baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge current v2.4 into master

Browse source
This commit is contained in:
romain 2021-06-28 10:07:17 +02:00
commit fc69f882c5
17 changed files with 91 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docs/content/middlewares/http/headers.md
View file

@ -23,7 +23,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testHeader
name: test-header
spec:
headers:
customRequestHeaders:
@ -86,7 +86,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testHeader
name: test-header
spec:
headers:
customRequestHeaders:
@ -154,7 +154,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testHeader
name: test-header
spec:
headers:
frameDeny: true
@ -212,7 +212,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testHeader
name: test-header
spec:
headers:
accessControlAllowMethods:

18
docs/content/middlewares/http/ipwhitelist.md
View file

@ -92,8 +92,8 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take th
```yaml tab="Docker"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
labels:
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2"
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
```
```yaml tab="Kubernetes"
@ -101,7 +101,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testIPwhitelist
name: test-ipwhitelist
spec:
ipWhiteList:
sourceRange:
@ -113,22 +113,22 @@ spec:
```yaml tab="Consul Catalog"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2"
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
```
```json tab="Marathon"
"labels": {
"traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange": "127.0.0.1/32, 192.168.1.7",
"traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth": "2"
"traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange": "127.0.0.1/32, 192.168.1.7",
"traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth": "2"
}
```
```yaml tab="Rancher"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
labels:
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2"
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
```
```yaml tab="File (YAML)"

6
docs/content/migration/v1-to-v2.md
View file

@ -441,7 +441,7 @@ To apply a redirection:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: http-redirect-ingressRoute
name: http-redirect-ingressroute
spec:
entryPoints:
@ -459,7 +459,7 @@ To apply a redirection:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: https-ingressRoute
name: https-ingressroute
spec:
entryPoints:
@ -595,7 +595,7 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: http-redirect-ingressRoute
name: http-redirect-ingressroute
namespace: admin-web
spec:
entryPoints:

4
docs/content/migration/v2.md
View file

@ -189,7 +189,7 @@ metadata:
spec:
tls:
- secretName: myTlsSecret
- secretName: my-tls-secret
rules:
- host: example.com
@ -256,7 +256,7 @@ metadata:
spec:
tls:
- secretName: myTlsSecret
- secretName: my-tls-secret
rules:
- host: example.com

32
docs/content/providers/overview.md
View file

@ -30,6 +30,8 @@ If you use multiple providers and wish to reference such an object declared in a
(e.g. referencing a cross-provider object like middleware), then the object name should be suffixed by the `@`
separator, and the provider name.
For the list of the providers names, see the [supported providers](#supported-providers) table below.
```text
<resource-name>@<provider-name>
```
@ -125,20 +127,22 @@ separator, and the provider name.
Below is the list of the currently supported providers in Traefik.
| Provider | Type | Configuration Type |
|---------------------------------------|--------------|----------------------------|
| [Docker](./docker.md) | Orchestrator | Label |
| [Kubernetes](./kubernetes-crd.md) | Orchestrator | Custom Resource or Ingress |
| [Consul Catalog](./consul-catalog.md) | Orchestrator | Label |
| [ECS](./ecs.md) | Orchestrator | Label |
| [Marathon](./marathon.md) | Orchestrator | Label |
| [Rancher](./rancher.md) | Orchestrator | Label |
| [File](./file.md) | Manual | YAML/TOML format |
| [Consul](./consul.md) | KV | KV |
| [Etcd](./etcd.md) | KV | KV |
| [ZooKeeper](./zookeeper.md) | KV | KV |
| [Redis](./redis.md) | KV | KV |
| [HTTP](./http.md) | Manual | JSON format |
| Provider | Type | Configuration Type | Provider Name |
|---------------------------------------------------|--------------|----------------------|---------------------|
| [Docker](./docker.md) | Orchestrator | Label | `docker` |
| [Kubernetes IngressRoute](./kubernetes-crd.md) | Orchestrator | Custom Resource | `kubernetescrd` |
| [Kubernetes Ingress](./kubernetes-ingress.md) | Orchestrator | Ingress | `kubernetes` |
| [Kubernetes Gateway API](./kubernetes-gateway.md) | Orchestrator | Gateway API Resource | `kubernetesgateway` |
| [Consul Catalog](./consul-catalog.md) | Orchestrator | Label | `consulcatalog` |
| [ECS](./ecs.md) | Orchestrator | Label | `ecs` |
| [Marathon](./marathon.md) | Orchestrator | Label | `marathon` |
| [Rancher](./rancher.md) | Orchestrator | Label | `rancher` |
| [File](./file.md) | Manual | YAML/TOML format | `file` |
| [Consul](./consul.md) | KV | KV | `consul` |
| [Etcd](./etcd.md) | KV | KV | `etcd` |
| [ZooKeeper](./zookeeper.md) | KV | KV | `zookeeper` |
| [Redis](./redis.md) | KV | KV | `redis` |
| [HTTP](./http.md) | Manual | JSON format | `http` |
!!! info "More Providers"

