baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge current v2.4 into master

Browse source
This commit is contained in:
romain 2021-06-28 10:07:17 +02:00
commit fc69f882c5
17 changed files with 91 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docs/content/middlewares/http/headers.md
View file

@ -23,7 +23,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: testHeader name: test-header
spec: spec:
headers: headers:
customRequestHeaders: customRequestHeaders:
@ -86,7 +86,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: testHeader name: test-header
spec: spec:
headers: headers:
customRequestHeaders: customRequestHeaders:
@ -154,7 +154,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: testHeader name: test-header
spec: spec:
headers: headers:
frameDeny: true frameDeny: true
@ -212,7 +212,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: testHeader name: test-header
spec: spec:
headers: headers:
accessControlAllowMethods: accessControlAllowMethods:

18
docs/content/middlewares/http/ipwhitelist.md
View file

@ -92,8 +92,8 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take th
```yaml tab="Docker" ```yaml tab="Docker"
# Whitelisting Based on `X-Forwarded-For` with `depth=2` # Whitelisting Based on `X-Forwarded-For` with `depth=2`
labels: labels:
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7" - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2" - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
``` ```
```yaml tab="Kubernetes" ```yaml tab="Kubernetes"
@ -101,7 +101,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: testIPwhitelist name: test-ipwhitelist
spec: spec:
ipWhiteList: ipWhiteList:
sourceRange: sourceRange:
@ -113,22 +113,22 @@ spec:
```yaml tab="Consul Catalog" ```yaml tab="Consul Catalog"
# Whitelisting Based on `X-Forwarded-For` with `depth=2` # Whitelisting Based on `X-Forwarded-For` with `depth=2`
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7" - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2" - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
``` ```
```json tab="Marathon" ```json tab="Marathon"
"labels": { "labels": {
"traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange": "127.0.0.1/32, 192.168.1.7", "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange": "127.0.0.1/32, 192.168.1.7",
"traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth": "2" "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth": "2"
} }
``` ```
```yaml tab="Rancher" ```yaml tab="Rancher"
# Whitelisting Based on `X-Forwarded-For` with `depth=2` # Whitelisting Based on `X-Forwarded-For` with `depth=2`
labels: labels:
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7" - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2" - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
``` ```
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"

6
docs/content/migration/v1-to-v2.md
View file

@ -441,7 +441,7 @@ To apply a redirection:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: http-redirect-ingressRoute name: http-redirect-ingressroute
spec: spec:
entryPoints: entryPoints:
@ -459,7 +459,7 @@ To apply a redirection:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: https-ingressRoute name: https-ingressroute
spec: spec:
entryPoints: entryPoints:
@ -595,7 +595,7 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: http-redirect-ingressRoute name: http-redirect-ingressroute
namespace: admin-web namespace: admin-web
spec: spec:
entryPoints: entryPoints:

4
docs/content/migration/v2.md
View file

@ -189,7 +189,7 @@ metadata:
spec: spec:
tls: tls:
- secretName: myTlsSecret - secretName: my-tls-secret
rules: rules:
- host: example.com - host: example.com
@ -256,7 +256,7 @@ metadata:
spec: spec:
tls: tls:
- secretName: myTlsSecret - secretName: my-tls-secret
rules: rules:
- host: example.com - host: example.com

32
docs/content/providers/overview.md
View file

@ -30,6 +30,8 @@ If you use multiple providers and wish to reference such an object declared in a
(e.g. referencing a cross-provider object like middleware), then the object name should be suffixed by the `@` (e.g. referencing a cross-provider object like middleware), then the object name should be suffixed by the `@`
separator, and the provider name. separator, and the provider name.
For the list of the providers names, see the [supported providers](#supported-providers) table below.
```text ```text
<resource-name>@<provider-name> <resource-name>@<provider-name>
``` ```
@ -125,20 +127,22 @@ separator, and the provider name.
Below is the list of the currently supported providers in Traefik. Below is the list of the currently supported providers in Traefik.
| Provider | Type | Configuration Type | | Provider | Type | Configuration Type | Provider Name |
|---------------------------------------|--------------|----------------------------| |---------------------------------------------------|--------------|----------------------|---------------------|
| [Docker](./docker.md) | Orchestrator | Label | | [Docker](./docker.md) | Orchestrator | Label | `docker` |
| [Kubernetes](./kubernetes-crd.md) | Orchestrator | Custom Resource or Ingress | | [Kubernetes IngressRoute](./kubernetes-crd.md) | Orchestrator | Custom Resource | `kubernetescrd` |
| [Consul Catalog](./consul-catalog.md) | Orchestrator | Label | | [Kubernetes Ingress](./kubernetes-ingress.md) | Orchestrator | Ingress | `kubernetes` |
| [ECS](./ecs.md) | Orchestrator | Label | | [Kubernetes Gateway API](./kubernetes-gateway.md) | Orchestrator | Gateway API Resource | `kubernetesgateway` |
| [Marathon](./marathon.md) | Orchestrator | Label | | [Consul Catalog](./consul-catalog.md) | Orchestrator | Label | `consulcatalog` |
| [Rancher](./rancher.md) | Orchestrator | Label | | [ECS](./ecs.md) | Orchestrator | Label | `ecs` |
| [File](./file.md) | Manual | YAML/TOML format | | [Marathon](./marathon.md) | Orchestrator | Label | `marathon` |
| [Consul](./consul.md) | KV | KV | | [Rancher](./rancher.md) | Orchestrator | Label | `rancher` |
| [Etcd](./etcd.md) | KV | KV | | [File](./file.md) | Manual | YAML/TOML format | `file` |
| [ZooKeeper](./zookeeper.md) | KV | KV | | [Consul](./consul.md) | KV | KV | `consul` |
| [Redis](./redis.md) | KV | KV | | [Etcd](./etcd.md) | KV | KV | `etcd` |
| [HTTP](./http.md) | Manual | JSON format | | [ZooKeeper](./zookeeper.md) | KV | KV | `zookeeper` |
| [Redis](./redis.md) | KV | KV | `redis` |
| [HTTP](./http.md) | Manual | JSON format | `http` |
!!! info "More Providers" !!! info "More Providers"

16
docs/content/routing/providers/kubernetes-crd.md
View file

@ -386,7 +386,7 @@ Register the `IngressRoute` [kind](../../reference/dynamic-configuration/kuberne
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: testName name: test-name
namespace: default namespace: default
spec: spec:
entryPoints: entryPoints:
@ -1445,8 +1445,8 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: # [5] clientAuth: # [5]
secretNames: # [6] secretNames: # [6]
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven # [7] clientAuthType: VerifyClientCertIfGiven # [7]
sniStrict: true # [8] sniStrict: true # [8]
``` ```
@ -1483,8 +1483,8 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
``` ```
@ -1513,7 +1513,7 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: default namespace: default
data: data:
@ -1524,7 +1524,7 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: default namespace: default
data: data:
@ -1565,7 +1565,7 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
spec: spec:
defaultCertificate: defaultCertificate:
secretName: mySecret # [1] secretName: my-secret # [1]
``` ```
| Ref | Attribute | Purpose | | Ref | Attribute | Purpose |

10
pkg/provider/kubernetes/crd/fixtures/tcp/with_bad_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: default namespace: default
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: default namespace: default
data: data:
@ -32,9 +32,9 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretUnknown - secret-unknown
- emptySecret - empty-secret
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
--- ---

8
pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: default namespace: default
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: default namespace: default
data: data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true preferServerCipherSuites: true
--- ---

8
pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options_and_specific_namespace.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: myns namespace: myns
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: myns namespace: myns
data: data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
--- ---

10
pkg/provider/kubernetes/crd/fixtures/with_bad_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: default namespace: default
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: badSecret name: bad-secret
namespace: default namespace: default
data: data:
@ -32,9 +32,9 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretUnknown - secret-unknown
- emptySecret - empty-secret
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
--- ---

8
pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCAdefault1 name: secret-ca-default1
namespace: foo namespace: foo
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCAdefault2 name: secret-ca-default2
namespace: foo namespace: foo
data: data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCAdefault1 - secret-ca-default1
- secretCAdefault2 - secret-ca-default2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true preferServerCipherSuites: true

8
pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: default namespace: default
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: default namespace: default
data: data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true preferServerCipherSuites: true

20
pkg/provider/kubernetes/crd/fixtures/with_servers_transport.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: rootCas0 name: root-ca0
namespace: foo namespace: foo
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: rootCas1 name: root-ca1
namespace: foo namespace: foo
data: data:
@ -21,7 +21,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: rootCas2 name: root-ca2
namespace: foo namespace: foo
data: data:
@ -31,7 +31,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: rootCas3 name: root-ca3
namespace: foo namespace: foo
data: data:
@ -41,7 +41,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: rootCas4 name: root-ca4
namespace: foo namespace: foo
data: data:
@ -94,11 +94,11 @@ spec:
insecureSkipVerify: true insecureSkipVerify: true
maxIdleConnsPerHost: 42 maxIdleConnsPerHost: 42
rootCAsSecrets: rootCAsSecrets:
- rootCas0 - root-ca0
- rootCas1 - root-ca1
- rootCas2 - root-ca2
- rootCas3 - root-ca3
- rootCas4 - root-ca4
- allcerts - allcerts
certificatesSecrets: certificatesSecrets:
- mtls1 - mtls1

8
pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: default namespace: default
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: default namespace: default
data: data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true preferServerCipherSuites: true

8
pkg/provider/kubernetes/crd/fixtures/with_tls_options_and_specific_namespace.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA1 name: secret-ca1
namespace: myns namespace: myns
data: data:
@ -11,7 +11,7 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: secretCA2 name: secret-ca2
namespace: myns namespace: myns
data: data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: clientAuth:
secretNames: secretNames:
- secretCA1 - secret-ca1
- secretCA2 - secret-ca2
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven
--- ---

4
pkg/provider/kubernetes/ingress/fixtures/TLS-support_ingress.yml
View file

@ -8,7 +8,7 @@ metadata:
spec: spec:
tls: tls:
- secretName: myTlsSecret - secretName: my-tls-secret
rules: rules:
- host: example.com - host: example.com
http: http:
@ -27,7 +27,7 @@ metadata:
spec: spec:
tls: tls:
- secretName: myUndefinedSecret - secretName: my-undefined-secret
rules: rules:
- host: example.fail - host: example.fail
http: http:

2
pkg/provider/kubernetes/ingress/fixtures/TLS-support_secret.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: myTlsSecret name: my-tls-secret
namespace: testing namespace: testing
data: data: