Commit graph

97 commits

Author SHA1 Message Date
Mihai Todor
06c47134c9 Fix typo
Fix "loadd-balancer" typo in log debug message in server.go
2017-04-04 17:23:55 +01:00
Ben Parli
c9d23494b9 Add IdleConnTimeout to Traefik's http.server settings (#1340)
* Add IdleTimeout setting to http.server

Without such a timeout there is a risk of resource leakage from piling up connections, particularly when exposing Traefik to the Internet.

Set the default to be 180 seconds

* Add IdleConnTimeout to Traefik's http.server settings

Without enforcing a timeout Traefik is susceptible to resource leakage, particularly when deployed as a public facing proxy exposed to the Internet.

Set the default to be 180 seconds

* tweak

* Update configuration.go

* add some documentation for the idletimeout setting

* need to cast idletimeout

* update doc to refect format specifics
2017-04-04 11:36:23 +02:00
Timo Reimann
056fe9ac0a Switch duration configuration parameters over to flaeg.Duration. 2017-04-03 18:36:23 +02:00
Emile Vauge
8401cccff2 Replace mailgun/manners with go 1.8 graceful shutdown
Signed-off-by: Emile Vauge <emile@vauge.com>
2017-03-23 22:47:29 +01:00
Taylor Skinner
72e35af39f add dynamo
Signed-off-by: Taylor Skinner <tskinn12@gmail.com>

add some comments

Signed-off-by: Taylor Skinner <tskinn12@gmail.com>

update readmes

make test runnable

Signed-off-by: Taylor Skinner <tskinn12@gmail.com>

make test

squash! add dynamo

add glide.lock

format imports

gofmt

update glide.lock

fixes for review

golint

clean up and reorganize tests

add dynamodb integration test

remove default region. clean up tests. consistent docs

forgot the region is required

DRY

make validate

update readme and commit dependencies
2017-03-16 10:12:26 -06:00
Timo Reimann
920b5bb15d Support cluster-external Kubernetes client. (#1159)
Detect whether in-cluster or cluster-external Kubernetes client should
be used based on the KUBERNETES_SERVICE_{HOST,PORT} environment
variables.

Adds bearer token and CA certificate file path parameters.
2017-03-07 13:09:11 +01:00
Julien Salleyron
6b6f010851
Add healthcheck interval 2017-03-06 17:45:58 +01:00
Manuel Laufenberg
38bd49b97e add dependency, start provider and fetch data
add tons of labels

Provide - WIP

add rancher data over rancher types

first version of direct fetch - pagination still an issue
2017-02-06 17:02:53 +01:00
Julien Salleyron
b30272d896 fix lint 2017-02-06 09:36:30 +01:00
Julien Salleyron
755822bf14 fix after review 2017-02-06 09:36:30 +01:00
Julien Salleyron
99ffc26d40 One goroutine for each backend + fix typo 2017-02-06 09:36:30 +01:00
Julien Salleyron
0ab0bdf818 feat: HealthCheck 2017-02-06 09:36:30 +01:00
Luke Petre
8d3c77a0b9 Add an ECS provider 2017-02-05 18:09:30 +00:00
Emile Vauge
feee8ad72e
Fix redirect regex
Signed-off-by: Emile Vauge <emile@vauge.com>
2017-02-03 09:41:41 +01:00
Matevz Mihalic
c095fc1eab Fix metrics for multiple entry points (#1071) 2017-02-02 12:34:00 +01:00
enxebre
175659a3dd Support for Metrics and Prometheus. 2017-01-16 15:00:16 +01:00
Bilal Amarni
22b97b7214 check permissions on acme.json during startup
Follow-up from #639. At the moment people that were affected
by this security issue would still be vulnerable even after upgrading.

This patch makes sure permissions are also checked for already existing
files.

Signed-off-by: Bilal Amarni <bilal.amarni@gmail.com>
2017-01-12 12:14:35 +01:00
Matthieu Martin
2bfc237e53 Don't fetch ACME certificates for frontends using non-TLS entrypoints 2017-01-06 17:06:48 +01:00
Emile Vauge
bef55db120 Merge branch 'master' into addprefix 2016-12-20 12:18:37 +01:00
Julien Salleyron
d9fc66fdbc Add Rule AddPrefix 2016-12-19 17:12:52 +01:00
Emile Vauge
3ebfd729cf
Refactor StatsRecorder
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-12-19 15:24:00 +01:00
Emile Vauge
dca08af003
Merge v1.1.1 into master
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-12-06 08:44:23 +01:00
Julien Salleyron
2af6cc4d1b feat(provider): Add Eureka Provider 2016-11-16 22:00:24 +01:00
Ed Robinson
66e914a8ab
Adds Cleanup method to safe.Pool 2016-11-16 14:03:23 +00:00
Ed Robinson
5c0297fb61
Context is part of the stdlib on 1.7 2016-11-16 14:03:23 +00:00
Emile Vauge
00c7e5c72b
Ensure HTTP/2 enabled 2016-11-09 17:56:41 +01:00
Emile Vauge
adcf58da68
Fix ProvidersThrottleDuration doc 2016-10-26 12:47:19 +02:00
Nathan Osman
05f6b79e29
Add optional statistics to API and web UI.
A new option (--web.statistics) enables the collection of some basic
information about requests and responses. This currently consists of
the most recent 10 requests that resulted in HTTP 4xx or 5xx errors.
2016-10-25 15:36:23 -07:00
Guilhem Lettron
649cb548d0 Use sdnotify for systemd (#768)
* Use sdnotify for systemd

This is useful if a configuration is long to load.
Systemd will continue dependency chain only when server have finish to start.

https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=

* Extract the waiting behavior from Start()
2016-10-25 08:59:39 -07:00
Emile Vauge
e72e65858f
Challenge certs PEM encoding
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:25 +02:00
Emile Vauge
a42845502e
Add ACME store
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:17 +02:00
Emile Vauge
bea5ad3f13
Add leadership election
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:05 +02:00
Emile Vauge
5a0440d6f8
Add KV datastore
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:05 +02:00
Emile Vauge
462d8b3e74
Fix Docker & KV templates for sticky
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 10:57:55 +02:00
Emile Vauge
291c3b6dbc
Fix sticky sessions Docker/Marathon labels 2016-09-30 10:56:47 +02:00
Owen Marshall
df225d9170
Change cookie name to match documentation 2016-09-30 10:56:36 +02:00
Owen Marshall
3d7c44735a
Reorder sticky session definitions 2016-09-30 10:56:17 +02:00
Owen Marshall
d78c419627
Add sticky support to DRR lb 2016-09-30 10:56:17 +02:00
Owen Marshall
dc52abf4ce
Add sticky session support to Traefik.
This change adds sticky session support, by using the new
oxy/rr/StickySession feature.

To use it, set traefik.backend.sticky to true.

This is currently only implemented in the wrr load balancer, and against
the Marathon backend, but lifting it should be very doable.

In the wrr load balancer, a cookie called _TRAEFIK_SERVERNAME will be
set with the backend to use.  If the cookie is altered to an invalid
backend server, or the server is removed from the load balancer, the
next server will be used instead.

Otherwise, the cookie will be checked in Oxy's rr on access and if valid
the connection will be wired through to it.
2016-09-30 10:56:17 +02:00
tuier
a58750992d lint 2016-09-28 23:04:18 +01:00
tuier
17546c3a08 Add HTTP compression 2016-09-28 23:04:18 +01:00
Daniel Tomcej
e249983c77 add TLS Min Version
silly copy paste
Add cipher selection

add TLS Min Version

silly copy paste

silly copy paste

add TLS Min Version

silly copy paste

fix formatting

Add cipher selection

linted

arg

update cipher map
2016-09-27 14:29:36 -06:00
Diego Osse Fernandes
99c8bffcbf Initial support for Docker 1.12 Swarm Mode 2016-09-27 14:21:38 -03:00
Yoann Dubreuil
82cb21fca3 Disable gorilla/mux URL cleaning to prevent sending redirect
This fixes #167 and #651. By default, gorilla/mux cleans URL paths
such that adjacent slashes are collapsed into one single slash. This
behavior is pretty common in application stacks and it is fine, but
for Traefik, this can lead to incorrect URL paths forwarded to backend
servers.

See https://github.com/gorilla/mux/issues/94 for background.
2016-09-20 20:31:11 +02:00
Emile Vauge
11297b38c5
Remove misused Fatal* 2016-08-19 10:36:54 +02:00
Emile Vauge
5e01c0a7db
Add Host cert ACME generation
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-08-18 14:20:55 +02:00
Emile Vauge
e62cca1e7c
Merge v1.0.1
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-28 20:15:09 +02:00
Emile Vauge
3a5b67a3e1
Add basic/digest auth
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-28 18:19:47 +02:00
Martin
7ada80b619 Certificate can contain path or file contents
Signed-off-by: Martin <martin.piegay@zenika.com>
2016-07-21 09:22:35 +02:00
Anders Betnér
959c7dc783 Support for client certificate authentication 2016-07-20 14:41:38 +02:00