Commit graph

409 commits

Author SHA1 Message Date
Pablo Montepagano
0a5c9095ac
feat: allow configuration of ACME certificates duration 2021-11-10 12:06:09 +01:00
Tom Moulard
1f17731369
feat: add readIdleTimeout and pingTimeout config options to ServersTransport
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
2021-11-09 12:16:08 +01:00
Kevin Pollet
8e32d1913b
Update gateway api provider to v1alpha2
Co-authored-by: Tom Moulard <tom.moulard@traefik.io>
2021-11-09 11:34:06 +01:00
kevinpollet
ce47f200d5
Merge branch v2.5 into master 2021-11-08 22:41:43 +01:00
Kevin Pollet
d3ff0c2cd4
fix: do not require a TLS client cert when InsecureSkipVerify is false
Co-authored-by: Tom Moulard <tom.moulard@traefik.io>
2021-10-26 10:54:11 +02:00
Aaron Raff
25e12aee14
kubernetes: normalize middleware names in ingress route config 2021-10-07 15:40:05 +02:00
kevinpollet
32340252b2
Merge branch v2.5 into master 2021-10-06 11:55:12 +02:00
Tom Moulard
969dd088a2
gateway api: support RouteNamespaces
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2021-10-04 15:46:08 +02:00
Kevin Pollet
126b32c579
fix: add missing RequireAnyClientCert value to TLSOption CRD 2021-09-24 11:32:07 +02:00
Tom Moulard
380514941c
Merge current v2.5 into master 2021-09-23 16:10:03 +02:00
Lukas Schulte Pelkum
07a3c37a23
Implement customizable minimum body size for compress middleware 2021-09-20 18:00:08 +02:00
Tom Moulard
6906a022ca
Add cross namespace verification in Kubernetes CRD 2021-09-20 12:54:05 +02:00
Kevin Pollet
bda0dba131
fix: add peerCertURI config to k8s crd provider
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2021-09-17 08:56:07 +02:00
Romain
76867e39ea
Fix ServersTransport reference from IngressRoute service definition
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2021-09-16 15:12:13 +02:00
Simon Stender Boisen
6f8e8ea252
Ensure disableHTTP2 works with k8s crd 2021-09-16 12:18:08 +02:00
Ludovic Fernandez
6f4a7fb604
chore: upgrade linter 2021-09-16 09:16:07 +02:00
Tom Moulard
a72d124551
Fix certChan defaulting on consul catalog provider 2021-09-14 17:12:12 +02:00
Daniel Tomcej
7ff13c3e3e
Support Kubernetes basic-auth secrets
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
2021-09-14 15:16:11 +02:00
romain
4235cef1b2 Merge current v2.5 into master 2021-09-03 09:13:34 +02:00
Romain
287cebb498
Fix CRDs code and manifests generation 2021-09-02 14:40:08 +02:00
romain
f81ceaef8a Merge current v2.5 into master 2021-08-30 14:51:57 +02:00
Romain
2644c1f598
Makes ALPN protocols configurable 2021-08-20 18:20:06 +02:00
romain
78180a5fa7 Merge current v2.4 into v2.5 2021-08-19 11:45:19 +02:00
Jean-Baptiste Doumenjou
187ec26d8e Merge current v2.4 into v2.5 2021-08-05 18:09:23 +02:00
Jean-Baptiste Doumenjou
32d88a977d
Avoid unauthorized midlleware cross namespace reference
Co-authored-by: Mathieu Lonjaret <mathieu.lonjaret@gmail.com>
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
2021-08-05 17:42:08 +02:00
Romain
7f307d60c4
Kubernetes: detect changes for resources other than endpoints 2021-07-30 15:08:10 +02:00
Eric
817ac8f256
Add organizationalUnit to passtlscert middleware 2021-07-28 17:42:09 +02:00
romain
a5b169c563 Merge current v2.4 into v2.5 2021-07-20 14:06:13 +02:00
Romain
bc5e621683
Get Kubernetes server version early 2021-07-20 13:02:10 +02:00
Daniel Tomcej
c2c4dc9b58
Don't remove ingress config on API call failure 2021-07-19 20:06:07 +02:00
romain
bd3271aff0 Merge current v2.4 into v2.5 2021-07-19 15:18:38 +02:00
Daniel Tomcej
8d4620dc53
check if defaultcertificate is defined in store 2021-07-19 09:58:14 +02:00
Jean-Baptiste Doumenjou
16f65f669b
Update Gateway API version to v0.3.0
Co-authored-by: Tom Moulard <tom.moulard@traefik.io>
2021-07-15 17:20:08 +02:00
Mohammad Gufran
7e43e5615e
Add Support for Consul Connect
Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
2021-07-15 14:02:11 +02:00
romain
3a180e2afc Merge current v2.4 into v2.5 2021-07-13 18:12:29 +02:00
Jean-Baptiste Doumenjou
e1f5866989
Detect certificates content modifications
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
Co-authored-by: Mathieu Lonjaret <mathieu.lonjaret@gmail.com>
2021-07-13 14:14:35 +02:00
Daniel Tomcej
3c1ed0d9b2
Disable ExternalName Services by default on Kubernetes providers 2021-07-13 12:54:09 +02:00
Daniel Tomcej
3072354ca5
Disable Cross-Namespace by default for IngressRoute provider 2021-07-13 10:48:05 +02:00
romain
fc69f882c5 Merge current v2.4 into master 2021-06-28 10:07:17 +02:00
mpl
838a8e18d3
healthcheck: add support at the load-balancers of services level
Co-authored-by: Dmitry Sharshakov <d3dx12.xx@gmail.com>
Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
Co-authored-by: Tom Moulard <tom.moulard@traefik.io>
2021-06-25 21:08:11 +02:00
Romain
cd68cbd3ea
Fix: malformed Kubernetes resource names and references in tests 2021-06-24 17:32:07 +02:00
romain
ce2e02b690 Merge current v2.4 into master 2021-06-22 14:44:56 +02:00
Wei Lun
dca348359b
add permissionsPolicy and deprecate featurePolicy 2021-06-21 15:16:13 +02:00
Tom Moulard
c9df233d24
Changing default file format for the snippets from TOML to YAML 2021-06-19 00:08:08 +02:00
Rio Kierkels
0a3e40332a
Improve CA certificate loading from kubernetes secret 2021-06-14 18:06:10 +02:00
Richard Kojedzinszky
f15d05b22f
tls Manager: do not build a default certificate for ACME challenges store
Co-authored-by: Mathieu Lonjaret <mathieu.lonjaret@gmail.com>
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
2021-06-14 10:06:05 +02:00
Romain
fc9f41b955
Add TCP Middlewares support 2021-06-11 15:30:05 +02:00
Jean-Baptiste Doumenjou
b1fd3b8fc7 fix for review 2021-05-28 17:38:46 +02:00
Wouter Dullaert
456df0fc19 feat: Add ServersTransport annotation to k8s ingress provider 2021-05-28 17:38:46 +02:00
Tom Moulard
526f493e12
Removes headers middleware options 2021-05-28 09:24:14 +02:00
Jakub Coufal
1680f00091
Fix incorrect behaviour with multi-port endpoint subsets 2021-05-28 00:58:07 +02:00
Ludovic Fernandez
21c0195d29
fix: ACME preferred chain. 2021-05-20 15:08:12 +02:00
Tom Moulard
56f845c71a
gatewayapi: adding support for TCPRoute and TLSRoute
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2021-05-20 11:50:12 +02:00
Manuel Zapf
e1e1fd640c
Upgrade IngressClass to use v1 over v1Beta on Kube 1.19+ 2021-05-17 16:50:09 +02:00
Henning
de2437cfec
kubernetes: remove logging of changed object with cast 2021-05-10 09:42:06 +02:00
Luca Berneking
32e08f3510
Add k8s provider option to create services without endpoints 2021-05-06 18:12:10 +02:00
Joel Berger
70a02158e5
Add wildcard hostname rule to kubernetes gateway 2021-04-29 17:18:04 +02:00
Henning
ab71dad51a
[kubernetes] ignore empty endpoint changes 2021-04-29 16:20:03 +02:00
Tom Moulard
ac486d3d1d Merge current branch v2.4 into master 2021-04-21 11:39:53 +02:00
Martin Vizvary
5814ba5322
Kubernetes ingress provider to search via all endpoints 2021-04-15 18:16:04 +02:00
Jean-Baptiste Doumenjou
cb4fb973b2 Merge current branch v2.4 into master 2021-03-31 09:43:04 +02:00
Tom Moulard
513f6e9a68
Remove error when HTTProutes is empty
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2021-03-30 16:32:03 +02:00
jcuzzi
d13d078351
Add ability to disable HTTP/2 in dynamic config 2021-03-29 14:32:03 +02:00
Manuel Zapf
29908098e4
Upgrade Ingress Handling to work with networkingv1/Ingress 2021-03-15 11:16:04 +01:00
Jean-Baptiste Doumenjou
08e6ae07af
Update to gateway-api v0.2.0
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
2021-03-15 09:44:03 +01:00
Jean-Baptiste Doumenjou
702e301990 Merge current branch v2.4 into master 2021-03-09 12:05:08 +01:00
Ludovic Fernandez
09d5f59701
fix: double close chan on TLS challenge
Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
2021-03-08 11:18:04 +01:00
Julien Salleyron
3c8675bb8b
Fix flaky tests.
Co-authored-by: Ludovic Fernandez <ldez@users.noreply.github.com>
2021-03-08 09:58:04 +01:00
Romain
bdba7d3adf
Update to go1.16 2021-03-04 20:08:03 +01:00
Ludovic Fernandez
2e7833df49
chore: update linter. 2021-03-04 09:02:03 +01:00
Jean-Baptiste Doumenjou
992d4c1b94
Upgrade the CRD version from apiextensions.k8s.io/v1beta1 to apiextensions.k8s.io/v1
Co-authored-by: kevinpollet <pollet.kevin@gmail.com>
2021-03-03 15:32:04 +01:00
Tom Moulard
e658712d53
Filter ingress class resources by name
Co-authored-by: SantoDE <manuel.zapf@traefik.io>
2021-03-02 21:34:03 +01:00
Julien Salleyron
dd0701dd16
fix: wait for file and internal before applying configurations
Co-authored-by: Ludovic Fernandez <ldez@users.noreply.github.com>
2021-02-25 17:20:04 +01:00
romain
1b21f0723f Merge v2.4 into master 2021-02-16 11:12:09 +01:00
Ludovic Fernandez
5597d7633d
Fix TLS challenge timeout and validation error
Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
2021-02-11 16:32:03 +01:00
Jean-Baptiste Doumenjou
d211437d6c Merge v2.4 into master 2021-02-04 10:40:53 +01:00
Jean-Baptiste Doumenjou
7996a42f76
Allow crossprovider service reference
Co-authored-by: Harold Ozouf <harold.ozouf@gmail.com>
2021-02-02 19:36:04 +01:00
Romain
c53033a778
Fix aggregator test comment 2021-02-01 16:50:03 +01:00
Harold Ozouf
96a3468791
Fix servers transport not found 2021-02-01 12:36:03 +01:00
Harold Ozouf
2065f4c003
Fix HTTP challenge router unexpected delayed creation 2021-01-28 16:16:05 +01:00
LandryBe
9a931e4dc9
fix: add support for multiple ingress classes 2021-01-28 15:08:04 +01:00
Gabe Levasseur
49ec62c757
Fix refresh interval option description in consulcatalog provider 2021-01-28 11:10:04 +01:00
Sune Keller
2bbb6fc427
Update sprig to v3.2.0 2021-01-20 15:10:04 +01:00
Kevin Pollet
41d22ef17e
Improve kubernetes external name service support for UDP 2021-01-19 09:30:05 +01:00
Cirrith
bbee63fcf3
Add named port support to Kubernetes IngressRoute CRDs 2021-01-15 15:54:04 +01:00
Kevin Pollet
e62a00a3f5
Update copyright year for 2021 2021-01-13 16:50:03 +01:00
romain
92886c46ea Merge branch v2.3 into v2.4 2021-01-11 16:26:53 +01:00
Kevin Pollet
c24f75ce0b
Update copyright year for 2021 2021-01-08 19:20:04 +01:00
Henning
63929b0341
Compile kubernetes ingress annotation regex only once 2021-01-07 18:56:03 +01:00
Michael
60d87f3c64
Merge back v2.3 into v2.4 2021-01-06 17:59:03 +01:00
Avdhoot Dendge
d4f0a9ff62
Fix wildcard hostname issue 2021-01-05 12:26:04 +01:00
Ludovic Fernandez
f54136b602
chore: update linter. 2020-12-29 10:54:03 +01:00
Fabian Gruber
ec0075e0d0
Extend marathon port discovery to allow port names as identifier 2020-12-16 12:32:03 +01:00
Romain
c21597c593
Add Kubernetes Gateway Provider
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2020-12-15 16:40:05 +01:00
kevinpollet
eebbe64b36
Merge branch v2.3 into master 2020-12-11 10:58:00 +01:00
Romain
7ba907f261
IngressRoute: add an option to disable cross-namespace routing
Co-authored-by: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com>
2020-12-10 14:58:04 +01:00
Harold Ozouf
7403b6fb82
Fix concatenation of IPv6 addresses and ports 2020-12-04 20:56:04 +01:00
Ludovic Fernandez
a488430f23
acme: add external account binding support. 2020-12-01 10:40:05 +01:00
kevinpollet
2112de6f15
Merge branch v2.3 into master 2020-11-20 11:30:07 +01:00
Romain
be0845af02
Apply labelSelector as a TweakListOptions for Kubernetes informers 2020-11-20 00:18:04 +01:00
Harold Ozouf
a75819cae3
Filter out Helm secrets from informer caches
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
2020-11-19 14:32:03 +01:00
Harold Ozouf
4f43c9ebb4
Fix missing allow-empty tag on ECS and Consul Catalog providers
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
2020-11-19 00:12:03 +01:00
Harold Ozouf
9177982334
Fix consul catalog panic when health and services are not in sync
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
2020-11-17 17:30:03 +01:00
Matthias Schneider
84b125bdde
added support for tcp proxyProtocol v1&v2 to backend 2020-11-17 13:04:04 +01:00
Yoan Blanc
52eeff9f9f
fix: consulcatalog to update before the first interval 2020-11-16 20:44:04 +01:00
Alessandro Chitolina
920e82f11a
fix: translate configured server port into correct mapped host port 2020-11-09 17:12:05 +01:00
Fernandez Ludovic
520fcf82ae Merge branch v2.3 into master. 2020-11-09 00:07:28 +01:00
Ludovic Fernandez
267d0b7b5a
chore: update linter. 2020-11-06 09:26:03 +01:00
Sylvain Rabot
d38d11f02e
Set kubernetes client User-Agent to something meaningful 2020-10-30 17:56:03 +01:00
Michael
4ea1c98ac9
Improve anonymize configuration 2020-10-30 12:44:05 +01:00
Ludovic Fernandez
05333b9579
acme: new HTTP and TLS challenges implementations. 2020-10-29 15:40:04 +01:00
iamolegga
49cdb67ddc
Middlewares: add forwardAuth.authResponseHeadersRegex 2020-10-29 15:10:04 +01:00
Luca Guidi
b5198e63c4
Allow to use regular expressions for AccessControlAllowOriginList 2020-10-29 10:52:03 +01:00
Jean-Baptiste Doumenjou
4fccde84bd Merge current v2.3 branch into master 2020-10-23 14:29:22 +02:00
Ludovic Fernandez
04c07227f2
fix: Consul Catalog address documentation. 2020-10-19 10:28:03 +02:00
Romain
3567ae88ad
Bump k8s client to v0.19.2 2020-10-08 17:12:04 +02:00
romain
afcec56be4 Merge 'v2.3' into master. 2020-10-08 14:05:10 +02:00
Michael
556f7608db
fix: use provider keytype instead of account keytype. 2020-10-08 12:58:04 +02:00
Nikita Konev
326be29568
Filter ForwardAuth request headers 2020-10-07 16:36:04 +02:00
Anton Popovichenko
ab13019bde
acme: Fix race condition in LocalStore during saving. 2020-09-30 12:04:04 +02:00
Kevin Pollet
5e63ab619e
Fix default value of docker client timeout 2020-09-25 09:14:04 +02:00
Fernandez Ludovic
cd947ae822 Merge branch 'v2.3' into master 2020-09-23 15:35:31 +02:00
Ludovic Fernandez
ef08e8b8a0
fix: precheck function. 2020-09-23 12:24:03 +02:00
Fernandez Ludovic
86c099d629 Merge branch v2.3 into master 2020-09-17 12:32:18 +02:00
Jean-Baptiste Doumenjou
c0f1e74bed
chore: move to Traefik organization.
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
2020-09-16 15:46:04 +02:00
Eli Mallon
498e8545b6
feat: update more than one LoadBalancer ip
Co-authored-by: kevinpollet <pollet.kevin@gmail.com>
2020-09-15 13:48:32 +02:00
Ludovic Fernandez
230c2e5cc2
chore: update linter. 2020-09-15 13:08:03 +02:00
Julien Salleyron
76f42a3013
add ServersTransport on services 2020-09-11 15:40:03 +02:00
Fernandez Ludovic
6075f7e8fd Merge branch v2.3 into master 2020-09-08 10:48:09 +02:00
Fernandez Ludovic
3678bd5a93 Merge branch v2.2 into v2.3 2020-09-04 21:06:11 +02:00
Ludovic Fernandez
41aa2672cd
Update go-acme/lego to v4.0.1 2020-09-04 10:52:03 +02:00
Sune Keller
29bd6faa18
Support configuring a HTTP client timeout in the Docker provider 2020-08-28 10:02:03 +02:00
Ludovic Fernandez
b67a7215f6
chore: update linter. 2020-08-21 11:12:04 +02:00
Ludovic Fernandez
1502d20def
chore: move the parser to a dedicated package. 2020-08-17 18:04:03 +02:00
Kevin Pollet
5b05c990b0
Improve region resolution for ECS provider
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
2020-08-05 11:52:03 +02:00
Romain
dafb14ff37
Support Kubernetes Ingress pathType
Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com>
Co-authored-by: kevinpollet <pollet.kevin@gmail.com>
2020-07-28 17:50:04 +02:00
jb doumenjou
207d0bec78 Merge v2.2 into v2.3 2020-07-22 15:49:28 +02:00
Kevin Pollet
a136c46148
Use semantic versioning to enable ingress class support 2020-07-21 15:32:04 +02:00
Stephen Solka
dcd0cda0c6
prefer NoError/Error over Nil/NotNil 2020-07-19 13:10:03 +02:00
Manuel Zapf
fae2d93525
Get Entrypoints Port Address without protocol for redirect 2020-07-16 17:18:03 +02:00
Fernandez Ludovic
0186c31d59 feat: plugins integration. 2020-07-15 20:14:04 +02:00
Daniel Tomcej
cb6ec507e2
Add new ingressClass support to ingress provider
* add new ingressClass

* add doc

* lint

* adjust behavior to look for a class with a specific controller

* remove looking strange test ingressclass

* return nil rather than en empty object

* change documentation

* apply @kevinpollet suggestion

* change order of processIngress to be correct and adjust tests

* review: clean.

* review: clean.

* Fix for review

Co-authored-by: Manuel Zapf <manuel@containo.us>
Co-authored-by: Fernandez Ludovic <ludovic@containo.us>
Co-authored-by: Michael <michael.matur@gmail.com>
2020-07-15 19:18:03 +02:00
Kevin Pollet
1ef93fead7
Add HTTP Provider
* feat: add HTTP provider implementation

* refactor: add SetDefaults and struct tag for the new file parser

* feat: add TLS configuration property

* refactor: rework HTTP provider implementation

* feat: provide config only once if fetched config is unchanged

* style: lint

* ui: add HTTP provider icon

* tests: simplify and fix integration test

* docs: add reference config for file

* docs: move http reference config for file

Co-authored-by: Daniel Tomcej <daniel.tomcej@gmail.com>
2020-07-15 16:56:03 +02:00
Alessandro Chitolina
285ded6e49
Add AWS ECS provider
* add ecs provider

* add ecs docs

* fix test after rebase

* add provider icon

* add missing addProvider call

* Fix for review

* Fix documentation

* Fix for review

* Fix documentation

* fix ctx usage

* autoDiscoverClusters setDefaults false

* Fix for review

* review: doc.

* Fix for review: add ctx in backoff retry

* review: linter.

Co-authored-by: Michael <michael.matur@gmail.com>
Co-authored-by: romain <romain@containo.us>
Co-authored-by: Fernandez Ludovic <ludovic@containo.us>
2020-07-15 16:28:04 +02:00
Fernandez Ludovic
6e4f5821dc Merge branch 'v2.2' into master 2020-07-15 09:37:32 +02:00
John Pekcan
77a0cef9ce
fix k8s crd to read contentType middleware into dynamic config
Co-authored-by: John Pekcan <apekcan@ea.com>
2020-07-13 12:30:03 +02:00
jb doumenjou
73ca7ad0c1 Merge remote-tracking branch 'upstream/v2.2' into mrg-current-v2.2 2020-07-10 11:23:49 +02:00
Douglas De Toni Machado
d73c7ccf50
Fix triggering multiple concurrent requests to ACME 2020-07-08 12:54:04 +02:00
Ludovic Fernandez
a20e90aa17
chore: update linter. 2020-07-07 14:42:03 +02:00
Yongxin Wang
b61de07ca0
Remove checkStringQuoteValidity in loadIngressRouteConf
* remove checkStringQuoteValidity in loadIngressRouteConf

* remove checkStringQuoteValidity and related tests in crd

* remove checkStringQuoteValidity from ingress and related tests

Co-authored-by: traefiker <30906710+traefiker@users.noreply.github.com>
2020-07-02 10:34:04 +02:00