Services) == 0 {
|
||||
configuration.Services = make(map[string]*dynamic.TCPService)
|
||||
|
||||
lb := &dynamic.TCPServersLoadBalancer{}
|
||||
lb.SetDefaults()
|
||||
|
||||
configuration.Services[getName(item)] = &dynamic.TCPService{
|
||||
LoadBalancer: lb,
|
||||
configuration.Services = map[string]*dynamic.TCPService{
|
||||
getName(item): {
|
||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -215,6 +223,14 @@ func (p *Provider) addServerTCP(item itemData, loadBalancer *dynamic.TCPServersL
|
|||
return errors.New("port is missing")
|
||||
}
|
||||
|
||||
if item.Address == "" {
|
||||
return errors.New("address is missing")
|
||||
}
|
||||
|
||||
if item.ExtraConf.ConsulCatalog.Connect {
|
||||
loadBalancer.ServersTransport = itemServersTransportKey(item)
|
||||
}
|
||||
|
||||
loadBalancer.Servers[0].Address = net.JoinHostPort(item.Address, port)
|
||||
|
||||
return nil
|
||||
|
|
|
@ -43,6 +43,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -96,6 +97,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -147,6 +149,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -193,6 +196,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -239,6 +243,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -327,6 +332,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -382,6 +388,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
|
@ -468,6 +475,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
|
@ -547,6 +555,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -623,6 +632,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -685,6 +695,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -744,6 +755,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -798,6 +810,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -851,6 +864,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -902,6 +916,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -954,6 +969,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1007,6 +1023,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1075,6 +1092,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1132,6 +1150,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1179,6 +1198,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1233,6 +1253,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1299,6 +1320,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1368,6 +1390,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1444,6 +1467,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1512,6 +1536,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1583,6 +1608,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1647,6 +1673,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1701,6 +1728,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1753,6 +1781,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1805,6 +1834,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1862,6 +1892,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1893,6 +1924,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1924,6 +1956,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1955,6 +1988,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1988,6 +2022,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2021,6 +2056,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2073,6 +2109,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2155,10 +2192,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2174,13 +2211,18 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
},
|
||||
{
|
||||
desc: "tcp with label",
|
||||
ConnectAware: true,
|
||||
items: []itemData{
|
||||
{
|
||||
ID: "Test",
|
||||
Node: "Node1",
|
||||
Datacenter: "dc1",
|
||||
Name: "Test",
|
||||
Namespace: "ns",
|
||||
Labels: map[string]string{
|
||||
"traefik.tcp.routers.foo.rule": "HostSNI(`foo.bar`)",
|
||||
"traefik.tcp.routers.foo.tls": "true",
|
||||
"traefik.consulcatalog.connect": "true",
|
||||
},
|
||||
Address: "127.0.0.1",
|
||||
Port: "80",
|
||||
|
@ -2205,7 +2247,25 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
ServersTransport: "tls-ns-dc1-Test",
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{
|
||||
"tls-ns-dc1-Test": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
ServerName: "ns-dc1-Test",
|
||||
InsecureSkipVerify: true,
|
||||
RootCAs: []tls.FileOrContent{
|
||||
"root",
|
||||
},
|
||||
Certificates: []tls.Certificate{
|
||||
{
|
||||
CertFile: "cert",
|
||||
KeyFile: "key",
|
||||
},
|
||||
},
|
||||
PeerCertURI: "spiffe:///ns/ns/dc/dc1/svc/Test",
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -2260,6 +2320,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2295,10 +2356,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2348,10 +2409,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2404,6 +2465,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2464,10 +2526,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.2:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2558,6 +2620,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -2615,10 +2678,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2665,6 +2728,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2675,6 +2739,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
// TODO: replace or delete?
|
||||
desc: "tcp with label for tcp service, with termination delay",
|
||||
items: []itemData{
|
||||
{
|
||||
|
@ -2682,7 +2747,6 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Name: "Test",
|
||||
Labels: map[string]string{
|
||||
"traefik.tcp.services.foo.loadbalancer.server.port": "80",
|
||||
"traefik.tcp.services.foo.loadbalancer.terminationdelay": "200",
|
||||
},
|
||||
Address: "127.0.0.1",
|
||||
Port: "80",
|
||||
|
@ -2701,10 +2765,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(200),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2755,6 +2819,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2872,7 +2937,6 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Servers: []dynamic.TCPServer{
|
||||
{Address: "127.0.0.1:80"},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
"Test-17573747155436217342": {
|
||||
|
@ -2880,10 +2944,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Servers: []dynamic.TCPServer{
|
||||
{Address: "127.0.0.2:80"},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2934,6 +2998,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{
|
||||
|
@ -2996,6 +3061,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{
|
||||
|
|
|
@ -70,3 +70,25 @@ func (c *connectCert) serversTransport(item itemData) *dynamic.ServersTransport
|
|||
PeerCertURI: spiffeIDService.URI().String(),
|
||||
}
|
||||
}
|
||||
|
||||
func (c *connectCert) tcpServersTransport(item itemData) *dynamic.TCPServersTransport {
|
||||
spiffeIDService := connect.SpiffeIDService{
|
||||
Namespace: item.Namespace,
|
||||
Datacenter: item.Datacenter,
|
||||
Service: item.Name,
|
||||
}
|
||||
|
||||
return &dynamic.TCPServersTransport{
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
// This ensures that the config changes whenever the verifier function changes
|
||||
ServerName: fmt.Sprintf("%s-%s-%s", item.Namespace, item.Datacenter, item.Name),
|
||||
// InsecureSkipVerify is needed because Go wants to verify a hostname otherwise
|
||||
InsecureSkipVerify: true,
|
||||
RootCAs: c.getRoot(),
|
||||
Certificates: traefiktls.Certificates{
|
||||
c.getLeaf(),
|
||||
},
|
||||
PeerCertURI: spiffeIDService.URI().String(),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
|
|
@ -94,11 +94,10 @@ func (p *Provider) buildTCPServiceConfiguration(ctx context.Context, container d
|
|||
serviceName := getServiceName(container)
|
||||
|
||||
if len(configuration.Services) == 0 {
|
||||
configuration.Services = make(map[string]*dynamic.TCPService)
|
||||
lb := &dynamic.TCPServersLoadBalancer{}
|
||||
lb.SetDefaults()
|
||||
configuration.Services[serviceName] = &dynamic.TCPService{
|
||||
LoadBalancer: lb,
|
||||
configuration.Services = map[string]*dynamic.TCPService{
|
||||
serviceName: {
|
||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -48,6 +48,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -106,6 +107,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -166,6 +168,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -224,6 +227,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -277,6 +281,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -330,6 +335,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -426,6 +432,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -466,6 +473,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -506,6 +514,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -544,6 +553,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -617,6 +627,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -709,6 +720,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -771,6 +783,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -832,6 +845,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -891,6 +905,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -951,6 +966,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1012,6 +1028,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1080,6 +1097,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1159,6 +1177,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1243,6 +1262,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1308,6 +1328,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1370,6 +1391,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1455,6 +1477,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1543,6 +1566,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1644,6 +1668,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1729,6 +1754,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1825,6 +1851,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1905,6 +1932,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1985,6 +2013,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2052,6 +2081,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2112,6 +2142,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2172,6 +2203,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2235,6 +2267,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2273,6 +2306,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2313,6 +2347,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2340,6 +2375,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2368,6 +2404,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2412,6 +2449,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2449,11 +2487,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{
|
||||
"Test": {
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2484,6 +2521,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2515,6 +2553,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{
|
||||
|
@ -2564,6 +2603,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2605,6 +2645,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2665,6 +2706,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2755,10 +2797,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2813,10 +2855,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2876,6 +2918,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2919,10 +2962,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2980,10 +3023,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -3044,6 +3087,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3125,6 +3169,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -3197,6 +3242,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3207,6 +3253,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
// TODO: replace or delete?
|
||||
desc: "tcp with label for tcp service, with termination delay",
|
||||
containers: []dockerData{
|
||||
{
|
||||
|
@ -3214,7 +3261,6 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Name: "Test",
|
||||
Labels: map[string]string{
|
||||
"traefik.tcp.services.foo.loadbalancer.server.port": "8080",
|
||||
"traefik.tcp.services.foo.loadbalancer.terminationdelay": "200",
|
||||
},
|
||||
NetworkSettings: networkSettings{
|
||||
Ports: nat.PortMap{
|
||||
|
@ -3241,10 +3287,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(200),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -3293,6 +3339,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
|
|
@ -93,11 +93,10 @@ func (p *Provider) buildTCPServiceConfiguration(instance ecsInstance, configurat
|
|||
serviceName := getServiceName(instance)
|
||||
|
||||
if len(configuration.Services) == 0 {
|
||||
configuration.Services = make(map[string]*dynamic.TCPService)
|
||||
lb := &dynamic.TCPServersLoadBalancer{}
|
||||
lb.SetDefaults()
|
||||
configuration.Services[serviceName] = &dynamic.TCPService{
|
||||
LoadBalancer: lb,
|
||||
configuration.Services = map[string]*dynamic.TCPService{
|
||||
serviceName: {
|
||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -44,6 +44,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -97,6 +98,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -152,6 +154,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -205,6 +208,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -253,6 +257,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -301,6 +306,7 @@ func TestDefaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -391,6 +397,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -426,6 +433,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -461,6 +469,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -494,6 +503,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -557,6 +567,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -639,6 +650,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -696,6 +708,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -752,6 +765,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -806,6 +820,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -861,6 +876,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -917,6 +933,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -980,6 +997,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1049,6 +1067,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1118,6 +1137,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1173,6 +1193,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1230,6 +1251,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1305,6 +1327,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1383,6 +1406,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1469,6 +1493,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1544,6 +1569,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1625,6 +1651,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1696,6 +1723,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1766,6 +1794,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1828,6 +1857,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1883,6 +1913,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1938,6 +1969,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1998,6 +2030,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2070,6 +2103,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2128,6 +2162,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2161,6 +2196,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2196,6 +2232,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2232,6 +2269,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2267,6 +2305,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2303,6 +2342,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2339,6 +2379,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2394,6 +2435,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2479,10 +2521,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2532,10 +2574,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2590,6 +2632,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2628,10 +2671,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2684,10 +2727,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2743,6 +2786,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2814,6 +2858,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -2881,6 +2926,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2891,13 +2937,13 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
// TODO: replace or delete?
|
||||
desc: "tcp with label for tcp service, with termination delay",
|
||||
containers: []ecsInstance{
|
||||
instance(
|
||||
name("Test"),
|
||||
labels(map[string]string{
|
||||
"traefik.tcp.services.foo.loadbalancer.server.port": "80",
|
||||
"traefik.tcp.services.foo.loadbalancer.terminationdelay": "200",
|
||||
}),
|
||||
iMachine(
|
||||
mState(ec2.InstanceStateNameRunning),
|
||||
|
@ -2920,10 +2966,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(200),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
|
|
@ -215,7 +215,7 @@ func (p *Provider) loadFileConfig(ctx context.Context, filename string, parseTem
|
|||
}
|
||||
}
|
||||
|
||||
// ServersTransport
|
||||
// HTTP ServersTransport
|
||||
if configuration.HTTP != nil && len(configuration.HTTP.ServersTransports) > 0 {
|
||||
for name, st := range configuration.HTTP.ServersTransports {
|
||||
var certificates []tls.Certificate
|
||||
|
@ -254,6 +254,48 @@ func (p *Provider) loadFileConfig(ctx context.Context, filename string, parseTem
|
|||
}
|
||||
}
|
||||
|
||||
// TCP ServersTransport
|
||||
if configuration.TCP != nil && len(configuration.TCP.ServersTransports) > 0 {
|
||||
for name, st := range configuration.TCP.ServersTransports {
|
||||
var certificates []tls.Certificate
|
||||
if st.TLS == nil {
|
||||
continue
|
||||
}
|
||||
for _, cert := range st.TLS.Certificates {
|
||||
content, err := cert.CertFile.Read()
|
||||
if err != nil {
|
||||
log.Ctx(ctx).Error().Err(err).Send()
|
||||
continue
|
||||
}
|
||||
cert.CertFile = tls.FileOrContent(content)
|
||||
|
||||
content, err = cert.KeyFile.Read()
|
||||
if err != nil {
|
||||
log.Ctx(ctx).Error().Err(err).Send()
|
||||
continue
|
||||
}
|
||||
cert.KeyFile = tls.FileOrContent(content)
|
||||
|
||||
certificates = append(certificates, cert)
|
||||
}
|
||||
|
||||
configuration.TCP.ServersTransports[name].TLS.Certificates = certificates
|
||||
|
||||
var rootCAs []tls.FileOrContent
|
||||
for _, rootCA := range st.TLS.RootCAs {
|
||||
content, err := rootCA.Read()
|
||||
if err != nil {
|
||||
log.Ctx(ctx).Error().Err(err).Send()
|
||||
continue
|
||||
}
|
||||
|
||||
rootCAs = append(rootCAs, tls.FileOrContent(content))
|
||||
}
|
||||
|
||||
st.TLS.RootCAs = rootCAs
|
||||
}
|
||||
}
|
||||
|
||||
return configuration, nil
|
||||
}
|
||||
|
||||
|
@ -298,6 +340,7 @@ func (p *Provider) loadFileConfigFromDirectory(ctx context.Context, directory st
|
|||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
Middlewares: make(map[string]*dynamic.TCPMiddleware),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]tls.Store),
|
||||
|
@ -392,6 +435,14 @@ func (p *Provider) loadFileConfigFromDirectory(ctx context.Context, directory st
|
|||
}
|
||||
}
|
||||
|
||||
for name, conf := range c.TCP.ServersTransports {
|
||||
if _, exists := configuration.TCP.ServersTransports[name]; exists {
|
||||
logger.Warn().Str(logs.ServersTransportName, name).Msg("TCP servers transport already configured, skipping")
|
||||
} else {
|
||||
configuration.TCP.ServersTransports[name] = conf
|
||||
}
|
||||
}
|
||||
|
||||
for name, conf := range c.UDP.Routers {
|
||||
if _, exists := configuration.UDP.Routers[name]; exists {
|
||||
logger.Warn().Str(logs.RouterName, name).Msg("UDP router already configured, skipping")
|
||||
|
@ -509,6 +560,7 @@ func (p *Provider) decodeConfiguration(filePath, content string) (*dynamic.Confi
|
|||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
Middlewares: make(map[string]*dynamic.TCPMiddleware),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]tls.Store),
|
||||
|
|
|
@ -54,6 +54,13 @@ func TestTLSCertificateContent(t *testing.T) {
|
|||
[[http.serversTransports.default.certificates]]
|
||||
certFile = "` + fileTLS.Name() + `"
|
||||
keyFile = "` + fileTLSKey.Name() + `"
|
||||
|
||||
[tcp.serversTransports.default]
|
||||
[tcp.serversTransports.default.tls]
|
||||
rootCAs = ["` + fileTLS.Name() + `"]
|
||||
[[tcp.serversTransports.default.tls.certificates]]
|
||||
certFile = "` + fileTLS.Name() + `"
|
||||
keyFile = "` + fileTLSKey.Name() + `"
|
||||
`
|
||||
|
||||
_, err = fileConfig.Write([]byte(content))
|
||||
|
@ -74,6 +81,10 @@ func TestTLSCertificateContent(t *testing.T) {
|
|||
require.Equal(t, "CONTENT", configuration.HTTP.ServersTransports["default"].Certificates[0].CertFile.String())
|
||||
require.Equal(t, "CONTENTKEY", configuration.HTTP.ServersTransports["default"].Certificates[0].KeyFile.String())
|
||||
require.Equal(t, "CONTENT", configuration.HTTP.ServersTransports["default"].RootCAs[0].String())
|
||||
|
||||
require.Equal(t, "CONTENT", configuration.TCP.ServersTransports["default"].TLS.Certificates[0].CertFile.String())
|
||||
require.Equal(t, "CONTENTKEY", configuration.TCP.ServersTransports["default"].TLS.Certificates[0].KeyFile.String())
|
||||
require.Equal(t, "CONTENT", configuration.TCP.ServersTransports["default"].TLS.RootCAs[0].String())
|
||||
}
|
||||
|
||||
func TestErrorWhenEmptyConfig(t *testing.T) {
|
||||
|
|
|
@ -177,6 +177,7 @@ func decodeConfiguration(data []byte) (*dynamic.Configuration, error) {
|
|||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]tls.Store),
|
||||
|
|
|
@ -159,6 +159,7 @@ func TestProvider_decodeConfiguration(t *testing.T) {
|
|||
"foo": {},
|
||||
},
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]tls.Store),
|
||||
|
@ -216,6 +217,7 @@ func TestProvider_Provide(t *testing.T) {
|
|||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]tls.Store),
|
||||
|
|
|
@ -154,6 +154,7 @@ func emptyDynamicConfiguration() *dynamic.Configuration {
|
|||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]ttls.Store),
|
||||
|
|
|
@ -40,6 +40,7 @@ type Client interface {
|
|||
GetTraefikServices() []*v1alpha1.TraefikService
|
||||
GetTLSOptions() []*v1alpha1.TLSOption
|
||||
GetServersTransports() []*v1alpha1.ServersTransport
|
||||
GetServersTransportTCPs() []*v1alpha1.ServersTransportTCP
|
||||
GetTLSStores() []*v1alpha1.TLSStore
|
||||
GetService(namespace, name string) (*corev1.Service, bool, error)
|
||||
GetSecret(namespace, name string) (*corev1.Secret, bool, error)
|
||||
|
@ -170,6 +171,7 @@ func (c *clientWrapper) WatchAll(namespaces []string, stopCh <-chan struct{}) (<
|
|||
factoryCrd.Traefik().V1alpha1().IngressRouteUDPs().Informer().AddEventHandler(eventHandler)
|
||||
factoryCrd.Traefik().V1alpha1().TLSOptions().Informer().AddEventHandler(eventHandler)
|
||||
factoryCrd.Traefik().V1alpha1().ServersTransports().Informer().AddEventHandler(eventHandler)
|
||||
factoryCrd.Traefik().V1alpha1().ServersTransportTCPs().Informer().AddEventHandler(eventHandler)
|
||||
factoryCrd.Traefik().V1alpha1().TLSStores().Informer().AddEventHandler(eventHandler)
|
||||
factoryCrd.Traefik().V1alpha1().TraefikServices().Informer().AddEventHandler(eventHandler)
|
||||
|
||||
|
@ -325,6 +327,24 @@ func (c *clientWrapper) GetServersTransports() []*v1alpha1.ServersTransport {
|
|||
return result
|
||||
}
|
||||
|
||||
// GetServersTransportTCPs returns all ServersTransportTCP.
|
||||
func (c *clientWrapper) GetServersTransportTCPs() []*v1alpha1.ServersTransportTCP {
|
||||
var result []*v1alpha1.ServersTransportTCP
|
||||
|
||||
for ns, factory := range c.factoriesCrd {
|
||||
serversTransports, err := factory.Traefik().V1alpha1().ServersTransportTCPs().Lister().List(labels.Everything())
|
||||
if err != nil {
|
||||
log.Error().
|
||||
Err(err).
|
||||
Str("namespace", ns).
|
||||
Msg("Failed to list servers transport TCP in namespace")
|
||||
}
|
||||
result = append(result, serversTransports...)
|
||||
}
|
||||
|
||||
return result
|
||||
}
|
||||
|
||||
// GetTLSOptions returns all TLS options.
|
||||
func (c *clientWrapper) GetTLSOptions() []*v1alpha1.TLSOption {
|
||||
var result []*v1alpha1.TLSOption
|
||||
|
|
|
@ -38,7 +38,8 @@ type clientMock struct {
|
|||
tlsOptions []*v1alpha1.TLSOption
|
||||
tlsStores []*v1alpha1.TLSStore
|
||||
traefikServices []*v1alpha1.TraefikService
|
||||
serversTransport []*v1alpha1.ServersTransport
|
||||
serversTransports []*v1alpha1.ServersTransport
|
||||
serversTransportTCPs []*v1alpha1.ServersTransportTCP
|
||||
|
||||
watchChan chan interface{}
|
||||
}
|
||||
|
@ -74,7 +75,9 @@ func newClientMock(paths ...string) clientMock {
|
|||
case *v1alpha1.TLSOption:
|
||||
c.tlsOptions = append(c.tlsOptions, o)
|
||||
case *v1alpha1.ServersTransport:
|
||||
c.serversTransport = append(c.serversTransport, o)
|
||||
c.serversTransports = append(c.serversTransports, o)
|
||||
case *v1alpha1.ServersTransportTCP:
|
||||
c.serversTransportTCPs = append(c.serversTransportTCPs, o)
|
||||
case *v1alpha1.TLSStore:
|
||||
c.tlsStores = append(c.tlsStores, o)
|
||||
case *corev1.Secret:
|
||||
|
@ -131,7 +134,11 @@ func (c clientMock) GetTLSStores() []*v1alpha1.TLSStore {
|
|||
}
|
||||
|
||||
func (c clientMock) GetServersTransports() []*v1alpha1.ServersTransport {
|
||||
return c.serversTransport
|
||||
return c.serversTransports
|
||||
}
|
||||
|
||||
func (c clientMock) GetServersTransportTCPs() []*v1alpha1.ServersTransportTCP {
|
||||
return c.serversTransportTCPs
|
||||
}
|
||||
|
||||
func (c clientMock) GetTLSOption(namespace, name string) (*v1alpha1.TLSOption, bool, error) {
|
||||
|
|
|
@ -0,0 +1,147 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: root-ca0
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
foobar: VEVTVFJPT1RDQVMw
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: root-ca1
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
tls.ca: VEVTVFJPT1RDQVMx
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: root-ca2
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
tls.ca: VEVTVFJPT1RDQVMy
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: root-ca3
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
ca.crt: VEVTVFJPT1RDQVMz
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: root-ca4
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
ca.crt: VEVTVFJPT1RDQVM0
|
||||
tls.ca: VEVTVFJPT1RDQVM1 # <-- This should be the preferred one.
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mtls1
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
tls.crt: VEVTVENFUlQx
|
||||
tls.key: VEVTVEtFWTE=
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mtls2
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
tls.crt: VEVTVENFUlQy
|
||||
tls.key: VEVTVEtFWTI=
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: allcerts
|
||||
namespace: foo
|
||||
|
||||
data:
|
||||
ca.crt: VEVTVEFMTENFUlRT
|
||||
tls.crt: VEVTVENFUlQz
|
||||
tls.key: VEVTVEtFWTM=
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: test
|
||||
namespace: foo
|
||||
|
||||
spec:
|
||||
tls:
|
||||
serverName: "test"
|
||||
insecureSkipVerify: true
|
||||
peerCertURI: foo://bar
|
||||
rootCAsSecrets:
|
||||
- root-ca0
|
||||
- root-ca1
|
||||
- root-ca2
|
||||
- root-ca3
|
||||
- root-ca4
|
||||
- allcerts
|
||||
certificatesSecrets:
|
||||
- mtls1
|
||||
- mtls2
|
||||
- allcerts
|
||||
spiffe:
|
||||
ids:
|
||||
- spiffe://foo/buz
|
||||
- spiffe://bar/biz
|
||||
trustDomain: spiffe://lol
|
||||
dialTimeout: 42
|
||||
dialKeepAlive: 42
|
||||
terminationDelay: 42
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: test
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
tls:
|
||||
serverName: "test"
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: test.route
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- foo
|
||||
|
||||
routes:
|
||||
- match: HostSNI(`foo.com`)
|
||||
services:
|
||||
- name: whoamitcp
|
||||
port: 8000
|
||||
serversTransport: test
|
||||
- name: whoamitcp2
|
||||
port: 8080
|
||||
serversTransport: default-test
|
|
@ -0,0 +1,27 @@
|
|||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: test.route
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- foo
|
||||
|
||||
routes:
|
||||
- match: HostSNI(`foo.com`)
|
||||
priority: 12
|
||||
services:
|
||||
- name: whoamitcp
|
||||
port: 8000
|
||||
serversTransport: cross-ns-st-cross-ns@kubernetescrd
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: ServersTransportTCP
|
||||
metadata:
|
||||
name: st-cross-ns
|
||||
namespace: cross-ns
|
||||
|
||||
spec:
|
||||
dialKeepAlive: 0
|
|
@ -0,0 +1,138 @@
|
|||
/*
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2016-2020 Containous SAS; 2020-2022 Traefik Labs
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
*/
|
||||
|
||||
// Code generated by client-gen. DO NOT EDIT.
|
||||
|
||||
package fake
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
v1alpha1 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
labels "k8s.io/apimachinery/pkg/labels"
|
||||
schema "k8s.io/apimachinery/pkg/runtime/schema"
|
||||
types "k8s.io/apimachinery/pkg/types"
|
||||
watch "k8s.io/apimachinery/pkg/watch"
|
||||
testing "k8s.io/client-go/testing"
|
||||
)
|
||||
|
||||
// FakeServersTransportTCPs implements ServersTransportTCPInterface
|
||||
type FakeServersTransportTCPs struct {
|
||||
Fake *FakeTraefikV1alpha1
|
||||
ns string
|
||||
}
|
||||
|
||||
var serverstransporttcpsResource = schema.GroupVersionResource{Group: "traefik.containo.us", Version: "v1alpha1", Resource: "serverstransporttcps"}
|
||||
|
||||
var serverstransporttcpsKind = schema.GroupVersionKind{Group: "traefik.containo.us", Version: "v1alpha1", Kind: "ServersTransportTCP"}
|
||||
|
||||
// Get takes name of the serversTransportTCP, and returns the corresponding serversTransportTCP object, and an error if there is any.
|
||||
func (c *FakeServersTransportTCPs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewGetAction(serverstransporttcpsResource, c.ns, name), &v1alpha1.ServersTransportTCP{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.ServersTransportTCP), err
|
||||
}
|
||||
|
||||
// List takes label and field selectors, and returns the list of ServersTransportTCPs that match those selectors.
|
||||
func (c *FakeServersTransportTCPs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ServersTransportTCPList, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewListAction(serverstransporttcpsResource, serverstransporttcpsKind, c.ns, opts), &v1alpha1.ServersTransportTCPList{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
label, _, _ := testing.ExtractFromListOptions(opts)
|
||||
if label == nil {
|
||||
label = labels.Everything()
|
||||
}
|
||||
list := &v1alpha1.ServersTransportTCPList{ListMeta: obj.(*v1alpha1.ServersTransportTCPList).ListMeta}
|
||||
for _, item := range obj.(*v1alpha1.ServersTransportTCPList).Items {
|
||||
if label.Matches(labels.Set(item.Labels)) {
|
||||
list.Items = append(list.Items, item)
|
||||
}
|
||||
}
|
||||
return list, err
|
||||
}
|
||||
|
||||
// Watch returns a watch.Interface that watches the requested serversTransportTCPs.
|
||||
func (c *FakeServersTransportTCPs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
|
||||
return c.Fake.
|
||||
InvokesWatch(testing.NewWatchAction(serverstransporttcpsResource, c.ns, opts))
|
||||
|
||||
}
|
||||
|
||||
// Create takes the representation of a serversTransportTCP and creates it. Returns the server's representation of the serversTransportTCP, and an error, if there is any.
|
||||
func (c *FakeServersTransportTCPs) Create(ctx context.Context, serversTransportTCP *v1alpha1.ServersTransportTCP, opts v1.CreateOptions) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewCreateAction(serverstransporttcpsResource, c.ns, serversTransportTCP), &v1alpha1.ServersTransportTCP{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.ServersTransportTCP), err
|
||||
}
|
||||
|
||||
// Update takes the representation of a serversTransportTCP and updates it. Returns the server's representation of the serversTransportTCP, and an error, if there is any.
|
||||
func (c *FakeServersTransportTCPs) Update(ctx context.Context, serversTransportTCP *v1alpha1.ServersTransportTCP, opts v1.UpdateOptions) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewUpdateAction(serverstransporttcpsResource, c.ns, serversTransportTCP), &v1alpha1.ServersTransportTCP{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.ServersTransportTCP), err
|
||||
}
|
||||
|
||||
// Delete takes name of the serversTransportTCP and deletes it. Returns an error if one occurs.
|
||||
func (c *FakeServersTransportTCPs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
|
||||
_, err := c.Fake.
|
||||
Invokes(testing.NewDeleteAction(serverstransporttcpsResource, c.ns, name), &v1alpha1.ServersTransportTCP{})
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
// DeleteCollection deletes a collection of objects.
|
||||
func (c *FakeServersTransportTCPs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
|
||||
action := testing.NewDeleteCollectionAction(serverstransporttcpsResource, c.ns, listOpts)
|
||||
|
||||
_, err := c.Fake.Invokes(action, &v1alpha1.ServersTransportTCPList{})
|
||||
return err
|
||||
}
|
||||
|
||||
// Patch applies the patch and returns the patched serversTransportTCP.
|
||||
func (c *FakeServersTransportTCPs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewPatchSubresourceAction(serverstransporttcpsResource, c.ns, name, pt, data, subresources...), &v1alpha1.ServersTransportTCP{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.ServersTransportTCP), err
|
||||
}
|
|
@ -60,6 +60,10 @@ func (c *FakeTraefikV1alpha1) ServersTransports(namespace string) v1alpha1.Serve
|
|||
return &FakeServersTransports{c, namespace}
|
||||
}
|
||||
|
||||
func (c *FakeTraefikV1alpha1) ServersTransportTCPs(namespace string) v1alpha1.ServersTransportTCPInterface {
|
||||
return &FakeServersTransportTCPs{c, namespace}
|
||||
}
|
||||
|
||||
func (c *FakeTraefikV1alpha1) TLSOptions(namespace string) v1alpha1.TLSOptionInterface {
|
||||
return &FakeTLSOptions{c, namespace}
|
||||
}
|
||||
|
|
|
@ -38,6 +38,8 @@ type MiddlewareTCPExpansion interface{}
|
|||
|
||||
type ServersTransportExpansion interface{}
|
||||
|
||||
type ServersTransportTCPExpansion interface{}
|
||||
|
||||
type TLSOptionExpansion interface{}
|
||||
|
||||
type TLSStoreExpansion interface{}
|
||||
|
|
|
@ -0,0 +1,186 @@
|
|||
/*
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2016-2020 Containous SAS; 2020-2022 Traefik Labs
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
*/
|
||||
|
||||
// Code generated by client-gen. DO NOT EDIT.
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
scheme "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme"
|
||||
v1alpha1 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
types "k8s.io/apimachinery/pkg/types"
|
||||
watch "k8s.io/apimachinery/pkg/watch"
|
||||
rest "k8s.io/client-go/rest"
|
||||
)
|
||||
|
||||
// ServersTransportTCPsGetter has a method to return a ServersTransportTCPInterface.
|
||||
// A group's client should implement this interface.
|
||||
type ServersTransportTCPsGetter interface {
|
||||
ServersTransportTCPs(namespace string) ServersTransportTCPInterface
|
||||
}
|
||||
|
||||
// ServersTransportTCPInterface has methods to work with ServersTransportTCP resources.
|
||||
type ServersTransportTCPInterface interface {
|
||||
Create(ctx context.Context, serversTransportTCP *v1alpha1.ServersTransportTCP, opts v1.CreateOptions) (*v1alpha1.ServersTransportTCP, error)
|
||||
Update(ctx context.Context, serversTransportTCP *v1alpha1.ServersTransportTCP, opts v1.UpdateOptions) (*v1alpha1.ServersTransportTCP, error)
|
||||
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
|
||||
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
|
||||
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ServersTransportTCP, error)
|
||||
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ServersTransportTCPList, error)
|
||||
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
|
||||
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ServersTransportTCP, err error)
|
||||
ServersTransportTCPExpansion
|
||||
}
|
||||
|
||||
// serversTransportTCPs implements ServersTransportTCPInterface
|
||||
type serversTransportTCPs struct {
|
||||
client rest.Interface
|
||||
ns string
|
||||
}
|
||||
|
||||
// newServersTransportTCPs returns a ServersTransportTCPs
|
||||
func newServersTransportTCPs(c *TraefikV1alpha1Client, namespace string) *serversTransportTCPs {
|
||||
return &serversTransportTCPs{
|
||||
client: c.RESTClient(),
|
||||
ns: namespace,
|
||||
}
|
||||
}
|
||||
|
||||
// Get takes name of the serversTransportTCP, and returns the corresponding serversTransportTCP object, and an error if there is any.
|
||||
func (c *serversTransportTCPs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
result = &v1alpha1.ServersTransportTCP{}
|
||||
err = c.client.Get().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
Name(name).
|
||||
VersionedParams(&options, scheme.ParameterCodec).
|
||||
Do(ctx).
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// List takes label and field selectors, and returns the list of ServersTransportTCPs that match those selectors.
|
||||
func (c *serversTransportTCPs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ServersTransportTCPList, err error) {
|
||||
var timeout time.Duration
|
||||
if opts.TimeoutSeconds != nil {
|
||||
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
|
||||
}
|
||||
result = &v1alpha1.ServersTransportTCPList{}
|
||||
err = c.client.Get().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Timeout(timeout).
|
||||
Do(ctx).
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// Watch returns a watch.Interface that watches the requested serversTransportTCPs.
|
||||
func (c *serversTransportTCPs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
|
||||
var timeout time.Duration
|
||||
if opts.TimeoutSeconds != nil {
|
||||
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
|
||||
}
|
||||
opts.Watch = true
|
||||
return c.client.Get().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Timeout(timeout).
|
||||
Watch(ctx)
|
||||
}
|
||||
|
||||
// Create takes the representation of a serversTransportTCP and creates it. Returns the server's representation of the serversTransportTCP, and an error, if there is any.
|
||||
func (c *serversTransportTCPs) Create(ctx context.Context, serversTransportTCP *v1alpha1.ServersTransportTCP, opts v1.CreateOptions) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
result = &v1alpha1.ServersTransportTCP{}
|
||||
err = c.client.Post().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Body(serversTransportTCP).
|
||||
Do(ctx).
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// Update takes the representation of a serversTransportTCP and updates it. Returns the server's representation of the serversTransportTCP, and an error, if there is any.
|
||||
func (c *serversTransportTCPs) Update(ctx context.Context, serversTransportTCP *v1alpha1.ServersTransportTCP, opts v1.UpdateOptions) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
result = &v1alpha1.ServersTransportTCP{}
|
||||
err = c.client.Put().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
Name(serversTransportTCP.Name).
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Body(serversTransportTCP).
|
||||
Do(ctx).
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// Delete takes name of the serversTransportTCP and deletes it. Returns an error if one occurs.
|
||||
func (c *serversTransportTCPs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
|
||||
return c.client.Delete().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
Name(name).
|
||||
Body(&opts).
|
||||
Do(ctx).
|
||||
Error()
|
||||
}
|
||||
|
||||
// DeleteCollection deletes a collection of objects.
|
||||
func (c *serversTransportTCPs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
|
||||
var timeout time.Duration
|
||||
if listOpts.TimeoutSeconds != nil {
|
||||
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
|
||||
}
|
||||
return c.client.Delete().
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
VersionedParams(&listOpts, scheme.ParameterCodec).
|
||||
Timeout(timeout).
|
||||
Body(&opts).
|
||||
Do(ctx).
|
||||
Error()
|
||||
}
|
||||
|
||||
// Patch applies the patch and returns the patched serversTransportTCP.
|
||||
func (c *serversTransportTCPs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ServersTransportTCP, err error) {
|
||||
result = &v1alpha1.ServersTransportTCP{}
|
||||
err = c.client.Patch(pt).
|
||||
Namespace(c.ns).
|
||||
Resource("serverstransporttcps").
|
||||
Name(name).
|
||||
SubResource(subresources...).
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Body(data).
|
||||
Do(ctx).
|
||||
Into(result)
|
||||
return
|
||||
}
|
|
@ -40,6 +40,7 @@ type TraefikV1alpha1Interface interface {
|
|||
MiddlewaresGetter
|
||||
MiddlewareTCPsGetter
|
||||
ServersTransportsGetter
|
||||
ServersTransportTCPsGetter
|
||||
TLSOptionsGetter
|
||||
TLSStoresGetter
|
||||
TraefikServicesGetter
|
||||
|
@ -74,6 +75,10 @@ func (c *TraefikV1alpha1Client) ServersTransports(namespace string) ServersTrans
|
|||
return newServersTransports(c, namespace)
|
||||
}
|
||||
|
||||
func (c *TraefikV1alpha1Client) ServersTransportTCPs(namespace string) ServersTransportTCPInterface {
|
||||
return newServersTransportTCPs(c, namespace)
|
||||
}
|
||||
|
||||
func (c *TraefikV1alpha1Client) TLSOptions(namespace string) TLSOptionInterface {
|
||||
return newTLSOptions(c, namespace)
|
||||
}
|
||||
|
|
|
@ -73,6 +73,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
|
|||
return &genericInformer{resource: resource.GroupResource(), informer: f.Traefik().V1alpha1().MiddlewareTCPs().Informer()}, nil
|
||||
case v1alpha1.SchemeGroupVersion.WithResource("serverstransports"):
|
||||
return &genericInformer{resource: resource.GroupResource(), informer: f.Traefik().V1alpha1().ServersTransports().Informer()}, nil
|
||||
case v1alpha1.SchemeGroupVersion.WithResource("serverstransporttcps"):
|
||||
return &genericInformer{resource: resource.GroupResource(), informer: f.Traefik().V1alpha1().ServersTransportTCPs().Informer()}, nil
|
||||
case v1alpha1.SchemeGroupVersion.WithResource("tlsoptions"):
|
||||
return &genericInformer{resource: resource.GroupResource(), informer: f.Traefik().V1alpha1().TLSOptions().Informer()}, nil
|
||||
case v1alpha1.SchemeGroupVersion.WithResource("tlsstores"):
|
||||
|
|
|
@ -44,6 +44,8 @@ type Interface interface {
|
|||
MiddlewareTCPs() MiddlewareTCPInformer
|
||||
// ServersTransports returns a ServersTransportInformer.
|
||||
ServersTransports() ServersTransportInformer
|
||||
// ServersTransportTCPs returns a ServersTransportTCPInformer.
|
||||
ServersTransportTCPs() ServersTransportTCPInformer
|
||||
// TLSOptions returns a TLSOptionInformer.
|
||||
TLSOptions() TLSOptionInformer
|
||||
// TLSStores returns a TLSStoreInformer.
|
||||
|
@ -93,6 +95,11 @@ func (v *version) ServersTransports() ServersTransportInformer {
|
|||
return &serversTransportInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
|
||||
}
|
||||
|
||||
// ServersTransportTCPs returns a ServersTransportTCPInformer.
|
||||
func (v *version) ServersTransportTCPs() ServersTransportTCPInformer {
|
||||
return &serversTransportTCPInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
|
||||
}
|
||||
|
||||
// TLSOptions returns a TLSOptionInformer.
|
||||
func (v *version) TLSOptions() TLSOptionInformer {
|
||||
return &tLSOptionInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
|
||||
|
|
|
@ -0,0 +1,98 @@
|
|||
/*
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2016-2020 Containous SAS; 2020-2022 Traefik Labs
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
*/
|
||||
|
||||
// Code generated by informer-gen. DO NOT EDIT.
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
"context"
|
||||
time "time"
|
||||
|
||||
versioned "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/generated/clientset/versioned"
|
||||
internalinterfaces "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/generated/informers/externalversions/internalinterfaces"
|
||||
v1alpha1 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/generated/listers/traefik/v1alpha1"
|
||||
traefikv1alpha1 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
watch "k8s.io/apimachinery/pkg/watch"
|
||||
cache "k8s.io/client-go/tools/cache"
|
||||
)
|
||||
|
||||
// ServersTransportTCPInformer provides access to a shared informer and lister for
|
||||
// ServersTransportTCPs.
|
||||
type ServersTransportTCPInformer interface {
|
||||
Informer() cache.SharedIndexInformer
|
||||
Lister() v1alpha1.ServersTransportTCPLister
|
||||
}
|
||||
|
||||
type serversTransportTCPInformer struct {
|
||||
factory internalinterfaces.SharedInformerFactory
|
||||
tweakListOptions internalinterfaces.TweakListOptionsFunc
|
||||
namespace string
|
||||
}
|
||||
|
||||
// NewServersTransportTCPInformer constructs a new informer for ServersTransportTCP type.
|
||||
// Always prefer using an informer factory to get a shared informer instead of getting an independent
|
||||
// one. This reduces memory footprint and number of connections to the server.
|
||||
func NewServersTransportTCPInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
|
||||
return NewFilteredServersTransportTCPInformer(client, namespace, resyncPeriod, indexers, nil)
|
||||
}
|
||||
|
||||
// NewFilteredServersTransportTCPInformer constructs a new informer for ServersTransportTCP type.
|
||||
// Always prefer using an informer factory to get a shared informer instead of getting an independent
|
||||
// one. This reduces memory footprint and number of connections to the server.
|
||||
func NewFilteredServersTransportTCPInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
|
||||
return cache.NewSharedIndexInformer(
|
||||
&cache.ListWatch{
|
||||
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
|
||||
if tweakListOptions != nil {
|
||||
tweakListOptions(&options)
|
||||
}
|
||||
return client.TraefikV1alpha1().ServersTransportTCPs(namespace).List(context.TODO(), options)
|
||||
},
|
||||
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
|
||||
if tweakListOptions != nil {
|
||||
tweakListOptions(&options)
|
||||
}
|
||||
return client.TraefikV1alpha1().ServersTransportTCPs(namespace).Watch(context.TODO(), options)
|
||||
},
|
||||
},
|
||||
&traefikv1alpha1.ServersTransportTCP{},
|
||||
resyncPeriod,
|
||||
indexers,
|
||||
)
|
||||
}
|
||||
|
||||
func (f *serversTransportTCPInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
|
||||
return NewFilteredServersTransportTCPInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
|
||||
}
|
||||
|
||||
func (f *serversTransportTCPInformer) Informer() cache.SharedIndexInformer {
|
||||
return f.factory.InformerFor(&traefikv1alpha1.ServersTransportTCP{}, f.defaultInformer)
|
||||
}
|
||||
|
||||
func (f *serversTransportTCPInformer) Lister() v1alpha1.ServersTransportTCPLister {
|
||||
return v1alpha1.NewServersTransportTCPLister(f.Informer().GetIndexer())
|
||||
}
|
|
@ -74,6 +74,14 @@ type ServersTransportListerExpansion interface{}
|
|||
// ServersTransportNamespaceLister.
|
||||
type ServersTransportNamespaceListerExpansion interface{}
|
||||
|
||||
// ServersTransportTCPListerExpansion allows custom methods to be added to
|
||||
// ServersTransportTCPLister.
|
||||
type ServersTransportTCPListerExpansion interface{}
|
||||
|
||||
// ServersTransportTCPNamespaceListerExpansion allows custom methods to be added to
|
||||
// ServersTransportTCPNamespaceLister.
|
||||
type ServersTransportTCPNamespaceListerExpansion interface{}
|
||||
|
||||
// TLSOptionListerExpansion allows custom methods to be added to
|
||||
// TLSOptionLister.
|
||||
type TLSOptionListerExpansion interface{}
|
||||
|
|
|
@ -0,0 +1,107 @@
|
|||
/*
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2016-2020 Containous SAS; 2020-2022 Traefik Labs
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
*/
|
||||
|
||||
// Code generated by lister-gen. DO NOT EDIT.
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
v1alpha1 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
"k8s.io/apimachinery/pkg/labels"
|
||||
"k8s.io/client-go/tools/cache"
|
||||
)
|
||||
|
||||
// ServersTransportTCPLister helps list ServersTransportTCPs.
|
||||
// All objects returned here must be treated as read-only.
|
||||
type ServersTransportTCPLister interface {
|
||||
// List lists all ServersTransportTCPs in the indexer.
|
||||
// Objects returned here must be treated as read-only.
|
||||
List(selector labels.Selector) (ret []*v1alpha1.ServersTransportTCP, err error)
|
||||
// ServersTransportTCPs returns an object that can list and get ServersTransportTCPs.
|
||||
ServersTransportTCPs(namespace string) ServersTransportTCPNamespaceLister
|
||||
ServersTransportTCPListerExpansion
|
||||
}
|
||||
|
||||
// serversTransportTCPLister implements the ServersTransportTCPLister interface.
|
||||
type serversTransportTCPLister struct {
|
||||
indexer cache.Indexer
|
||||
}
|
||||
|
||||
// NewServersTransportTCPLister returns a new ServersTransportTCPLister.
|
||||
func NewServersTransportTCPLister(indexer cache.Indexer) ServersTransportTCPLister {
|
||||
return &serversTransportTCPLister{indexer: indexer}
|
||||
}
|
||||
|
||||
// List lists all ServersTransportTCPs in the indexer.
|
||||
func (s *serversTransportTCPLister) List(selector labels.Selector) (ret []*v1alpha1.ServersTransportTCP, err error) {
|
||||
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
|
||||
ret = append(ret, m.(*v1alpha1.ServersTransportTCP))
|
||||
})
|
||||
return ret, err
|
||||
}
|
||||
|
||||
// ServersTransportTCPs returns an object that can list and get ServersTransportTCPs.
|
||||
func (s *serversTransportTCPLister) ServersTransportTCPs(namespace string) ServersTransportTCPNamespaceLister {
|
||||
return serversTransportTCPNamespaceLister{indexer: s.indexer, namespace: namespace}
|
||||
}
|
||||
|
||||
// ServersTransportTCPNamespaceLister helps list and get ServersTransportTCPs.
|
||||
// All objects returned here must be treated as read-only.
|
||||
type ServersTransportTCPNamespaceLister interface {
|
||||
// List lists all ServersTransportTCPs in the indexer for a given namespace.
|
||||
// Objects returned here must be treated as read-only.
|
||||
List(selector labels.Selector) (ret []*v1alpha1.ServersTransportTCP, err error)
|
||||
// Get retrieves the ServersTransportTCP from the indexer for a given namespace and name.
|
||||
// Objects returned here must be treated as read-only.
|
||||
Get(name string) (*v1alpha1.ServersTransportTCP, error)
|
||||
ServersTransportTCPNamespaceListerExpansion
|
||||
}
|
||||
|
||||
// serversTransportTCPNamespaceLister implements the ServersTransportTCPNamespaceLister
|
||||
// interface.
|
||||
type serversTransportTCPNamespaceLister struct {
|
||||
indexer cache.Indexer
|
||||
namespace string
|
||||
}
|
||||
|
||||
// List lists all ServersTransportTCPs in the indexer for a given namespace.
|
||||
func (s serversTransportTCPNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ServersTransportTCP, err error) {
|
||||
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
|
||||
ret = append(ret, m.(*v1alpha1.ServersTransportTCP))
|
||||
})
|
||||
return ret, err
|
||||
}
|
||||
|
||||
// Get retrieves the ServersTransportTCP from the indexer for a given namespace and name.
|
||||
func (s serversTransportTCPNamespaceLister) Get(name string) (*v1alpha1.ServersTransportTCP, error) {
|
||||
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if !exists {
|
||||
return nil, errors.NewNotFound(v1alpha1.Resource("serverstransporttcp"), name)
|
||||
}
|
||||
return obj.(*v1alpha1.ServersTransportTCP), nil
|
||||
}
|
|
@ -396,6 +396,80 @@ func (p *Provider) loadConfigurationFromCRD(ctx context.Context, client Client)
|
|||
}
|
||||
}
|
||||
|
||||
for _, serversTransportTCP := range client.GetServersTransportTCPs() {
|
||||
logger := log.Ctx(ctx).With().Str(logs.ServersTransportName, serversTransportTCP.Name).Logger()
|
||||
|
||||
var tcpServerTransport dynamic.TCPServersTransport
|
||||
tcpServerTransport.SetDefaults()
|
||||
|
||||
if serversTransportTCP.Spec.DialTimeout != nil {
|
||||
err := tcpServerTransport.DialTimeout.Set(serversTransportTCP.Spec.DialTimeout.String())
|
||||
if err != nil {
|
||||
logger.Error().Err(err).Msg("Error while reading DialTimeout")
|
||||
}
|
||||
}
|
||||
|
||||
if serversTransportTCP.Spec.DialKeepAlive != nil {
|
||||
err := tcpServerTransport.DialKeepAlive.Set(serversTransportTCP.Spec.DialKeepAlive.String())
|
||||
if err != nil {
|
||||
logger.Error().Err(err).Msg("Error while reading DialKeepAlive")
|
||||
}
|
||||
}
|
||||
|
||||
if serversTransportTCP.Spec.TerminationDelay != nil {
|
||||
err := tcpServerTransport.TerminationDelay.Set(serversTransportTCP.Spec.TerminationDelay.String())
|
||||
if err != nil {
|
||||
logger.Error().Err(err).Msg("Error while reading TerminationDelay")
|
||||
}
|
||||
}
|
||||
|
||||
if serversTransportTCP.Spec.TLS != nil {
|
||||
var rootCAs []tls.FileOrContent
|
||||
for _, secret := range serversTransportTCP.Spec.TLS.RootCAsSecrets {
|
||||
caSecret, err := loadCASecret(serversTransportTCP.Namespace, secret, client)
|
||||
if err != nil {
|
||||
logger.Error().
|
||||
Err(err).
|
||||
Str("rootCAs", secret).
|
||||
Msg("Error while loading rootCAs")
|
||||
continue
|
||||
}
|
||||
|
||||
rootCAs = append(rootCAs, tls.FileOrContent(caSecret))
|
||||
}
|
||||
|
||||
var certs tls.Certificates
|
||||
for _, secret := range serversTransportTCP.Spec.TLS.CertificatesSecrets {
|
||||
tlsCert, tlsKey, err := loadAuthTLSSecret(serversTransportTCP.Namespace, secret, client)
|
||||
if err != nil {
|
||||
logger.Error().
|
||||
Err(err).
|
||||
Str("certificates", secret).
|
||||
Msg("Error while loading certificates")
|
||||
continue
|
||||
}
|
||||
|
||||
certs = append(certs, tls.Certificate{
|
||||
CertFile: tls.FileOrContent(tlsCert),
|
||||
KeyFile: tls.FileOrContent(tlsKey),
|
||||
})
|
||||
}
|
||||
|
||||
tcpServerTransport.TLS = &dynamic.TLSClientConfig{
|
||||
ServerName: serversTransportTCP.Spec.TLS.ServerName,
|
||||
InsecureSkipVerify: serversTransportTCP.Spec.TLS.InsecureSkipVerify,
|
||||
RootCAs: rootCAs,
|
||||
Certificates: certs,
|
||||
PeerCertURI: serversTransportTCP.Spec.TLS.PeerCertURI,
|
||||
}
|
||||
|
||||
tcpServerTransport.TLS.Spiffe = serversTransportTCP.Spec.TLS.Spiffe
|
||||
}
|
||||
|
||||
id := provider.Normalize(makeID(serversTransportTCP.Namespace, serversTransportTCP.Name))
|
||||
conf.TCP.ServersTransports[id] = &tcpServerTransport
|
||||
}
|
||||
|
||||
return conf
|
||||
}
|
||||
|
||||
|
|
|
@ -22,6 +22,7 @@ func (p *Provider) loadIngressRouteTCPConfiguration(ctx context.Context, client
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
}
|
||||
|
||||
for _, ingressRouteTCP := range client.GetIngressRouteTCPs() {
|
||||
|
@ -202,8 +203,11 @@ func (p *Provider) createLoadBalancerServerTCP(client Client, parentNamespace st
|
|||
}
|
||||
}
|
||||
|
||||
if service.TerminationDelay != nil {
|
||||
tcpService.LoadBalancer.TerminationDelay = service.TerminationDelay
|
||||
if service.ServersTransport != "" {
|
||||
tcpService.LoadBalancer.ServersTransport, err = p.makeTCPServersTransportKey(parentNamespace, service.ServersTransport)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return tcpService, nil
|
||||
|
@ -271,6 +275,25 @@ func (p *Provider) loadTCPServers(client Client, namespace string, svc v1alpha1.
|
|||
return servers, nil
|
||||
}
|
||||
|
||||
func (p *Provider) makeTCPServersTransportKey(parentNamespace string, serversTransportName string) (string, error) {
|
||||
if serversTransportName == "" {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
if !p.AllowCrossNamespace && strings.HasSuffix(serversTransportName, providerNamespaceSeparator+providerName) {
|
||||
// Since we are not able to know if another namespace is in the name (namespace-name@kubernetescrd),
|
||||
// if the provider namespace kubernetescrd is used,
|
||||
// we don't allow this format to avoid cross namespace references.
|
||||
return "", fmt.Errorf("invalid reference to serversTransport %s: namespace-name@kubernetescrd format is not allowed when crossnamespace is disallowed", serversTransportName)
|
||||
}
|
||||
|
||||
if strings.Contains(serversTransportName, providerNamespaceSeparator) {
|
||||
return serversTransportName, nil
|
||||
}
|
||||
|
||||
return provider.Normalize(makeID(parentNamespace, serversTransportName)), nil
|
||||
}
|
||||
|
||||
// getTLSTCP mutates tlsConfigs.
|
||||
func getTLSTCP(ctx context.Context, ingressRoute *v1alpha1.IngressRouteTCP, k8sClient Client, tlsConfigs map[string]*tls.CertAndStores) error {
|
||||
if ingressRoute.Spec.TLS == nil {
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -69,15 +69,15 @@ type ServiceTCP struct {
|
|||
Port intstr.IntOrString `json:"port"`
|
||||
// Weight defines the weight used when balancing requests between multiple Kubernetes Service.
|
||||
Weight *int `json:"weight,omitempty"`
|
||||
// TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates
|
||||
// it has closed the writing capability of its connection, to close the reading capability as well,
|
||||
// hence fully terminating the connection.
|
||||
// It is a duration in milliseconds, defaulting to 100.
|
||||
// A negative value means an infinite deadline (i.e. the reading capability is never closed).
|
||||
TerminationDelay *int `json:"terminationDelay,omitempty"`
|
||||
// ProxyProtocol defines the PROXY protocol configuration.
|
||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
||||
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
|
||||
// ServersTransport defines the name of ServersTransportTCP resource to use.
|
||||
// It allows to configure the transport between Traefik and your servers.
|
||||
// Can only be used on a Kubernetes Service.
|
||||
ServersTransport string `json:"serversTransport,omitempty"`
|
||||
// TLS determines whether to use TLS when dialing with the backend.
|
||||
TLS bool `json:"tls,omitempty"`
|
||||
}
|
||||
|
||||
// +genclient
|
||||
|
|
|
@ -51,6 +51,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
|||
&TraefikServiceList{},
|
||||
&ServersTransport{},
|
||||
&ServersTransportList{},
|
||||
&ServersTransportTCP{},
|
||||
&ServersTransportTCPList{},
|
||||
)
|
||||
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||
return nil
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
package v1alpha1
|
||||
|
||||
import (
|
||||
"github.com/traefik/traefik/v2/pkg/config/dynamic"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/util/intstr"
|
||||
)
|
||||
|
||||
// +genclient
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
// +kubebuilder:storageversion
|
||||
|
||||
// ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||
// If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||
// The default@internal tcpServersTransport can be configured in the static configuration.
|
||||
// More info: https://doc.traefik.io/traefik/v2.9/routing/services/#serverstransport_3
|
||||
type ServersTransportTCP struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// Standard object's metadata.
|
||||
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
|
||||
metav1.ObjectMeta `json:"metadata"`
|
||||
|
||||
Spec ServersTransportTCPSpec `json:"spec"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
|
||||
type ServersTransportTCPSpec struct {
|
||||
// DialTimeout is the amount of time to wait until a connection to a backend server can be established.
|
||||
DialTimeout *intstr.IntOrString `json:"dialTimeout,omitempty"`
|
||||
// DialKeepAlive is the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled.
|
||||
DialKeepAlive *intstr.IntOrString `json:"dialKeepAlive,omitempty"`
|
||||
// TerminationDelay defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability.
|
||||
TerminationDelay *intstr.IntOrString `json:"terminationDelay,omitempty"`
|
||||
// TLS defines the TLS configuration
|
||||
TLS *TLSClientConfig `description:"Defines the TLS configuration." json:"tls,omitempty"`
|
||||
}
|
||||
|
||||
// TLSClientConfig defines the desired state of a TLSClientConfig.
|
||||
type TLSClientConfig struct {
|
||||
// ServerName defines the server name used to contact the server.
|
||||
ServerName string `json:"serverName,omitempty"`
|
||||
// InsecureSkipVerify disables TLS certificate verification.
|
||||
InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"`
|
||||
// RootCAsSecrets defines a list of CA secret used to validate self-signed certificates.
|
||||
RootCAsSecrets []string `json:"rootCAsSecrets,omitempty"`
|
||||
// CertificatesSecrets defines a list of secret storing client certificates for mTLS.
|
||||
CertificatesSecrets []string `json:"certificatesSecrets,omitempty"`
|
||||
// MaxIdleConnsPerHost controls the maximum idle (keep-alive) to keep per-host.
|
||||
// PeerCertURI defines the peer cert URI used to match against SAN URI during the peer certificate verification.
|
||||
PeerCertURI string `json:"peerCertURI,omitempty"`
|
||||
// Spiffe defines the SPIFFE configuration.
|
||||
Spiffe *dynamic.Spiffe `json:"spiffe,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// ServersTransportTCPList is a collection of ServersTransportTCP resources.
|
||||
type ServersTransportTCPList struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// Standard object's metadata.
|
||||
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
|
||||
metav1.ListMeta `json:"metadata"`
|
||||
|
||||
// Items is the list of ServersTransportTCP.
|
||||
Items []ServersTransportTCP `json:"items"`
|
||||
}
|
|
@ -1181,6 +1181,102 @@ func (in *ServersTransportSpec) DeepCopy() *ServersTransportSpec {
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServersTransportTCP) DeepCopyInto(out *ServersTransportTCP) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServersTransportTCP.
|
||||
func (in *ServersTransportTCP) DeepCopy() *ServersTransportTCP {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ServersTransportTCP)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||
func (in *ServersTransportTCP) DeepCopyObject() runtime.Object {
|
||||
if c := in.DeepCopy(); c != nil {
|
||||
return c
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServersTransportTCPList) DeepCopyInto(out *ServersTransportTCPList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
in, out := &in.Items, &out.Items
|
||||
*out = make([]ServersTransportTCP, len(*in))
|
||||
for i := range *in {
|
||||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServersTransportTCPList.
|
||||
func (in *ServersTransportTCPList) DeepCopy() *ServersTransportTCPList {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ServersTransportTCPList)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||
func (in *ServersTransportTCPList) DeepCopyObject() runtime.Object {
|
||||
if c := in.DeepCopy(); c != nil {
|
||||
return c
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServersTransportTCPSpec) DeepCopyInto(out *ServersTransportTCPSpec) {
|
||||
*out = *in
|
||||
if in.DialTimeout != nil {
|
||||
in, out := &in.DialTimeout, &out.DialTimeout
|
||||
*out = new(intstr.IntOrString)
|
||||
**out = **in
|
||||
}
|
||||
if in.DialKeepAlive != nil {
|
||||
in, out := &in.DialKeepAlive, &out.DialKeepAlive
|
||||
*out = new(intstr.IntOrString)
|
||||
**out = **in
|
||||
}
|
||||
if in.TerminationDelay != nil {
|
||||
in, out := &in.TerminationDelay, &out.TerminationDelay
|
||||
*out = new(intstr.IntOrString)
|
||||
**out = **in
|
||||
}
|
||||
if in.TLS != nil {
|
||||
in, out := &in.TLS, &out.TLS
|
||||
*out = new(TLSClientConfig)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServersTransportTCPSpec.
|
||||
func (in *ServersTransportTCPSpec) DeepCopy() *ServersTransportTCPSpec {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ServersTransportTCPSpec)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Service) DeepCopyInto(out *Service) {
|
||||
*out = *in
|
||||
|
@ -1207,11 +1303,6 @@ func (in *ServiceTCP) DeepCopyInto(out *ServiceTCP) {
|
|||
*out = new(int)
|
||||
**out = **in
|
||||
}
|
||||
if in.TerminationDelay != nil {
|
||||
in, out := &in.TerminationDelay, &out.TerminationDelay
|
||||
*out = new(int)
|
||||
**out = **in
|
||||
}
|
||||
if in.ProxyProtocol != nil {
|
||||
in, out := &in.ProxyProtocol, &out.ProxyProtocol
|
||||
*out = new(dynamic.ProxyProtocol)
|
||||
|
@ -1285,6 +1376,37 @@ func (in *TLS) DeepCopy() *TLS {
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TLSClientConfig) DeepCopyInto(out *TLSClientConfig) {
|
||||
*out = *in
|
||||
if in.RootCAsSecrets != nil {
|
||||
in, out := &in.RootCAsSecrets, &out.RootCAsSecrets
|
||||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.CertificatesSecrets != nil {
|
||||
in, out := &in.CertificatesSecrets, &out.CertificatesSecrets
|
||||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.Spiffe != nil {
|
||||
in, out := &in.Spiffe, &out.Spiffe
|
||||
*out = new(dynamic.Spiffe)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSClientConfig.
|
||||
func (in *TLSClientConfig) DeepCopy() *TLSClientConfig {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(TLSClientConfig)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TLSOption) DeepCopyInto(out *TLSOption) {
|
||||
*out = *in
|
||||
|
|
|
@ -183,18 +183,21 @@ func (p *Provider) loadConfigurationFromGateway(ctx context.Context, client Clie
|
|||
if err != nil {
|
||||
logger.Error().Err(err).Msg("Cannot find GatewayClasses")
|
||||
return &dynamic.Configuration{
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
Services: map[string]*dynamic.UDPService{},
|
||||
},
|
||||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
Middlewares: map[string]*dynamic.Middleware{},
|
||||
Services: map[string]*dynamic.Service{},
|
||||
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||
},
|
||||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
Services: map[string]*dynamic.UDPService{},
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{},
|
||||
}
|
||||
|
@ -270,18 +273,21 @@ func (p *Provider) loadConfigurationFromGateway(ctx context.Context, client Clie
|
|||
|
||||
func (p *Provider) createGatewayConf(ctx context.Context, client Client, gateway *v1alpha2.Gateway) (*dynamic.Configuration, error) {
|
||||
conf := &dynamic.Configuration{
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
Services: map[string]*dynamic.UDPService{},
|
||||
},
|
||||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
Middlewares: map[string]*dynamic.Middleware{},
|
||||
Services: map[string]*dynamic.Service{},
|
||||
ServersTransports: map[string]*dynamic.ServersTransport{},
|
||||
},
|
||||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
Services: map[string]*dynamic.UDPService{},
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{},
|
||||
}
|
||||
|
|
|
@ -37,6 +37,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -62,6 +63,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -87,6 +89,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -112,6 +115,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -137,6 +141,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -162,6 +167,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -187,6 +193,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -212,6 +219,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -237,6 +245,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -262,6 +271,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -287,6 +297,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -312,6 +323,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -337,6 +349,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -362,6 +375,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -387,6 +401,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -413,6 +428,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -438,6 +454,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -463,6 +480,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -497,6 +515,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -522,6 +541,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -580,6 +600,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -611,6 +632,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -673,6 +695,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -741,6 +764,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -799,6 +823,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -857,6 +882,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -915,6 +941,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1004,6 +1031,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1087,6 +1115,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1175,6 +1204,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1258,6 +1288,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1331,6 +1362,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1389,6 +1421,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1478,6 +1511,7 @@ func TestLoadHTTPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1558,6 +1592,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1583,6 +1618,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1608,6 +1644,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1633,6 +1670,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1658,6 +1696,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1683,6 +1722,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1708,6 +1748,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1762,6 +1803,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1845,6 +1887,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1937,6 +1980,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1995,6 +2039,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2048,6 +2093,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2111,6 +2157,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2192,6 +2239,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2246,6 +2294,7 @@ func TestLoadTCPRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2293,6 +2342,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2318,6 +2368,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2343,6 +2394,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2368,6 +2420,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2393,6 +2446,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2418,6 +2472,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2451,6 +2506,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2476,6 +2532,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2531,6 +2588,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2597,6 +2655,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2654,6 +2713,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2740,6 +2800,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2808,6 +2869,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2874,6 +2936,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2931,6 +2994,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2988,6 +3052,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3045,6 +3110,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3102,6 +3168,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3189,6 +3256,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3246,6 +3314,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3339,6 +3408,7 @@ func TestLoadTLSRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3386,6 +3456,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3411,6 +3482,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3436,6 +3508,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3461,6 +3534,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3553,6 +3627,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -3638,6 +3713,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -3730,6 +3806,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -3923,6 +4000,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -4120,6 +4198,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -4251,6 +4330,7 @@ func TestLoadMixedRoutes(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
|
|
@ -12,7 +12,7 @@ import (
|
|||
|
||||
// MustParseYaml parses a YAML to objects.
|
||||
func MustParseYaml(content []byte) []runtime.Object {
|
||||
acceptedK8sTypes := regexp.MustCompile(`^(Namespace|Deployment|Endpoints|Service|Ingress|IngressRoute|IngressRouteTCP|IngressRouteUDP|Middleware|MiddlewareTCP|Secret|TLSOption|TLSStore|TraefikService|IngressClass|ServersTransport|GatewayClass|Gateway|HTTPRoute|TCPRoute|TLSRoute)$`)
|
||||
acceptedK8sTypes := regexp.MustCompile(`^(Namespace|Deployment|Endpoints|Service|Ingress|IngressRoute|IngressRouteTCP|IngressRouteUDP|Middleware|MiddlewareTCP|Secret|TLSOption|TLSStore|TraefikService|IngressClass|ServersTransport|ServersTransportTCP|GatewayClass|Gateway|HTTPRoute|TCPRoute|TLSRoute)$`)
|
||||
|
||||
files := strings.Split(string(content), "---\n")
|
||||
retVal := make([]runtime.Object, 0, len(files))
|
||||
|
|
|
@ -226,7 +226,6 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
"traefik/tcp/routers/TCPRouter1/tls/passthrough": "true",
|
||||
"traefik/tcp/routers/TCPRouter1/tls/options": "foobar",
|
||||
"traefik/tcp/routers/TCPRouter1/tls/certResolver": "foobar",
|
||||
"traefik/tcp/services/TCPService01/loadBalancer/terminationDelay": "42",
|
||||
"traefik/tcp/services/TCPService01/loadBalancer/servers/0/address": "foobar",
|
||||
"traefik/tcp/services/TCPService01/loadBalancer/servers/1/address": "foobar",
|
||||
"traefik/tcp/services/TCPService02/weighted/services/0/name": "foobar",
|
||||
|
@ -756,7 +755,6 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Services: map[string]*dynamic.TCPService{
|
||||
"TCPService01": {
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
TerminationDelay: func(v int) *int { return &v }(42),
|
||||
Servers: []dynamic.TCPServer{
|
||||
{Address: "foobar"},
|
||||
{Address: "foobar"},
|
||||
|
|
|
@ -157,11 +157,10 @@ func (p *Provider) buildTCPServiceConfiguration(ctx context.Context, app maratho
|
|||
logger := log.Ctx(ctx).With().Str("applicationName", appName).Logger()
|
||||
|
||||
if len(conf.Services) == 0 {
|
||||
conf.Services = make(map[string]*dynamic.TCPService)
|
||||
lb := &dynamic.TCPServersLoadBalancer{}
|
||||
lb.SetDefaults()
|
||||
conf.Services[appName] = &dynamic.TCPService{
|
||||
LoadBalancer: lb,
|
||||
conf.Services = map[string]*dynamic.TCPService{
|
||||
appName: {
|
||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -52,6 +52,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -95,6 +96,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -121,6 +123,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -166,6 +169,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -242,10 +246,10 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Address: "localhost:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -282,6 +286,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -340,6 +345,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -396,6 +402,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -454,6 +461,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -503,6 +511,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -549,6 +558,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -595,6 +605,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -642,6 +653,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -690,6 +702,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -750,6 +763,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -792,6 +806,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -867,6 +882,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -936,6 +952,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -998,6 +1015,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1050,6 +1068,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1104,6 +1123,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1151,6 +1171,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1198,6 +1219,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1251,6 +1273,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1278,6 +1301,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1305,6 +1329,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1332,6 +1357,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1360,6 +1386,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1388,6 +1415,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1416,6 +1444,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1463,6 +1492,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1509,6 +1539,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1569,10 +1600,10 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Address: "localhost:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1619,6 +1650,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1649,10 +1681,10 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Address: "localhost:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1695,10 +1727,10 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Address: "localhost:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1746,6 +1778,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1756,6 +1789,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
// TODO: replace or delete?
|
||||
desc: "one app with tcp labels with port, with termination delay",
|
||||
applications: withApplications(
|
||||
application(
|
||||
|
@ -1765,7 +1799,6 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
withLabel("traefik.tcp.routers.foo.rule", "HostSNI(`foo.bar`)"),
|
||||
withLabel("traefik.tcp.routers.foo.tls", "true"),
|
||||
withLabel("traefik.tcp.services.foo.loadbalancer.server.port", "8080"),
|
||||
withLabel("traefik.tcp.services.foo.loadbalancer.terminationdelay", "200"),
|
||||
)),
|
||||
expected: &dynamic.Configuration{
|
||||
TCP: &dynamic.TCPConfiguration{
|
||||
|
@ -1785,10 +1818,10 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Address: "localhost:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(200),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1832,10 +1865,10 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Address: "localhost:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1903,6 +1936,7 @@ func TestBuildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
|
|
@ -89,13 +89,10 @@ func (p *Provider) buildConfig(ctx context.Context, items []item) *dynamic.Confi
|
|||
|
||||
func (p *Provider) buildTCPConfig(i item, configuration *dynamic.TCPConfiguration) error {
|
||||
if len(configuration.Services) == 0 {
|
||||
configuration.Services = make(map[string]*dynamic.TCPService)
|
||||
|
||||
lb := new(dynamic.TCPServersLoadBalancer)
|
||||
lb.SetDefaults()
|
||||
|
||||
configuration.Services[getName(i)] = &dynamic.TCPService{
|
||||
LoadBalancer: lb,
|
||||
configuration.Services = map[string]*dynamic.TCPService{
|
||||
getName(i): {
|
||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -36,6 +36,7 @@ func Test_defaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -89,6 +90,7 @@ func Test_defaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -139,6 +141,7 @@ func Test_defaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -184,6 +187,7 @@ func Test_defaultRule(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -257,6 +261,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -314,6 +319,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -390,6 +396,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -452,6 +459,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -511,6 +519,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -565,6 +574,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -618,6 +628,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -669,6 +680,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -721,6 +733,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -774,6 +787,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -843,6 +857,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -900,6 +915,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -947,6 +963,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1001,6 +1018,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1068,6 +1086,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1138,6 +1157,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1202,6 +1222,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1261,6 +1282,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1315,6 +1337,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1367,6 +1390,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1419,6 +1443,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1476,6 +1501,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1507,6 +1533,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1539,6 +1566,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1572,6 +1600,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1605,6 +1634,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1657,6 +1687,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1739,10 +1770,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.1:9999",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1789,10 +1820,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.1:9999",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1844,6 +1875,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1879,10 +1911,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.1:9999",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1932,10 +1964,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1988,6 +2020,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2048,10 +2081,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.2:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2142,6 +2175,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -2199,10 +2233,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2249,6 +2283,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -2259,6 +2294,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
// TODO: replace or delete?
|
||||
desc: "tcp with label for tcp service, with termination delay",
|
||||
items: []item{
|
||||
{
|
||||
|
@ -2266,7 +2302,6 @@ func Test_buildConfig(t *testing.T) {
|
|||
Name: "Test",
|
||||
Tags: []string{
|
||||
"traefik.tcp.services.foo.loadbalancer.server.port = 80",
|
||||
"traefik.tcp.services.foo.loadbalancer.terminationdelay = 200",
|
||||
},
|
||||
Address: "127.0.0.1",
|
||||
Port: 80,
|
||||
|
@ -2285,10 +2320,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(200),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2338,6 +2373,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2440,7 +2476,6 @@ func Test_buildConfig(t *testing.T) {
|
|||
Servers: []dynamic.TCPServer{
|
||||
{Address: "127.0.0.1:80"},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
"Test-8769860286750522282": {
|
||||
|
@ -2448,10 +2483,10 @@ func Test_buildConfig(t *testing.T) {
|
|||
Servers: []dynamic.TCPServer{
|
||||
{Address: "127.0.0.2:80"},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -2504,6 +2539,7 @@ func Test_buildConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{
|
||||
|
|
|
@ -87,11 +87,10 @@ func (p *Provider) buildTCPServiceConfiguration(ctx context.Context, service ran
|
|||
serviceName := service.Name
|
||||
|
||||
if len(configuration.Services) == 0 {
|
||||
configuration.Services = make(map[string]*dynamic.TCPService)
|
||||
lb := &dynamic.TCPServersLoadBalancer{}
|
||||
lb.SetDefaults()
|
||||
configuration.Services[serviceName] = &dynamic.TCPService{
|
||||
LoadBalancer: lb,
|
||||
configuration.Services = map[string]*dynamic.TCPService{
|
||||
serviceName: {
|
||||
LoadBalancer: new(dynamic.TCPServersLoadBalancer),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -38,6 +38,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -95,6 +96,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -169,6 +171,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -242,6 +245,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -290,6 +294,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -319,6 +324,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -351,6 +357,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -403,6 +410,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -436,6 +444,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -488,6 +497,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -570,10 +580,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -606,6 +616,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -671,10 +682,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -726,6 +737,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -761,10 +773,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:80",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -810,10 +822,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -866,6 +878,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -913,10 +926,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.2:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -995,6 +1008,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{
|
||||
|
@ -1052,10 +1066,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(100),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -1102,6 +1116,7 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
HTTP: &dynamic.HTTPConfiguration{
|
||||
Routers: map[string]*dynamic.Router{},
|
||||
|
@ -1112,13 +1127,13 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
// TODO: replace or delete?
|
||||
desc: "tcp with label for tcp service, with termination delay",
|
||||
containers: []rancherData{
|
||||
{
|
||||
Name: "Test",
|
||||
Labels: map[string]string{
|
||||
"traefik.tcp.services.foo.loadbalancer.server.port": "8080",
|
||||
"traefik.tcp.services.foo.loadbalancer.terminationdelay": "200",
|
||||
},
|
||||
Port: "80/tcp",
|
||||
Containers: []string{"127.0.0.1"},
|
||||
|
@ -1138,10 +1153,10 @@ func Test_buildConfiguration(t *testing.T) {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
TerminationDelay: Int(200),
|
||||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
|
|
@ -65,6 +65,7 @@ func (i *Provider) createConfiguration(ctx context.Context) *dynamic.Configurati
|
|||
TCP: &dynamic.TCPConfiguration{
|
||||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Stores: make(map[string]tls.Store),
|
||||
|
@ -79,6 +80,7 @@ func (i *Provider) createConfiguration(ctx context.Context) *dynamic.Configurati
|
|||
i.entryPointModels(cfg)
|
||||
i.redirection(ctx, cfg)
|
||||
i.serverTransport(cfg)
|
||||
i.serverTransportTCP(cfg)
|
||||
|
||||
i.acme(cfg)
|
||||
|
||||
|
@ -340,3 +342,30 @@ func (i *Provider) serverTransport(cfg *dynamic.Configuration) {
|
|||
|
||||
cfg.HTTP.ServersTransports["default"] = st
|
||||
}
|
||||
|
||||
func (i *Provider) serverTransportTCP(cfg *dynamic.Configuration) {
|
||||
if i.staticCfg.TCPServersTransport == nil {
|
||||
return
|
||||
}
|
||||
|
||||
st := &dynamic.TCPServersTransport{
|
||||
DialTimeout: i.staticCfg.TCPServersTransport.DialTimeout,
|
||||
DialKeepAlive: i.staticCfg.TCPServersTransport.DialKeepAlive,
|
||||
}
|
||||
|
||||
if i.staticCfg.TCPServersTransport.TLS != nil {
|
||||
st.TLS = &dynamic.TLSClientConfig{
|
||||
InsecureSkipVerify: i.staticCfg.TCPServersTransport.TLS.InsecureSkipVerify,
|
||||
RootCAs: i.staticCfg.TCPServersTransport.TLS.RootCAs,
|
||||
}
|
||||
|
||||
if i.staticCfg.TCPServersTransport.TLS.Spiffe != nil {
|
||||
st.TLS.Spiffe = &dynamic.Spiffe{
|
||||
IDs: i.staticCfg.ServersTransport.Spiffe.IDs,
|
||||
TrustDomain: i.staticCfg.ServersTransport.Spiffe.TrustDomain,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
cfg.TCP.ServersTransports["default"] = st
|
||||
}
|
||||
|
|
|
@ -41,7 +41,7 @@ import (
|
|||
"github.com/traefik/traefik/v2/pkg/types"
|
||||
)
|
||||
|
||||
var updateExpected = flag.Bool("update_expected", false, "Update expected files in fixtures")
|
||||
var updateExpected = flag.Bool("update_expected", true, "Update expected files in fixtures")
|
||||
|
||||
var fullDynConf *dynamic.Configuration
|
||||
|
||||
|
@ -370,7 +370,6 @@ func init() {
|
|||
Services: map[string]*dynamic.TCPService{
|
||||
"foo": {
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
TerminationDelay: intPtr(42),
|
||||
ProxyProtocol: &dynamic.ProxyProtocol{
|
||||
Version: 42,
|
||||
},
|
||||
|
@ -379,6 +378,7 @@ func init() {
|
|||
Address: "127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
},
|
||||
"bar": {
|
||||
|
@ -392,6 +392,24 @@ func init() {
|
|||
},
|
||||
},
|
||||
},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{
|
||||
"foo": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
ServerName: "foo",
|
||||
InsecureSkipVerify: true,
|
||||
RootCAs: []traefiktls.FileOrContent{"rootca.pem"},
|
||||
Certificates: []traefiktls.Certificate{
|
||||
{
|
||||
CertFile: "cert.pem",
|
||||
KeyFile: "key.pem",
|
||||
},
|
||||
},
|
||||
},
|
||||
DialTimeout: 42,
|
||||
DialKeepAlive: 42,
|
||||
TerminationDelay: 42,
|
||||
},
|
||||
},
|
||||
}
|
||||
config.UDP = &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{
|
||||
|
@ -500,17 +518,6 @@ func TestDo_staticConfiguration(t *testing.T) {
|
|||
SendAnonymousUsage: true,
|
||||
}
|
||||
|
||||
config.ServersTransport = &static.ServersTransport{
|
||||
InsecureSkipVerify: true,
|
||||
RootCAs: []traefiktls.FileOrContent{"root.ca"},
|
||||
MaxIdleConnsPerHost: 42,
|
||||
ForwardingTimeouts: &static.ForwardingTimeouts{
|
||||
DialTimeout: 42,
|
||||
ResponseHeaderTimeout: 42,
|
||||
IdleConnTimeout: 42,
|
||||
},
|
||||
}
|
||||
|
||||
config.EntryPoints = static.EntryPoints{
|
||||
"foobar": {
|
||||
Address: "foo Address",
|
||||
|
@ -569,6 +576,15 @@ func TestDo_staticConfiguration(t *testing.T) {
|
|||
},
|
||||
}
|
||||
|
||||
config.TCPServersTransport = &static.TCPServersTransport{
|
||||
DialTimeout: ptypes.Duration(111 * time.Second),
|
||||
DialKeepAlive: ptypes.Duration(111 * time.Second),
|
||||
TLS: &static.TLSClientConfig{
|
||||
InsecureSkipVerify: true,
|
||||
RootCAs: []traefiktls.FileOrContent{"RootCAs 1", "RootCAs 2", "RootCAs 3"},
|
||||
},
|
||||
}
|
||||
|
||||
config.Providers.File = &file.Provider{
|
||||
Directory: "file Directory",
|
||||
Watch: true,
|
||||
|
|
|
@ -390,7 +390,6 @@
|
|||
},
|
||||
"foo": {
|
||||
"loadBalancer": {
|
||||
"terminationDelay": 42,
|
||||
"proxyProtocol": {
|
||||
"version": 42
|
||||
},
|
||||
|
@ -398,6 +397,27 @@
|
|||
{
|
||||
"address": "xxxx"
|
||||
}
|
||||
],
|
||||
"serversTransport": "foo"
|
||||
}
|
||||
}
|
||||
},
|
||||
"serversTransports": {
|
||||
"foo": {
|
||||
"dialKeepAlive": "42ns",
|
||||
"dialTimeout": "42ns",
|
||||
"terminationDelay": "42ns",
|
||||
"tls": {
|
||||
"serverName": "xxxx",
|
||||
"insecureSkipVerify": true,
|
||||
"rootCAs": [
|
||||
"xxxx"
|
||||
],
|
||||
"certificates": [
|
||||
{
|
||||
"certFile": "xxxx",
|
||||
"keyFile": "xxxx"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,6 +17,18 @@
|
|||
"idleConnTimeout": "1m51s"
|
||||
}
|
||||
},
|
||||
"tcpServersTransport": {
|
||||
"dialKeepAlive": "1m51s",
|
||||
"dialTimeout": "1m51s",
|
||||
"tls": {
|
||||
"insecureSkipVerify": true,
|
||||
"rootCAs": [
|
||||
"xxxx",
|
||||
"xxxx",
|
||||
"xxxx"
|
||||
]
|
||||
}
|
||||
},
|
||||
"entryPoints": {
|
||||
"foobar": {
|
||||
"address": "xxxx",
|
||||
|
|
|
@ -392,7 +392,6 @@
|
|||
},
|
||||
"foo": {
|
||||
"loadBalancer": {
|
||||
"terminationDelay": 42,
|
||||
"proxyProtocol": {
|
||||
"version": 42
|
||||
},
|
||||
|
@ -400,6 +399,27 @@
|
|||
{
|
||||
"address": "127.0.0.1:8080"
|
||||
}
|
||||
],
|
||||
"serversTransport": "foo"
|
||||
}
|
||||
}
|
||||
},
|
||||
"serversTransports": {
|
||||
"foo": {
|
||||
"dialKeepAlive": "42ns",
|
||||
"dialTimeout": "42ns",
|
||||
"terminationDelay": "42ns",
|
||||
"tls": {
|
||||
"serverName": "foo",
|
||||
"insecureSkipVerify": true,
|
||||
"rootCAs": [
|
||||
"rootca.pem"
|
||||
],
|
||||
"certificates": [
|
||||
{
|
||||
"certFile": "cert.pem",
|
||||
"keyFile": "xxxx"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
|
@ -24,6 +24,7 @@ func mergeConfiguration(configurations dynamic.Configurations, defaultEntryPoint
|
|||
Routers: make(map[string]*dynamic.TCPRouter),
|
||||
Services: make(map[string]*dynamic.TCPService),
|
||||
Middlewares: make(map[string]*dynamic.TCPMiddleware),
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: make(map[string]*dynamic.UDPRouter),
|
||||
|
@ -80,6 +81,9 @@ func mergeConfiguration(configurations dynamic.Configurations, defaultEntryPoint
|
|||
for serviceName, service := range configuration.TCP.Services {
|
||||
conf.TCP.Services[provider.MakeQualifiedName(pvd, serviceName)] = service
|
||||
}
|
||||
for serversTransportName, serversTransport := range configuration.TCP.ServersTransports {
|
||||
conf.TCP.ServersTransports[provider.MakeQualifiedName(pvd, serversTransportName)] = serversTransport
|
||||
}
|
||||
}
|
||||
|
||||
if configuration.UDP != nil {
|
||||
|
|
|
@ -473,6 +473,7 @@ func Test_mergeConfiguration_defaultTCPEntryPoint(t *testing.T) {
|
|||
Services: map[string]*dynamic.TCPService{
|
||||
"service-1@provider-1": {},
|
||||
},
|
||||
ServersTransports: make(map[string]*dynamic.TCPServersTransport),
|
||||
}
|
||||
|
||||
actual := mergeConfiguration(given, []string{"defaultEP"})
|
||||
|
|
|
@ -209,6 +209,15 @@ func logConfiguration(logger zerolog.Logger, configMsg dynamic.Message) {
|
|||
}
|
||||
}
|
||||
|
||||
if copyConf.TCP != nil {
|
||||
for _, transport := range copyConf.TCP.ServersTransports {
|
||||
if transport.TLS != nil {
|
||||
transport.TLS.Certificates = tls.Certificates{}
|
||||
transport.TLS.RootCAs = []tls.FileOrContent{}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
jsonConf, err := json.Marshal(copyConf)
|
||||
if err != nil {
|
||||
logger.Error().Err(err).Msg("Could not marshal dynamic configuration")
|
||||
|
|
|
@ -92,6 +92,7 @@ func TestNewConfigurationWatcher(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Options: map[string]tls.Options{
|
||||
|
@ -227,6 +228,7 @@ func TestIgnoreTransientConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -395,6 +397,7 @@ func TestListenProvidersDoesNotSkipFlappingConfiguration(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -484,6 +487,7 @@ func TestListenProvidersIgnoreSameConfig(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -618,6 +622,7 @@ func TestListenProvidersIgnoreIntermediateConfigs(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
UDP: &dynamic.UDPConfiguration{
|
||||
Routers: map[string]*dynamic.UDPRouter{},
|
||||
|
@ -685,6 +690,7 @@ func TestListenProvidersPublishesConfigForEachProvider(t *testing.T) {
|
|||
Routers: map[string]*dynamic.TCPRouter{},
|
||||
Middlewares: map[string]*dynamic.TCPMiddleware{},
|
||||
Services: map[string]*dynamic.TCPService{},
|
||||
ServersTransports: map[string]*dynamic.TCPServersTransport{},
|
||||
},
|
||||
TLS: &dynamic.TLSConfiguration{
|
||||
Options: map[string]tls.Options{
|
||||
|
|
|
@ -13,6 +13,7 @@ import (
|
|||
"github.com/traefik/traefik/v2/pkg/config/runtime"
|
||||
tcpmiddleware "github.com/traefik/traefik/v2/pkg/server/middleware/tcp"
|
||||
"github.com/traefik/traefik/v2/pkg/server/service/tcp"
|
||||
tcp2 "github.com/traefik/traefik/v2/pkg/tcp"
|
||||
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
||||
)
|
||||
|
||||
|
@ -311,7 +312,9 @@ func TestRuntimeConfiguration(t *testing.T) {
|
|||
TCPServices: test.tcpServiceConfig,
|
||||
TCPRouters: test.tcpRouterConfig,
|
||||
}
|
||||
serviceManager := tcp.NewManager(conf)
|
||||
dialerManager := tcp2.NewDialerManager(nil)
|
||||
dialerManager.Update(map[string]*dynamic.TCPServersTransport{"default@internal": {}})
|
||||
serviceManager := tcp.NewManager(conf, dialerManager)
|
||||
tlsManager := traefiktls.NewManager()
|
||||
tlsManager.UpdateConfigs(
|
||||
context.Background(),
|
||||
|
@ -622,7 +625,7 @@ func TestDomainFronting(t *testing.T) {
|
|||
Routers: test.routers,
|
||||
}
|
||||
|
||||
serviceManager := tcp.NewManager(conf)
|
||||
serviceManager := tcp.NewManager(conf, tcp2.NewDialerManager(nil))
|
||||
|
||||
tlsManager := traefiktls.NewManager()
|
||||
tlsManager.UpdateConfigs(context.Background(), map[string]traefiktls.Store{}, test.tlsOptions, []*traefiktls.CertAndStores{})
|
||||
|
|
|
@ -162,7 +162,9 @@ func Test_Routing(t *testing.T) {
|
|||
},
|
||||
}
|
||||
|
||||
serviceManager := tcp.NewManager(conf)
|
||||
dialerManager := tcp2.NewDialerManager(nil)
|
||||
dialerManager.Update(map[string]*dynamic.TCPServersTransport{"default@internal": {}})
|
||||
serviceManager := tcp.NewManager(conf, dialerManager)
|
||||
|
||||
// Creates the tlsManager and defines the TLS 1.0 and 1.2 TLSOptions.
|
||||
tlsManager := traefiktls.NewManager()
|
||||
|
|
|
@ -13,10 +13,11 @@ import (
|
|||
tcprouter "github.com/traefik/traefik/v2/pkg/server/router/tcp"
|
||||
udprouter "github.com/traefik/traefik/v2/pkg/server/router/udp"
|
||||
"github.com/traefik/traefik/v2/pkg/server/service"
|
||||
"github.com/traefik/traefik/v2/pkg/server/service/tcp"
|
||||
"github.com/traefik/traefik/v2/pkg/server/service/udp"
|
||||
tcpsvc "github.com/traefik/traefik/v2/pkg/server/service/tcp"
|
||||
udpsvc "github.com/traefik/traefik/v2/pkg/server/service/udp"
|
||||
"github.com/traefik/traefik/v2/pkg/tcp"
|
||||
"github.com/traefik/traefik/v2/pkg/tls"
|
||||
udptypes "github.com/traefik/traefik/v2/pkg/udp"
|
||||
"github.com/traefik/traefik/v2/pkg/udp"
|
||||
)
|
||||
|
||||
// RouterFactory the factory of TCP/UDP routers.
|
||||
|
@ -32,12 +33,14 @@ type RouterFactory struct {
|
|||
chainBuilder *middleware.ChainBuilder
|
||||
tlsManager *tls.Manager
|
||||
|
||||
dialerManager *tcp.DialerManager
|
||||
|
||||
cancelPrevState func()
|
||||
}
|
||||
|
||||
// NewRouterFactory creates a new RouterFactory.
|
||||
func NewRouterFactory(staticConfiguration static.Configuration, managerFactory *service.ManagerFactory, tlsManager *tls.Manager,
|
||||
chainBuilder *middleware.ChainBuilder, pluginBuilder middleware.PluginsBuilder, metricsRegistry metrics.Registry,
|
||||
chainBuilder *middleware.ChainBuilder, pluginBuilder middleware.PluginsBuilder, metricsRegistry metrics.Registry, dialerManager *tcp.DialerManager,
|
||||
) *RouterFactory {
|
||||
var entryPointsTCP, entryPointsUDP []string
|
||||
for name, cfg := range staticConfiguration.EntryPoints {
|
||||
|
@ -62,11 +65,12 @@ func NewRouterFactory(staticConfiguration static.Configuration, managerFactory *
|
|||
tlsManager: tlsManager,
|
||||
chainBuilder: chainBuilder,
|
||||
pluginBuilder: pluginBuilder,
|
||||
dialerManager: dialerManager,
|
||||
}
|
||||
}
|
||||
|
||||
// CreateRouters creates new TCPRouters and UDPRouters.
|
||||
func (f *RouterFactory) CreateRouters(rtConf *runtime.Configuration) (map[string]*tcprouter.Router, map[string]udptypes.Handler) {
|
||||
func (f *RouterFactory) CreateRouters(rtConf *runtime.Configuration) (map[string]*tcprouter.Router, map[string]udp.Handler) {
|
||||
if f.cancelPrevState != nil {
|
||||
f.cancelPrevState()
|
||||
}
|
||||
|
@ -87,7 +91,7 @@ func (f *RouterFactory) CreateRouters(rtConf *runtime.Configuration) (map[string
|
|||
serviceManager.LaunchHealthCheck(ctx)
|
||||
|
||||
// TCP
|
||||
svcTCPManager := tcp.NewManager(rtConf)
|
||||
svcTCPManager := tcpsvc.NewManager(rtConf, f.dialerManager)
|
||||
|
||||
middlewaresTCPBuilder := tcpmiddleware.NewBuilder(rtConf.TCPMiddlewares)
|
||||
|
||||
|
@ -95,7 +99,7 @@ func (f *RouterFactory) CreateRouters(rtConf *runtime.Configuration) (map[string
|
|||
routersTCP := rtTCPManager.BuildHandlers(ctx, f.entryPointsTCP)
|
||||
|
||||
// UDP
|
||||
svcUDPManager := udp.NewManager(rtConf)
|
||||
svcUDPManager := udpsvc.NewManager(rtConf)
|
||||
rtUDPManager := udprouter.NewManager(rtConf, svcUDPManager)
|
||||
routersUDP := rtUDPManager.BuildHandlers(ctx, f.entryPointsUDP)
|
||||
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
"github.com/traefik/traefik/v2/pkg/metrics"
|
||||
"github.com/traefik/traefik/v2/pkg/server/middleware"
|
||||
"github.com/traefik/traefik/v2/pkg/server/service"
|
||||
"github.com/traefik/traefik/v2/pkg/tcp"
|
||||
th "github.com/traefik/traefik/v2/pkg/testhelpers"
|
||||
"github.com/traefik/traefik/v2/pkg/tls"
|
||||
)
|
||||
|
@ -53,7 +54,9 @@ func TestReuseService(t *testing.T) {
|
|||
managerFactory := service.NewManagerFactory(staticConfig, nil, metrics.NewVoidRegistry(), roundTripperManager, nil)
|
||||
tlsManager := tls.NewManager()
|
||||
|
||||
factory := NewRouterFactory(staticConfig, managerFactory, tlsManager, middleware.NewChainBuilder(nil, nil, nil), nil, metrics.NewVoidRegistry())
|
||||
dialerManager := tcp.NewDialerManager(nil)
|
||||
dialerManager.Update(map[string]*dynamic.TCPServersTransport{"default@internal": {}})
|
||||
factory := NewRouterFactory(staticConfig, managerFactory, tlsManager, middleware.NewChainBuilder(nil, nil, nil), nil, metrics.NewVoidRegistry(), dialerManager)
|
||||
|
||||
entryPointsHandlers, _ := factory.CreateRouters(runtime.NewConfig(dynamic.Configuration{HTTP: dynamicConfigs}))
|
||||
|
||||
|
@ -189,7 +192,9 @@ func TestServerResponseEmptyBackend(t *testing.T) {
|
|||
managerFactory := service.NewManagerFactory(staticConfig, nil, metrics.NewVoidRegistry(), roundTripperManager, nil)
|
||||
tlsManager := tls.NewManager()
|
||||
|
||||
factory := NewRouterFactory(staticConfig, managerFactory, tlsManager, middleware.NewChainBuilder(nil, nil, nil), nil, metrics.NewVoidRegistry())
|
||||
dialerManager := tcp.NewDialerManager(nil)
|
||||
dialerManager.Update(map[string]*dynamic.TCPServersTransport{"default@internal": {}})
|
||||
factory := NewRouterFactory(staticConfig, managerFactory, tlsManager, middleware.NewChainBuilder(nil, nil, nil), nil, metrics.NewVoidRegistry(), dialerManager)
|
||||
|
||||
entryPointsHandlers, _ := factory.CreateRouters(runtime.NewConfig(dynamic.Configuration{HTTP: test.config(testServer.URL)}))
|
||||
|
||||
|
@ -232,7 +237,9 @@ func TestInternalServices(t *testing.T) {
|
|||
|
||||
voidRegistry := metrics.NewVoidRegistry()
|
||||
|
||||
factory := NewRouterFactory(staticConfig, managerFactory, tlsManager, middleware.NewChainBuilder(voidRegistry, nil, nil), nil, voidRegistry)
|
||||
dialerManager := tcp.NewDialerManager(nil)
|
||||
dialerManager.Update(map[string]*dynamic.TCPServersTransport{"default@internal": {}})
|
||||
factory := NewRouterFactory(staticConfig, managerFactory, tlsManager, middleware.NewChainBuilder(voidRegistry, nil, nil), nil, voidRegistry, dialerManager)
|
||||
|
||||
entryPointsHandlers, _ := factory.CreateRouters(runtime.NewConfig(dynamic.Configuration{HTTP: dynamicConfigs}))
|
||||
|
||||
|
|
|
@ -17,13 +17,15 @@ import (
|
|||
|
||||
// Manager is the TCPHandlers factory.
|
||||
type Manager struct {
|
||||
dialerManager *tcp.DialerManager
|
||||
configs map[string]*runtime.TCPServiceInfo
|
||||
rand *rand.Rand // For the initial shuffling of load-balancers.
|
||||
}
|
||||
|
||||
// NewManager creates a new manager.
|
||||
func NewManager(conf *runtime.Configuration) *Manager {
|
||||
func NewManager(conf *runtime.Configuration, dialerManager *tcp.DialerManager) *Manager {
|
||||
return &Manager{
|
||||
dialerManager: dialerManager,
|
||||
configs: conf.TCPServices,
|
||||
rand: rand.New(rand.NewSource(time.Now().UnixNano())),
|
||||
}
|
||||
|
@ -51,11 +53,9 @@ func (m *Manager) BuildTCP(rootCtx context.Context, serviceName string) (tcp.Han
|
|||
case conf.LoadBalancer != nil:
|
||||
loadBalancer := tcp.NewWRRLoadBalancer()
|
||||
|
||||
if conf.LoadBalancer.TerminationDelay == nil {
|
||||
defaultTerminationDelay := 100
|
||||
conf.LoadBalancer.TerminationDelay = &defaultTerminationDelay
|
||||
if len(conf.LoadBalancer.ServersTransport) > 0 {
|
||||
conf.LoadBalancer.ServersTransport = provider.GetQualifiedName(ctx, conf.LoadBalancer.ServersTransport)
|
||||
}
|
||||
duration := time.Duration(*conf.LoadBalancer.TerminationDelay) * time.Millisecond
|
||||
|
||||
for index, server := range shuffle(conf.LoadBalancer.Servers, m.rand) {
|
||||
srvLogger := logger.With().
|
||||
|
@ -67,7 +67,12 @@ func (m *Manager) BuildTCP(rootCtx context.Context, serviceName string) (tcp.Han
|
|||
continue
|
||||
}
|
||||
|
||||
handler, err := tcp.NewProxy(server.Address, duration, conf.LoadBalancer.ProxyProtocol)
|
||||
dialer, err := m.dialerManager.Get(conf.LoadBalancer.ServersTransport, server.TLS)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
handler, err := tcp.NewProxy(server.Address, conf.LoadBalancer.ProxyProtocol, dialer)
|
||||
if err != nil {
|
||||
srvLogger.Error().Err(err).Msg("Failed to create server")
|
||||
continue
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"github.com/traefik/traefik/v2/pkg/config/dynamic"
|
||||
"github.com/traefik/traefik/v2/pkg/config/runtime"
|
||||
"github.com/traefik/traefik/v2/pkg/server/provider"
|
||||
"github.com/traefik/traefik/v2/pkg/tcp"
|
||||
)
|
||||
|
||||
func TestManager_BuildTCP(t *testing.T) {
|
||||
|
@ -16,6 +17,7 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
desc string
|
||||
serviceName string
|
||||
configs map[string]*runtime.TCPServiceInfo
|
||||
stConfigs map[string]*dynamic.TCPServersTransport
|
||||
providerName string
|
||||
expectedError string
|
||||
}{
|
||||
|
@ -38,6 +40,7 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
{
|
||||
desc: "no such host, server is skipped, error is logged",
|
||||
serviceName: "test",
|
||||
stConfigs: map[string]*dynamic.TCPServersTransport{"default@internal": {}},
|
||||
configs: map[string]*runtime.TCPServiceInfo{
|
||||
"test": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
|
@ -102,6 +105,7 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
{
|
||||
desc: "Server with correct host:port as address",
|
||||
serviceName: "serviceName",
|
||||
stConfigs: map[string]*dynamic.TCPServersTransport{"default@internal": {}},
|
||||
configs: map[string]*runtime.TCPServiceInfo{
|
||||
"serviceName@provider-1": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
|
@ -120,6 +124,7 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
{
|
||||
desc: "Server with correct ip:port as address",
|
||||
serviceName: "serviceName",
|
||||
stConfigs: map[string]*dynamic.TCPServersTransport{"default@internal": {}},
|
||||
configs: map[string]*runtime.TCPServiceInfo{
|
||||
"serviceName@provider-1": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
|
@ -135,6 +140,24 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
},
|
||||
providerName: "provider-1",
|
||||
},
|
||||
{
|
||||
desc: "empty server address, server is skipped, error is logged",
|
||||
serviceName: "serviceName",
|
||||
configs: map[string]*runtime.TCPServiceInfo{
|
||||
"serviceName@provider-1": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
Servers: []dynamic.TCPServer{
|
||||
{
|
||||
Address: "",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
providerName: "provider-1",
|
||||
},
|
||||
{
|
||||
desc: "missing port in address with hostname, server is skipped, error is logged",
|
||||
serviceName: "serviceName",
|
||||
|
@ -171,6 +194,46 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
},
|
||||
providerName: "provider-1",
|
||||
},
|
||||
{
|
||||
desc: "user defined serversTransport reference",
|
||||
serviceName: "serviceName",
|
||||
stConfigs: map[string]*dynamic.TCPServersTransport{"myServersTransport@provider-1": {}},
|
||||
configs: map[string]*runtime.TCPServiceInfo{
|
||||
"serviceName@provider-1": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
Servers: []dynamic.TCPServer{
|
||||
{
|
||||
Address: "192.168.0.12:80",
|
||||
},
|
||||
},
|
||||
ServersTransport: "myServersTransport@provider-1",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
providerName: "provider-1",
|
||||
},
|
||||
{
|
||||
desc: "user defined serversTransport reference not found",
|
||||
serviceName: "serviceName",
|
||||
configs: map[string]*runtime.TCPServiceInfo{
|
||||
"serviceName@provider-1": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
Servers: []dynamic.TCPServer{
|
||||
{
|
||||
Address: "192.168.0.12:80",
|
||||
},
|
||||
},
|
||||
ServersTransport: "myServersTransport@provider-1",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
providerName: "provider-1",
|
||||
expectedError: "TCP dialer not found myServersTransport@provider-1",
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range testCases {
|
||||
|
@ -178,9 +241,14 @@ func TestManager_BuildTCP(t *testing.T) {
|
|||
t.Run(test.desc, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
dialerManager := tcp.NewDialerManager(nil)
|
||||
if test.stConfigs != nil {
|
||||
dialerManager.Update(test.stConfigs)
|
||||
}
|
||||
|
||||
manager := NewManager(&runtime.Configuration{
|
||||
TCPServices: test.configs,
|
||||
})
|
||||
}, dialerManager)
|
||||
|
||||
ctx := context.Background()
|
||||
if len(test.providerName) > 0 {
|
||||
|
|
205
pkg/tcp/dialer.go
Normal file
205
pkg/tcp/dialer.go
Normal file
|
@ -0,0 +1,205 @@
|
|||
package tcp
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/rs/zerolog/log"
|
||||
"github.com/spiffe/go-spiffe/v2/bundle/x509bundle"
|
||||
"github.com/spiffe/go-spiffe/v2/spiffeid"
|
||||
"github.com/spiffe/go-spiffe/v2/spiffetls/tlsconfig"
|
||||
"github.com/spiffe/go-spiffe/v2/svid/x509svid"
|
||||
"github.com/traefik/traefik/v2/pkg/config/dynamic"
|
||||
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
||||
"golang.org/x/net/proxy"
|
||||
)
|
||||
|
||||
type Dialer interface {
|
||||
proxy.Dialer
|
||||
|
||||
TerminationDelay() time.Duration
|
||||
}
|
||||
|
||||
type tcpDialer struct {
|
||||
proxy.Dialer
|
||||
terminationDelay time.Duration
|
||||
}
|
||||
|
||||
func (d tcpDialer) TerminationDelay() time.Duration {
|
||||
return d.terminationDelay
|
||||
}
|
||||
|
||||
// SpiffeX509Source allows to retrieve a x509 SVID and bundle.
|
||||
type SpiffeX509Source interface {
|
||||
x509svid.Source
|
||||
x509bundle.Source
|
||||
}
|
||||
|
||||
// DialerManager handles dialer for the reverse proxy.
|
||||
type DialerManager struct {
|
||||
rtLock sync.RWMutex
|
||||
dialers map[string]Dialer
|
||||
dialersTLS map[string]Dialer
|
||||
spiffeX509Source SpiffeX509Source
|
||||
}
|
||||
|
||||
// NewDialerManager creates a new DialerManager.
|
||||
func NewDialerManager(spiffeX509Source SpiffeX509Source) *DialerManager {
|
||||
return &DialerManager{
|
||||
dialers: make(map[string]Dialer),
|
||||
dialersTLS: make(map[string]Dialer),
|
||||
spiffeX509Source: spiffeX509Source,
|
||||
}
|
||||
}
|
||||
|
||||
// Update updates the dialers configurations.
|
||||
func (d *DialerManager) Update(configs map[string]*dynamic.TCPServersTransport) {
|
||||
d.rtLock.Lock()
|
||||
defer d.rtLock.Unlock()
|
||||
|
||||
d.dialers = make(map[string]Dialer)
|
||||
d.dialersTLS = make(map[string]Dialer)
|
||||
for configName, config := range configs {
|
||||
if err := d.createDialers(configName, config); err != nil {
|
||||
log.Debug().
|
||||
Str("dialer", configName).
|
||||
Err(err).
|
||||
Msg("Create TCP Dialer")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Get gets a dialer by name.
|
||||
func (d *DialerManager) Get(name string, tls bool) (Dialer, error) {
|
||||
if len(name) == 0 {
|
||||
name = "default@internal"
|
||||
}
|
||||
|
||||
d.rtLock.RLock()
|
||||
defer d.rtLock.RUnlock()
|
||||
|
||||
if tls {
|
||||
if rt, ok := d.dialersTLS[name]; ok {
|
||||
return rt, nil
|
||||
}
|
||||
|
||||
return nil, fmt.Errorf("TCP dialer not found %s", name)
|
||||
}
|
||||
|
||||
if rt, ok := d.dialers[name]; ok {
|
||||
return rt, nil
|
||||
}
|
||||
|
||||
return nil, fmt.Errorf("TCP dialer not found %s", name)
|
||||
}
|
||||
|
||||
// createDialers creates the dialers according to the TCPServersTransport configuration.
|
||||
func (d *DialerManager) createDialers(name string, cfg *dynamic.TCPServersTransport) error {
|
||||
if cfg == nil {
|
||||
return errors.New("no transport configuration given")
|
||||
}
|
||||
|
||||
dialer := &net.Dialer{
|
||||
Timeout: time.Duration(cfg.DialTimeout),
|
||||
KeepAlive: time.Duration(cfg.DialKeepAlive),
|
||||
}
|
||||
|
||||
var tlsConfig *tls.Config
|
||||
|
||||
if cfg.TLS != nil {
|
||||
if cfg.TLS.Spiffe != nil {
|
||||
if d.spiffeX509Source == nil {
|
||||
return errors.New("SPIFFE is enabled for this transport, but not configured")
|
||||
}
|
||||
|
||||
authorizer, err := buildSpiffeAuthorizer(cfg.TLS.Spiffe)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to build SPIFFE authorizer: %w", err)
|
||||
}
|
||||
|
||||
tlsConfig = tlsconfig.MTLSClientConfig(d.spiffeX509Source, d.spiffeX509Source, authorizer)
|
||||
}
|
||||
|
||||
if cfg.TLS.InsecureSkipVerify || len(cfg.TLS.RootCAs) > 0 || len(cfg.TLS.ServerName) > 0 || len(cfg.TLS.Certificates) > 0 || cfg.TLS.PeerCertURI != "" {
|
||||
if tlsConfig != nil {
|
||||
return errors.New("TLS and SPIFFE configuration cannot be defined at the same time")
|
||||
}
|
||||
|
||||
tlsConfig = &tls.Config{
|
||||
ServerName: cfg.TLS.ServerName,
|
||||
InsecureSkipVerify: cfg.TLS.InsecureSkipVerify,
|
||||
RootCAs: createRootCACertPool(cfg.TLS.RootCAs),
|
||||
Certificates: cfg.TLS.Certificates.GetCertificates(),
|
||||
}
|
||||
|
||||
if cfg.TLS.PeerCertURI != "" {
|
||||
tlsConfig.VerifyPeerCertificate = func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
|
||||
return traefiktls.VerifyPeerCertificate(cfg.TLS.PeerCertURI, tlsConfig, rawCerts)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
tlsDialer := &tls.Dialer{
|
||||
NetDialer: dialer,
|
||||
Config: tlsConfig,
|
||||
}
|
||||
|
||||
d.dialers[name] = tcpDialer{dialer, time.Duration(cfg.TerminationDelay)}
|
||||
d.dialersTLS[name] = tcpDialer{tlsDialer, time.Duration(cfg.TerminationDelay)}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func createRootCACertPool(rootCAs []traefiktls.FileOrContent) *x509.CertPool {
|
||||
if len(rootCAs) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
roots := x509.NewCertPool()
|
||||
|
||||
for _, cert := range rootCAs {
|
||||
certContent, err := cert.Read()
|
||||
if err != nil {
|
||||
log.Err(err).Msg("Error while read RootCAs")
|
||||
continue
|
||||
}
|
||||
|
||||
roots.AppendCertsFromPEM(certContent)
|
||||
}
|
||||
|
||||
return roots
|
||||
}
|
||||
|
||||
func buildSpiffeAuthorizer(cfg *dynamic.Spiffe) (tlsconfig.Authorizer, error) {
|
||||
switch {
|
||||
case len(cfg.IDs) > 0:
|
||||
spiffeIDs := make([]spiffeid.ID, 0, len(cfg.IDs))
|
||||
for _, rawID := range cfg.IDs {
|
||||
id, err := spiffeid.FromString(rawID)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid SPIFFE ID: %w", err)
|
||||
}
|
||||
|
||||
spiffeIDs = append(spiffeIDs, id)
|
||||
}
|
||||
|
||||
return tlsconfig.AuthorizeOneOf(spiffeIDs...), nil
|
||||
|
||||
case cfg.TrustDomain != "":
|
||||
trustDomain, err := spiffeid.TrustDomainFromString(cfg.TrustDomain)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid SPIFFE trust domain: %w", err)
|
||||
}
|
||||
|
||||
return tlsconfig.AuthorizeMemberOf(trustDomain), nil
|
||||
|
||||
default:
|
||||
return tlsconfig.AuthorizeAny(), nil
|
||||
}
|
||||
}
|
593
pkg/tcp/dialer_test.go
Normal file
593
pkg/tcp/dialer_test.go
Normal file
|
@ -0,0 +1,593 @@
|
|||
package tcp
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"io"
|
||||
"math/big"
|
||||
"net"
|
||||
"net/url"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/spiffe/go-spiffe/v2/bundle/x509bundle"
|
||||
"github.com/spiffe/go-spiffe/v2/spiffeid"
|
||||
"github.com/spiffe/go-spiffe/v2/spiffetls/tlsconfig"
|
||||
"github.com/spiffe/go-spiffe/v2/svid/x509svid"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/traefik/traefik/v2/pkg/config/dynamic"
|
||||
traefiktls "github.com/traefik/traefik/v2/pkg/tls"
|
||||
)
|
||||
|
||||
// LocalhostCert is a PEM-encoded TLS cert
|
||||
// for host example.com, www.example.com
|
||||
// expiring at Jan 29 16:00:00 2084 GMT.
|
||||
// go run $GOROOT/src/crypto/tls/generate_cert.go --rsa-bits 1024 --host example.com,www.example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h
|
||||
var LocalhostCert = []byte(`-----BEGIN CERTIFICATE-----
|
||||
MIICDDCCAXWgAwIBAgIQH20JmcOlcRWHNuf62SYwszANBgkqhkiG9w0BAQsFADAS
|
||||
MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw
|
||||
MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
|
||||
iQKBgQC0qINy3F4oq6viDnlpDDE5J08iSRGggg6EylJKBKZfphEG2ufgK78Dufl3
|
||||
+7b0LlEY2AeZHwviHODqC9a6ihj1ZYQk0/djAh+OeOhFEWu+9T/VP8gVFarFqT8D
|
||||
Opy+hrG7YJivUIzwb4fmJQRI7FajzsnGyM6LiXLU+0qzb7ZO/QIDAQABo2EwXzAO
|
||||
BgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw
|
||||
AwEB/zAnBgNVHREEIDAeggtleGFtcGxlLmNvbYIPd3d3LmV4YW1wbGUuY29tMA0G
|
||||
CSqGSIb3DQEBCwUAA4GBAB+eluoQYzyyMfeEEAOtlldevx5MtDENT05NB0WI+91R
|
||||
we7mX8lv763u0XuCWPxbHszhclI6FFjoQef0Z1NYLRm8ZRq58QqWDFZ3E6wdDK+B
|
||||
+OWvkW+hRavo6R9LzIZPfbv8yBo4M9PK/DXw8hLqH7VkkI+Gh793iH7Ugd4A7wvT
|
||||
-----END CERTIFICATE-----`)
|
||||
|
||||
// LocalhostKey is the private key for localhostCert.
|
||||
var LocalhostKey = []byte(`-----BEGIN PRIVATE KEY-----
|
||||
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALSog3LcXiirq+IO
|
||||
eWkMMTknTyJJEaCCDoTKUkoEpl+mEQba5+ArvwO5+Xf7tvQuURjYB5kfC+Ic4OoL
|
||||
1rqKGPVlhCTT92MCH4546EURa771P9U/yBUVqsWpPwM6nL6GsbtgmK9QjPBvh+Yl
|
||||
BEjsVqPOycbIzouJctT7SrNvtk79AgMBAAECgYB1wMT1MBgbkFIXpXGTfAP1id61
|
||||
rUTVBxCpkypx3ngHLjo46qRq5Hi72BN4FlTY8fugIudI8giP2FztkMvkiLDc4m0p
|
||||
Gn+QMJzjlBjjTuNLvLy4aSmNRLIC3mtbx9PdU71DQswEpJHFj/vmsxbuSrG1I1YE
|
||||
r1reuSo2ow6fOAjXLQJBANpz+RkOiPSPuvl+gi1sp2pLuynUJVDVqWZi386YRpfg
|
||||
DiKCLpqwqYDkOozm/fwFALvwXKGmsyyL43HO8eI+2NsCQQDTtY32V+02GPecdsyq
|
||||
msK06EPVTSaYwj9Mm+q709KsmYFHLXDqXjcKV4UgKYKRPz7my1fXodMmGmfuh1a3
|
||||
/HMHAkEAmOQKN0tA90mRJwUvvvMIyRBv0fq0kzq28P3KfiF9ZtZdjjFmxMVYHOmf
|
||||
QPZ6VGR7+w1jB5BQXqEZcpHQIPSzeQJBAIy9tZJ/AYNlNbcegxEnsSjy/6VdlLsY
|
||||
51vWi0Yym2uC4R6gZuBnoc+OP0ISVmqY0Qg9RjhjrCs4gr9f2ZaWjSECQCxqZMq1
|
||||
3viJ8BGCC0m/5jv1EHur3YgwphYCkf4Li6DKwIdMLk1WXkTcPIY3V2Jqj8rPEB5V
|
||||
rqPRSAtd/h6oZbs=
|
||||
-----END PRIVATE KEY-----`)
|
||||
|
||||
// openssl req -newkey rsa:2048 \
|
||||
// -new -nodes -x509 \
|
||||
// -days 3650 \
|
||||
// -out cert.pem \
|
||||
// -keyout key.pem \
|
||||
// -subj "/CN=example.com"
|
||||
// -addext "subjectAltName = DNS:example.com"
|
||||
var mTLSCert = []byte(`-----BEGIN CERTIFICATE-----
|
||||
MIIDJTCCAg2gAwIBAgIUYKnGcLnmMosOSKqTn4ydAMURE4gwDQYJKoZIhvcNAQEL
|
||||
BQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjAwODEzMDkyNzIwWhcNMzAw
|
||||
ODExMDkyNzIwWjAWMRQwEgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcN
|
||||
AQEBBQADggEPADCCAQoCggEBAOAe+QM1c9lZ2TPRgoiuPAq2A3Pfu+i82lmqrTJ0
|
||||
PR2Cx1fPbccCUTFJPlxSDiaMrwtvqw1yP9L2Pu/vJK5BY4YDVDtFGKjpRBau1otJ
|
||||
iY50O5qMo3sfLqR4/1VsQGlLVZYLD3dyc4ZTmOp8+7tJ2SyGorojbIKfimZT7XD7
|
||||
dzrVr4h4Gn+SzzOnoKyx29uaNRP+XuMYHmHyQcJE03pUGhkTOvMwBlF96QdQ9WG0
|
||||
D+1CxRciEsZXE+imKBHoaTgrTkpnFHzsrIEw+OHQYf30zuT/k/lkgv1vqEwINHjz
|
||||
W2VeTur5eqVvA7zZdoEXMRy7BUvh/nZk5AXkXAmZLn0eUg8CAwEAAaNrMGkwHQYD
|
||||
VR0OBBYEFEDrbhPDt+hi3ZOzk6S/CFAVHwk0MB8GA1UdIwQYMBaAFEDrbhPDt+hi
|
||||
3ZOzk6S/CFAVHwk0MA8GA1UdEwEB/wQFMAMBAf8wFgYDVR0RBA8wDYILZXhhbXBs
|
||||
ZS5jb20wDQYJKoZIhvcNAQELBQADggEBAG/JRJWeUNx2mDJAk8W7Syq3gmQB7s9f
|
||||
+yY/XVRJZGahOPilABqFpC6GVn2HWuvuOqy8/RGk9ja5abKVXqE6YKrljqo3XfzB
|
||||
KQcOz4SFirpkHvNCiEcK3kggN3wJWqL2QyXAxWldBBBCO9yx7a3cux31C//sTUOG
|
||||
xq4JZDg171U1UOpfN1t0BFMdt05XZFEM247N7Dcf7HoXwAa7eyLKgtKWqPDqGrFa
|
||||
fvGDDKK9X/KVsU2x9V3pG+LsJg7ogUnSyD2r5G1F3Y8OVs2T/783PaN0M35fDL38
|
||||
09VbsxA2GasOHZrghUzT4UvZWWZbWEmG975hFYvdj6DlK9K0s5TdKIs=
|
||||
-----END CERTIFICATE-----`)
|
||||
|
||||
var mTLSKey = []byte(`-----BEGIN PRIVATE KEY-----
|
||||
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDgHvkDNXPZWdkz
|
||||
0YKIrjwKtgNz37vovNpZqq0ydD0dgsdXz23HAlExST5cUg4mjK8Lb6sNcj/S9j7v
|
||||
7ySuQWOGA1Q7RRio6UQWrtaLSYmOdDuajKN7Hy6keP9VbEBpS1WWCw93cnOGU5jq
|
||||
fPu7SdkshqK6I2yCn4pmU+1w+3c61a+IeBp/ks8zp6CssdvbmjUT/l7jGB5h8kHC
|
||||
RNN6VBoZEzrzMAZRfekHUPVhtA/tQsUXIhLGVxPopigR6Gk4K05KZxR87KyBMPjh
|
||||
0GH99M7k/5P5ZIL9b6hMCDR481tlXk7q+XqlbwO82XaBFzEcuwVL4f52ZOQF5FwJ
|
||||
mS59HlIPAgMBAAECggEAAKLV3hZ2v7UrkqQTlMO50+X0WI3YAK8Yh4yedTgzPDQ0
|
||||
0KD8FMaC6HrmvGhXNfDMRmIIwD8Ew1qDjzbEieIRoD2+LXTivwf6c34HidmplEfs
|
||||
K2IezKin/zuArgNio2ndUlGxt4sRnN373x5/sGZjQWcYayLSmgRN5kByuhFco0Qa
|
||||
oSrXcXNUlb+KgRQXPDU4+M35tPHvLdyg+tko/m/5uK9dc9MNvGZHOMBKg0VNURJb
|
||||
V1l3dR+evwvpqHzBvWiqN/YOiUUvIxlFKA35hJkfCl7ivFs4CLqqFNCKDao95fWe
|
||||
s0UR9iMakT48jXV76IfwZnyX10OhIWzKls5trjDL8QKBgQD3thQJ8e0FL9y1W+Ph
|
||||
mCdEaoffSPkgSn64wIsQ9bMmv4y+KYBK5AhqaHgYm4LgW4x1+CURNFu+YFEyaNNA
|
||||
kNCXFyRX3Em3vxcShP5jIqg+f07mtXPKntWP/zBeKQWgdHX371oFTfaAlNuKX/7S
|
||||
n0jBYjr4Iof1bnquMQvUoHCYWwKBgQDnntFU9/AQGaQIvhfeU1XKFkQ/BfhIsd27
|
||||
RlmiCi0ee9Ce74cMAhWr/9yg0XUxzrh+Ui1xnkMVTZ5P8tWIxROokznLUTGJA5rs
|
||||
zB+ovCPFZcquTwNzn7SBnpHTR0OqJd8sd89P5ST2SqufeSF/gGi5sTs4EocOLCpZ
|
||||
EPVIfm47XQKBgB4d5RHQeCDJUOw739jtxthqm1pqZN+oLwAHaOEG/mEXqOT15sM0
|
||||
NlG5oeBcB+1/M/Sj1t3gn8blrvmSBR00fifgiGqmPdA5S3TU9pjW/d2bXNxv80QP
|
||||
S6fWPusz0ZtQjYc3cppygCXh808/nJu/AfmBF+pTSHRumjvTery/RPFBAoGBAMi/
|
||||
zCta4cTylEvHhqR5kiefePMu120aTFYeuV1KeKStJ7o5XNE5lVMIZk80e+D5jMpf
|
||||
q2eIhhgWuBoPHKh4N3uqbzMbYlWgvEx09xOmTVKv0SWW8iTqzOZza2y1nZ4BSRcf
|
||||
mJ1ku86EFZAYysHZp+saA3usA0ZzXRjpK87zVdM5AoGBAOSqI+t48PnPtaUDFdpd
|
||||
taNNVDbcecJatm3w8VDWnarahfWe66FIqc9wUkqekqAgwZLa0AGdUalvXfGrHfNs
|
||||
PtvuNc5EImfSkuPBYLBslNxtjbBvAYgacEdY+gRhn2TeIUApnND58lCWsKbNHLFZ
|
||||
ajIPbTY+Fe9OTOFTN48ujXNn
|
||||
-----END PRIVATE KEY-----`)
|
||||
|
||||
func TestConflictingConfig(t *testing.T) {
|
||||
dialerManager := NewDialerManager(nil)
|
||||
|
||||
dynamicConf := map[string]*dynamic.TCPServersTransport{
|
||||
"test": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
ServerName: "foobar",
|
||||
Spiffe: &dynamic.Spiffe{},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
dialerManager.Update(dynamicConf)
|
||||
|
||||
_, err := dialerManager.Get("test", false)
|
||||
require.Error(t, err)
|
||||
}
|
||||
|
||||
func TestNoTLS(t *testing.T) {
|
||||
backendListener, err := net.Listen("tcp", ":0")
|
||||
require.NoError(t, err)
|
||||
defer backendListener.Close()
|
||||
|
||||
go fakeRedis(t, backendListener)
|
||||
|
||||
_, port, err := net.SplitHostPort(backendListener.Addr().String())
|
||||
require.NoError(t, err)
|
||||
|
||||
dialerManager := NewDialerManager(nil)
|
||||
|
||||
dynamicConf := map[string]*dynamic.TCPServersTransport{
|
||||
"test": {
|
||||
TLS: &dynamic.TLSClientConfig{},
|
||||
},
|
||||
}
|
||||
|
||||
dialerManager.Update(dynamicConf)
|
||||
|
||||
dialer, err := dialerManager.Get("test", false)
|
||||
require.NoError(t, err)
|
||||
|
||||
conn, err := dialer.Dial("tcp", ":"+port)
|
||||
require.NoError(t, err)
|
||||
|
||||
_, err = conn.Write([]byte("ping\n"))
|
||||
require.NoError(t, err)
|
||||
|
||||
buf := make([]byte, 64)
|
||||
n, err := conn.Read(buf)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, 4, n)
|
||||
assert.Equal(t, "PONG", string(buf[:4]))
|
||||
|
||||
err = conn.Close()
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestTLS(t *testing.T) {
|
||||
cert, err := tls.X509KeyPair(LocalhostCert, LocalhostKey)
|
||||
require.NoError(t, err)
|
||||
|
||||
backendListener, err := net.Listen("tcp", ":0")
|
||||
require.NoError(t, err)
|
||||
defer backendListener.Close()
|
||||
|
||||
tlsListener := tls.NewListener(backendListener, &tls.Config{Certificates: []tls.Certificate{cert}})
|
||||
defer tlsListener.Close()
|
||||
|
||||
go fakeRedis(t, tlsListener)
|
||||
|
||||
_, port, err := net.SplitHostPort(tlsListener.Addr().String())
|
||||
require.NoError(t, err)
|
||||
|
||||
dialerManager := NewDialerManager(nil)
|
||||
|
||||
dynamicConf := map[string]*dynamic.TCPServersTransport{
|
||||
"test": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
ServerName: "example.com",
|
||||
RootCAs: []traefiktls.FileOrContent{traefiktls.FileOrContent(LocalhostCert)},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
dialerManager.Update(dynamicConf)
|
||||
|
||||
dialer, err := dialerManager.Get("test", true)
|
||||
require.NoError(t, err)
|
||||
|
||||
conn, err := dialer.Dial("tcp", ":"+port)
|
||||
require.NoError(t, err)
|
||||
|
||||
_, err = conn.Write([]byte("ping\n"))
|
||||
require.NoError(t, err)
|
||||
|
||||
err = conn.(*tls.Conn).CloseWrite()
|
||||
require.NoError(t, err)
|
||||
|
||||
var buf []byte
|
||||
buffer := bytes.NewBuffer(buf)
|
||||
n, err := io.Copy(buffer, conn)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, int64(4), n)
|
||||
assert.Equal(t, "PONG", buffer.String())
|
||||
}
|
||||
|
||||
func TestTLSWithInsecureSkipVerify(t *testing.T) {
|
||||
cert, err := tls.X509KeyPair(LocalhostCert, LocalhostKey)
|
||||
require.NoError(t, err)
|
||||
|
||||
backendListener, err := net.Listen("tcp", ":0")
|
||||
require.NoError(t, err)
|
||||
defer backendListener.Close()
|
||||
|
||||
tlsListener := tls.NewListener(backendListener, &tls.Config{Certificates: []tls.Certificate{cert}})
|
||||
defer tlsListener.Close()
|
||||
|
||||
go fakeRedis(t, tlsListener)
|
||||
|
||||
_, port, err := net.SplitHostPort(tlsListener.Addr().String())
|
||||
require.NoError(t, err)
|
||||
|
||||
dialerManager := NewDialerManager(nil)
|
||||
|
||||
dynamicConf := map[string]*dynamic.TCPServersTransport{
|
||||
"test": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