16
docs/content/routing/providers/kubernetes-crd.md
View file

@ -386,7 +386,7 @@ Register the `IngressRoute` [kind](../../reference/dynamic-configuration/kuberne
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: testName
name: test-name
namespace: default
spec:
entryPoints:
@ -1445,8 +1445,8 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth: # [5]
secretNames: # [6]
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven # [7]
sniStrict: true # [8]
```
@ -1483,8 +1483,8 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven
```
@ -1513,7 +1513,7 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: default
data:
@ -1524,7 +1524,7 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: default
data:
@ -1565,7 +1565,7 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
spec:
defaultCertificate:
secretName: mySecret # [1]
secretName: my-secret # [1]
```
| Ref | Attribute | Purpose |

10
pkg/provider/kubernetes/crd/fixtures/tcp/with_bad_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: default
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: default
data:
@ -32,9 +32,9 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretUnknown
- emptySecret
- secret-ca1
- secret-unknown
- empty-secret
clientAuthType: VerifyClientCertIfGiven
---

8
pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: default
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: default
data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true
---

8
pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options_and_specific_namespace.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: myns
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: myns
data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven
---

10
pkg/provider/kubernetes/crd/fixtures/with_bad_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: default
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: badSecret
name: bad-secret
namespace: default
data:
@ -32,9 +32,9 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretUnknown
- emptySecret
- secret-ca1
- secret-unknown
- empty-secret
clientAuthType: VerifyClientCertIfGiven
---

8
pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCAdefault1
name: secret-ca-default1
namespace: foo
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCAdefault2
name: secret-ca-default2
namespace: foo
data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCAdefault1
- secretCAdefault2
- secret-ca-default1
- secret-ca-default2
clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true

8
pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: default
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: default
data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true

20
pkg/provider/kubernetes/crd/fixtures/with_servers_transport.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: rootCas0
name: root-ca0
namespace: foo
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: rootCas1
name: root-ca1
namespace: foo
data:
@ -21,7 +21,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: rootCas2
name: root-ca2
namespace: foo
data:
@ -31,7 +31,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: rootCas3
name: root-ca3
namespace: foo
data:
@ -41,7 +41,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: rootCas4
name: root-ca4
namespace: foo
data:
@ -94,11 +94,11 @@ spec:
insecureSkipVerify: true
maxIdleConnsPerHost: 42
rootCAsSecrets:
- rootCas0
- rootCas1
- rootCas2
- rootCas3
- rootCas4
- root-ca0
- root-ca1
- root-ca2
- root-ca3
- root-ca4
- allcerts
certificatesSecrets:
- mtls1

8
pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: default
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: default
data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven
preferServerCipherSuites: true

8
pkg/provider/kubernetes/crd/fixtures/with_tls_options_and_specific_namespace.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: secretCA1
name: secret-ca1
namespace: myns
data:
@ -11,7 +11,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: secretCA2
name: secret-ca2
namespace: myns
data:
@ -32,8 +32,8 @@ spec:
- TLS_RSA_WITH_AES_256_GCM_SHA384
clientAuth:
secretNames:
- secretCA1
- secretCA2
- secret-ca1
- secret-ca2
clientAuthType: VerifyClientCertIfGiven
---

4
pkg/provider/kubernetes/ingress/fixtures/TLS-support_ingress.yml
View file

@ -8,7 +8,7 @@ metadata:
spec:
tls:
- secretName: myTlsSecret
- secretName: my-tls-secret
rules:
- host: example.com
http:
@ -27,7 +27,7 @@ metadata:
spec:
tls:
- secretName: myUndefinedSecret
- secretName: my-undefined-secret
rules:
- host: example.fail
http:

2
pkg/provider/kubernetes/ingress/fixtures/TLS-support_secret.yml
View file

@ -1,7 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: myTlsSecret
name: my-tls-secret
namespace: testing
data: