diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 27b19b5e4..6f73e85ec 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -6,7 +6,7 @@ on: - '*' env: - GO_VERSION: '1.21' + GO_VERSION: '1.22' CGO_ENABLED: 0 jobs: diff --git a/.github/workflows/experimental.yaml b/.github/workflows/experimental.yaml index 489401f50..bced49ca8 100644 --- a/.github/workflows/experimental.yaml +++ b/.github/workflows/experimental.yaml @@ -7,7 +7,7 @@ on: - v* env: - GO_VERSION: '1.21' + GO_VERSION: '1.22' CGO_ENABLED: 0 jobs: diff --git a/.github/workflows/test-integration.yaml b/.github/workflows/test-integration.yaml index 5155fa78f..0c93c03c2 100644 --- a/.github/workflows/test-integration.yaml +++ b/.github/workflows/test-integration.yaml @@ -9,7 +9,7 @@ on: - 'gh-actions' env: - GO_VERSION: '1.21' + GO_VERSION: '1.22' CGO_ENABLED: 0 jobs: diff --git a/.github/workflows/test-unit.yaml b/.github/workflows/test-unit.yaml index 0ab4ab0a5..c23db68c3 100644 --- a/.github/workflows/test-unit.yaml +++ b/.github/workflows/test-unit.yaml @@ -6,7 +6,7 @@ on: - '*' env: - GO_VERSION: '1.21' + GO_VERSION: '1.22' jobs: diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml index a05fed052..82570d790 100644 --- a/.github/workflows/validate.yaml +++ b/.github/workflows/validate.yaml @@ -6,8 +6,8 @@ on: - '*' env: - GO_VERSION: '1.21' - GOLANGCI_LINT_VERSION: v1.55.2 + GO_VERSION: '1.22' + GOLANGCI_LINT_VERSION: v1.56.0 MISSSPELL_VERSION: v0.4.1 jobs: diff --git a/.golangci.yml b/.golangci.yml index 22251b6c5..b8a1ceaaa 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -152,17 +152,10 @@ linters-settings: - github.com/jaguilar/vt100 - github.com/cucumber/godog testifylint: - enable: - - bool-compare - - compares - - empty - - error-is-as - - error-nil - - expected-actual - - float-compare - - len - - suite-extra-assert-call - - suite-thelper + disable: + - suite-dont-use-pkg + - require-error + - go-require linters: enable-all: true @@ -218,7 +211,7 @@ linters: issues: exclude-use-default: false - max-per-linter: 0 + max-issues-per-linter: 0 max-same-issues: 0 exclude: - 'Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked' @@ -232,6 +225,7 @@ issues: - 'SA1019: c.Providers.ConsulCatalog.Namespace is deprecated' - 'SA1019: c.Providers.Consul.Namespace is deprecated' - 'SA1019: c.Providers.Nomad.Namespace is deprecated' + - 'fmt.Sprintf can be replaced with string addition' exclude-rules: - path: '(.+)_test.go' linters: diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml index fa47df889..5bbb5bf57 100644 --- a/.semaphore/semaphore.yml +++ b/.semaphore/semaphore.yml @@ -19,13 +19,13 @@ global_job_config: prologue: commands: - curl -sSfL https://raw.githubusercontent.com/ldez/semgo/master/godownloader.sh | sudo sh -s -- -b "/usr/local/bin" - - sudo semgo go1.21 + - sudo semgo go1.22 - export "GOPATH=$(go env GOPATH)" - export "SEMAPHORE_GIT_DIR=${GOPATH}/src/github.com/traefik/${SEMAPHORE_PROJECT_NAME}" - export "PATH=${GOPATH}/bin:${PATH}" - mkdir -vp "${SEMAPHORE_GIT_DIR}" "${GOPATH}/bin" - export GOPROXY=https://proxy.golang.org,direct - - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.55.2 + - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.56.0 - curl -sSfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | bash -s -- -b "${GOPATH}/bin" - checkout - cache restore traefik-$(checksum go.sum) diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index 9fc05c38f..556bad2d0 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -533,3 +533,30 @@ In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowL ### IPWhiteList (TCP) In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowList](../middlewares/tcp/ipallowlist.md) middleware instead. + +### TLS CipherSuites + +> By default, cipher suites without ECDHE support are no longer offered by either clients or servers during pre-TLS 1.3 handshakes. +> This change can be reverted with the `tlsrsakex=1 GODEBUG` setting. +> (https://go.dev/doc/go1.22#crypto/tls) + +The _RSA key exchange_ cipher suites are way less secure than the modern ECDHE cipher suites and exposes to potential vulnerabilities like [the Marvin Attack](https://people.redhat.com/~hkario/marvin). +Decision has been made to support ECDHE cipher suites only by default. + +The following ciphers have been removed from the default list: + +- `TLS_RSA_WITH_AES_128_CBC_SHA` +- `TLS_RSA_WITH_AES_256_CBC_SHA` +- `TLS_RSA_WITH_AES_128_GCM_SHA256` +- `TLS_RSA_WITH_AES_256_GCM_SHA384` + +To enable these ciphers, please set the option `CipherSuites` in your [TLS configuration](https://doc.traefik.io/traefik/https/tls/#cipher-suites) or set the environment variable `GODEBUG=tlsrsakex=1`. + +### Minimum TLS Version + +> By default, the minimum version offered by `crypto/tls` servers is now TLS 1.2 if not specified with config.MinimumVersion, +> matching the behavior of crypto/tls clients. +> This change can be reverted with the `tls10server=1 GODEBUG` setting. +> (https://go.dev/doc/go1.22#crypto/tls) + +To enable TLS 1.0, please set the option `MinVersion` to `VersionTLS10` in your [TLS configuration](https://doc.traefik.io/traefik/https/tls/#cipher-suites) or set the environment variable `GODEBUG=tls10server=1`. diff --git a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml index d92afbe86..85ff27f7e 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutes.traefik.io spec: group: traefik.io @@ -20,14 +20,19 @@ spec: description: IngressRoute is the CRD implementation of a Traefik HTTP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteSpec defines the desired state of IngressRoute. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -48,17 +54,21 @@ spec: description: Route holds the HTTP route configuration. properties: kind: - description: Kind defines the kind of the route. Rule is the - only supported kind. + description: |- + Kind defines the kind of the route. + Rule is the only supported kind. enum: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule type: string middlewares: - description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' + description: |- + Middlewares defines the list of references to Middleware resources. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware items: description: MiddlewareRef is a reference to a Middleware resource. @@ -76,13 +86,14 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority type: integer services: - description: Services defines the list of Service. It can contain - any combination of TraefikService and/or reference to a Kubernetes - Service. + description: |- + Services defines the list of Service. + It can contain any combination of TraefikService and/or reference to a Kubernetes Service. items: description: Service defines an upstream HTTP service to proxy traffic to. @@ -94,31 +105,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client - Host header is forwarded to the upstream Kubernetes - Service. By default, passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -127,30 +139,29 @@ spec: the client. properties: flushInterval: - description: 'FlushInterval defines the interval, - in milliseconds, in between flushes to the client - while copying the response body. A negative value - means to flush immediately after each write to the - client. This configuration is ignored when ReverseProxy - recognizes a response as a streaming response; for - such responses, writes are flushed to the client - immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the - request to the upstream Kubernetes Service. It defaults - to https when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -164,8 +175,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie @@ -175,15 +187,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only - be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round - Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -195,16 +206,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' + description: |- + TLS defines the TLS configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -220,17 +235,20 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: - description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Namespace defines the namespace of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string required: - name @@ -240,17 +258,19 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: - description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Namespace defines the namespace of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string required: - name @@ -270,7 +290,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutetcps.traefik.io spec: group: traefik.io @@ -287,14 +307,19 @@ spec: description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -302,10 +327,11 @@ spec: description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -315,7 +341,9 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -337,8 +365,9 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 type: integer services: description: Services defines the list of TCP services. @@ -355,22 +384,24 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true proxyProtocol: - description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' + description: |- + ProxyProtocol defines the PROXY protocol configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol properties: version: description: Version defines the PROXY Protocol version @@ -378,13 +409,12 @@ spec: type: integer type: object terminationDelay: - description: TerminationDelay defines the deadline that - the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, - to close the reading capability as well, hence fully - terminating the connection. It is a duration in milliseconds, - defaulting to 100. A negative value means an infinite - deadline (i.e. the reading capability is never closed). + description: |- + TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, to close the reading capability as well, + hence fully terminating the connection. + It is a duration in milliseconds, defaulting to 100. + A negative value means an infinite deadline (i.e. the reading capability is never closed). type: integer weight: description: Weight defines the weight used when balancing @@ -400,17 +430,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' + description: |- + TLS defines the TLS configuration on a layer 4 / TCP Route. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -426,9 +459,10 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik @@ -450,9 +484,9 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: description: Name defines the name of the referenced Traefik @@ -480,7 +514,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressrouteudps.traefik.io spec: group: traefik.io @@ -497,14 +531,19 @@ spec: description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -512,10 +551,11 @@ spec: description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -539,17 +579,18 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true weight: @@ -577,7 +618,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewares.traefik.io spec: group: traefik.io @@ -591,18 +632,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' + description: |- + Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -610,33 +657,37 @@ spec: description: MiddlewareSpec defines the desired state of a Middleware. properties: addPrefix: - description: 'AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' + description: |- + AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding it. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ properties: prefix: - description: Prefix is the string to add before the current path - in the requested URL. It should include a leading slash (/). + description: |- + Prefix is the string to add before the current path in the requested URL. + It should include a leading slash (/). type: string type: object basicAuth: - description: 'BasicAuth holds the basic auth middleware configuration. + description: |- + BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: - description: 'RemoveHeader sets the removeHeader option to true - to remove the authorization header before forwarding the request - to your service. Default: false.' + description: |- + RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. + Default: false. type: boolean secret: description: Secret is the name of the referenced Kubernetes Secret @@ -644,48 +695,49 @@ spec: type: string type: object buffering: - description: 'Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' + description: |- + Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can be forwarded to backends. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: - description: 'MaxRequestBodyBytes defines the maximum allowed - body size for the request (in bytes). If the request exceeds - the allowed size, it is not forwarded to the service, and the - client gets a 413 (Request Entity Too Large) response. Default: - 0 (no maximum).' + description: |- + MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). + If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. + Default: 0 (no maximum). format: int64 type: integer maxResponseBodyBytes: - description: 'MaxResponseBodyBytes defines the maximum allowed - response size from the service (in bytes). If the response exceeds - the allowed size, it is not forwarded to the client. The client - gets a 500 (Internal Server Error) response instead. Default: - 0 (no maximum).' + description: |- + MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). + If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. + Default: 0 (no maximum). format: int64 type: integer memRequestBodyBytes: - description: 'MemRequestBodyBytes defines the threshold (in bytes) - from which the request will be buffered on disk instead of in - memory. Default: 1048576 (1Mi).' + description: |- + MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer memResponseBodyBytes: - description: 'MemResponseBodyBytes defines the threshold (in bytes) - from which the response will be buffered on disk instead of - in memory. Default: 1048576 (1Mi).' + description: |- + MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer retryExpression: - description: 'RetryExpression defines the retry conditions. It - is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' + description: |- + RetryExpression defines the retry conditions. + It is a logical combination of functions with operators AND (&&) and OR (||). + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression type: string type: object chain: - description: 'Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' + description: |- + Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other pieces of middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -737,9 +789,10 @@ spec: x-kubernetes-int-or-string: true type: object compress: - description: 'Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' + description: |- + Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the client, using gzip compression. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -749,40 +802,40 @@ spec: type: string type: array minResponseBodyBytes: - description: 'MinResponseBodyBytes defines the minimum amount - of bytes a response body must have to be compressed. Default: - 1024.' + description: |- + MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. + Default: 1024. type: integer type: object contentType: - description: ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least - the default one can be changed in a future version. + description: |- + ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. properties: autoDetect: - description: AutoDetect specifies whether to let the `Content-Type` - header, if it has not been set by the backend, be automatically - set to a value derived from the contents of the response. As - a proxy, the default behavior should be to leave the header - alone, regardless of what the backend did with it. However, - the historic default was to always auto-detect and set the header - if it was nil, and it is going to be kept that way in order - to support users currently relying on it. + description: |- + AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, + be automatically set to a value derived from the contents of the response. + As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it. + However, the historic default was to always auto-detect and set the header if it was nil, + and it is going to be kept that way in order to support users currently relying on it. type: boolean type: object digestAuth: - description: 'DigestAuth holds the digest auth middleware configuration. + description: |- + DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: description: RemoveHeader defines whether to remove the authorization @@ -794,18 +847,20 @@ spec: type: string type: object errors: - description: 'ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' + description: |- + ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ properties: query: - description: Query defines the URL for the error page (hosted - by service). The {status} variable can be used in order to insert - the status code in the URL. + description: |- + Query defines the URL for the error page (hosted by service). + The {status} variable can be used in order to insert the status code in the URL. type: string service: - description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' + description: |- + Service defines the reference to a Kubernetes Service that will serve the error page. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service properties: kind: description: Kind defines the kind of the Service. @@ -814,31 +869,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the - two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if - the only child is the Kubernetes Service clusterIP. The - Kubernetes Service itself does load-balance to the pods. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -847,29 +903,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming - response; for such responses, writes are flushed to - the client immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes - Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -882,8 +938,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -893,40 +950,42 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported value - at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object (and - to be precise, one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name type: object status: - description: Status defines which status or range of statuses - should result in an error page. It can be either a status code - as a number (500), as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), or - a combination of the two (404,418,500-599). + description: |- + Status defines which status or range of statuses should result in an error page. + It can be either a status code as a number (500), + as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), + or a combination of the two (404,418,500-599). items: type: string type: array type: object forwardAuth: - description: 'ForwardAuth holds the forward auth middleware configuration. + description: |- + ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ properties: address: description: Address defines the authentication server address. type: string authRequestHeaders: - description: AuthRequestHeaders defines the list of the headers - to copy from the request to the authentication server. If not - set or empty then all request headers are passed. + description: |- + AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. + If not set or empty then all request headers are passed. items: type: string type: array @@ -938,10 +997,9 @@ spec: type: string type: array authResponseHeadersRegex: - description: 'AuthResponseHeadersRegex defines the regex to match - headers to copy from the authentication server response and - set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' + description: |- + AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex type: string tls: description: TLS defines the configuration used to secure the @@ -950,14 +1008,14 @@ spec: caOptional: type: boolean caSecret: - description: CASecret is the name of the referenced Kubernetes - Secret containing the CA to validate the server certificate. + description: |- + CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. The CA certificate is extracted from key `tls.ca` or `ca.crt`. type: string certSecret: - description: CertSecret is the name of the referenced Kubernetes - Secret containing the client certificate. The client certificate - is extracted from the keys `tls.crt` and `tls.key`. + description: |- + CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. + The client certificate is extracted from the keys `tls.crt` and `tls.key`. type: string insecureSkipVerify: description: InsecureSkipVerify defines whether the server @@ -970,9 +1028,10 @@ spec: type: boolean type: object headers: - description: 'Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' + description: |- + Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -1037,12 +1096,14 @@ spec: header with the nosniff value. type: boolean customBrowserXSSValue: - description: CustomBrowserXSSValue defines the X-XSS-Protection - header value. This overrides the BrowserXssFilter option. + description: |- + CustomBrowserXSSValue defines the X-XSS-Protection header value. + This overrides the BrowserXssFilter option. type: string customFrameOptionsValue: - description: CustomFrameOptionsValue defines the X-Frame-Options - header value. This overrides the FrameDeny option. + description: |- + CustomFrameOptionsValue defines the X-Frame-Options header value. + This overrides the FrameDeny option. type: string customRequestHeaders: additionalProperties: @@ -1074,25 +1135,25 @@ spec: type: string type: array isDevelopment: - description: IsDevelopment defines whether to mitigate the unwanted - effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, - not your production domain. If you would like your development - environment to mimic production with complete Host blocking, - SSL redirects, and STS headers, leave this as false. + description: |- + IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. + If you would like your development environment to mimic production with complete Host blocking, SSL redirects, + and STS headers, leave this as false. type: boolean permissionsPolicy: - description: PermissionsPolicy defines the Permissions-Policy - header value. This allows sites to control browser features. + description: |- + PermissionsPolicy defines the Permissions-Policy header value. + This allows sites to control browser features. type: string publicKey: description: PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates. type: string referrerPolicy: - description: ReferrerPolicy defines the Referrer-Policy header - value. This allows sites to control whether browsers forward - the Referer header to other sites. + description: |- + ReferrerPolicy defines the Referrer-Policy header value. + This allows sites to control whether browsers forward the Referer header to other sites. type: string sslForceHost: description: 'Deprecated: use RedirectRegex instead.' @@ -1103,10 +1164,9 @@ spec: sslProxyHeaders: additionalProperties: type: string - description: 'SSLProxyHeaders defines the header keys with associated - values that would indicate a valid HTTPS request. It can be - useful when using other proxies (example: "X-Forwarded-Proto": - "https").' + description: |- + SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. + It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). type: object sslRedirect: description: 'Deprecated: use EntryPoint redirection or RedirectScheme @@ -1125,33 +1185,35 @@ spec: to the Strict-Transport-Security header. type: boolean stsSeconds: - description: STSSeconds defines the max-age of the Strict-Transport-Security - header. If set to 0, the header is not set. + description: |- + STSSeconds defines the max-age of the Strict-Transport-Security header. + If set to 0, the header is not set. format: int64 type: integer type: object inFlightReq: - description: 'InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' + description: |- + InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and served concurrently. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - in-flight request. The middleware responds with HTTP 429 Too - Many Requests if there are already amount requests in progress - (based on the same sourceCriterion strategy). + description: |- + Amount defines the maximum amount of allowed simultaneous in-flight request. + The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). format: int64 type: integer sourceCriterion: - description: 'SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1177,13 +1239,15 @@ spec: type: object type: object ipAllowList: - description: 'IPAllowList holds the IP allowlist middleware configuration. + description: |- + IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1205,14 +1269,16 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + description: |- + IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ - Deprecated: please use IPAllowList instead.' + Deprecated: please use IPAllowList instead. properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1234,9 +1300,10 @@ spec: type: array type: object passTLSClientCert: - description: 'PassTLSClientCert holds the pass TLS client cert middleware - configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' + description: |- + PassTLSClientCert holds the pass TLS client cert middleware configuration. + This middleware adds the selected data from the passed client TLS certificate to a header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details @@ -1337,46 +1404,48 @@ spec: plugin: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/' + description: |- + Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/ type: object rateLimit: - description: 'RateLimit holds the rate limit configuration. This middleware - ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' + description: |- + RateLimit holds the rate limit configuration. + This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ properties: average: - description: Average is the maximum rate, by default in requests/s, - allowed for the given source. It defaults to 0, which means - no rate limiting. The rate is actually defined by dividing Average - by Period. So for a rate below 1req/s, one needs to define a - Period larger than a second. + description: |- + Average is the maximum rate, by default in requests/s, allowed for the given source. + It defaults to 0, which means no rate limiting. + The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, + one needs to define a Period larger than a second. format: int64 type: integer burst: - description: Burst is the maximum number of requests allowed to - arrive in the same arbitrarily small period of time. It defaults - to 1. + description: |- + Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. + It defaults to 1. format: int64 type: integer period: anyOf: - type: integer - type: string - description: 'Period, in combination with Average, defines the - actual maximum rate, such as: r = Average / Period. It defaults - to a second.' + description: |- + Period, in combination with Average, defines the actual maximum rate, such as: + r = Average / Period. It defaults to a second. x-kubernetes-int-or-string: true sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote - address field (as an ipStrategy). + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote address field (as an ipStrategy). properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1402,9 +1471,10 @@ spec: type: object type: object redirectRegex: - description: 'RedirectRegex holds the redirect regex middleware configuration. + description: |- + RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1420,9 +1490,10 @@ spec: type: string type: object redirectScheme: - description: 'RedirectScheme holds the redirect scheme middleware - configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' + description: |- + RedirectScheme holds the redirect scheme middleware configuration. + This middleware redirects requests from a scheme/port to another. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1436,9 +1507,10 @@ spec: type: string type: object replacePath: - description: 'ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' + description: |- + ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the @@ -1446,9 +1518,10 @@ spec: type: string type: object replacePathRegex: - description: 'ReplacePathRegex holds the replace path regex middleware - configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' + description: |- + ReplacePathRegex holds the replace path regex middleware configuration. + This middleware replaces the path of a URL using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match @@ -1460,11 +1533,11 @@ spec: type: string type: object retry: - description: 'Retry holds the retry middleware configuration. This - middleware reissues requests a given number of times to a backend - server if that server does not reply. As soon as the server answers, - the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' + description: |- + Retry holds the retry middleware configuration. + This middleware reissues requests a given number of times to a backend server if that server does not reply. + As soon as the server answers, the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ properties: attempts: description: Attempts defines how many times the request should @@ -1474,22 +1547,24 @@ spec: anyOf: - type: integer - type: string - description: InitialInterval defines the first wait time in the - exponential backoff series. The maximum interval is calculated - as twice the initialInterval. If unspecified, requests will - be retried immediately. The value of initialInterval should - be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + description: |- + InitialInterval defines the first wait time in the exponential backoff series. + The maximum interval is calculated as twice the initialInterval. + If unspecified, requests will be retried immediately. + The value of initialInterval should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. x-kubernetes-int-or-string: true type: object stripPrefix: - description: 'StripPrefix holds the strip prefix middleware configuration. + description: |- + StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ properties: forceSlash: - description: 'ForceSlash ensures that the resulting stripped path - is not the empty string, by replacing it with / when necessary. - Default: true.' + description: |- + ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. + Default: true. type: boolean prefixes: description: Prefixes defines the prefixes to strip from the request @@ -1499,9 +1574,10 @@ spec: type: array type: object stripPrefixRegex: - description: 'StripPrefixRegex holds the strip prefix regex middleware - configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' + description: |- + StripPrefixRegex holds the strip prefix regex middleware configuration. + This middleware removes the matching prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the @@ -1522,7 +1598,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewaretcps.traefik.io spec: group: traefik.io @@ -1536,18 +1612,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' + description: |- + MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1558,16 +1640,17 @@ spec: description: InFlightConn defines the InFlightConn middleware configuration. properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - connections. The middleware closes the connection if there are - already amount connections opened. + description: |- + Amount defines the maximum amount of allowed simultaneous connections. + The middleware closes the connection if there are already amount connections opened. format: int64 type: integer type: object ipAllowList: - description: 'IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' + description: |- + IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1577,9 +1660,11 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' + description: |- + IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + Deprecated: please use IPAllowList instead. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1600,7 +1685,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: serverstransports.traefik.io spec: group: traefik.io @@ -1614,20 +1699,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'ServersTransport is the CRD implementation of a ServersTransport. + description: |- + ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1720,7 +1811,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsoptions.traefik.io spec: group: traefik.io @@ -1734,19 +1825,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSOption is the CRD implementation of a Traefik TLS Option, - allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1754,15 +1850,16 @@ spec: description: TLSOptionSpec defines the desired state of a TLSOption. properties: alpnProtocols: - description: 'ALPNProtocols defines the list of supported application - level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' + description: |- + ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols items: type: string type: array cipherSuites: - description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' + description: |- + CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites items: type: string type: array @@ -1788,26 +1885,29 @@ spec: type: array type: object curvePreferences: - description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' + description: |- + CurvePreferences defines the preferred elliptic curves in a specific order. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string type: array maxVersion: - description: 'MaxVersion defines the maximum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: None.' + description: |- + MaxVersion defines the maximum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: None. type: string minVersion: - description: 'MinVersion defines the minimum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: VersionTLS10.' + description: |- + MinVersion defines the minimum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: VersionTLS10. type: string preferServerCipherSuites: - description: 'PreferServerCipherSuites defines whether the server - chooses a cipher suite among his own instead of among the client''s. + description: |- + PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430' + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections @@ -1825,7 +1925,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsstores.traefik.io spec: group: traefik.io @@ -1839,20 +1939,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For - the time being, only the TLSStore named default is supported. This means - that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' + description: |- + TLSStore is the CRD implementation of a Traefik TLS Store. + For the time being, only the TLSStore named default is supported. + This means that you cannot have two stores that are named default in different Kubernetes namespaces. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1916,7 +2022,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: traefikservices.traefik.io spec: group: traefik.io @@ -1930,19 +2036,27 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' + description: |- + TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: + - Apply weight to Services on load-balancing + - Mirror traffic on services + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1959,10 +2073,10 @@ spec: - TraefikService type: string maxBodySize: - description: MaxBodySize defines the maximum size allowed for - the body of the request. If the body is larger, the request - is not mirrored. Default value is -1, which means unlimited - size. + description: |- + MaxBodySize defines the maximum size allowed for the body of the request. + If the body is larger, the request is not mirrored. + Default value is -1, which means unlimited size. format: int64 type: integer mirrors: @@ -1978,35 +2092,37 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean percent: - description: 'Percent defines the part of the traffic to - mirror. Supported values: 0 to 100.' + description: |- + Percent defines the part of the traffic to mirror. + Supported values: 0 to 100. type: integer port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -2015,30 +2131,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2051,8 +2166,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -2062,13 +2178,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -2076,60 +2192,62 @@ spec: type: object type: array name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the two - is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the - only child is the Kubernetes Service clusterIP. The Kubernetes - Service itself does load-balance to the pods. By default, NativeLB - is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host header - is forwarded to the upstream Kubernetes Service. By default, - passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. This - can be a reference to a named port. + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming response; + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; for such responses, writes are flushed to the client immediately. - Default: 100ms' + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https when - Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2142,8 +2260,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -2152,13 +2271,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy between - the servers. RoundRobin is the only supported value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be specified - when Name references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -2180,31 +2300,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -2213,30 +2334,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2249,8 +2369,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -2260,13 +2381,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -2274,8 +2395,9 @@ spec: type: object type: array sticky: - description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + description: |- + Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2288,8 +2410,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -2310,7 +2433,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutes.traefik.containo.us spec: group: traefik.containo.us @@ -2327,14 +2450,19 @@ spec: description: IngressRoute is the CRD implementation of a Traefik HTTP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2342,10 +2470,11 @@ spec: description: IngressRouteSpec defines the desired state of IngressRoute. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -2355,17 +2484,21 @@ spec: description: Route holds the HTTP route configuration. properties: kind: - description: Kind defines the kind of the route. Rule is the - only supported kind. + description: |- + Kind defines the kind of the route. + Rule is the only supported kind. enum: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule type: string middlewares: - description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' + description: |- + Middlewares defines the list of references to Middleware resources. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware items: description: MiddlewareRef is a reference to a Middleware resource. @@ -2383,13 +2516,14 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority type: integer services: - description: Services defines the list of Service. It can contain - any combination of TraefikService and/or reference to a Kubernetes - Service. + description: |- + Services defines the list of Service. + It can contain any combination of TraefikService and/or reference to a Kubernetes Service. items: description: Service defines an upstream HTTP service to proxy traffic to. @@ -2401,31 +2535,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client - Host header is forwarded to the upstream Kubernetes - Service. By default, passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -2434,30 +2569,29 @@ spec: the client. properties: flushInterval: - description: 'FlushInterval defines the interval, - in milliseconds, in between flushes to the client - while copying the response body. A negative value - means to flush immediately after each write to the - client. This configuration is ignored when ReverseProxy - recognizes a response as a streaming response; for - such responses, writes are flushed to the client - immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the - request to the upstream Kubernetes Service. It defaults - to https when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2471,8 +2605,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie @@ -2482,15 +2617,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only - be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round - Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -2502,16 +2636,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' + description: |- + TLS defines the TLS configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -2527,17 +2665,20 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: - description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Namespace defines the namespace of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string required: - name @@ -2547,17 +2688,19 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: - description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Namespace defines the namespace of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string required: - name @@ -2577,7 +2720,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutetcps.traefik.containo.us spec: group: traefik.containo.us @@ -2594,14 +2737,19 @@ spec: description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2609,10 +2757,11 @@ spec: description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -2622,7 +2771,9 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -2644,8 +2795,9 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 type: integer services: description: Services defines the list of TCP services. @@ -2662,22 +2814,24 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true proxyProtocol: - description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' + description: |- + ProxyProtocol defines the PROXY protocol configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol properties: version: description: Version defines the PROXY Protocol version @@ -2685,13 +2839,12 @@ spec: type: integer type: object terminationDelay: - description: TerminationDelay defines the deadline that - the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, - to close the reading capability as well, hence fully - terminating the connection. It is a duration in milliseconds, - defaulting to 100. A negative value means an infinite - deadline (i.e. the reading capability is never closed). + description: |- + TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, to close the reading capability as well, + hence fully terminating the connection. + It is a duration in milliseconds, defaulting to 100. + A negative value means an infinite deadline (i.e. the reading capability is never closed). type: integer weight: description: Weight defines the weight used when balancing @@ -2707,17 +2860,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' + description: |- + TLS defines the TLS configuration on a layer 4 / TCP Route. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -2733,9 +2889,10 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik @@ -2757,9 +2914,9 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: description: Name defines the name of the referenced Traefik @@ -2787,7 +2944,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressrouteudps.traefik.containo.us spec: group: traefik.containo.us @@ -2804,14 +2961,19 @@ spec: description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2819,10 +2981,11 @@ spec: description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -2846,17 +3009,18 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true weight: @@ -2884,7 +3048,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewares.traefik.containo.us spec: group: traefik.containo.us @@ -2898,18 +3062,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' + description: |- + Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2917,33 +3087,37 @@ spec: description: MiddlewareSpec defines the desired state of a Middleware. properties: addPrefix: - description: 'AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' + description: |- + AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding it. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ properties: prefix: - description: Prefix is the string to add before the current path - in the requested URL. It should include a leading slash (/). + description: |- + Prefix is the string to add before the current path in the requested URL. + It should include a leading slash (/). type: string type: object basicAuth: - description: 'BasicAuth holds the basic auth middleware configuration. + description: |- + BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: - description: 'RemoveHeader sets the removeHeader option to true - to remove the authorization header before forwarding the request - to your service. Default: false.' + description: |- + RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. + Default: false. type: boolean secret: description: Secret is the name of the referenced Kubernetes Secret @@ -2951,48 +3125,49 @@ spec: type: string type: object buffering: - description: 'Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' + description: |- + Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can be forwarded to backends. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: - description: 'MaxRequestBodyBytes defines the maximum allowed - body size for the request (in bytes). If the request exceeds - the allowed size, it is not forwarded to the service, and the - client gets a 413 (Request Entity Too Large) response. Default: - 0 (no maximum).' + description: |- + MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). + If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. + Default: 0 (no maximum). format: int64 type: integer maxResponseBodyBytes: - description: 'MaxResponseBodyBytes defines the maximum allowed - response size from the service (in bytes). If the response exceeds - the allowed size, it is not forwarded to the client. The client - gets a 500 (Internal Server Error) response instead. Default: - 0 (no maximum).' + description: |- + MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). + If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. + Default: 0 (no maximum). format: int64 type: integer memRequestBodyBytes: - description: 'MemRequestBodyBytes defines the threshold (in bytes) - from which the request will be buffered on disk instead of in - memory. Default: 1048576 (1Mi).' + description: |- + MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer memResponseBodyBytes: - description: 'MemResponseBodyBytes defines the threshold (in bytes) - from which the response will be buffered on disk instead of - in memory. Default: 1048576 (1Mi).' + description: |- + MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer retryExpression: - description: 'RetryExpression defines the retry conditions. It - is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' + description: |- + RetryExpression defines the retry conditions. + It is a logical combination of functions with operators AND (&&) and OR (||). + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression type: string type: object chain: - description: 'Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' + description: |- + Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other pieces of middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -3044,9 +3219,10 @@ spec: x-kubernetes-int-or-string: true type: object compress: - description: 'Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' + description: |- + Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the client, using gzip compression. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -3056,40 +3232,40 @@ spec: type: string type: array minResponseBodyBytes: - description: 'MinResponseBodyBytes defines the minimum amount - of bytes a response body must have to be compressed. Default: - 1024.' + description: |- + MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. + Default: 1024. type: integer type: object contentType: - description: ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least - the default one can be changed in a future version. + description: |- + ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. properties: autoDetect: - description: AutoDetect specifies whether to let the `Content-Type` - header, if it has not been set by the backend, be automatically - set to a value derived from the contents of the response. As - a proxy, the default behavior should be to leave the header - alone, regardless of what the backend did with it. However, - the historic default was to always auto-detect and set the header - if it was nil, and it is going to be kept that way in order - to support users currently relying on it. + description: |- + AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, + be automatically set to a value derived from the contents of the response. + As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it. + However, the historic default was to always auto-detect and set the header if it was nil, + and it is going to be kept that way in order to support users currently relying on it. type: boolean type: object digestAuth: - description: 'DigestAuth holds the digest auth middleware configuration. + description: |- + DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: description: RemoveHeader defines whether to remove the authorization @@ -3101,18 +3277,20 @@ spec: type: string type: object errors: - description: 'ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' + description: |- + ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ properties: query: - description: Query defines the URL for the error page (hosted - by service). The {status} variable can be used in order to insert - the status code in the URL. + description: |- + Query defines the URL for the error page (hosted by service). + The {status} variable can be used in order to insert the status code in the URL. type: string service: - description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' + description: |- + Service defines the reference to a Kubernetes Service that will serve the error page. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service properties: kind: description: Kind defines the kind of the Service. @@ -3121,31 +3299,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the - two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if - the only child is the Kubernetes Service clusterIP. The - Kubernetes Service itself does load-balance to the pods. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -3154,29 +3333,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming - response; for such responses, writes are flushed to - the client immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes - Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -3189,8 +3368,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -3200,40 +3380,42 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported value - at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object (and - to be precise, one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name type: object status: - description: Status defines which status or range of statuses - should result in an error page. It can be either a status code - as a number (500), as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), or - a combination of the two (404,418,500-599). + description: |- + Status defines which status or range of statuses should result in an error page. + It can be either a status code as a number (500), + as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), + or a combination of the two (404,418,500-599). items: type: string type: array type: object forwardAuth: - description: 'ForwardAuth holds the forward auth middleware configuration. + description: |- + ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ properties: address: description: Address defines the authentication server address. type: string authRequestHeaders: - description: AuthRequestHeaders defines the list of the headers - to copy from the request to the authentication server. If not - set or empty then all request headers are passed. + description: |- + AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. + If not set or empty then all request headers are passed. items: type: string type: array @@ -3245,10 +3427,9 @@ spec: type: string type: array authResponseHeadersRegex: - description: 'AuthResponseHeadersRegex defines the regex to match - headers to copy from the authentication server response and - set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' + description: |- + AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex type: string tls: description: TLS defines the configuration used to secure the @@ -3257,14 +3438,14 @@ spec: caOptional: type: boolean caSecret: - description: CASecret is the name of the referenced Kubernetes - Secret containing the CA to validate the server certificate. + description: |- + CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. The CA certificate is extracted from key `tls.ca` or `ca.crt`. type: string certSecret: - description: CertSecret is the name of the referenced Kubernetes - Secret containing the client certificate. The client certificate - is extracted from the keys `tls.crt` and `tls.key`. + description: |- + CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. + The client certificate is extracted from the keys `tls.crt` and `tls.key`. type: string insecureSkipVerify: description: InsecureSkipVerify defines whether the server @@ -3277,9 +3458,10 @@ spec: type: boolean type: object headers: - description: 'Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' + description: |- + Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -3344,12 +3526,14 @@ spec: header with the nosniff value. type: boolean customBrowserXSSValue: - description: CustomBrowserXSSValue defines the X-XSS-Protection - header value. This overrides the BrowserXssFilter option. + description: |- + CustomBrowserXSSValue defines the X-XSS-Protection header value. + This overrides the BrowserXssFilter option. type: string customFrameOptionsValue: - description: CustomFrameOptionsValue defines the X-Frame-Options - header value. This overrides the FrameDeny option. + description: |- + CustomFrameOptionsValue defines the X-Frame-Options header value. + This overrides the FrameDeny option. type: string customRequestHeaders: additionalProperties: @@ -3381,25 +3565,25 @@ spec: type: string type: array isDevelopment: - description: IsDevelopment defines whether to mitigate the unwanted - effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, - not your production domain. If you would like your development - environment to mimic production with complete Host blocking, - SSL redirects, and STS headers, leave this as false. + description: |- + IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. + If you would like your development environment to mimic production with complete Host blocking, SSL redirects, + and STS headers, leave this as false. type: boolean permissionsPolicy: - description: PermissionsPolicy defines the Permissions-Policy - header value. This allows sites to control browser features. + description: |- + PermissionsPolicy defines the Permissions-Policy header value. + This allows sites to control browser features. type: string publicKey: description: PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates. type: string referrerPolicy: - description: ReferrerPolicy defines the Referrer-Policy header - value. This allows sites to control whether browsers forward - the Referer header to other sites. + description: |- + ReferrerPolicy defines the Referrer-Policy header value. + This allows sites to control whether browsers forward the Referer header to other sites. type: string sslForceHost: description: 'Deprecated: use RedirectRegex instead.' @@ -3410,10 +3594,9 @@ spec: sslProxyHeaders: additionalProperties: type: string - description: 'SSLProxyHeaders defines the header keys with associated - values that would indicate a valid HTTPS request. It can be - useful when using other proxies (example: "X-Forwarded-Proto": - "https").' + description: |- + SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. + It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). type: object sslRedirect: description: 'Deprecated: use EntryPoint redirection or RedirectScheme @@ -3432,33 +3615,35 @@ spec: to the Strict-Transport-Security header. type: boolean stsSeconds: - description: STSSeconds defines the max-age of the Strict-Transport-Security - header. If set to 0, the header is not set. + description: |- + STSSeconds defines the max-age of the Strict-Transport-Security header. + If set to 0, the header is not set. format: int64 type: integer type: object inFlightReq: - description: 'InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' + description: |- + InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and served concurrently. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - in-flight request. The middleware responds with HTTP 429 Too - Many Requests if there are already amount requests in progress - (based on the same sourceCriterion strategy). + description: |- + Amount defines the maximum amount of allowed simultaneous in-flight request. + The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). format: int64 type: integer sourceCriterion: - description: 'SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3484,13 +3669,15 @@ spec: type: object type: object ipAllowList: - description: 'IPAllowList holds the IP allowlist middleware configuration. + description: |- + IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3512,14 +3699,16 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + description: |- + IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ - Deprecated: please use IPAllowList instead.' + Deprecated: please use IPAllowList instead. properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3541,9 +3730,10 @@ spec: type: array type: object passTLSClientCert: - description: 'PassTLSClientCert holds the pass TLS client cert middleware - configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' + description: |- + PassTLSClientCert holds the pass TLS client cert middleware configuration. + This middleware adds the selected data from the passed client TLS certificate to a header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details @@ -3644,46 +3834,48 @@ spec: plugin: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/' + description: |- + Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/ type: object rateLimit: - description: 'RateLimit holds the rate limit configuration. This middleware - ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' + description: |- + RateLimit holds the rate limit configuration. + This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ properties: average: - description: Average is the maximum rate, by default in requests/s, - allowed for the given source. It defaults to 0, which means - no rate limiting. The rate is actually defined by dividing Average - by Period. So for a rate below 1req/s, one needs to define a - Period larger than a second. + description: |- + Average is the maximum rate, by default in requests/s, allowed for the given source. + It defaults to 0, which means no rate limiting. + The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, + one needs to define a Period larger than a second. format: int64 type: integer burst: - description: Burst is the maximum number of requests allowed to - arrive in the same arbitrarily small period of time. It defaults - to 1. + description: |- + Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. + It defaults to 1. format: int64 type: integer period: anyOf: - type: integer - type: string - description: 'Period, in combination with Average, defines the - actual maximum rate, such as: r = Average / Period. It defaults - to a second.' + description: |- + Period, in combination with Average, defines the actual maximum rate, such as: + r = Average / Period. It defaults to a second. x-kubernetes-int-or-string: true sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote - address field (as an ipStrategy). + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote address field (as an ipStrategy). properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3709,9 +3901,10 @@ spec: type: object type: object redirectRegex: - description: 'RedirectRegex holds the redirect regex middleware configuration. + description: |- + RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3727,9 +3920,10 @@ spec: type: string type: object redirectScheme: - description: 'RedirectScheme holds the redirect scheme middleware - configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' + description: |- + RedirectScheme holds the redirect scheme middleware configuration. + This middleware redirects requests from a scheme/port to another. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3743,9 +3937,10 @@ spec: type: string type: object replacePath: - description: 'ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' + description: |- + ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the @@ -3753,9 +3948,10 @@ spec: type: string type: object replacePathRegex: - description: 'ReplacePathRegex holds the replace path regex middleware - configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' + description: |- + ReplacePathRegex holds the replace path regex middleware configuration. + This middleware replaces the path of a URL using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match @@ -3767,11 +3963,11 @@ spec: type: string type: object retry: - description: 'Retry holds the retry middleware configuration. This - middleware reissues requests a given number of times to a backend - server if that server does not reply. As soon as the server answers, - the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' + description: |- + Retry holds the retry middleware configuration. + This middleware reissues requests a given number of times to a backend server if that server does not reply. + As soon as the server answers, the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ properties: attempts: description: Attempts defines how many times the request should @@ -3781,22 +3977,24 @@ spec: anyOf: - type: integer - type: string - description: InitialInterval defines the first wait time in the - exponential backoff series. The maximum interval is calculated - as twice the initialInterval. If unspecified, requests will - be retried immediately. The value of initialInterval should - be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + description: |- + InitialInterval defines the first wait time in the exponential backoff series. + The maximum interval is calculated as twice the initialInterval. + If unspecified, requests will be retried immediately. + The value of initialInterval should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. x-kubernetes-int-or-string: true type: object stripPrefix: - description: 'StripPrefix holds the strip prefix middleware configuration. + description: |- + StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ properties: forceSlash: - description: 'ForceSlash ensures that the resulting stripped path - is not the empty string, by replacing it with / when necessary. - Default: true.' + description: |- + ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. + Default: true. type: boolean prefixes: description: Prefixes defines the prefixes to strip from the request @@ -3806,9 +4004,10 @@ spec: type: array type: object stripPrefixRegex: - description: 'StripPrefixRegex holds the strip prefix regex middleware - configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' + description: |- + StripPrefixRegex holds the strip prefix regex middleware configuration. + This middleware removes the matching prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the @@ -3829,7 +4028,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewaretcps.traefik.containo.us spec: group: traefik.containo.us @@ -3843,18 +4042,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' + description: |- + MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3865,16 +4070,17 @@ spec: description: InFlightConn defines the InFlightConn middleware configuration. properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - connections. The middleware closes the connection if there are - already amount connections opened. + description: |- + Amount defines the maximum amount of allowed simultaneous connections. + The middleware closes the connection if there are already amount connections opened. format: int64 type: integer type: object ipAllowList: - description: 'IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' + description: |- + IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3884,9 +4090,11 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' + description: |- + IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + Deprecated: please use IPAllowList instead. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3907,7 +4115,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: serverstransports.traefik.containo.us spec: group: traefik.containo.us @@ -3921,20 +4129,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'ServersTransport is the CRD implementation of a ServersTransport. + description: |- + ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4027,7 +4241,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsoptions.traefik.containo.us spec: group: traefik.containo.us @@ -4041,19 +4255,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSOption is the CRD implementation of a Traefik TLS Option, - allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4061,15 +4280,16 @@ spec: description: TLSOptionSpec defines the desired state of a TLSOption. properties: alpnProtocols: - description: 'ALPNProtocols defines the list of supported application - level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' + description: |- + ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols items: type: string type: array cipherSuites: - description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' + description: |- + CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites items: type: string type: array @@ -4095,26 +4315,29 @@ spec: type: array type: object curvePreferences: - description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' + description: |- + CurvePreferences defines the preferred elliptic curves in a specific order. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string type: array maxVersion: - description: 'MaxVersion defines the maximum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: None.' + description: |- + MaxVersion defines the maximum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: None. type: string minVersion: - description: 'MinVersion defines the minimum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: VersionTLS10.' + description: |- + MinVersion defines the minimum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: VersionTLS10. type: string preferServerCipherSuites: - description: 'PreferServerCipherSuites defines whether the server - chooses a cipher suite among his own instead of among the client''s. + description: |- + PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430' + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections @@ -4132,7 +4355,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsstores.traefik.containo.us spec: group: traefik.containo.us @@ -4146,20 +4369,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For - the time being, only the TLSStore named default is supported. This means - that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' + description: |- + TLSStore is the CRD implementation of a Traefik TLS Store. + For the time being, only the TLSStore named default is supported. + This means that you cannot have two stores that are named default in different Kubernetes namespaces. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4223,7 +4452,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: traefikservices.traefik.containo.us spec: group: traefik.containo.us @@ -4237,19 +4466,27 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' + description: |- + TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: + - Apply weight to Services on load-balancing + - Mirror traffic on services + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4266,10 +4503,10 @@ spec: - TraefikService type: string maxBodySize: - description: MaxBodySize defines the maximum size allowed for - the body of the request. If the body is larger, the request - is not mirrored. Default value is -1, which means unlimited - size. + description: |- + MaxBodySize defines the maximum size allowed for the body of the request. + If the body is larger, the request is not mirrored. + Default value is -1, which means unlimited size. format: int64 type: integer mirrors: @@ -4285,35 +4522,37 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean percent: - description: 'Percent defines the part of the traffic to - mirror. Supported values: 0 to 100.' + description: |- + Percent defines the part of the traffic to mirror. + Supported values: 0 to 100. type: integer port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -4322,30 +4561,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4358,8 +4596,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -4369,13 +4608,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -4383,60 +4622,62 @@ spec: type: object type: array name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the two - is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the - only child is the Kubernetes Service clusterIP. The Kubernetes - Service itself does load-balance to the pods. By default, NativeLB - is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host header - is forwarded to the upstream Kubernetes Service. By default, - passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. This - can be a reference to a named port. + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming response; + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; for such responses, writes are flushed to the client immediately. - Default: 100ms' + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https when - Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4449,8 +4690,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -4459,13 +4701,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy between - the servers. RoundRobin is the only supported value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be specified - when Name references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -4487,31 +4730,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -4520,30 +4764,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4556,8 +4799,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -4567,13 +4811,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -4581,8 +4825,9 @@ spec: type: object type: array sticky: - description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + description: |- + Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4595,8 +4840,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml index 1d2d5e891..31f9791db 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutes.traefik.containo.us spec: group: traefik.containo.us @@ -20,14 +20,19 @@ spec: description: IngressRoute is the CRD implementation of a Traefik HTTP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteSpec defines the desired state of IngressRoute. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -48,17 +54,21 @@ spec: description: Route holds the HTTP route configuration. properties: kind: - description: Kind defines the kind of the route. Rule is the - only supported kind. + description: |- + Kind defines the kind of the route. + Rule is the only supported kind. enum: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule type: string middlewares: - description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' + description: |- + Middlewares defines the list of references to Middleware resources. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware items: description: MiddlewareRef is a reference to a Middleware resource. @@ -76,13 +86,14 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority type: integer services: - description: Services defines the list of Service. It can contain - any combination of TraefikService and/or reference to a Kubernetes - Service. + description: |- + Services defines the list of Service. + It can contain any combination of TraefikService and/or reference to a Kubernetes Service. items: description: Service defines an upstream HTTP service to proxy traffic to. @@ -94,31 +105,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client - Host header is forwarded to the upstream Kubernetes - Service. By default, passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -127,30 +139,29 @@ spec: the client. properties: flushInterval: - description: 'FlushInterval defines the interval, - in milliseconds, in between flushes to the client - while copying the response body. A negative value - means to flush immediately after each write to the - client. This configuration is ignored when ReverseProxy - recognizes a response as a streaming response; for - such responses, writes are flushed to the client - immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the - request to the upstream Kubernetes Service. It defaults - to https when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -164,8 +175,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie @@ -175,15 +187,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only - be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round - Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -195,16 +206,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' + description: |- + TLS defines the TLS configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -220,17 +235,20 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: - description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Namespace defines the namespace of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string required: - name @@ -240,17 +258,19 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: - description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Namespace defines the namespace of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string required: - name diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml index 7bc51acf2..e8356112f 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressroutetcps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutetcps.traefik.containo.us spec: group: traefik.containo.us @@ -20,14 +20,19 @@ spec: description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -48,7 +54,9 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -70,8 +78,9 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 type: integer services: description: Services defines the list of TCP services. @@ -88,22 +97,24 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true proxyProtocol: - description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' + description: |- + ProxyProtocol defines the PROXY protocol configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol properties: version: description: Version defines the PROXY Protocol version @@ -111,13 +122,12 @@ spec: type: integer type: object terminationDelay: - description: TerminationDelay defines the deadline that - the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, - to close the reading capability as well, hence fully - terminating the connection. It is a duration in milliseconds, - defaulting to 100. A negative value means an infinite - deadline (i.e. the reading capability is never closed). + description: |- + TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, to close the reading capability as well, + hence fully terminating the connection. + It is a duration in milliseconds, defaulting to 100. + A negative value means an infinite deadline (i.e. the reading capability is never closed). type: integer weight: description: Weight defines the weight used when balancing @@ -133,17 +143,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' + description: |- + TLS defines the TLS configuration on a layer 4 / TCP Route. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -159,9 +172,10 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik @@ -183,9 +197,9 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: description: Name defines the name of the referenced Traefik diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml index d6fd93be3..ac3f3b17e 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_ingressrouteudps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressrouteudps.traefik.containo.us spec: group: traefik.containo.us @@ -20,14 +20,19 @@ spec: description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -62,17 +68,18 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true weight: diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml index 1299b14d9..be0af55c5 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewares.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewares.traefik.containo.us spec: group: traefik.containo.us @@ -17,18 +17,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' + description: |- + Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -36,33 +42,37 @@ spec: description: MiddlewareSpec defines the desired state of a Middleware. properties: addPrefix: - description: 'AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' + description: |- + AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding it. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ properties: prefix: - description: Prefix is the string to add before the current path - in the requested URL. It should include a leading slash (/). + description: |- + Prefix is the string to add before the current path in the requested URL. + It should include a leading slash (/). type: string type: object basicAuth: - description: 'BasicAuth holds the basic auth middleware configuration. + description: |- + BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: - description: 'RemoveHeader sets the removeHeader option to true - to remove the authorization header before forwarding the request - to your service. Default: false.' + description: |- + RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. + Default: false. type: boolean secret: description: Secret is the name of the referenced Kubernetes Secret @@ -70,48 +80,49 @@ spec: type: string type: object buffering: - description: 'Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' + description: |- + Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can be forwarded to backends. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: - description: 'MaxRequestBodyBytes defines the maximum allowed - body size for the request (in bytes). If the request exceeds - the allowed size, it is not forwarded to the service, and the - client gets a 413 (Request Entity Too Large) response. Default: - 0 (no maximum).' + description: |- + MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). + If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. + Default: 0 (no maximum). format: int64 type: integer maxResponseBodyBytes: - description: 'MaxResponseBodyBytes defines the maximum allowed - response size from the service (in bytes). If the response exceeds - the allowed size, it is not forwarded to the client. The client - gets a 500 (Internal Server Error) response instead. Default: - 0 (no maximum).' + description: |- + MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). + If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. + Default: 0 (no maximum). format: int64 type: integer memRequestBodyBytes: - description: 'MemRequestBodyBytes defines the threshold (in bytes) - from which the request will be buffered on disk instead of in - memory. Default: 1048576 (1Mi).' + description: |- + MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer memResponseBodyBytes: - description: 'MemResponseBodyBytes defines the threshold (in bytes) - from which the response will be buffered on disk instead of - in memory. Default: 1048576 (1Mi).' + description: |- + MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer retryExpression: - description: 'RetryExpression defines the retry conditions. It - is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' + description: |- + RetryExpression defines the retry conditions. + It is a logical combination of functions with operators AND (&&) and OR (||). + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression type: string type: object chain: - description: 'Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' + description: |- + Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other pieces of middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -163,9 +174,10 @@ spec: x-kubernetes-int-or-string: true type: object compress: - description: 'Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' + description: |- + Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the client, using gzip compression. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -175,40 +187,40 @@ spec: type: string type: array minResponseBodyBytes: - description: 'MinResponseBodyBytes defines the minimum amount - of bytes a response body must have to be compressed. Default: - 1024.' + description: |- + MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. + Default: 1024. type: integer type: object contentType: - description: ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least - the default one can be changed in a future version. + description: |- + ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. properties: autoDetect: - description: AutoDetect specifies whether to let the `Content-Type` - header, if it has not been set by the backend, be automatically - set to a value derived from the contents of the response. As - a proxy, the default behavior should be to leave the header - alone, regardless of what the backend did with it. However, - the historic default was to always auto-detect and set the header - if it was nil, and it is going to be kept that way in order - to support users currently relying on it. + description: |- + AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, + be automatically set to a value derived from the contents of the response. + As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it. + However, the historic default was to always auto-detect and set the header if it was nil, + and it is going to be kept that way in order to support users currently relying on it. type: boolean type: object digestAuth: - description: 'DigestAuth holds the digest auth middleware configuration. + description: |- + DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: description: RemoveHeader defines whether to remove the authorization @@ -220,18 +232,20 @@ spec: type: string type: object errors: - description: 'ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' + description: |- + ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ properties: query: - description: Query defines the URL for the error page (hosted - by service). The {status} variable can be used in order to insert - the status code in the URL. + description: |- + Query defines the URL for the error page (hosted by service). + The {status} variable can be used in order to insert the status code in the URL. type: string service: - description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' + description: |- + Service defines the reference to a Kubernetes Service that will serve the error page. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service properties: kind: description: Kind defines the kind of the Service. @@ -240,31 +254,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the - two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if - the only child is the Kubernetes Service clusterIP. The - Kubernetes Service itself does load-balance to the pods. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -273,29 +288,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming - response; for such responses, writes are flushed to - the client immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes - Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -308,8 +323,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -319,40 +335,42 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported value - at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object (and - to be precise, one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name type: object status: - description: Status defines which status or range of statuses - should result in an error page. It can be either a status code - as a number (500), as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), or - a combination of the two (404,418,500-599). + description: |- + Status defines which status or range of statuses should result in an error page. + It can be either a status code as a number (500), + as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), + or a combination of the two (404,418,500-599). items: type: string type: array type: object forwardAuth: - description: 'ForwardAuth holds the forward auth middleware configuration. + description: |- + ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ properties: address: description: Address defines the authentication server address. type: string authRequestHeaders: - description: AuthRequestHeaders defines the list of the headers - to copy from the request to the authentication server. If not - set or empty then all request headers are passed. + description: |- + AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. + If not set or empty then all request headers are passed. items: type: string type: array @@ -364,10 +382,9 @@ spec: type: string type: array authResponseHeadersRegex: - description: 'AuthResponseHeadersRegex defines the regex to match - headers to copy from the authentication server response and - set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' + description: |- + AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex type: string tls: description: TLS defines the configuration used to secure the @@ -376,14 +393,14 @@ spec: caOptional: type: boolean caSecret: - description: CASecret is the name of the referenced Kubernetes - Secret containing the CA to validate the server certificate. + description: |- + CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. The CA certificate is extracted from key `tls.ca` or `ca.crt`. type: string certSecret: - description: CertSecret is the name of the referenced Kubernetes - Secret containing the client certificate. The client certificate - is extracted from the keys `tls.crt` and `tls.key`. + description: |- + CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. + The client certificate is extracted from the keys `tls.crt` and `tls.key`. type: string insecureSkipVerify: description: InsecureSkipVerify defines whether the server @@ -396,9 +413,10 @@ spec: type: boolean type: object headers: - description: 'Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' + description: |- + Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -463,12 +481,14 @@ spec: header with the nosniff value. type: boolean customBrowserXSSValue: - description: CustomBrowserXSSValue defines the X-XSS-Protection - header value. This overrides the BrowserXssFilter option. + description: |- + CustomBrowserXSSValue defines the X-XSS-Protection header value. + This overrides the BrowserXssFilter option. type: string customFrameOptionsValue: - description: CustomFrameOptionsValue defines the X-Frame-Options - header value. This overrides the FrameDeny option. + description: |- + CustomFrameOptionsValue defines the X-Frame-Options header value. + This overrides the FrameDeny option. type: string customRequestHeaders: additionalProperties: @@ -500,25 +520,25 @@ spec: type: string type: array isDevelopment: - description: IsDevelopment defines whether to mitigate the unwanted - effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, - not your production domain. If you would like your development - environment to mimic production with complete Host blocking, - SSL redirects, and STS headers, leave this as false. + description: |- + IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. + If you would like your development environment to mimic production with complete Host blocking, SSL redirects, + and STS headers, leave this as false. type: boolean permissionsPolicy: - description: PermissionsPolicy defines the Permissions-Policy - header value. This allows sites to control browser features. + description: |- + PermissionsPolicy defines the Permissions-Policy header value. + This allows sites to control browser features. type: string publicKey: description: PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates. type: string referrerPolicy: - description: ReferrerPolicy defines the Referrer-Policy header - value. This allows sites to control whether browsers forward - the Referer header to other sites. + description: |- + ReferrerPolicy defines the Referrer-Policy header value. + This allows sites to control whether browsers forward the Referer header to other sites. type: string sslForceHost: description: 'Deprecated: use RedirectRegex instead.' @@ -529,10 +549,9 @@ spec: sslProxyHeaders: additionalProperties: type: string - description: 'SSLProxyHeaders defines the header keys with associated - values that would indicate a valid HTTPS request. It can be - useful when using other proxies (example: "X-Forwarded-Proto": - "https").' + description: |- + SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. + It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). type: object sslRedirect: description: 'Deprecated: use EntryPoint redirection or RedirectScheme @@ -551,33 +570,35 @@ spec: to the Strict-Transport-Security header. type: boolean stsSeconds: - description: STSSeconds defines the max-age of the Strict-Transport-Security - header. If set to 0, the header is not set. + description: |- + STSSeconds defines the max-age of the Strict-Transport-Security header. + If set to 0, the header is not set. format: int64 type: integer type: object inFlightReq: - description: 'InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' + description: |- + InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and served concurrently. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - in-flight request. The middleware responds with HTTP 429 Too - Many Requests if there are already amount requests in progress - (based on the same sourceCriterion strategy). + description: |- + Amount defines the maximum amount of allowed simultaneous in-flight request. + The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). format: int64 type: integer sourceCriterion: - description: 'SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -603,13 +624,15 @@ spec: type: object type: object ipAllowList: - description: 'IPAllowList holds the IP allowlist middleware configuration. + description: |- + IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -631,14 +654,16 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + description: |- + IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ - Deprecated: please use IPAllowList instead.' + Deprecated: please use IPAllowList instead. properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -660,9 +685,10 @@ spec: type: array type: object passTLSClientCert: - description: 'PassTLSClientCert holds the pass TLS client cert middleware - configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' + description: |- + PassTLSClientCert holds the pass TLS client cert middleware configuration. + This middleware adds the selected data from the passed client TLS certificate to a header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details @@ -763,46 +789,48 @@ spec: plugin: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/' + description: |- + Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/ type: object rateLimit: - description: 'RateLimit holds the rate limit configuration. This middleware - ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' + description: |- + RateLimit holds the rate limit configuration. + This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ properties: average: - description: Average is the maximum rate, by default in requests/s, - allowed for the given source. It defaults to 0, which means - no rate limiting. The rate is actually defined by dividing Average - by Period. So for a rate below 1req/s, one needs to define a - Period larger than a second. + description: |- + Average is the maximum rate, by default in requests/s, allowed for the given source. + It defaults to 0, which means no rate limiting. + The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, + one needs to define a Period larger than a second. format: int64 type: integer burst: - description: Burst is the maximum number of requests allowed to - arrive in the same arbitrarily small period of time. It defaults - to 1. + description: |- + Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. + It defaults to 1. format: int64 type: integer period: anyOf: - type: integer - type: string - description: 'Period, in combination with Average, defines the - actual maximum rate, such as: r = Average / Period. It defaults - to a second.' + description: |- + Period, in combination with Average, defines the actual maximum rate, such as: + r = Average / Period. It defaults to a second. x-kubernetes-int-or-string: true sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote - address field (as an ipStrategy). + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote address field (as an ipStrategy). properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -828,9 +856,10 @@ spec: type: object type: object redirectRegex: - description: 'RedirectRegex holds the redirect regex middleware configuration. + description: |- + RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent @@ -846,9 +875,10 @@ spec: type: string type: object redirectScheme: - description: 'RedirectScheme holds the redirect scheme middleware - configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' + description: |- + RedirectScheme holds the redirect scheme middleware configuration. + This middleware redirects requests from a scheme/port to another. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ properties: permanent: description: Permanent defines whether the redirection is permanent @@ -862,9 +892,10 @@ spec: type: string type: object replacePath: - description: 'ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' + description: |- + ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the @@ -872,9 +903,10 @@ spec: type: string type: object replacePathRegex: - description: 'ReplacePathRegex holds the replace path regex middleware - configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' + description: |- + ReplacePathRegex holds the replace path regex middleware configuration. + This middleware replaces the path of a URL using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match @@ -886,11 +918,11 @@ spec: type: string type: object retry: - description: 'Retry holds the retry middleware configuration. This - middleware reissues requests a given number of times to a backend - server if that server does not reply. As soon as the server answers, - the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' + description: |- + Retry holds the retry middleware configuration. + This middleware reissues requests a given number of times to a backend server if that server does not reply. + As soon as the server answers, the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ properties: attempts: description: Attempts defines how many times the request should @@ -900,22 +932,24 @@ spec: anyOf: - type: integer - type: string - description: InitialInterval defines the first wait time in the - exponential backoff series. The maximum interval is calculated - as twice the initialInterval. If unspecified, requests will - be retried immediately. The value of initialInterval should - be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + description: |- + InitialInterval defines the first wait time in the exponential backoff series. + The maximum interval is calculated as twice the initialInterval. + If unspecified, requests will be retried immediately. + The value of initialInterval should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. x-kubernetes-int-or-string: true type: object stripPrefix: - description: 'StripPrefix holds the strip prefix middleware configuration. + description: |- + StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ properties: forceSlash: - description: 'ForceSlash ensures that the resulting stripped path - is not the empty string, by replacing it with / when necessary. - Default: true.' + description: |- + ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. + Default: true. type: boolean prefixes: description: Prefixes defines the prefixes to strip from the request @@ -925,9 +959,10 @@ spec: type: array type: object stripPrefixRegex: - description: 'StripPrefixRegex holds the strip prefix regex middleware - configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' + description: |- + StripPrefixRegex holds the strip prefix regex middleware configuration. + This middleware removes the matching prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml index 95912a7c2..6535b365f 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_middlewaretcps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewaretcps.traefik.containo.us spec: group: traefik.containo.us @@ -17,18 +17,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' + description: |- + MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -39,16 +45,17 @@ spec: description: InFlightConn defines the InFlightConn middleware configuration. properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - connections. The middleware closes the connection if there are - already amount connections opened. + description: |- + Amount defines the maximum amount of allowed simultaneous connections. + The middleware closes the connection if there are already amount connections opened. format: int64 type: integer type: object ipAllowList: - description: 'IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' + description: |- + IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -58,9 +65,11 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' + description: |- + IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + Deprecated: please use IPAllowList instead. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml index 3fea058aa..454e35a2a 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_serverstransports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: serverstransports.traefik.containo.us spec: group: traefik.containo.us @@ -17,20 +17,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'ServersTransport is the CRD implementation of a ServersTransport. + description: |- + ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml index 7676fcbc5..bef834eab 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsoptions.traefik.containo.us spec: group: traefik.containo.us @@ -17,19 +17,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSOption is the CRD implementation of a Traefik TLS Option, - allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -37,15 +42,16 @@ spec: description: TLSOptionSpec defines the desired state of a TLSOption. properties: alpnProtocols: - description: 'ALPNProtocols defines the list of supported application - level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' + description: |- + ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols items: type: string type: array cipherSuites: - description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' + description: |- + CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites items: type: string type: array @@ -71,26 +77,29 @@ spec: type: array type: object curvePreferences: - description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' + description: |- + CurvePreferences defines the preferred elliptic curves in a specific order. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string type: array maxVersion: - description: 'MaxVersion defines the maximum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: None.' + description: |- + MaxVersion defines the maximum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: None. type: string minVersion: - description: 'MinVersion defines the minimum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: VersionTLS10.' + description: |- + MinVersion defines the minimum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: VersionTLS10. type: string preferServerCipherSuites: - description: 'PreferServerCipherSuites defines whether the server - chooses a cipher suite among his own instead of among the client''s. + description: |- + PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430' + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml index df54837af..57c8e1bf7 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsstores.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsstores.traefik.containo.us spec: group: traefik.containo.us @@ -17,20 +17,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For - the time being, only the TLSStore named default is supported. This means - that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' + description: |- + TLSStore is the CRD implementation of a Traefik TLS Store. + For the time being, only the TLSStore named default is supported. + This means that you cannot have two stores that are named default in different Kubernetes namespaces. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml index 78b78cb9a..5ceb028aa 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_traefikservices.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: traefikservices.traefik.containo.us spec: group: traefik.containo.us @@ -17,19 +17,27 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' + description: |- + TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: + - Apply weight to Services on load-balancing + - Mirror traffic on services + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -46,10 +54,10 @@ spec: - TraefikService type: string maxBodySize: - description: MaxBodySize defines the maximum size allowed for - the body of the request. If the body is larger, the request - is not mirrored. Default value is -1, which means unlimited - size. + description: |- + MaxBodySize defines the maximum size allowed for the body of the request. + If the body is larger, the request is not mirrored. + Default value is -1, which means unlimited size. format: int64 type: integer mirrors: @@ -65,35 +73,37 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean percent: - description: 'Percent defines the part of the traffic to - mirror. Supported values: 0 to 100.' + description: |- + Percent defines the part of the traffic to mirror. + Supported values: 0 to 100. type: integer port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -102,30 +112,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -138,8 +147,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -149,13 +159,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -163,60 +173,62 @@ spec: type: object type: array name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the two - is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the - only child is the Kubernetes Service clusterIP. The Kubernetes - Service itself does load-balance to the pods. By default, NativeLB - is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host header - is forwarded to the upstream Kubernetes Service. By default, - passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. This - can be a reference to a named port. + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming response; + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; for such responses, writes are flushed to the client immediately. - Default: 100ms' + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https when - Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -229,8 +241,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -239,13 +252,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy between - the servers. RoundRobin is the only supported value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be specified - when Name references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -267,31 +281,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -300,30 +315,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -336,8 +350,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -347,13 +362,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -361,8 +376,9 @@ spec: type: object type: array sticky: - description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + description: |- + Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -375,8 +391,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only diff --git a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml index 67878499c..587207d7c 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutes.traefik.io spec: group: traefik.io @@ -20,14 +20,19 @@ spec: description: IngressRoute is the CRD implementation of a Traefik HTTP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteSpec defines the desired state of IngressRoute. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -48,17 +54,21 @@ spec: description: Route holds the HTTP route configuration. properties: kind: - description: Kind defines the kind of the route. Rule is the - only supported kind. + description: |- + Kind defines the kind of the route. + Rule is the only supported kind. enum: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule type: string middlewares: - description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' + description: |- + Middlewares defines the list of references to Middleware resources. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware items: description: MiddlewareRef is a reference to a Middleware resource. @@ -76,13 +86,14 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority type: integer services: - description: Services defines the list of Service. It can contain - any combination of TraefikService and/or reference to a Kubernetes - Service. + description: |- + Services defines the list of Service. + It can contain any combination of TraefikService and/or reference to a Kubernetes Service. items: description: Service defines an upstream HTTP service to proxy traffic to. @@ -94,31 +105,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client - Host header is forwarded to the upstream Kubernetes - Service. By default, passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -127,30 +139,29 @@ spec: the client. properties: flushInterval: - description: 'FlushInterval defines the interval, - in milliseconds, in between flushes to the client - while copying the response body. A negative value - means to flush immediately after each write to the - client. This configuration is ignored when ReverseProxy - recognizes a response as a streaming response; for - such responses, writes are flushed to the client - immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the - request to the upstream Kubernetes Service. It defaults - to https when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -164,8 +175,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie @@ -175,15 +187,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only - be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round - Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -195,16 +206,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' + description: |- + TLS defines the TLS configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -220,17 +235,20 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: - description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Namespace defines the namespace of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string required: - name @@ -240,17 +258,19 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: - description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Namespace defines the namespace of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string required: - name diff --git a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml index 1fdfe7109..ef6f9b8c1 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutetcps.traefik.io spec: group: traefik.io @@ -20,14 +20,19 @@ spec: description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -48,7 +54,9 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -70,8 +78,9 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 type: integer services: description: Services defines the list of TCP services. @@ -88,22 +97,24 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true proxyProtocol: - description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' + description: |- + ProxyProtocol defines the PROXY protocol configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol properties: version: description: Version defines the PROXY Protocol version @@ -111,13 +122,12 @@ spec: type: integer type: object terminationDelay: - description: TerminationDelay defines the deadline that - the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, - to close the reading capability as well, hence fully - terminating the connection. It is a duration in milliseconds, - defaulting to 100. A negative value means an infinite - deadline (i.e. the reading capability is never closed). + description: |- + TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, to close the reading capability as well, + hence fully terminating the connection. + It is a duration in milliseconds, defaulting to 100. + A negative value means an infinite deadline (i.e. the reading capability is never closed). type: integer weight: description: Weight defines the weight used when balancing @@ -133,17 +143,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' + description: |- + TLS defines the TLS configuration on a layer 4 / TCP Route. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -159,9 +172,10 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik @@ -183,9 +197,9 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: description: Name defines the name of the referenced Traefik diff --git a/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml index a65c27547..60cc29d54 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_ingressrouteudps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressrouteudps.traefik.io spec: group: traefik.io @@ -20,14 +20,19 @@ spec: description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -62,17 +68,18 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true weight: diff --git a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml index 8060217f5..66913e653 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewares.traefik.io spec: group: traefik.io @@ -17,18 +17,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' + description: |- + Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -36,33 +42,37 @@ spec: description: MiddlewareSpec defines the desired state of a Middleware. properties: addPrefix: - description: 'AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' + description: |- + AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding it. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ properties: prefix: - description: Prefix is the string to add before the current path - in the requested URL. It should include a leading slash (/). + description: |- + Prefix is the string to add before the current path in the requested URL. + It should include a leading slash (/). type: string type: object basicAuth: - description: 'BasicAuth holds the basic auth middleware configuration. + description: |- + BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: - description: 'RemoveHeader sets the removeHeader option to true - to remove the authorization header before forwarding the request - to your service. Default: false.' + description: |- + RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. + Default: false. type: boolean secret: description: Secret is the name of the referenced Kubernetes Secret @@ -70,48 +80,49 @@ spec: type: string type: object buffering: - description: 'Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' + description: |- + Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can be forwarded to backends. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: - description: 'MaxRequestBodyBytes defines the maximum allowed - body size for the request (in bytes). If the request exceeds - the allowed size, it is not forwarded to the service, and the - client gets a 413 (Request Entity Too Large) response. Default: - 0 (no maximum).' + description: |- + MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). + If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. + Default: 0 (no maximum). format: int64 type: integer maxResponseBodyBytes: - description: 'MaxResponseBodyBytes defines the maximum allowed - response size from the service (in bytes). If the response exceeds - the allowed size, it is not forwarded to the client. The client - gets a 500 (Internal Server Error) response instead. Default: - 0 (no maximum).' + description: |- + MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). + If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. + Default: 0 (no maximum). format: int64 type: integer memRequestBodyBytes: - description: 'MemRequestBodyBytes defines the threshold (in bytes) - from which the request will be buffered on disk instead of in - memory. Default: 1048576 (1Mi).' + description: |- + MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer memResponseBodyBytes: - description: 'MemResponseBodyBytes defines the threshold (in bytes) - from which the response will be buffered on disk instead of - in memory. Default: 1048576 (1Mi).' + description: |- + MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer retryExpression: - description: 'RetryExpression defines the retry conditions. It - is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' + description: |- + RetryExpression defines the retry conditions. + It is a logical combination of functions with operators AND (&&) and OR (||). + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression type: string type: object chain: - description: 'Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' + description: |- + Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other pieces of middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -163,9 +174,10 @@ spec: x-kubernetes-int-or-string: true type: object compress: - description: 'Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' + description: |- + Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the client, using gzip compression. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -175,40 +187,40 @@ spec: type: string type: array minResponseBodyBytes: - description: 'MinResponseBodyBytes defines the minimum amount - of bytes a response body must have to be compressed. Default: - 1024.' + description: |- + MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. + Default: 1024. type: integer type: object contentType: - description: ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least - the default one can be changed in a future version. + description: |- + ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. properties: autoDetect: - description: AutoDetect specifies whether to let the `Content-Type` - header, if it has not been set by the backend, be automatically - set to a value derived from the contents of the response. As - a proxy, the default behavior should be to leave the header - alone, regardless of what the backend did with it. However, - the historic default was to always auto-detect and set the header - if it was nil, and it is going to be kept that way in order - to support users currently relying on it. + description: |- + AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, + be automatically set to a value derived from the contents of the response. + As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it. + However, the historic default was to always auto-detect and set the header if it was nil, + and it is going to be kept that way in order to support users currently relying on it. type: boolean type: object digestAuth: - description: 'DigestAuth holds the digest auth middleware configuration. + description: |- + DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: description: RemoveHeader defines whether to remove the authorization @@ -220,18 +232,20 @@ spec: type: string type: object errors: - description: 'ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' + description: |- + ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ properties: query: - description: Query defines the URL for the error page (hosted - by service). The {status} variable can be used in order to insert - the status code in the URL. + description: |- + Query defines the URL for the error page (hosted by service). + The {status} variable can be used in order to insert the status code in the URL. type: string service: - description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' + description: |- + Service defines the reference to a Kubernetes Service that will serve the error page. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service properties: kind: description: Kind defines the kind of the Service. @@ -240,31 +254,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the - two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if - the only child is the Kubernetes Service clusterIP. The - Kubernetes Service itself does load-balance to the pods. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -273,29 +288,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming - response; for such responses, writes are flushed to - the client immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes - Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -308,8 +323,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -319,40 +335,42 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported value - at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object (and - to be precise, one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name type: object status: - description: Status defines which status or range of statuses - should result in an error page. It can be either a status code - as a number (500), as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), or - a combination of the two (404,418,500-599). + description: |- + Status defines which status or range of statuses should result in an error page. + It can be either a status code as a number (500), + as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), + or a combination of the two (404,418,500-599). items: type: string type: array type: object forwardAuth: - description: 'ForwardAuth holds the forward auth middleware configuration. + description: |- + ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ properties: address: description: Address defines the authentication server address. type: string authRequestHeaders: - description: AuthRequestHeaders defines the list of the headers - to copy from the request to the authentication server. If not - set or empty then all request headers are passed. + description: |- + AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. + If not set or empty then all request headers are passed. items: type: string type: array @@ -364,10 +382,9 @@ spec: type: string type: array authResponseHeadersRegex: - description: 'AuthResponseHeadersRegex defines the regex to match - headers to copy from the authentication server response and - set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' + description: |- + AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex type: string tls: description: TLS defines the configuration used to secure the @@ -376,14 +393,14 @@ spec: caOptional: type: boolean caSecret: - description: CASecret is the name of the referenced Kubernetes - Secret containing the CA to validate the server certificate. + description: |- + CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. The CA certificate is extracted from key `tls.ca` or `ca.crt`. type: string certSecret: - description: CertSecret is the name of the referenced Kubernetes - Secret containing the client certificate. The client certificate - is extracted from the keys `tls.crt` and `tls.key`. + description: |- + CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. + The client certificate is extracted from the keys `tls.crt` and `tls.key`. type: string insecureSkipVerify: description: InsecureSkipVerify defines whether the server @@ -396,9 +413,10 @@ spec: type: boolean type: object headers: - description: 'Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' + description: |- + Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -463,12 +481,14 @@ spec: header with the nosniff value. type: boolean customBrowserXSSValue: - description: CustomBrowserXSSValue defines the X-XSS-Protection - header value. This overrides the BrowserXssFilter option. + description: |- + CustomBrowserXSSValue defines the X-XSS-Protection header value. + This overrides the BrowserXssFilter option. type: string customFrameOptionsValue: - description: CustomFrameOptionsValue defines the X-Frame-Options - header value. This overrides the FrameDeny option. + description: |- + CustomFrameOptionsValue defines the X-Frame-Options header value. + This overrides the FrameDeny option. type: string customRequestHeaders: additionalProperties: @@ -500,25 +520,25 @@ spec: type: string type: array isDevelopment: - description: IsDevelopment defines whether to mitigate the unwanted - effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, - not your production domain. If you would like your development - environment to mimic production with complete Host blocking, - SSL redirects, and STS headers, leave this as false. + description: |- + IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. + If you would like your development environment to mimic production with complete Host blocking, SSL redirects, + and STS headers, leave this as false. type: boolean permissionsPolicy: - description: PermissionsPolicy defines the Permissions-Policy - header value. This allows sites to control browser features. + description: |- + PermissionsPolicy defines the Permissions-Policy header value. + This allows sites to control browser features. type: string publicKey: description: PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates. type: string referrerPolicy: - description: ReferrerPolicy defines the Referrer-Policy header - value. This allows sites to control whether browsers forward - the Referer header to other sites. + description: |- + ReferrerPolicy defines the Referrer-Policy header value. + This allows sites to control whether browsers forward the Referer header to other sites. type: string sslForceHost: description: 'Deprecated: use RedirectRegex instead.' @@ -529,10 +549,9 @@ spec: sslProxyHeaders: additionalProperties: type: string - description: 'SSLProxyHeaders defines the header keys with associated - values that would indicate a valid HTTPS request. It can be - useful when using other proxies (example: "X-Forwarded-Proto": - "https").' + description: |- + SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. + It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). type: object sslRedirect: description: 'Deprecated: use EntryPoint redirection or RedirectScheme @@ -551,33 +570,35 @@ spec: to the Strict-Transport-Security header. type: boolean stsSeconds: - description: STSSeconds defines the max-age of the Strict-Transport-Security - header. If set to 0, the header is not set. + description: |- + STSSeconds defines the max-age of the Strict-Transport-Security header. + If set to 0, the header is not set. format: int64 type: integer type: object inFlightReq: - description: 'InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' + description: |- + InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and served concurrently. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - in-flight request. The middleware responds with HTTP 429 Too - Many Requests if there are already amount requests in progress - (based on the same sourceCriterion strategy). + description: |- + Amount defines the maximum amount of allowed simultaneous in-flight request. + The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). format: int64 type: integer sourceCriterion: - description: 'SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -603,13 +624,15 @@ spec: type: object type: object ipAllowList: - description: 'IPAllowList holds the IP allowlist middleware configuration. + description: |- + IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -631,14 +654,16 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + description: |- + IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ - Deprecated: please use IPAllowList instead.' + Deprecated: please use IPAllowList instead. properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -660,9 +685,10 @@ spec: type: array type: object passTLSClientCert: - description: 'PassTLSClientCert holds the pass TLS client cert middleware - configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' + description: |- + PassTLSClientCert holds the pass TLS client cert middleware configuration. + This middleware adds the selected data from the passed client TLS certificate to a header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details @@ -763,46 +789,48 @@ spec: plugin: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/' + description: |- + Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/ type: object rateLimit: - description: 'RateLimit holds the rate limit configuration. This middleware - ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' + description: |- + RateLimit holds the rate limit configuration. + This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ properties: average: - description: Average is the maximum rate, by default in requests/s, - allowed for the given source. It defaults to 0, which means - no rate limiting. The rate is actually defined by dividing Average - by Period. So for a rate below 1req/s, one needs to define a - Period larger than a second. + description: |- + Average is the maximum rate, by default in requests/s, allowed for the given source. + It defaults to 0, which means no rate limiting. + The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, + one needs to define a Period larger than a second. format: int64 type: integer burst: - description: Burst is the maximum number of requests allowed to - arrive in the same arbitrarily small period of time. It defaults - to 1. + description: |- + Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. + It defaults to 1. format: int64 type: integer period: anyOf: - type: integer - type: string - description: 'Period, in combination with Average, defines the - actual maximum rate, such as: r = Average / Period. It defaults - to a second.' + description: |- + Period, in combination with Average, defines the actual maximum rate, such as: + r = Average / Period. It defaults to a second. x-kubernetes-int-or-string: true sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote - address field (as an ipStrategy). + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote address field (as an ipStrategy). properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -828,9 +856,10 @@ spec: type: object type: object redirectRegex: - description: 'RedirectRegex holds the redirect regex middleware configuration. + description: |- + RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent @@ -846,9 +875,10 @@ spec: type: string type: object redirectScheme: - description: 'RedirectScheme holds the redirect scheme middleware - configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' + description: |- + RedirectScheme holds the redirect scheme middleware configuration. + This middleware redirects requests from a scheme/port to another. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ properties: permanent: description: Permanent defines whether the redirection is permanent @@ -862,9 +892,10 @@ spec: type: string type: object replacePath: - description: 'ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' + description: |- + ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the @@ -872,9 +903,10 @@ spec: type: string type: object replacePathRegex: - description: 'ReplacePathRegex holds the replace path regex middleware - configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' + description: |- + ReplacePathRegex holds the replace path regex middleware configuration. + This middleware replaces the path of a URL using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match @@ -886,11 +918,11 @@ spec: type: string type: object retry: - description: 'Retry holds the retry middleware configuration. This - middleware reissues requests a given number of times to a backend - server if that server does not reply. As soon as the server answers, - the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' + description: |- + Retry holds the retry middleware configuration. + This middleware reissues requests a given number of times to a backend server if that server does not reply. + As soon as the server answers, the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ properties: attempts: description: Attempts defines how many times the request should @@ -900,22 +932,24 @@ spec: anyOf: - type: integer - type: string - description: InitialInterval defines the first wait time in the - exponential backoff series. The maximum interval is calculated - as twice the initialInterval. If unspecified, requests will - be retried immediately. The value of initialInterval should - be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + description: |- + InitialInterval defines the first wait time in the exponential backoff series. + The maximum interval is calculated as twice the initialInterval. + If unspecified, requests will be retried immediately. + The value of initialInterval should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. x-kubernetes-int-or-string: true type: object stripPrefix: - description: 'StripPrefix holds the strip prefix middleware configuration. + description: |- + StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ properties: forceSlash: - description: 'ForceSlash ensures that the resulting stripped path - is not the empty string, by replacing it with / when necessary. - Default: true.' + description: |- + ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. + Default: true. type: boolean prefixes: description: Prefixes defines the prefixes to strip from the request @@ -925,9 +959,10 @@ spec: type: array type: object stripPrefixRegex: - description: 'StripPrefixRegex holds the strip prefix regex middleware - configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' + description: |- + StripPrefixRegex holds the strip prefix regex middleware configuration. + This middleware removes the matching prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the diff --git a/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml b/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml index e393b6c35..982caa692 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewaretcps.traefik.io spec: group: traefik.io @@ -17,18 +17,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' + description: |- + MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -39,16 +45,17 @@ spec: description: InFlightConn defines the InFlightConn middleware configuration. properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - connections. The middleware closes the connection if there are - already amount connections opened. + description: |- + Amount defines the maximum amount of allowed simultaneous connections. + The middleware closes the connection if there are already amount connections opened. format: int64 type: integer type: object ipAllowList: - description: 'IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' + description: |- + IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -58,9 +65,11 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' + description: |- + IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + Deprecated: please use IPAllowList instead. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of diff --git a/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml b/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml index 3fe6f987e..aad13e089 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_serverstransports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: serverstransports.traefik.io spec: group: traefik.io @@ -17,20 +17,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'ServersTransport is the CRD implementation of a ServersTransport. + description: |- + ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml index 5f6341b70..19ae64ec2 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsoptions.traefik.io spec: group: traefik.io @@ -17,19 +17,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSOption is the CRD implementation of a Traefik TLS Option, - allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -37,15 +42,16 @@ spec: description: TLSOptionSpec defines the desired state of a TLSOption. properties: alpnProtocols: - description: 'ALPNProtocols defines the list of supported application - level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' + description: |- + ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols items: type: string type: array cipherSuites: - description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' + description: |- + CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites items: type: string type: array @@ -71,26 +77,29 @@ spec: type: array type: object curvePreferences: - description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' + description: |- + CurvePreferences defines the preferred elliptic curves in a specific order. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string type: array maxVersion: - description: 'MaxVersion defines the maximum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: None.' + description: |- + MaxVersion defines the maximum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: None. type: string minVersion: - description: 'MinVersion defines the minimum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: VersionTLS10.' + description: |- + MinVersion defines the minimum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: VersionTLS10. type: string preferServerCipherSuites: - description: 'PreferServerCipherSuites defines whether the server - chooses a cipher suite among his own instead of among the client''s. + description: |- + PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430' + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections diff --git a/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml b/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml index bda4fe94f..18d421823 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_tlsstores.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsstores.traefik.io spec: group: traefik.io @@ -17,20 +17,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For - the time being, only the TLSStore named default is supported. This means - that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' + description: |- + TLSStore is the CRD implementation of a Traefik TLS Store. + For the time being, only the TLSStore named default is supported. + This means that you cannot have two stores that are named default in different Kubernetes namespaces. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml b/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml index 64aca355c..f6a460a44 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_traefikservices.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: traefikservices.traefik.io spec: group: traefik.io @@ -17,19 +17,27 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' + description: |- + TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: + - Apply weight to Services on load-balancing + - Mirror traffic on services + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -46,10 +54,10 @@ spec: - TraefikService type: string maxBodySize: - description: MaxBodySize defines the maximum size allowed for - the body of the request. If the body is larger, the request - is not mirrored. Default value is -1, which means unlimited - size. + description: |- + MaxBodySize defines the maximum size allowed for the body of the request. + If the body is larger, the request is not mirrored. + Default value is -1, which means unlimited size. format: int64 type: integer mirrors: @@ -65,35 +73,37 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean percent: - description: 'Percent defines the part of the traffic to - mirror. Supported values: 0 to 100.' + description: |- + Percent defines the part of the traffic to mirror. + Supported values: 0 to 100. type: integer port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -102,30 +112,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -138,8 +147,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -149,13 +159,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -163,60 +173,62 @@ spec: type: object type: array name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the two - is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the - only child is the Kubernetes Service clusterIP. The Kubernetes - Service itself does load-balance to the pods. By default, NativeLB - is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host header - is forwarded to the upstream Kubernetes Service. By default, - passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. This - can be a reference to a named port. + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming response; + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; for such responses, writes are flushed to the client immediately. - Default: 100ms' + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https when - Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -229,8 +241,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -239,13 +252,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy between - the servers. RoundRobin is the only supported value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be specified - when Name references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -267,31 +281,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -300,30 +315,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -336,8 +350,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -347,13 +362,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -361,8 +376,9 @@ spec: type: object type: array sticky: - description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + description: |- + Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -375,8 +391,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only diff --git a/go.mod b/go.mod index 9bf2bd1ed..21ee50999 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/traefik/traefik/v2 -go 1.21 +go 1.22 require ( github.com/BurntSushi/toml v1.3.2 diff --git a/integration/fixtures/k8s/01-traefik-crd.yml b/integration/fixtures/k8s/01-traefik-crd.yml index d92afbe86..85ff27f7e 100644 --- a/integration/fixtures/k8s/01-traefik-crd.yml +++ b/integration/fixtures/k8s/01-traefik-crd.yml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutes.traefik.io spec: group: traefik.io @@ -20,14 +20,19 @@ spec: description: IngressRoute is the CRD implementation of a Traefik HTTP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35,10 +40,11 @@ spec: description: IngressRouteSpec defines the desired state of IngressRoute. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -48,17 +54,21 @@ spec: description: Route holds the HTTP route configuration. properties: kind: - description: Kind defines the kind of the route. Rule is the - only supported kind. + description: |- + Kind defines the kind of the route. + Rule is the only supported kind. enum: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule type: string middlewares: - description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' + description: |- + Middlewares defines the list of references to Middleware resources. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware items: description: MiddlewareRef is a reference to a Middleware resource. @@ -76,13 +86,14 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority type: integer services: - description: Services defines the list of Service. It can contain - any combination of TraefikService and/or reference to a Kubernetes - Service. + description: |- + Services defines the list of Service. + It can contain any combination of TraefikService and/or reference to a Kubernetes Service. items: description: Service defines an upstream HTTP service to proxy traffic to. @@ -94,31 +105,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client - Host header is forwarded to the upstream Kubernetes - Service. By default, passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -127,30 +139,29 @@ spec: the client. properties: flushInterval: - description: 'FlushInterval defines the interval, - in milliseconds, in between flushes to the client - while copying the response body. A negative value - means to flush immediately after each write to the - client. This configuration is ignored when ReverseProxy - recognizes a response as a streaming response; for - such responses, writes are flushed to the client - immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the - request to the upstream Kubernetes Service. It defaults - to https when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -164,8 +175,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie @@ -175,15 +187,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only - be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round - Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -195,16 +206,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' + description: |- + TLS defines the TLS configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -220,17 +235,20 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: - description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Namespace defines the namespace of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string required: - name @@ -240,17 +258,19 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: - description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Namespace defines the namespace of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string required: - name @@ -270,7 +290,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutetcps.traefik.io spec: group: traefik.io @@ -287,14 +307,19 @@ spec: description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -302,10 +327,11 @@ spec: description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -315,7 +341,9 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -337,8 +365,9 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 type: integer services: description: Services defines the list of TCP services. @@ -355,22 +384,24 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true proxyProtocol: - description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' + description: |- + ProxyProtocol defines the PROXY protocol configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol properties: version: description: Version defines the PROXY Protocol version @@ -378,13 +409,12 @@ spec: type: integer type: object terminationDelay: - description: TerminationDelay defines the deadline that - the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, - to close the reading capability as well, hence fully - terminating the connection. It is a duration in milliseconds, - defaulting to 100. A negative value means an infinite - deadline (i.e. the reading capability is never closed). + description: |- + TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, to close the reading capability as well, + hence fully terminating the connection. + It is a duration in milliseconds, defaulting to 100. + A negative value means an infinite deadline (i.e. the reading capability is never closed). type: integer weight: description: Weight defines the weight used when balancing @@ -400,17 +430,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' + description: |- + TLS defines the TLS configuration on a layer 4 / TCP Route. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -426,9 +459,10 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik @@ -450,9 +484,9 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: description: Name defines the name of the referenced Traefik @@ -480,7 +514,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressrouteudps.traefik.io spec: group: traefik.io @@ -497,14 +531,19 @@ spec: description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -512,10 +551,11 @@ spec: description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -539,17 +579,18 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true weight: @@ -577,7 +618,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewares.traefik.io spec: group: traefik.io @@ -591,18 +632,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' + description: |- + Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -610,33 +657,37 @@ spec: description: MiddlewareSpec defines the desired state of a Middleware. properties: addPrefix: - description: 'AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' + description: |- + AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding it. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ properties: prefix: - description: Prefix is the string to add before the current path - in the requested URL. It should include a leading slash (/). + description: |- + Prefix is the string to add before the current path in the requested URL. + It should include a leading slash (/). type: string type: object basicAuth: - description: 'BasicAuth holds the basic auth middleware configuration. + description: |- + BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: - description: 'RemoveHeader sets the removeHeader option to true - to remove the authorization header before forwarding the request - to your service. Default: false.' + description: |- + RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. + Default: false. type: boolean secret: description: Secret is the name of the referenced Kubernetes Secret @@ -644,48 +695,49 @@ spec: type: string type: object buffering: - description: 'Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' + description: |- + Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can be forwarded to backends. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: - description: 'MaxRequestBodyBytes defines the maximum allowed - body size for the request (in bytes). If the request exceeds - the allowed size, it is not forwarded to the service, and the - client gets a 413 (Request Entity Too Large) response. Default: - 0 (no maximum).' + description: |- + MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). + If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. + Default: 0 (no maximum). format: int64 type: integer maxResponseBodyBytes: - description: 'MaxResponseBodyBytes defines the maximum allowed - response size from the service (in bytes). If the response exceeds - the allowed size, it is not forwarded to the client. The client - gets a 500 (Internal Server Error) response instead. Default: - 0 (no maximum).' + description: |- + MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). + If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. + Default: 0 (no maximum). format: int64 type: integer memRequestBodyBytes: - description: 'MemRequestBodyBytes defines the threshold (in bytes) - from which the request will be buffered on disk instead of in - memory. Default: 1048576 (1Mi).' + description: |- + MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer memResponseBodyBytes: - description: 'MemResponseBodyBytes defines the threshold (in bytes) - from which the response will be buffered on disk instead of - in memory. Default: 1048576 (1Mi).' + description: |- + MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer retryExpression: - description: 'RetryExpression defines the retry conditions. It - is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' + description: |- + RetryExpression defines the retry conditions. + It is a logical combination of functions with operators AND (&&) and OR (||). + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression type: string type: object chain: - description: 'Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' + description: |- + Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other pieces of middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -737,9 +789,10 @@ spec: x-kubernetes-int-or-string: true type: object compress: - description: 'Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' + description: |- + Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the client, using gzip compression. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -749,40 +802,40 @@ spec: type: string type: array minResponseBodyBytes: - description: 'MinResponseBodyBytes defines the minimum amount - of bytes a response body must have to be compressed. Default: - 1024.' + description: |- + MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. + Default: 1024. type: integer type: object contentType: - description: ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least - the default one can be changed in a future version. + description: |- + ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. properties: autoDetect: - description: AutoDetect specifies whether to let the `Content-Type` - header, if it has not been set by the backend, be automatically - set to a value derived from the contents of the response. As - a proxy, the default behavior should be to leave the header - alone, regardless of what the backend did with it. However, - the historic default was to always auto-detect and set the header - if it was nil, and it is going to be kept that way in order - to support users currently relying on it. + description: |- + AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, + be automatically set to a value derived from the contents of the response. + As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it. + However, the historic default was to always auto-detect and set the header if it was nil, + and it is going to be kept that way in order to support users currently relying on it. type: boolean type: object digestAuth: - description: 'DigestAuth holds the digest auth middleware configuration. + description: |- + DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: description: RemoveHeader defines whether to remove the authorization @@ -794,18 +847,20 @@ spec: type: string type: object errors: - description: 'ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' + description: |- + ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ properties: query: - description: Query defines the URL for the error page (hosted - by service). The {status} variable can be used in order to insert - the status code in the URL. + description: |- + Query defines the URL for the error page (hosted by service). + The {status} variable can be used in order to insert the status code in the URL. type: string service: - description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' + description: |- + Service defines the reference to a Kubernetes Service that will serve the error page. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service properties: kind: description: Kind defines the kind of the Service. @@ -814,31 +869,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the - two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if - the only child is the Kubernetes Service clusterIP. The - Kubernetes Service itself does load-balance to the pods. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -847,29 +903,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming - response; for such responses, writes are flushed to - the client immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes - Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -882,8 +938,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -893,40 +950,42 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported value - at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object (and - to be precise, one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name type: object status: - description: Status defines which status or range of statuses - should result in an error page. It can be either a status code - as a number (500), as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), or - a combination of the two (404,418,500-599). + description: |- + Status defines which status or range of statuses should result in an error page. + It can be either a status code as a number (500), + as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), + or a combination of the two (404,418,500-599). items: type: string type: array type: object forwardAuth: - description: 'ForwardAuth holds the forward auth middleware configuration. + description: |- + ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ properties: address: description: Address defines the authentication server address. type: string authRequestHeaders: - description: AuthRequestHeaders defines the list of the headers - to copy from the request to the authentication server. If not - set or empty then all request headers are passed. + description: |- + AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. + If not set or empty then all request headers are passed. items: type: string type: array @@ -938,10 +997,9 @@ spec: type: string type: array authResponseHeadersRegex: - description: 'AuthResponseHeadersRegex defines the regex to match - headers to copy from the authentication server response and - set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' + description: |- + AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex type: string tls: description: TLS defines the configuration used to secure the @@ -950,14 +1008,14 @@ spec: caOptional: type: boolean caSecret: - description: CASecret is the name of the referenced Kubernetes - Secret containing the CA to validate the server certificate. + description: |- + CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. The CA certificate is extracted from key `tls.ca` or `ca.crt`. type: string certSecret: - description: CertSecret is the name of the referenced Kubernetes - Secret containing the client certificate. The client certificate - is extracted from the keys `tls.crt` and `tls.key`. + description: |- + CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. + The client certificate is extracted from the keys `tls.crt` and `tls.key`. type: string insecureSkipVerify: description: InsecureSkipVerify defines whether the server @@ -970,9 +1028,10 @@ spec: type: boolean type: object headers: - description: 'Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' + description: |- + Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -1037,12 +1096,14 @@ spec: header with the nosniff value. type: boolean customBrowserXSSValue: - description: CustomBrowserXSSValue defines the X-XSS-Protection - header value. This overrides the BrowserXssFilter option. + description: |- + CustomBrowserXSSValue defines the X-XSS-Protection header value. + This overrides the BrowserXssFilter option. type: string customFrameOptionsValue: - description: CustomFrameOptionsValue defines the X-Frame-Options - header value. This overrides the FrameDeny option. + description: |- + CustomFrameOptionsValue defines the X-Frame-Options header value. + This overrides the FrameDeny option. type: string customRequestHeaders: additionalProperties: @@ -1074,25 +1135,25 @@ spec: type: string type: array isDevelopment: - description: IsDevelopment defines whether to mitigate the unwanted - effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, - not your production domain. If you would like your development - environment to mimic production with complete Host blocking, - SSL redirects, and STS headers, leave this as false. + description: |- + IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. + If you would like your development environment to mimic production with complete Host blocking, SSL redirects, + and STS headers, leave this as false. type: boolean permissionsPolicy: - description: PermissionsPolicy defines the Permissions-Policy - header value. This allows sites to control browser features. + description: |- + PermissionsPolicy defines the Permissions-Policy header value. + This allows sites to control browser features. type: string publicKey: description: PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates. type: string referrerPolicy: - description: ReferrerPolicy defines the Referrer-Policy header - value. This allows sites to control whether browsers forward - the Referer header to other sites. + description: |- + ReferrerPolicy defines the Referrer-Policy header value. + This allows sites to control whether browsers forward the Referer header to other sites. type: string sslForceHost: description: 'Deprecated: use RedirectRegex instead.' @@ -1103,10 +1164,9 @@ spec: sslProxyHeaders: additionalProperties: type: string - description: 'SSLProxyHeaders defines the header keys with associated - values that would indicate a valid HTTPS request. It can be - useful when using other proxies (example: "X-Forwarded-Proto": - "https").' + description: |- + SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. + It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). type: object sslRedirect: description: 'Deprecated: use EntryPoint redirection or RedirectScheme @@ -1125,33 +1185,35 @@ spec: to the Strict-Transport-Security header. type: boolean stsSeconds: - description: STSSeconds defines the max-age of the Strict-Transport-Security - header. If set to 0, the header is not set. + description: |- + STSSeconds defines the max-age of the Strict-Transport-Security header. + If set to 0, the header is not set. format: int64 type: integer type: object inFlightReq: - description: 'InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' + description: |- + InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and served concurrently. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - in-flight request. The middleware responds with HTTP 429 Too - Many Requests if there are already amount requests in progress - (based on the same sourceCriterion strategy). + description: |- + Amount defines the maximum amount of allowed simultaneous in-flight request. + The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). format: int64 type: integer sourceCriterion: - description: 'SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1177,13 +1239,15 @@ spec: type: object type: object ipAllowList: - description: 'IPAllowList holds the IP allowlist middleware configuration. + description: |- + IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1205,14 +1269,16 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + description: |- + IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ - Deprecated: please use IPAllowList instead.' + Deprecated: please use IPAllowList instead. properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1234,9 +1300,10 @@ spec: type: array type: object passTLSClientCert: - description: 'PassTLSClientCert holds the pass TLS client cert middleware - configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' + description: |- + PassTLSClientCert holds the pass TLS client cert middleware configuration. + This middleware adds the selected data from the passed client TLS certificate to a header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details @@ -1337,46 +1404,48 @@ spec: plugin: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/' + description: |- + Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/ type: object rateLimit: - description: 'RateLimit holds the rate limit configuration. This middleware - ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' + description: |- + RateLimit holds the rate limit configuration. + This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ properties: average: - description: Average is the maximum rate, by default in requests/s, - allowed for the given source. It defaults to 0, which means - no rate limiting. The rate is actually defined by dividing Average - by Period. So for a rate below 1req/s, one needs to define a - Period larger than a second. + description: |- + Average is the maximum rate, by default in requests/s, allowed for the given source. + It defaults to 0, which means no rate limiting. + The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, + one needs to define a Period larger than a second. format: int64 type: integer burst: - description: Burst is the maximum number of requests allowed to - arrive in the same arbitrarily small period of time. It defaults - to 1. + description: |- + Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. + It defaults to 1. format: int64 type: integer period: anyOf: - type: integer - type: string - description: 'Period, in combination with Average, defines the - actual maximum rate, such as: r = Average / Period. It defaults - to a second.' + description: |- + Period, in combination with Average, defines the actual maximum rate, such as: + r = Average / Period. It defaults to a second. x-kubernetes-int-or-string: true sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote - address field (as an ipStrategy). + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote address field (as an ipStrategy). properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -1402,9 +1471,10 @@ spec: type: object type: object redirectRegex: - description: 'RedirectRegex holds the redirect regex middleware configuration. + description: |- + RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1420,9 +1490,10 @@ spec: type: string type: object redirectScheme: - description: 'RedirectScheme holds the redirect scheme middleware - configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' + description: |- + RedirectScheme holds the redirect scheme middleware configuration. + This middleware redirects requests from a scheme/port to another. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ properties: permanent: description: Permanent defines whether the redirection is permanent @@ -1436,9 +1507,10 @@ spec: type: string type: object replacePath: - description: 'ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' + description: |- + ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the @@ -1446,9 +1518,10 @@ spec: type: string type: object replacePathRegex: - description: 'ReplacePathRegex holds the replace path regex middleware - configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' + description: |- + ReplacePathRegex holds the replace path regex middleware configuration. + This middleware replaces the path of a URL using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match @@ -1460,11 +1533,11 @@ spec: type: string type: object retry: - description: 'Retry holds the retry middleware configuration. This - middleware reissues requests a given number of times to a backend - server if that server does not reply. As soon as the server answers, - the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' + description: |- + Retry holds the retry middleware configuration. + This middleware reissues requests a given number of times to a backend server if that server does not reply. + As soon as the server answers, the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ properties: attempts: description: Attempts defines how many times the request should @@ -1474,22 +1547,24 @@ spec: anyOf: - type: integer - type: string - description: InitialInterval defines the first wait time in the - exponential backoff series. The maximum interval is calculated - as twice the initialInterval. If unspecified, requests will - be retried immediately. The value of initialInterval should - be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + description: |- + InitialInterval defines the first wait time in the exponential backoff series. + The maximum interval is calculated as twice the initialInterval. + If unspecified, requests will be retried immediately. + The value of initialInterval should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. x-kubernetes-int-or-string: true type: object stripPrefix: - description: 'StripPrefix holds the strip prefix middleware configuration. + description: |- + StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ properties: forceSlash: - description: 'ForceSlash ensures that the resulting stripped path - is not the empty string, by replacing it with / when necessary. - Default: true.' + description: |- + ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. + Default: true. type: boolean prefixes: description: Prefixes defines the prefixes to strip from the request @@ -1499,9 +1574,10 @@ spec: type: array type: object stripPrefixRegex: - description: 'StripPrefixRegex holds the strip prefix regex middleware - configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' + description: |- + StripPrefixRegex holds the strip prefix regex middleware configuration. + This middleware removes the matching prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the @@ -1522,7 +1598,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewaretcps.traefik.io spec: group: traefik.io @@ -1536,18 +1612,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' + description: |- + MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1558,16 +1640,17 @@ spec: description: InFlightConn defines the InFlightConn middleware configuration. properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - connections. The middleware closes the connection if there are - already amount connections opened. + description: |- + Amount defines the maximum amount of allowed simultaneous connections. + The middleware closes the connection if there are already amount connections opened. format: int64 type: integer type: object ipAllowList: - description: 'IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' + description: |- + IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1577,9 +1660,11 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' + description: |- + IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + Deprecated: please use IPAllowList instead. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -1600,7 +1685,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: serverstransports.traefik.io spec: group: traefik.io @@ -1614,20 +1699,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'ServersTransport is the CRD implementation of a ServersTransport. + description: |- + ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1720,7 +1811,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsoptions.traefik.io spec: group: traefik.io @@ -1734,19 +1825,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSOption is the CRD implementation of a Traefik TLS Option, - allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1754,15 +1850,16 @@ spec: description: TLSOptionSpec defines the desired state of a TLSOption. properties: alpnProtocols: - description: 'ALPNProtocols defines the list of supported application - level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' + description: |- + ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols items: type: string type: array cipherSuites: - description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' + description: |- + CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites items: type: string type: array @@ -1788,26 +1885,29 @@ spec: type: array type: object curvePreferences: - description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' + description: |- + CurvePreferences defines the preferred elliptic curves in a specific order. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string type: array maxVersion: - description: 'MaxVersion defines the maximum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: None.' + description: |- + MaxVersion defines the maximum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: None. type: string minVersion: - description: 'MinVersion defines the minimum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: VersionTLS10.' + description: |- + MinVersion defines the minimum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: VersionTLS10. type: string preferServerCipherSuites: - description: 'PreferServerCipherSuites defines whether the server - chooses a cipher suite among his own instead of among the client''s. + description: |- + PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430' + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections @@ -1825,7 +1925,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsstores.traefik.io spec: group: traefik.io @@ -1839,20 +1939,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For - the time being, only the TLSStore named default is supported. This means - that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' + description: |- + TLSStore is the CRD implementation of a Traefik TLS Store. + For the time being, only the TLSStore named default is supported. + This means that you cannot have two stores that are named default in different Kubernetes namespaces. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1916,7 +2022,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: traefikservices.traefik.io spec: group: traefik.io @@ -1930,19 +2036,27 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' + description: |- + TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: + - Apply weight to Services on load-balancing + - Mirror traffic on services + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1959,10 +2073,10 @@ spec: - TraefikService type: string maxBodySize: - description: MaxBodySize defines the maximum size allowed for - the body of the request. If the body is larger, the request - is not mirrored. Default value is -1, which means unlimited - size. + description: |- + MaxBodySize defines the maximum size allowed for the body of the request. + If the body is larger, the request is not mirrored. + Default value is -1, which means unlimited size. format: int64 type: integer mirrors: @@ -1978,35 +2092,37 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean percent: - description: 'Percent defines the part of the traffic to - mirror. Supported values: 0 to 100.' + description: |- + Percent defines the part of the traffic to mirror. + Supported values: 0 to 100. type: integer port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -2015,30 +2131,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2051,8 +2166,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -2062,13 +2178,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -2076,60 +2192,62 @@ spec: type: object type: array name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the two - is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the - only child is the Kubernetes Service clusterIP. The Kubernetes - Service itself does load-balance to the pods. By default, NativeLB - is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host header - is forwarded to the upstream Kubernetes Service. By default, - passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. This - can be a reference to a named port. + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming response; + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; for such responses, writes are flushed to the client immediately. - Default: 100ms' + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https when - Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2142,8 +2260,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -2152,13 +2271,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy between - the servers. RoundRobin is the only supported value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be specified - when Name references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -2180,31 +2300,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -2213,30 +2334,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2249,8 +2369,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -2260,13 +2381,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -2274,8 +2395,9 @@ spec: type: object type: array sticky: - description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + description: |- + Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2288,8 +2410,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -2310,7 +2433,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutes.traefik.containo.us spec: group: traefik.containo.us @@ -2327,14 +2450,19 @@ spec: description: IngressRoute is the CRD implementation of a Traefik HTTP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2342,10 +2470,11 @@ spec: description: IngressRouteSpec defines the desired state of IngressRoute. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -2355,17 +2484,21 @@ spec: description: Route holds the HTTP route configuration. properties: kind: - description: Kind defines the kind of the route. Rule is the - only supported kind. + description: |- + Kind defines the kind of the route. + Rule is the only supported kind. enum: - Rule type: string match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule type: string middlewares: - description: 'Middlewares defines the list of references to - Middleware resources. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware' + description: |- + Middlewares defines the list of references to Middleware resources. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware items: description: MiddlewareRef is a reference to a Middleware resource. @@ -2383,13 +2516,14 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority type: integer services: - description: Services defines the list of Service. It can contain - any combination of TraefikService and/or reference to a Kubernetes - Service. + description: |- + Services defines the list of Service. + It can contain any combination of TraefikService and/or reference to a Kubernetes Service. items: description: Service defines an upstream HTTP service to proxy traffic to. @@ -2401,31 +2535,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client - Host header is forwarded to the upstream Kubernetes - Service. By default, passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -2434,30 +2569,29 @@ spec: the client. properties: flushInterval: - description: 'FlushInterval defines the interval, - in milliseconds, in between flushes to the client - while copying the response body. A negative value - means to flush immediately after each write to the - client. This configuration is ignored when ReverseProxy - recognizes a response as a streaming response; for - such responses, writes are flushed to the client - immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the - request to the upstream Kubernetes Service. It defaults - to https when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -2471,8 +2605,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie @@ -2482,15 +2617,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only - be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round - Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -2502,16 +2636,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls' + description: |- + TLS defines the TLS configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -2527,17 +2665,20 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: - description: 'Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSOption. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption' + description: |- + Namespace defines the namespace of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption type: string required: - name @@ -2547,17 +2688,19 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: - description: 'Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string namespace: - description: 'Namespace defines the namespace of the referenced - TLSStore. More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore' + description: |- + Namespace defines the namespace of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore type: string required: - name @@ -2577,7 +2720,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressroutetcps.traefik.containo.us spec: group: traefik.containo.us @@ -2594,14 +2737,19 @@ spec: description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2609,10 +2757,11 @@ spec: description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -2622,7 +2771,9 @@ spec: description: RouteTCP holds the TCP route configuration. properties: match: - description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1' + description: |- + Match defines the router's rule. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1 type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP @@ -2644,8 +2795,9 @@ spec: type: object type: array priority: - description: 'Priority defines the router''s priority. More - info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1' + description: |- + Priority defines the router's priority. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1 type: integer services: description: Services defines the list of TCP services. @@ -2662,22 +2814,24 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true proxyProtocol: - description: 'ProxyProtocol defines the PROXY protocol - configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol' + description: |- + ProxyProtocol defines the PROXY protocol configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol properties: version: description: Version defines the PROXY Protocol version @@ -2685,13 +2839,12 @@ spec: type: integer type: object terminationDelay: - description: TerminationDelay defines the deadline that - the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, - to close the reading capability as well, hence fully - terminating the connection. It is a duration in milliseconds, - defaulting to 100. A negative value means an infinite - deadline (i.e. the reading capability is never closed). + description: |- + TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, to close the reading capability as well, + hence fully terminating the connection. + It is a duration in milliseconds, defaulting to 100. + A negative value means an infinite deadline (i.e. the reading capability is never closed). type: integer weight: description: Weight defines the weight used when balancing @@ -2707,17 +2860,20 @@ spec: type: object type: array tls: - description: 'TLS defines the TLS configuration on a layer 4 / TCP - Route. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1' + description: |- + TLS defines the TLS configuration on a layer 4 / TCP Route. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1 properties: certResolver: - description: 'CertResolver defines the name of the certificate - resolver to use. Cert resolvers have to be configured in the - static configuration. More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers' + description: |- + CertResolver defines the name of the certificate resolver to use. + Cert resolvers have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers type: string domains: - description: 'Domains defines the list of domains that will be - used to issue certificates. More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains' + description: |- + Domains defines the list of domains that will be used to issue certificates. + More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains items: description: Domain holds a domain name with SANs. properties: @@ -2733,9 +2889,10 @@ spec: type: object type: array options: - description: 'Options defines the reference to a TLSOption, that - specifies the parameters of the TLS connection. If not defined, - the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. + If not defined, the `default` TLSOption is used. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik @@ -2757,9 +2914,9 @@ spec: Secret to specify the certificate details. type: string store: - description: Store defines the reference to the TLSStore, that - will be used to store certificates. Please note that only `default` - TLSStore can be used. + description: |- + Store defines the reference to the TLSStore, that will be used to store certificates. + Please note that only `default` TLSStore can be used. properties: name: description: Name defines the name of the referenced Traefik @@ -2787,7 +2944,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressrouteudps.traefik.containo.us spec: group: traefik.containo.us @@ -2804,14 +2961,19 @@ spec: description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2819,10 +2981,11 @@ spec: description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. properties: entryPoints: - description: 'EntryPoints defines the list of entry point names to - bind to. Entry points have to be configured in the static configuration. + description: |- + EntryPoints defines the list of entry point names to bind to. + Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/ - Default: all.' + Default: all. items: type: string type: array @@ -2846,17 +3009,18 @@ spec: Kubernetes Service. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs - or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true weight: @@ -2884,7 +3048,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewares.traefik.containo.us spec: group: traefik.containo.us @@ -2898,18 +3062,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/' + description: |- + Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2917,33 +3087,37 @@ spec: description: MiddlewareSpec defines the desired state of a Middleware. properties: addPrefix: - description: 'AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding - it. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/' + description: |- + AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding it. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/ properties: prefix: - description: Prefix is the string to add before the current path - in the requested URL. It should include a leading slash (/). + description: |- + Prefix is the string to add before the current path in the requested URL. + It should include a leading slash (/). type: string type: object basicAuth: - description: 'BasicAuth holds the basic auth middleware configuration. + description: |- + BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: - description: 'RemoveHeader sets the removeHeader option to true - to remove the authorization header before forwarding the request - to your service. Default: false.' + description: |- + RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. + Default: false. type: boolean secret: description: Secret is the name of the referenced Kubernetes Secret @@ -2951,48 +3125,49 @@ spec: type: string type: object buffering: - description: 'Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can - be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes' + description: |- + Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can be forwarded to backends. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: - description: 'MaxRequestBodyBytes defines the maximum allowed - body size for the request (in bytes). If the request exceeds - the allowed size, it is not forwarded to the service, and the - client gets a 413 (Request Entity Too Large) response. Default: - 0 (no maximum).' + description: |- + MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). + If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. + Default: 0 (no maximum). format: int64 type: integer maxResponseBodyBytes: - description: 'MaxResponseBodyBytes defines the maximum allowed - response size from the service (in bytes). If the response exceeds - the allowed size, it is not forwarded to the client. The client - gets a 500 (Internal Server Error) response instead. Default: - 0 (no maximum).' + description: |- + MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). + If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. + Default: 0 (no maximum). format: int64 type: integer memRequestBodyBytes: - description: 'MemRequestBodyBytes defines the threshold (in bytes) - from which the request will be buffered on disk instead of in - memory. Default: 1048576 (1Mi).' + description: |- + MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer memResponseBodyBytes: - description: 'MemResponseBodyBytes defines the threshold (in bytes) - from which the response will be buffered on disk instead of - in memory. Default: 1048576 (1Mi).' + description: |- + MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. + Default: 1048576 (1Mi). format: int64 type: integer retryExpression: - description: 'RetryExpression defines the retry conditions. It - is a logical combination of functions with operators AND (&&) - and OR (||). More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression' + description: |- + RetryExpression defines the retry conditions. + It is a logical combination of functions with operators AND (&&) and OR (||). + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression type: string type: object chain: - description: 'Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other - pieces of middleware. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/' + description: |- + Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other pieces of middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes @@ -3044,9 +3219,10 @@ spec: x-kubernetes-int-or-string: true type: object compress: - description: 'Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the - client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/' + description: |- + Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the client, using gzip compression. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/ properties: excludedContentTypes: description: ExcludedContentTypes defines the list of content @@ -3056,40 +3232,40 @@ spec: type: string type: array minResponseBodyBytes: - description: 'MinResponseBodyBytes defines the minimum amount - of bytes a response body must have to be compressed. Default: - 1024.' + description: |- + MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. + Default: 1024. type: integer type: object contentType: - description: ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least - the default one can be changed in a future version. + description: |- + ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. properties: autoDetect: - description: AutoDetect specifies whether to let the `Content-Type` - header, if it has not been set by the backend, be automatically - set to a value derived from the contents of the response. As - a proxy, the default behavior should be to leave the header - alone, regardless of what the backend did with it. However, - the historic default was to always auto-detect and set the header - if it was nil, and it is going to be kept that way in order - to support users currently relying on it. + description: |- + AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, + be automatically set to a value derived from the contents of the response. + As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it. + However, the historic default was to always auto-detect and set the header if it was nil, + and it is going to be kept that way in order to support users currently relying on it. type: boolean type: object digestAuth: - description: 'DigestAuth holds the digest auth middleware configuration. + description: |- + DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/ properties: headerField: - description: 'HeaderField defines a header field to store the - authenticated user. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield' + description: |- + HeaderField defines a header field to store the authenticated user. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield type: string realm: - description: 'Realm allows the protected resources on a server - to be partitioned into a set of protection spaces, each with - its own authentication scheme. Default: traefik.' + description: |- + Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. + Default: traefik. type: string removeHeader: description: RemoveHeader defines whether to remove the authorization @@ -3101,18 +3277,20 @@ spec: type: string type: object errors: - description: 'ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according - to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/' + description: |- + ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/ properties: query: - description: Query defines the URL for the error page (hosted - by service). The {status} variable can be used in order to insert - the status code in the URL. + description: |- + Query defines the URL for the error page (hosted by service). + The {status} variable can be used in order to insert the status code in the URL. type: string service: - description: 'Service defines the reference to a Kubernetes Service - that will serve the error page. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service' + description: |- + Service defines the reference to a Kubernetes Service that will serve the error page. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service properties: kind: description: Kind defines the kind of the Service. @@ -3121,31 +3299,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the - two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if - the only child is the Kubernetes Service clusterIP. The - Kubernetes Service itself does load-balance to the pods. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -3154,29 +3333,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming - response; for such responses, writes are flushed to - the client immediately. Default: 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes - Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -3189,8 +3368,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -3200,40 +3380,42 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported value - at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object (and - to be precise, one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name type: object status: - description: Status defines which status or range of statuses - should result in an error page. It can be either a status code - as a number (500), as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), or - a combination of the two (404,418,500-599). + description: |- + Status defines which status or range of statuses should result in an error page. + It can be either a status code as a number (500), + as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), + or a combination of the two (404,418,500-599). items: type: string type: array type: object forwardAuth: - description: 'ForwardAuth holds the forward auth middleware configuration. + description: |- + ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/ properties: address: description: Address defines the authentication server address. type: string authRequestHeaders: - description: AuthRequestHeaders defines the list of the headers - to copy from the request to the authentication server. If not - set or empty then all request headers are passed. + description: |- + AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. + If not set or empty then all request headers are passed. items: type: string type: array @@ -3245,10 +3427,9 @@ spec: type: string type: array authResponseHeadersRegex: - description: 'AuthResponseHeadersRegex defines the regex to match - headers to copy from the authentication server response and - set on forwarded request, after stripping all headers that match - the regex. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex' + description: |- + AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex type: string tls: description: TLS defines the configuration used to secure the @@ -3257,14 +3438,14 @@ spec: caOptional: type: boolean caSecret: - description: CASecret is the name of the referenced Kubernetes - Secret containing the CA to validate the server certificate. + description: |- + CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. The CA certificate is extracted from key `tls.ca` or `ca.crt`. type: string certSecret: - description: CertSecret is the name of the referenced Kubernetes - Secret containing the client certificate. The client certificate - is extracted from the keys `tls.crt` and `tls.key`. + description: |- + CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. + The client certificate is extracted from the keys `tls.crt` and `tls.key`. type: string insecureSkipVerify: description: InsecureSkipVerify defines whether the server @@ -3277,9 +3458,10 @@ spec: type: boolean type: object headers: - description: 'Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders' + description: |- + Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the @@ -3344,12 +3526,14 @@ spec: header with the nosniff value. type: boolean customBrowserXSSValue: - description: CustomBrowserXSSValue defines the X-XSS-Protection - header value. This overrides the BrowserXssFilter option. + description: |- + CustomBrowserXSSValue defines the X-XSS-Protection header value. + This overrides the BrowserXssFilter option. type: string customFrameOptionsValue: - description: CustomFrameOptionsValue defines the X-Frame-Options - header value. This overrides the FrameDeny option. + description: |- + CustomFrameOptionsValue defines the X-Frame-Options header value. + This overrides the FrameDeny option. type: string customRequestHeaders: additionalProperties: @@ -3381,25 +3565,25 @@ spec: type: string type: array isDevelopment: - description: IsDevelopment defines whether to mitigate the unwanted - effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, - not your production domain. If you would like your development - environment to mimic production with complete Host blocking, - SSL redirects, and STS headers, leave this as false. + description: |- + IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. + If you would like your development environment to mimic production with complete Host blocking, SSL redirects, + and STS headers, leave this as false. type: boolean permissionsPolicy: - description: PermissionsPolicy defines the Permissions-Policy - header value. This allows sites to control browser features. + description: |- + PermissionsPolicy defines the Permissions-Policy header value. + This allows sites to control browser features. type: string publicKey: description: PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates. type: string referrerPolicy: - description: ReferrerPolicy defines the Referrer-Policy header - value. This allows sites to control whether browsers forward - the Referer header to other sites. + description: |- + ReferrerPolicy defines the Referrer-Policy header value. + This allows sites to control whether browsers forward the Referer header to other sites. type: string sslForceHost: description: 'Deprecated: use RedirectRegex instead.' @@ -3410,10 +3594,9 @@ spec: sslProxyHeaders: additionalProperties: type: string - description: 'SSLProxyHeaders defines the header keys with associated - values that would indicate a valid HTTPS request. It can be - useful when using other proxies (example: "X-Forwarded-Proto": - "https").' + description: |- + SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. + It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). type: object sslRedirect: description: 'Deprecated: use EntryPoint redirection or RedirectScheme @@ -3432,33 +3615,35 @@ spec: to the Strict-Transport-Security header. type: boolean stsSeconds: - description: STSSeconds defines the max-age of the Strict-Transport-Security - header. If set to 0, the header is not set. + description: |- + STSSeconds defines the max-age of the Strict-Transport-Security header. + If set to 0, the header is not set. format: int64 type: integer type: object inFlightReq: - description: 'InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and - served concurrently. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/' + description: |- + InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and served concurrently. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/ properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - in-flight request. The middleware responds with HTTP 429 Too - Many Requests if there are already amount requests in progress - (based on the same sourceCriterion strategy). + description: |- + Amount defines the maximum amount of allowed simultaneous in-flight request. + The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). format: int64 type: integer sourceCriterion: - description: 'SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. More - info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion' + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3484,13 +3669,15 @@ spec: type: object type: object ipAllowList: - description: 'IPAllowList holds the IP allowlist middleware configuration. + description: |- + IPAllowList holds the IP allowlist middleware configuration. This middleware accepts / refuses requests based on the client IP. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/ properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3512,14 +3699,16 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList holds the IP whitelist middleware configuration. + description: |- + IPWhiteList holds the IP whitelist middleware configuration. This middleware accepts / refuses requests based on the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/ - Deprecated: please use IPAllowList instead.' + Deprecated: please use IPAllowList instead. properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration used - by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3541,9 +3730,10 @@ spec: type: array type: object passTLSClientCert: - description: 'PassTLSClientCert holds the pass TLS client cert middleware - configuration. This middleware adds the selected data from the passed - client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/' + description: |- + PassTLSClientCert holds the pass TLS client cert middleware configuration. + This middleware adds the selected data from the passed client TLS certificate to a header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details @@ -3644,46 +3834,48 @@ spec: plugin: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/' + description: |- + Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/ type: object rateLimit: - description: 'RateLimit holds the rate limit configuration. This middleware - ensures that services will receive a fair amount of requests, and - allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/' + description: |- + RateLimit holds the rate limit configuration. + This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/ properties: average: - description: Average is the maximum rate, by default in requests/s, - allowed for the given source. It defaults to 0, which means - no rate limiting. The rate is actually defined by dividing Average - by Period. So for a rate below 1req/s, one needs to define a - Period larger than a second. + description: |- + Average is the maximum rate, by default in requests/s, allowed for the given source. + It defaults to 0, which means no rate limiting. + The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, + one needs to define a Period larger than a second. format: int64 type: integer burst: - description: Burst is the maximum number of requests allowed to - arrive in the same arbitrarily small period of time. It defaults - to 1. + description: |- + Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. + It defaults to 1. format: int64 type: integer period: anyOf: - type: integer - type: string - description: 'Period, in combination with Average, defines the - actual maximum rate, such as: r = Average / Period. It defaults - to a second.' + description: |- + Period, in combination with Average, defines the actual maximum rate, such as: + r = Average / Period. It defaults to a second. x-kubernetes-int-or-string: true sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If several - strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote - address field (as an ipStrategy). + description: |- + SourceCriterion defines what criterion is used to group requests as originating from a common source. + If several strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote address field (as an ipStrategy). properties: ipStrategy: - description: 'IPStrategy holds the IP strategy configuration - used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy' + description: |- + IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For @@ -3709,9 +3901,10 @@ spec: type: object type: object redirectRegex: - description: 'RedirectRegex holds the redirect regex middleware configuration. + description: |- + RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3727,9 +3920,10 @@ spec: type: string type: object redirectScheme: - description: 'RedirectScheme holds the redirect scheme middleware - configuration. This middleware redirects requests from a scheme/port - to another. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/' + description: |- + RedirectScheme holds the redirect scheme middleware configuration. + This middleware redirects requests from a scheme/port to another. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/ properties: permanent: description: Permanent defines whether the redirection is permanent @@ -3743,9 +3937,10 @@ spec: type: string type: object replacePath: - description: 'ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the - original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/' + description: |- + ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the @@ -3753,9 +3948,10 @@ spec: type: string type: object replacePathRegex: - description: 'ReplacePathRegex holds the replace path regex middleware - configuration. This middleware replaces the path of a URL using - regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/' + description: |- + ReplacePathRegex holds the replace path regex middleware configuration. + This middleware replaces the path of a URL using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match @@ -3767,11 +3963,11 @@ spec: type: string type: object retry: - description: 'Retry holds the retry middleware configuration. This - middleware reissues requests a given number of times to a backend - server if that server does not reply. As soon as the server answers, - the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/' + description: |- + Retry holds the retry middleware configuration. + This middleware reissues requests a given number of times to a backend server if that server does not reply. + As soon as the server answers, the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/ properties: attempts: description: Attempts defines how many times the request should @@ -3781,22 +3977,24 @@ spec: anyOf: - type: integer - type: string - description: InitialInterval defines the first wait time in the - exponential backoff series. The maximum interval is calculated - as twice the initialInterval. If unspecified, requests will - be retried immediately. The value of initialInterval should - be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + description: |- + InitialInterval defines the first wait time in the exponential backoff series. + The maximum interval is calculated as twice the initialInterval. + If unspecified, requests will be retried immediately. + The value of initialInterval should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. x-kubernetes-int-or-string: true type: object stripPrefix: - description: 'StripPrefix holds the strip prefix middleware configuration. + description: |- + StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/' + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/ properties: forceSlash: - description: 'ForceSlash ensures that the resulting stripped path - is not the empty string, by replacing it with / when necessary. - Default: true.' + description: |- + ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. + Default: true. type: boolean prefixes: description: Prefixes defines the prefixes to strip from the request @@ -3806,9 +4004,10 @@ spec: type: array type: object stripPrefixRegex: - description: 'StripPrefixRegex holds the strip prefix regex middleware - configuration. This middleware removes the matching prefixes from - the URL path. More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/' + description: |- + StripPrefixRegex holds the strip prefix regex middleware configuration. + This middleware removes the matching prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the @@ -3829,7 +4028,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: middlewaretcps.traefik.containo.us spec: group: traefik.containo.us @@ -3843,18 +4042,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/' + description: |- + MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/ properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3865,16 +4070,17 @@ spec: description: InFlightConn defines the InFlightConn middleware configuration. properties: amount: - description: Amount defines the maximum amount of allowed simultaneous - connections. The middleware closes the connection if there are - already amount connections opened. + description: |- + Amount defines the maximum amount of allowed simultaneous connections. + The middleware closes the connection if there are already amount connections opened. format: int64 type: integer type: object ipAllowList: - description: 'IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/' + description: |- + IPAllowList defines the IPAllowList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3884,9 +4090,11 @@ spec: type: array type: object ipWhiteList: - description: 'IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client - IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/' + description: |- + IPWhiteList defines the IPWhiteList middleware configuration. + This middleware accepts/refuses connections based on the client IP. + Deprecated: please use IPAllowList instead. + More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of @@ -3907,7 +4115,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: serverstransports.traefik.containo.us spec: group: traefik.containo.us @@ -3921,20 +4129,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'ServersTransport is the CRD implementation of a ServersTransport. + description: |- + ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1' + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1 properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4027,7 +4241,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsoptions.traefik.containo.us spec: group: traefik.containo.us @@ -4041,19 +4255,24 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSOption is the CRD implementation of a Traefik TLS Option, - allowing to configure some parameters of the TLS connection. More info: - https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options' + description: |- + TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4061,15 +4280,16 @@ spec: description: TLSOptionSpec defines the desired state of a TLSOption. properties: alpnProtocols: - description: 'ALPNProtocols defines the list of supported application - level protocols for the TLS handshake, in order of preference. More - info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols' + description: |- + ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols items: type: string type: array cipherSuites: - description: 'CipherSuites defines the list of supported cipher suites - for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites' + description: |- + CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites items: type: string type: array @@ -4095,26 +4315,29 @@ spec: type: array type: object curvePreferences: - description: 'CurvePreferences defines the preferred elliptic curves - in a specific order. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences' + description: |- + CurvePreferences defines the preferred elliptic curves in a specific order. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string type: array maxVersion: - description: 'MaxVersion defines the maximum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: None.' + description: |- + MaxVersion defines the maximum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: None. type: string minVersion: - description: 'MinVersion defines the minimum TLS version that Traefik - will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, - VersionTLS13. Default: VersionTLS10.' + description: |- + MinVersion defines the minimum TLS version that Traefik will accept. + Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. + Default: VersionTLS10. type: string preferServerCipherSuites: - description: 'PreferServerCipherSuites defines whether the server - chooses a cipher suite among his own instead of among the client''s. + description: |- + PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430' + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections @@ -4132,7 +4355,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: tlsstores.traefik.containo.us spec: group: traefik.containo.us @@ -4146,20 +4369,26 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For - the time being, only the TLSStore named default is supported. This means - that you cannot have two stores that are named default in different Kubernetes - namespaces. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores' + description: |- + TLSStore is the CRD implementation of a Traefik TLS Store. + For the time being, only the TLSStore named default is supported. + This means that you cannot have two stores that are named default in different Kubernetes namespaces. + More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4223,7 +4452,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: traefikservices.traefik.containo.us spec: group: traefik.containo.us @@ -4237,19 +4466,27 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - Apply weight to Services on load-balancing - - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice' + description: |- + TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: + - Apply weight to Services on load-balancing + - Mirror traffic on services + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4266,10 +4503,10 @@ spec: - TraefikService type: string maxBodySize: - description: MaxBodySize defines the maximum size allowed for - the body of the request. If the body is larger, the request - is not mirrored. Default value is -1, which means unlimited - size. + description: |- + MaxBodySize defines the maximum size allowed for the body of the request. + If the body is larger, the request is not mirrored. + Default value is -1, which means unlimited size. format: int64 type: integer mirrors: @@ -4285,35 +4522,37 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean percent: - description: 'Percent defines the part of the traffic to - mirror. Supported values: 0 to 100.' + description: |- + Percent defines the part of the traffic to mirror. + Supported values: 0 to 100. type: integer port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -4322,30 +4561,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4358,8 +4596,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -4369,13 +4608,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -4383,60 +4622,62 @@ spec: type: object type: array name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between the two - is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the - only child is the Kubernetes Service clusterIP. The Kubernetes - Service itself does load-balance to the pods. By default, NativeLB - is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host header - is forwarded to the upstream Kubernetes Service. By default, - passHostHeader is true. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. This - can be a reference to a named port. + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. properties: flushInterval: - description: 'FlushInterval defines the interval, in milliseconds, - in between flushes to the client while copying the response - body. A negative value means to flush immediately after - each write to the client. This configuration is ignored - when ReverseProxy recognizes a response as a streaming response; + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; for such responses, writes are flushed to the client immediately. - Default: 100ms' + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https when - Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport between - Traefik and your servers. Can only be used on a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4449,8 +4690,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only @@ -4459,13 +4701,14 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy between - the servers. RoundRobin is the only supported value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be specified - when Name references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). type: integer required: - name @@ -4487,31 +4730,32 @@ spec: - TraefikService type: string name: - description: Name defines the name of the referenced Kubernetes - Service or TraefikService. The differentiation between - the two is specified in the Kind field. + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. type: string namespace: description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. type: string nativeLB: - description: NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or - if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the - pods. By default, NativeLB is false. + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. type: boolean passHostHeader: - description: PassHostHeader defines whether the client Host - header is forwarded to the upstream Kubernetes Service. + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. By default, passHostHeader is true. type: boolean port: anyOf: - type: integer - type: string - description: Port defines the port of a Kubernetes Service. + description: |- + Port defines the port of a Kubernetes Service. This can be a reference to a named port. x-kubernetes-int-or-string: true responseForwarding: @@ -4520,30 +4764,29 @@ spec: client. properties: flushInterval: - description: 'FlushInterval defines the interval, in - milliseconds, in between flushes to the client while - copying the response body. A negative value means - to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes - a response as a streaming response; for such responses, - writes are flushed to the client immediately. Default: - 100ms' + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms type: string type: object scheme: - description: Scheme defines the scheme to use for the request - to the upstream Kubernetes Service. It defaults to https - when Kubernetes Service port is 443, http otherwise. + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. type: string serversTransport: - description: ServersTransport defines the name of ServersTransport - resource to use. It allows to configure the transport - between Traefik and your servers. Can only be used on - a Kubernetes Service. + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. type: string sticky: - description: 'Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions' + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4556,8 +4799,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can @@ -4567,13 +4811,13 @@ spec: type: object type: object strategy: - description: Strategy defines the load balancing strategy - between the servers. RoundRobin is the only supported - value at the moment. + description: |- + Strategy defines the load balancing strategy between the servers. + RoundRobin is the only supported value at the moment. type: string weight: - description: Weight defines the weight and should only be - specified when Name references a TraefikService object + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin). type: integer required: @@ -4581,8 +4825,9 @@ spec: type: object type: array sticky: - description: 'Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + description: |- + Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -4595,8 +4840,9 @@ spec: description: Name defines the Cookie name. type: string sameSite: - description: 'SameSite defines the same site policy. More - info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite type: string secure: description: Secure defines whether the cookie can only diff --git a/integration/tcp_test.go b/integration/tcp_test.go index d11185ca3..b755f8b12 100644 --- a/integration/tcp_test.go +++ b/integration/tcp_test.go @@ -278,7 +278,7 @@ func (s *TCPSuite) TestWRR() { time.Sleep(time.Second) } - assert.EqualValues(s.T(), call, map[string]int{"whoami-b": 3, "whoami-ab": 1}) + assert.EqualValues(s.T(), map[string]int{"whoami-b": 3, "whoami-ab": 1}, call) } func welcome(addr string) (string, error) { @@ -380,7 +380,6 @@ func guessWhoTLSPassthrough(addr, serverName string) (string, error) { return fmt.Errorf("tls: no valid certificate for serverName %s", serverName) }, }) - if err != nil { return "", err } diff --git a/integration/udp_test.go b/integration/udp_test.go index 5ceafbcae..58951b78d 100644 --- a/integration/udp_test.go +++ b/integration/udp_test.go @@ -96,7 +96,7 @@ func (s *UDPSuite) TestWRR() { call["unknown"]++ } } - assert.EqualValues(s.T(), call, map[string]int{"whoami-a": 3, "whoami-b": 2, "whoami-c": 3}) + assert.EqualValues(s.T(), map[string]int{"whoami-a": 3, "whoami-b": 2, "whoami-c": 3}, call) close(stop) }() diff --git a/pkg/collector/collector.go b/pkg/collector/collector.go index 4b0de454a..2ecec4d1d 100644 --- a/pkg/collector/collector.go +++ b/pkg/collector/collector.go @@ -20,8 +20,6 @@ import ( const collectorURL = "https://collect.traefik.io/9vxmmkcdmalbdi635d4jgc5p5rx0h7h8" // Collected data. -// -//nolint:musttag // cannot be changed for historical reasons. type data struct { Version string Codename string @@ -67,7 +65,7 @@ func createBody(staticConfiguration *static.Configuration) (*bytes.Buffer, error } buf := new(bytes.Buffer) - err = json.NewEncoder(buf).Encode(data) + err = json.NewEncoder(buf).Encode(data) //nolint:musttag // cannot be changed for historical reasons. if err != nil { return nil, err } diff --git a/pkg/config/runtime/runtime_http.go b/pkg/config/runtime/runtime_http.go index 273c11329..6f78abf25 100644 --- a/pkg/config/runtime/runtime_http.go +++ b/pkg/config/runtime/runtime_http.go @@ -2,6 +2,7 @@ package runtime import ( "context" + "errors" "fmt" "slices" "sort" @@ -42,7 +43,7 @@ func (c *Configuration) GetRoutersByEntryPoints(ctx context.Context, entryPoints } if entryPointsCount == 0 { - rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true) + rt.AddError(errors.New("no valid entryPoint for this router"), true) logger.Error("no valid entryPoint for this router") } diff --git a/pkg/config/runtime/runtime_tcp.go b/pkg/config/runtime/runtime_tcp.go index 2aad0b30f..4dd70dedf 100644 --- a/pkg/config/runtime/runtime_tcp.go +++ b/pkg/config/runtime/runtime_tcp.go @@ -2,6 +2,7 @@ package runtime import ( "context" + "errors" "fmt" "slices" @@ -36,7 +37,7 @@ func (c *Configuration) GetTCPRoutersByEntryPoints(ctx context.Context, entryPoi } if entryPointsCount == 0 { - rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true) + rt.AddError(errors.New("no valid entryPoint for this router"), true) logger.Error("no valid entryPoint for this router") } } diff --git a/pkg/config/runtime/runtime_udp.go b/pkg/config/runtime/runtime_udp.go index acd0d82dd..7a6dfde33 100644 --- a/pkg/config/runtime/runtime_udp.go +++ b/pkg/config/runtime/runtime_udp.go @@ -2,6 +2,7 @@ package runtime import ( "context" + "errors" "fmt" "slices" @@ -42,7 +43,7 @@ func (c *Configuration) GetUDPRoutersByEntryPoints(ctx context.Context, entryPoi } if entryPointsCount == 0 { - rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true) + rt.AddError(errors.New("no valid entryPoint for this router"), true) logger.Error("no valid entryPoint for this router") } } diff --git a/pkg/config/static/static_config.go b/pkg/config/static/static_config.go index 669226083..dcf9b3dba 100644 --- a/pkg/config/static/static_config.go +++ b/pkg/config/static/static_config.go @@ -1,6 +1,7 @@ package static import ( + "errors" "fmt" stdlog "log" "strings" @@ -304,15 +305,15 @@ func (c *Configuration) ValidateConfiguration() error { } if c.Providers.ConsulCatalog != nil && c.Providers.ConsulCatalog.Namespace != "" && len(c.Providers.ConsulCatalog.Namespaces) > 0 { - return fmt.Errorf("Consul Catalog provider cannot have both namespace and namespaces options configured") + return errors.New("Consul Catalog provider cannot have both namespace and namespaces options configured") } if c.Providers.Consul != nil && c.Providers.Consul.Namespace != "" && len(c.Providers.Consul.Namespaces) > 0 { - return fmt.Errorf("Consul provider cannot have both namespace and namespaces options configured") + return errors.New("Consul provider cannot have both namespace and namespaces options configured") } if c.Providers.Nomad != nil && c.Providers.Nomad.Namespace != "" && len(c.Providers.Nomad.Namespaces) > 0 { - return fmt.Errorf("Nomad provider cannot have both namespace and namespaces options configured") + return errors.New("Nomad provider cannot have both namespace and namespaces options configured") } return nil diff --git a/pkg/middlewares/accesslog/logger_test.go b/pkg/middlewares/accesslog/logger_test.go index fec509e32..a70e2cc6f 100644 --- a/pkg/middlewares/accesslog/logger_test.go +++ b/pkg/middlewares/accesslog/logger_test.go @@ -25,6 +25,8 @@ import ( "github.com/traefik/traefik/v2/pkg/types" ) +const delta float64 = 1e-10 + var ( logFileNameSuffix = "/traefik/logger/test.log" testContent = "Hello, World" @@ -278,7 +280,7 @@ func assertFloat64(exp float64) func(t *testing.T, actual interface{}) { return func(t *testing.T, actual interface{}) { t.Helper() - assert.Equal(t, exp, actual) + assert.InDelta(t, exp, actual, delta) } } diff --git a/pkg/middlewares/addprefix/add_prefix.go b/pkg/middlewares/addprefix/add_prefix.go index 13e4f9284..a6d04f5bd 100644 --- a/pkg/middlewares/addprefix/add_prefix.go +++ b/pkg/middlewares/addprefix/add_prefix.go @@ -2,7 +2,7 @@ package addprefix import ( "context" - "fmt" + "errors" "net/http" "github.com/opentracing/opentracing-go/ext" @@ -35,7 +35,7 @@ func New(ctx context.Context, next http.Handler, config dynamic.AddPrefix, name name: name, } } else { - return nil, fmt.Errorf("prefix cannot be empty") + return nil, errors.New("prefix cannot be empty") } return result, nil diff --git a/pkg/middlewares/customerrors/custom_errors_test.go b/pkg/middlewares/customerrors/custom_errors_test.go index 2b5f5d9a2..437c560cb 100644 --- a/pkg/middlewares/customerrors/custom_errors_test.go +++ b/pkg/middlewares/customerrors/custom_errors_test.go @@ -298,7 +298,7 @@ func TestNewResponseRecorder(t *testing.T) { t.Parallel() rec := newCodeModifier(test.rw, 0) - assert.IsType(t, rec, test.expected) + assert.IsType(t, test.expected, rec) }) } } diff --git a/pkg/muxer/tcp/mux.go b/pkg/muxer/tcp/mux.go index 730a124c6..592738b24 100644 --- a/pkg/muxer/tcp/mux.go +++ b/pkg/muxer/tcp/mux.go @@ -374,7 +374,7 @@ func hostSNI(tree *matchersTree, hosts ...string) error { // hostSNIRegexp checks if the SNI Host of the connection matches the matcher host regexp. func hostSNIRegexp(tree *matchersTree, templates ...string) error { if len(templates) == 0 { - return fmt.Errorf("empty value for \"HostSNIRegexp\" matcher is not allowed") + return errors.New("empty value for \"HostSNIRegexp\" matcher is not allowed") } var regexps []*regexp.Regexp diff --git a/pkg/plugins/client.go b/pkg/plugins/client.go index 4e0540be2..642b2dc68 100644 --- a/pkg/plugins/client.go +++ b/pkg/plugins/client.go @@ -230,7 +230,7 @@ func (c *Client) Check(ctx context.Context, pName, pVersion, hash string) error return nil } - return fmt.Errorf("plugin integrity check failed") + return errors.New("plugin integrity check failed") } // Unzip unzip a plugin archive. diff --git a/pkg/provider/http/http.go b/pkg/provider/http/http.go index a9e4bc111..15c25589e 100644 --- a/pkg/provider/http/http.go +++ b/pkg/provider/http/http.go @@ -2,6 +2,7 @@ package http import ( "context" + "errors" "fmt" "hash/fnv" "io" @@ -41,11 +42,11 @@ func (p *Provider) SetDefaults() { // Init the provider. func (p *Provider) Init() error { if p.Endpoint == "" { - return fmt.Errorf("non-empty endpoint is required") + return errors.New("non-empty endpoint is required") } if p.PollInterval <= 0 { - return fmt.Errorf("poll interval must be greater than 0") + return errors.New("poll interval must be greater than 0") } p.httpClient = &http.Client{ diff --git a/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go b/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go index 5c2375b97..57d8d094f 100644 --- a/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go +++ b/pkg/provider/kubernetes/crd/generated/informers/externalversions/factory.go @@ -51,6 +51,7 @@ type sharedInformerFactory struct { lock sync.Mutex defaultResync time.Duration customResync map[reflect.Type]time.Duration + transform cache.TransformFunc informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -89,6 +90,14 @@ func WithNamespace(namespace string) SharedInformerOption { } } +// WithTransform sets a transform on all informers. +func WithTransform(transform cache.TransformFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.transform = transform + return factory + } +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -193,6 +202,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) + informer.SetTransform(f.transform) f.informers[informerType] = informer return informer diff --git a/pkg/provider/kubernetes/crd/kubernetes.go b/pkg/provider/kubernetes/crd/kubernetes.go index 65f859215..0ef4d78ad 100644 --- a/pkg/provider/kubernetes/crd/kubernetes.go +++ b/pkg/provider/kubernetes/crd/kubernetes.go @@ -641,7 +641,7 @@ func createForwardAuthMiddleware(k8sClient Client, namespace string, auth *traef return nil, nil } if len(auth.Address) == 0 { - return nil, fmt.Errorf("forward authentication requires an address") + return nil, errors.New("forward authentication requires an address") } forwardAuth := &dynamic.ForwardAuth{ @@ -734,7 +734,7 @@ func createBasicAuthMiddleware(client Client, namespace string, basicAuth *traef } if basicAuth.Secret == "" { - return nil, fmt.Errorf("auth secret must be set") + return nil, errors.New("auth secret must be set") } secret, ok, err := client.GetSecret(namespace, basicAuth.Secret) @@ -781,7 +781,7 @@ func createDigestAuthMiddleware(client Client, namespace string, digestAuth *tra } if digestAuth.Secret == "" { - return nil, fmt.Errorf("auth secret must be set") + return nil, errors.New("auth secret must be set") } secret, ok, err := client.GetSecret(namespace, digestAuth.Secret) diff --git a/pkg/provider/kubernetes/ingress/client_test.go b/pkg/provider/kubernetes/ingress/client_test.go index 402da8e45..9ab39fdc6 100644 --- a/pkg/provider/kubernetes/ingress/client_test.go +++ b/pkg/provider/kubernetes/ingress/client_test.go @@ -2,7 +2,7 @@ package ingress import ( "context" - "fmt" + "errors" "testing" "time" @@ -40,9 +40,9 @@ func TestTranslateNotFoundError(t *testing.T) { }, { desc: "not a kubernetes not found error", - err: fmt.Errorf("bar error"), + err: errors.New("bar error"), expectedExists: false, - expectedError: fmt.Errorf("bar error"), + expectedError: errors.New("bar error"), }, } diff --git a/pkg/safe/routine_test.go b/pkg/safe/routine_test.go index 45f87978c..1880b7c4e 100644 --- a/pkg/safe/routine_test.go +++ b/pkg/safe/routine_test.go @@ -2,7 +2,7 @@ package safe import ( "context" - "fmt" + "errors" "sync" "testing" "time" @@ -146,7 +146,7 @@ func TestOperationWithRecoverPanic(t *testing.T) { func TestOperationWithRecoverError(t *testing.T) { operation := func() error { - return fmt.Errorf("ERROR") + return errors.New("ERROR") } err := backoff.Retry(OperationWithRecover(operation), &backoff.StopBackOff{}) if err == nil { diff --git a/pkg/server/configurationwatcher_test.go b/pkg/server/configurationwatcher_test.go index 70794f550..7cf68b881 100644 --- a/pkg/server/configurationwatcher_test.go +++ b/pkg/server/configurationwatcher_test.go @@ -2,7 +2,7 @@ package server import ( "context" - "fmt" + "errors" "strconv" "sync" "testing" @@ -30,7 +30,7 @@ func (p *mockProvider) Provide(configurationChan chan<- dynamic.Message, _ *safe } if len(p.messages) == 0 { - return fmt.Errorf("no messages available") + return errors.New("no messages available") } configurationChan <- p.messages[0] diff --git a/pkg/server/router/tcp/router_test.go b/pkg/server/router/tcp/router_test.go index 9937da973..89d8c11ff 100644 --- a/pkg/server/router/tcp/router_test.go +++ b/pkg/server/router/tcp/router_test.go @@ -171,9 +171,11 @@ func Test_Routing(t *testing.T) { map[string]traefiktls.Store{}, map[string]traefiktls.Options{ "default": { + MinVersion: "VersionTLS10", MaxVersion: "VersionTLS10", }, "tls10": { + MinVersion: "VersionTLS10", MaxVersion: "VersionTLS10", }, "tls12": { diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go index 16c3a0caa..1fb371d08 100644 --- a/pkg/server/server_entrypoint_tcp.go +++ b/pkg/server/server_entrypoint_tcp.go @@ -381,7 +381,7 @@ func writeCloser(conn net.Conn) (tcp.WriteCloser, error) { case *proxyproto.Conn: underlying, ok := typedConn.TCPConn() if !ok { - return nil, fmt.Errorf("underlying connection is not a tcp connection") + return nil, errors.New("underlying connection is not a tcp connection") } return &writeCloserWrapper{writeCloser: underlying, Conn: typedConn}, nil case *net.TCPConn: @@ -632,7 +632,6 @@ func createHTTPServer(ctx context.Context, ln net.Listener, configuration *stati MaxConcurrentStreams: uint32(configuration.HTTP2.MaxConcurrentStreams), NewWriteScheduler: func() http2.WriteScheduler { return http2.NewPriorityWriteScheduler(nil) }, }) - if err != nil { return nil, fmt.Errorf("configure HTTP/2 server: %w", err) } diff --git a/pkg/server/service/loadbalancer/wrr/wrr.go b/pkg/server/service/loadbalancer/wrr/wrr.go index 95c374842..ecca04b62 100644 --- a/pkg/server/service/loadbalancer/wrr/wrr.go +++ b/pkg/server/service/loadbalancer/wrr/wrr.go @@ -4,9 +4,9 @@ import ( "container/heap" "context" "errors" - "fmt" "hash/fnv" "net/http" + "strconv" "sync" "github.com/traefik/traefik/v2/pkg/config/dynamic" @@ -156,7 +156,7 @@ func (b *Balancer) nextServer() (*namedHandler, error) { defer b.handlersMu.Unlock() if len(b.handlers) == 0 { - return nil, fmt.Errorf("no servers in the pool") + return nil, errors.New("no servers in the pool") } if len(b.status) == 0 { return nil, errNoAvailableServer @@ -252,5 +252,5 @@ func hash(input string) string { // We purposely ignore the error because the implementation always returns nil. _, _ = hasher.Write([]byte(input)) - return fmt.Sprintf("%x", hasher.Sum64()) + return strconv.FormatUint(hasher.Sum64(), 16) } diff --git a/pkg/tcp/chain.go b/pkg/tcp/chain.go index 8cc351ba5..f50262d72 100644 --- a/pkg/tcp/chain.go +++ b/pkg/tcp/chain.go @@ -1,7 +1,7 @@ package tcp import ( - "fmt" + "errors" ) // Constructor A constructor for a piece of TCP middleware. @@ -29,7 +29,7 @@ func NewChain(constructors ...Constructor) Chain { // Then adds an handler at the end of the chain. func (c Chain) Then(h Handler) (Handler, error) { if h == nil { - return nil, fmt.Errorf("cannot add a nil handler to the chain") + return nil, errors.New("cannot add a nil handler to the chain") } for i := range c.constructors { diff --git a/pkg/tcp/wrr_load_balancer.go b/pkg/tcp/wrr_load_balancer.go index 236fd8007..c47bbef8e 100644 --- a/pkg/tcp/wrr_load_balancer.go +++ b/pkg/tcp/wrr_load_balancer.go @@ -1,7 +1,7 @@ package tcp import ( - "fmt" + "errors" "sync" "github.com/traefik/traefik/v2/pkg/log" @@ -91,7 +91,7 @@ func gcd(a, b int) int { func (b *WRRLoadBalancer) next() (Handler, error) { if len(b.servers) == 0 { - return nil, fmt.Errorf("no servers in the pool") + return nil, errors.New("no servers in the pool") } // The algo below may look messy, but is actually very simple @@ -101,7 +101,7 @@ func (b *WRRLoadBalancer) next() (Handler, error) { // Maximum weight across all enabled servers max := b.maxWeight() if max == 0 { - return nil, fmt.Errorf("all servers have 0 weight") + return nil, errors.New("all servers have 0 weight") } // GCD across all enabled servers diff --git a/pkg/tls/tlsmanager_test.go b/pkg/tls/tlsmanager_test.go index 983ab2401..644a80d03 100644 --- a/pkg/tls/tlsmanager_test.go +++ b/pkg/tls/tlsmanager_test.go @@ -333,10 +333,6 @@ func TestManager_Get_DefaultValues(t *testing.T) { assert.Equal(t, uint16(tls.VersionTLS12), config.MinVersion) assert.Equal(t, []string{"h2", "http/1.1", "acme-tls/1"}, config.NextProtos) assert.Equal(t, []uint16{ - tls.TLS_RSA_WITH_AES_128_CBC_SHA, - tls.TLS_RSA_WITH_AES_256_CBC_SHA, - tls.TLS_RSA_WITH_AES_128_GCM_SHA256, - tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256, diff --git a/pkg/udp/wrr_load_balancer.go b/pkg/udp/wrr_load_balancer.go index 7dd2a9c07..d057ff426 100644 --- a/pkg/udp/wrr_load_balancer.go +++ b/pkg/udp/wrr_load_balancer.go @@ -1,7 +1,7 @@ package udp import ( - "fmt" + "errors" "sync" "github.com/traefik/traefik/v2/pkg/log" @@ -91,7 +91,7 @@ func gcd(a, b int) int { func (b *WRRLoadBalancer) next() (Handler, error) { if len(b.servers) == 0 { - return nil, fmt.Errorf("no servers in the pool") + return nil, errors.New("no servers in the pool") } // The algorithm below may look messy, @@ -101,7 +101,7 @@ func (b *WRRLoadBalancer) next() (Handler, error) { // Maximum weight across all enabled servers max := b.maxWeight() if max == 0 { - return nil, fmt.Errorf("all servers have 0 weight") + return nil, errors.New("all servers have 0 weight") } // GCD across all enabled servers diff --git a/script/code-gen-docker.sh b/script/code-gen-docker.sh index fd9eef185..0702960d6 100755 --- a/script/code-gen-docker.sh +++ b/script/code-gen-docker.sh @@ -9,7 +9,7 @@ IMAGE_NAME="kubernetes-codegen:latest" CURRENT_DIR="$(pwd)" echo "Building codegen Docker image..." -docker build --build-arg KUBE_VERSION=v0.28.3 \ +docker build --build-arg KUBE_VERSION=v0.29.1 \ --build-arg USER="${USER}" \ --build-arg UID="$(id -u)" \ --build-arg GID="$(id -g)" \ diff --git a/script/codegen.Dockerfile b/script/codegen.Dockerfile index ffb5430eb..315d349c1 100644 --- a/script/codegen.Dockerfile +++ b/script/codegen.Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.21 +FROM golang:1.22 ARG USER=$USER ARG UID=$UID @@ -13,7 +13,7 @@ RUN go install k8s.io/code-generator/cmd/client-gen@$KUBE_VERSION RUN go install k8s.io/code-generator/cmd/lister-gen@$KUBE_VERSION RUN go install k8s.io/code-generator/cmd/informer-gen@$KUBE_VERSION RUN go install k8s.io/code-generator/cmd/deepcopy-gen@$KUBE_VERSION -RUN go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.13.0 +RUN go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0 RUN mkdir -p $GOPATH/src/k8s.io/code-generator RUN cp -R $GOPATH/pkg/mod/k8s.io/code-generator@$KUBE_VERSION/* $GOPATH/src/k8s.io/code-generator/