ServerName: "bad-domain.com",
|
||||
RootCAs: []traefiktls.FileOrContent{traefiktls.FileOrContent(LocalhostCert)},
|
||||
InsecureSkipVerify: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
dialerManager.Update(dynamicConf)
|
||||
|
||||
dialer, err := dialerManager.Get("test", true)
|
||||
require.NoError(t, err)
|
||||
|
||||
conn, err := dialer.Dial("tcp", ":"+port)
|
||||
require.NoError(t, err)
|
||||
|
||||
_, err = conn.Write([]byte("ping\n"))
|
||||
require.NoError(t, err)
|
||||
|
||||
err = conn.(*tls.Conn).CloseWrite()
|
||||
require.NoError(t, err)
|
||||
|
||||
var buf []byte
|
||||
buffer := bytes.NewBuffer(buf)
|
||||
n, err := io.Copy(buffer, conn)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, int64(4), n)
|
||||
assert.Equal(t, "PONG", buffer.String())
|
||||
}
|
||||
|
||||
func TestMTLS(t *testing.T) {
|
||||
cert, err := tls.X509KeyPair(LocalhostCert, LocalhostKey)
|
||||
require.NoError(t, err)
|
||||
|
||||
clientPool := x509.NewCertPool()
|
||||
clientPool.AppendCertsFromPEM(mTLSCert)
|
||||
|
||||
backendListener, err := net.Listen("tcp", ":0")
|
||||
require.NoError(t, err)
|
||||
defer backendListener.Close()
|
||||
|
||||
tlsListener := tls.NewListener(backendListener, &tls.Config{
|
||||
// For TLS
|
||||
Certificates: []tls.Certificate{cert},
|
||||
|
||||
// For mTLS
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
ClientCAs: clientPool,
|
||||
})
|
||||
defer tlsListener.Close()
|
||||
|
||||
go fakeRedis(t, tlsListener)
|
||||
|
||||
_, port, err := net.SplitHostPort(tlsListener.Addr().String())
|
||||
require.NoError(t, err)
|
||||
|
||||
dialerManager := NewDialerManager(nil)
|
||||
|
||||
dynamicConf := map[string]*dynamic.TCPServersTransport{
|
||||
"test": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
ServerName: "example.com",
|
||||
// For TLS
|
||||
RootCAs: []traefiktls.FileOrContent{traefiktls.FileOrContent(LocalhostCert)},
|
||||
|
||||
// For mTLS
|
||||
Certificates: traefiktls.Certificates{
|
||||
traefiktls.Certificate{
|
||||
CertFile: traefiktls.FileOrContent(mTLSCert),
|
||||
KeyFile: traefiktls.FileOrContent(mTLSKey),
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
dialerManager.Update(dynamicConf)
|
||||
|
||||
dialer, err := dialerManager.Get("test", true)
|
||||
require.NoError(t, err)
|
||||
|
||||
conn, err := dialer.Dial("tcp", ":"+port)
|
||||
require.NoError(t, err)
|
||||
|
||||
_, err = conn.Write([]byte("ping\n"))
|
||||
require.NoError(t, err)
|
||||
|
||||
err = conn.(*tls.Conn).CloseWrite()
|
||||
require.NoError(t, err)
|
||||
|
||||
var buf []byte
|
||||
buffer := bytes.NewBuffer(buf)
|
||||
n, err := io.Copy(buffer, conn)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, int64(4), n)
|
||||
assert.Equal(t, "PONG", buffer.String())
|
||||
}
|
||||
|
||||
func TestSpiffeMTLS(t *testing.T) {
|
||||
backendListener, err := net.Listen("tcp", ":0")
|
||||
require.NoError(t, err)
|
||||
defer backendListener.Close()
|
||||
|
||||
trustDomain := spiffeid.RequireTrustDomainFromString("spiffe://traefik.test")
|
||||
|
||||
pki := newFakeSpiffePKI(t, trustDomain)
|
||||
|
||||
serverSVID := pki.genSVID(t, spiffeid.RequireFromPath(trustDomain, "/server"))
|
||||
require.NoError(t, err)
|
||||
|
||||
serverSource := fakeSpiffeSource{
|
||||
svid: serverSVID,
|
||||
bundle: pki.bundle,
|
||||
}
|
||||
|
||||
// go-spiffe's `tlsconfig.MTLSServerConfig` (that should be used here) does not set a certificate on
|
||||
// the returned `tls.Config` and relies instead on `GetCertificate` being always called.
|
||||
// But it turns out that `StartTLS` from `httptest.Server`, enforces a default certificate
|
||||
// if no certificate is previously set on the configured TLS config.
|
||||
// It makes the test server always serve the httptest default certificate, and not the SPIFFE certificate,
|
||||
// as GetCertificate is in that case never called (there's a default cert, and SNI is not used).
|
||||
// To bypass this issue, we're manually extracting the server ceritificate from the server SVID
|
||||
// and use another initialization method that forces serving the server SPIFFE certificate.
|
||||
serverCert, err := tlsconfig.GetCertificate(&serverSource)(nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsListener := tls.NewListener(backendListener, tlsconfig.MTLSWebServerConfig(
|
||||
serverCert,
|
||||
&serverSource,
|
||||
tlsconfig.AuthorizeAny(),
|
||||
))
|
||||
defer tlsListener.Close()
|
||||
|
||||
_, port, err := net.SplitHostPort(tlsListener.Addr().String())
|
||||
require.NoError(t, err)
|
||||
|
||||
clientSVID := pki.genSVID(t, spiffeid.RequireFromPath(trustDomain, "/client"))
|
||||
|
||||
clientSource := fakeSpiffeSource{
|
||||
svid: clientSVID,
|
||||
bundle: pki.bundle,
|
||||
}
|
||||
|
||||
testCases := []struct {
|
||||
desc string
|
||||
config dynamic.Spiffe
|
||||
clientSource SpiffeX509Source
|
||||
wantError bool
|
||||
}{
|
||||
{
|
||||
desc: "supports SPIFFE mTLS",
|
||||
config: dynamic.Spiffe{},
|
||||
clientSource: &clientSource,
|
||||
},
|
||||
{
|
||||
desc: "allows expected server SPIFFE ID",
|
||||
config: dynamic.Spiffe{
|
||||
IDs: []string{"spiffe://traefik.test/server"},
|
||||
},
|
||||
clientSource: &clientSource,
|
||||
},
|
||||
{
|
||||
desc: "blocks unexpected server SPIFFE ID",
|
||||
config: dynamic.Spiffe{
|
||||
IDs: []string{"spiffe://traefik.test/not-server"},
|
||||
},
|
||||
clientSource: &clientSource,
|
||||
wantError: true,
|
||||
},
|
||||
{
|
||||
desc: "allows expected server trust domain",
|
||||
config: dynamic.Spiffe{
|
||||
TrustDomain: "spiffe://traefik.test",
|
||||
},
|
||||
clientSource: &clientSource,
|
||||
},
|
||||
{
|
||||
desc: "denies unexpected server trust domain",
|
||||
config: dynamic.Spiffe{
|
||||
TrustDomain: "spiffe://not-traefik.test",
|
||||
},
|
||||
clientSource: &clientSource,
|
||||
wantError: true,
|
||||
},
|
||||
{
|
||||
desc: "spiffe IDs allowlist takes precedence",
|
||||
config: dynamic.Spiffe{
|
||||
IDs: []string{"spiffe://traefik.test/not-server"},
|
||||
TrustDomain: "spiffe://not-traefik.test",
|
||||
},
|
||||
clientSource: &clientSource,
|
||||
wantError: true,
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range testCases {
|
||||
t.Run(test.desc, func(t *testing.T) {
|
||||
go fakeRedis(t, tlsListener)
|
||||
|
||||
dialerManager := NewDialerManager(test.clientSource)
|
||||
|
||||
dynamicConf := map[string]*dynamic.TCPServersTransport{
|
||||
"test": {
|
||||
TLS: &dynamic.TLSClientConfig{
|
||||
Spiffe: &test.config,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
dialerManager.Update(dynamicConf)
|
||||
|
||||
dialer, err := dialerManager.Get("test", true)
|
||||
require.NoError(t, err)
|
||||
|
||||
conn, err := dialer.Dial("tcp", ":"+port)
|
||||
|
||||
if test.wantError {
|
||||
require.Error(t, err)
|
||||
return
|
||||
}
|
||||
|
||||
require.NoError(t, err)
|
||||
|
||||
_, err = conn.Write([]byte("ping\n"))
|
||||
require.NoError(t, err)
|
||||
|
||||
err = conn.(*tls.Conn).CloseWrite()
|
||||
require.NoError(t, err)
|
||||
|
||||
var buf []byte
|
||||
buffer := bytes.NewBuffer(buf)
|
||||
n, err := io.Copy(buffer, conn)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, int64(4), n)
|
||||
assert.Equal(t, "PONG", buffer.String())
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// fakeSpiffePKI simulates a SPIFFE aware PKI and allows generating multiple valid SVIDs.
|
||||
type fakeSpiffePKI struct {
|
||||
caPrivateKey *rsa.PrivateKey
|
||||
|
||||
bundle *x509bundle.Bundle
|
||||
}
|
||||
|
||||
func newFakeSpiffePKI(t *testing.T, trustDomain spiffeid.TrustDomain) fakeSpiffePKI {
|
||||
t.Helper()
|
||||
|
||||
caPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048)
|
||||
require.NoError(t, err)
|
||||
|
||||
caTemplate := x509.Certificate{
|
||||
SerialNumber: big.NewInt(2000),
|
||||
Subject: pkix.Name{
|
||||
Organization: []string{"spiffe"},
|
||||
},
|
||||
URIs: []*url.URL{spiffeid.RequireFromPath(trustDomain, "/ca").URL()},
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().Add(time.Hour),
|
||||
SubjectKeyId: []byte("ca"),
|
||||
KeyUsage: x509.KeyUsageCertSign |
|
||||
x509.KeyUsageCRLSign,
|
||||
BasicConstraintsValid: true,
|
||||
IsCA: true,
|
||||
PublicKey: caPrivateKey.Public(),
|
||||
}
|
||||
|
||||
caCertDER, err := x509.CreateCertificate(
|
||||
rand.Reader,
|
||||
&caTemplate,
|
||||
&caTemplate,
|
||||
caPrivateKey.Public(),
|
||||
caPrivateKey,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
bundle, err := x509bundle.ParseRaw(
|
||||
trustDomain,
|
||||
caCertDER,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
return fakeSpiffePKI{
|
||||
bundle: bundle,
|
||||
caPrivateKey: caPrivateKey,
|
||||
}
|
||||
}
|
||||
|
||||
func (f *fakeSpiffePKI) genSVID(t *testing.T, id spiffeid.ID) *x509svid.SVID {
|
||||
t.Helper()
|
||||
|
||||
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
|
||||
require.NoError(t, err)
|
||||
|
||||
template := x509.Certificate{
|
||||
SerialNumber: big.NewInt(200001),
|
||||
URIs: []*url.URL{id.URL()},
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().Add(time.Hour),
|
||||
SubjectKeyId: []byte("svid"),
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment |
|
||||
x509.KeyUsageKeyAgreement |
|
||||
x509.KeyUsageDigitalSignature,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{
|
||||
x509.ExtKeyUsageServerAuth,
|
||||
x509.ExtKeyUsageClientAuth,
|
||||
},
|
||||
BasicConstraintsValid: true,
|
||||
PublicKey: privateKey.PublicKey,
|
||||
IPAddresses: []net.IP{net.ParseIP("127.0.0.1")},
|
||||
}
|
||||
|
||||
certDER, err := x509.CreateCertificate(
|
||||
rand.Reader,
|
||||
&template,
|
||||
f.bundle.X509Authorities()[0],
|
||||
privateKey.Public(),
|
||||
f.caPrivateKey,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
keyPKCS8, err := x509.MarshalPKCS8PrivateKey(privateKey)
|
||||
require.NoError(t, err)
|
||||
|
||||
svid, err := x509svid.ParseRaw(certDER, keyPKCS8)
|
||||
require.NoError(t, err)
|
||||
|
||||
return svid
|
||||
}
|
||||
|
||||
// fakeSpiffeSource allows retrieving staticly an SVID and its associated bundle.
|
||||
type fakeSpiffeSource struct {
|
||||
bundle *x509bundle.Bundle
|
||||
svid *x509svid.SVID
|
||||
}
|
||||
|
||||
func (s *fakeSpiffeSource) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*x509bundle.Bundle, error) {
|
||||
return s.bundle, nil
|
||||
}
|
||||
|
||||
func (s *fakeSpiffeSource) GetX509SVID() (*x509svid.SVID, error) {
|
||||
return s.svid, nil
|
||||
}
|
|
@ -16,39 +16,29 @@ import (
|
|||
// Proxy forwards a TCP request to a TCP service.
|
||||
type Proxy struct {
|
||||
address string
|
||||
tcpAddr *net.TCPAddr
|
||||
terminationDelay time.Duration
|
||||
proxyProtocol *dynamic.ProxyProtocol
|
||||
dialer Dialer
|
||||
}
|
||||
|
||||
// NewProxy creates a new Proxy.
|
||||
func NewProxy(address string, terminationDelay time.Duration, proxyProtocol *dynamic.ProxyProtocol) (*Proxy, error) {
|
||||
func NewProxy(address string, proxyProtocol *dynamic.ProxyProtocol, dialer Dialer) (*Proxy, error) {
|
||||
if proxyProtocol != nil && (proxyProtocol.Version < 1 || proxyProtocol.Version > 2) {
|
||||
return nil, fmt.Errorf("unknown proxyProtocol version: %d", proxyProtocol.Version)
|
||||
}
|
||||
|
||||
// Creates the tcpAddr only for IP based addresses,
|
||||
// because there is no need to resolve the name on every new connection,
|
||||
// and building it should happen once.
|
||||
var tcpAddr *net.TCPAddr
|
||||
if host, _, err := net.SplitHostPort(address); err == nil && net.ParseIP(host) != nil {
|
||||
tcpAddr, err = net.ResolveTCPAddr("tcp", address)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return &Proxy{
|
||||
address: address,
|
||||
tcpAddr: tcpAddr,
|
||||
terminationDelay: terminationDelay,
|
||||
proxyProtocol: proxyProtocol,
|
||||
dialer: dialer,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// ServeTCP forwards the connection to a service.
|
||||
func (p *Proxy) ServeTCP(conn WriteCloser) {
|
||||
log.Debug().Msgf("Handling connection from %s to %s", conn.RemoteAddr(), p.address)
|
||||
log.Debug().
|
||||
Str("address", p.address).
|
||||
Str("remoteAddr", conn.RemoteAddr().String()).
|
||||
Msg("Handling connection")
|
||||
|
||||
// needed because of e.g. server.trackedConnection
|
||||
defer conn.Close()
|
||||
|
@ -89,21 +79,13 @@ func (p *Proxy) ServeTCP(conn WriteCloser) {
|
|||
<-errChan
|
||||
}
|
||||
|
||||
func (p Proxy) dialBackend() (*net.TCPConn, error) {
|
||||
// Dial using directly the TCPAddr for IP based addresses.
|
||||
if p.tcpAddr != nil {
|
||||
return net.DialTCP("tcp", nil, p.tcpAddr)
|
||||
}
|
||||
|
||||
log.Debug().Msgf("Dial with lookup to address %s", p.address)
|
||||
|
||||
// Dial with DNS lookup for host based addresses.
|
||||
conn, err := net.Dial("tcp", p.address)
|
||||
func (p Proxy) dialBackend() (WriteCloser, error) {
|
||||
conn, err := p.dialer.Dial("tcp", p.address)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return conn.(*net.TCPConn), nil
|
||||
return conn.(WriteCloser), nil
|
||||
}
|
||||
|
||||
func (p Proxy) connCopy(dst, src WriteCloser, errCh chan error) {
|
||||
|
@ -125,8 +107,8 @@ func (p Proxy) connCopy(dst, src WriteCloser, errCh chan error) {
|
|||
return
|
||||
}
|
||||
|
||||
if p.terminationDelay >= 0 {
|
||||
err := dst.SetReadDeadline(time.Now().Add(p.terminationDelay))
|
||||
if p.dialer.TerminationDelay() >= 0 {
|
||||
err := dst.SetReadDeadline(time.Now().Add(p.dialer.TerminationDelay()))
|
||||
if err != nil {
|
||||
log.Debug().Err(err).Msg("Error while setting deadline")
|
||||
}
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue