Commit graph

386 commits

Author SHA1 Message Date
Timo Reimann
a5c644e719 Only listen to configured k8s namespaces. 2017-10-10 16:26:03 +02:00
Ludovic Fernandez
a9d4b09bdb Stickiness cookie name 2017-10-10 11:10:02 +02:00
Fernandez Ludovic
cf508b6d48 Merge 'v1.4.0-rc4' into master 2017-10-02 17:18:24 +02:00
Ludovic Fernandez
5cc49e2931 bug command. 2017-10-02 10:32:02 +02:00
jeffreykoetsier
d41e28fc36 Handle empty ECS Clusters properly 2017-09-29 16:56:03 +02:00
SALLEYRON Julien
64c52a6921 Consul catalog remove service failed 2017-09-29 16:30:03 +02:00
Fernandez Ludovic
d6ef8ec3d1 Merge branch 'v1.4' into master 2017-09-21 11:37:33 +02:00
SALLEYRON Julien
795a346006 Flaky tests and refresh problem in consul catalog 2017-09-20 19:08:02 +02:00
Fernandez Ludovic
2cbf9cae71 Merge tag 'v1.4.0-rc3' into master 2017-09-18 21:52:44 +02:00
Ludovic Fernandez
cb05f36976 Manage Headers for the Authentication forwarding. 2017-09-18 17:48:07 +02:00
Martin Proks
0a0cf87625 Fix rancher host IP address 2017-09-15 12:30:03 +02:00
Manuel Zapf
63b581935d Add stack name to backend name generation to fix rancher metadata backend 2017-09-12 15:06:04 +02:00
Fernandez Ludovic
9fba37b409 Merge v1.4.0-rc2 into master 2017-09-09 01:00:48 +02:00
SALLEYRON Julien
f80a6ef2a6 Fix consul catalog refresh problems 2017-09-08 20:50:04 +02:00
Michael
c19cce69fa Add basic auth for ecs 2017-09-07 17:34:03 +02:00
Michael
b705e64a8a Add Basic auth for consul catalog 2017-09-07 15:28:02 +02:00
Michael
9ce4f94818 ECS provider refactoring 2017-09-06 12:10:05 +02:00
Manuel Zapf
cd6c58a372 fix rancher api environment get 2017-09-06 10:50:04 +02:00
Fernandez Ludovic
7c2ba62b56 doc: structural review
- user-guide review.
- add DataDog and StatD configuration.
- sync sample.toml and doc.
- split entry points doc.
- Deprecated.
2017-08-28 23:02:04 +02:00
Daniel Rampelt
52b69fbcb8 Add forward authentication option 2017-08-25 18:22:03 +02:00
Michael
f16219f90a Exposed by default feature in Consul Catalog 2017-08-25 17:32:03 +02:00
SALLEYRON Julien
e0af17a17a Refactor globalConfiguration / WebProvider 2017-08-25 16:10:03 +02:00
Michael
086a85d2f0 Enable loadbalancer.sticky for ECS 2017-08-25 11:42:03 +02:00
Alex Antonov
98dfd2ba0e Added a check to ensure clientTLS configuration contains either a cert or a key 2017-08-25 10:26:02 +02:00
Michael
8765494cbd Add support for several ECS backends 2017-08-22 11:46:03 +02:00
Alex Antonov
ec3e2c08b8 Support multi-port service routing for containers running on Marathon 2017-08-21 10:46:03 +02:00
Timo Reimann
b80ecd51a7 Use default frontend priority of zero. 2017-08-18 16:14:03 +02:00
Timo Reimann
ea3510d1f3 Add support for readiness checks. 2017-08-18 03:08:03 +02:00
Ludovic Fernandez
759c269dee Code cleaning. 2017-08-18 02:18:02 +02:00
thomasbach76
7ff6c32452 Add the sprig functions in the template engine 2017-08-10 20:42:39 +02:00
Kirill Orlov
94f922cd28 Added ability to override frontend priority for k8s ingress router 2017-07-29 18:35:23 +02:00
Timo Reimann
8cb44598c0 [marathon] Use test builder.
This change introduces the builder pattern to the Marathon unit tests in
order to simplify and reduce the amount of testing boilerplate.

Additional changes:

- Add missing unit tests.
- Make all tests look consistent.
- Use dedicated type for task states for increased type safety.
- Remove obsoleted getApplication function.
2017-07-21 17:15:29 +02:00
Fernandez Ludovic
c36e0b3b06 refactor: add Safe everywhere is needing. 2017-07-20 14:59:54 +02:00
Timo Reimann
3174fb8861 [marathon] Assign filtered tasks to apps contained in slice.
We previously assigned them to a copy of each application, which
effectively disabled all filtering.

Fixes a bug introduced along commit 779eeba.
2017-07-20 10:39:27 +02:00
Timo Reimann
779eeba650 [marathon] Use single API call to fetch Marathon resources.
Change Marathon provider to make just one API call instead of two per
configuration update by means of specifying embedded resources, which
enable retrieving multiple response types from the API at once. Apart
from the obvious savings in API calls, we primarily gain a consistent
view on both applications and tasks that allows us to drop a lot of
correlation logic.  Additionally, it will serve as the basis for the
introduction of readiness checks which require application/task
consistency for correct leverage on the proxy end.

Additional changes:

marathon.go:
- Filter on tasks now embedded inside the applications.
- Reduce/simplify signature on multiple template functions as we do not
  need to check for proper application/task correlation anymore.
- Remove getFrontendBackend in favor of just getBackend.
- Move filtering on enabled/exposed applications from `taskFilter` to
  `applicationFilter`. (The task filter just reached out to the
  applications anyway, so it never made sense to locate it with the
  tasks where the filter was called once for every task even though the
  result would never change.)
- Remove duplicate constraints filter in tasks, where it neither made
  sense to keep as it operates on the application level only.
- Add context to rendering error.

marathon_test.go:
- Simplify and reduce numerous tests.
- Convert tests with high number of cases into parallelized sub-tests.
- Improve readability/structure for several tests.
- Add missing test for enabled/exposed applications.
- Simplify the mocked Marathon server.

marathon.tmpl:
- Update application/task iteration.
- Replace `getFrontendBackend` by `getBackend`.
2017-07-11 14:35:01 +02:00
Ludovic Fernandez
d653a348b1 Factorize labels
* refactor(accesslog): factorize file name.
* traefik.frontend.rule
* traefik.frontend.value
* traefik.backend.circuitbreaker.expression
* traefik.enable
* traefik.backend.loadbalancer.method
* traefik.backend.loadbalancer.sticky
* traefik.backend.maxconn.amount
* traefik.backend.maxconn.extractorfunc
* traefik.port
* traefik.tags
* traefik.backend
* traefik.weight
* traefik.domain
* traefik.protocol
* traefik.frontend.passHostHeader
* traefik.frontend.whitelistSourceRange
* traefik.frontend.priority
* traefik.frontend.entryPoints
* traefik.frontend.auth.basic
* traefik.backend.id
* traefik.backend.circuitbreaker
* traefik.frontend.rule.type
* traefik.portIndex
* refactor(docker): specific labels
* refactor(rancher): specific labels
* traefik.backend.healthcheck.*
* refactor(providers): factorize labels.
2017-07-10 16:58:12 +02:00
Fernandez Ludovic
a7ec785994 refactor(dynamodb): Use Traefik Logger. 2017-07-08 00:05:53 +02:00
Fernandez Ludovic
46faa7a745 refactor(ecs): Use Traefik Logger. 2017-07-08 00:05:53 +02:00
Fernandez Ludovic
54e3f08833 refactor(marathon): Use Traefik Logger. 2017-07-08 00:05:53 +02:00
Fernandez Ludovic
b365836c57 feat: Add Trace in Base Provider. 2017-07-08 00:05:53 +02:00
Matt Christiansen
4dfbb6d489 Add marathon label to configure basic auth, similar to docker and rancher providers 2017-07-07 23:36:04 +02:00
Michael Laccetti
41dd124a4b kubernetes ingress rewrite-target implementation
* Adding support for `ingress.kubernetes.io/rewrite-target`

We create a rule using the `PathPrefixStrip` to trim out the bit in the rewrite rule.
2017-07-07 21:27:54 +02:00
Fernandez Ludovic
8f845bac74 Merge tag 'v1.3.3' 2017-07-06 19:37:12 +02:00
Timo Reimann
4892b2b0da [kubernetes] Undo the Secrets controller sync wait.
When Secrets permissions have not been granted (which is likely to be
the case for users not needing the basic auth feature), the watch on the
Secrets API will never yield a response, thereby causing the controller
to never sync successfully, and in turn causing the check for all
controller synchronizations to fail consistently. Thus, no event will
ever be handled.
2017-07-06 17:12:25 +02:00
Vincent Demeester
b7daa2f3a4 Update traefik dependencies (docker/docker and related) (#1823)
Update traefik dependencies (docker/docker and related)

- Update dependencies
- Fix compilation problems
- Remove vdemeester/docker-events (in docker api now)
- Remove `integration/vendor`
- Use `testImport`
- update some deps.
- regenerate the lock from scratch (after a `glide cc`)
2017-07-06 16:28:13 +02:00
Timo Reimann
91ce78da46 [k8s] Tell glog to log everything into STDERR.
Logging errors into a file inside a minimalistic container might not be
possible, and glog bails out with an exit code > 0 if it fails.
2017-07-04 17:11:50 +02:00
Fernandez Ludovic
3776e58041 Merge branch 'v1.3' 2017-06-30 00:04:04 +02:00
Timo Reimann
6473002021 Continue Ingress processing on auth retrieval failure. 2017-06-29 16:13:53 +02:00
Timo Reimann
4d89ff7e18 Improve basic auth handling.
- Enrich logging.
- Move error closer to producer.
2017-06-29 16:13:53 +02:00
Timo Reimann
c5c63071ca Wait for secret controller to finish synchronizing.
Prevents a race on closing the events channel, possibly leading to a
double-close.
2017-06-29 16:13:53 +02:00
Richard Shepherd
4128c1ac8d Allow file provider to load config from files in a directory. 2017-06-27 16:58:04 +02:00
Fernandez Ludovic
01bb0a80ab doc: update Rancher documentation. 2017-06-21 14:54:36 +02:00
vholovko
db1baf80a9 Speeding up health change detection by separating it from catalog services check. 2017-06-20 20:27:04 +02:00
Martin Baillie
9cb07d026f Refactor into dual Rancher API/Metadata providers
Introduces Rancher's metadata service as an optional provider source for
Traefik, enabled by setting `rancher.MetadataService`.

The provider uses a long polling technique to watch the metadata service and
obtain near instantaneous updates. Alternatively it can be configured to poll
the metadata service every `rancher.RefreshSeconds` by setting
`rancher.MetadataPoll`.

The refactor splits API and metadata service code into separate source
files respectively, and specific configuration is deferred to
sub-structs.

Incorporates bugfix #1414
2017-06-20 19:08:53 +02:00
tanyadegurechaff
984ea1040f Fix error handling for docker swarm mode 2017-06-20 18:10:21 +02:00
Fernandez Ludovic
2a578748fd Merge branch 'v1.3' 2017-06-14 22:26:35 +02:00
Fernandez Ludovic
ccc429e36c refactor(eureka): Use Traefik Logger. 2017-06-14 19:49:45 +02:00
Fernandez Ludovic
0d25ba3cbc refactor: Add explicit error message. 2017-06-14 19:49:45 +02:00
Alex Antonov
7d6c778211 Enhanced flexibility in Consul Catalog configuration 2017-06-12 21:18:55 +02:00
Fernandez Ludovic
9c27a98821 refactor: move Marathon client mock.
refactor: remove old Marathon mock.
refactor: generate new Marathon mock.

mockery -recursive -dir=vendor/github.com/gambol99/ -name=Marathon -output=provider/marathon/mocks
2017-06-12 20:27:54 +02:00
Fernandez Ludovic
2223587fc0 refactor: ordering imports. 2017-06-09 23:55:49 +02:00
Fernandez Ludovic
63f9bccf9f refactor: fix typos.
refactor: typo in whitelister file name.
2017-06-09 23:55:49 +02:00
Alex Antonov
39388a2199 Exported getSubDomain function from Marathon provider to be able to use in custom templates 2017-06-06 14:31:30 +02:00
Fernandez Ludovic
71111708d4 Merge branch 'v1.3' into master 2017-06-02 19:56:15 +02:00
Kekoa Vincent
ac5ab13a4c Fix errors caused by incorrect type being sent for the Kubernetes Secret watcher #1596
This was likely just a copy-paste issue, the bug should be benign because the secret is cast to the correct type later, but the additional logging is a major annoyance, and is happening even if basic auth is not in use with Kubernetes.
2017-06-02 19:20:47 +02:00
Fernandez Ludovic
cbccdd51c5 refactor: Logs & errors review.
- log & error: remove format if not necessary, add if necessary.
- add constants for k8s annotations.
- fix typos
2017-05-30 23:33:27 +02:00
Fernandez Ludovic
2833d68f15 Merge branch 'v1.3' into merge-back-1_3_0-rc3 2017-05-24 20:39:38 +02:00
Fernandez Ludovic
5b896bb46c fix: Empty Rancher launch config. 2017-05-24 11:20:30 +02:00
Timo Reimann
9967494996 [k8s] Ignore Ingresses with empty Endpoint subsets.
We previously fell back to using ClusterIPs. However, the approach can
lead to all kinds of problems since Ingresses rely on being able to talk
to Endpoints directly. For instance, it can break stickiness and
retries.
2017-05-23 21:15:06 +02:00
Timo Reimann
b392023c37 Add additional tests for PathStrip{Prefix}. 2017-05-23 17:31:34 +02:00
Timo Reimann
f7d9dfafd0 [k8s] Remove rule type path list.
Instead of doing sanity checks in the Kubernetes provider, we just
accept any non-empty value from the annotation and rely on the server
part to filter out unknown rules.

This allows us to automatically stay in sync with the currently
supported Path matchers/modifiers.
2017-05-23 17:31:34 +02:00
MaZderMind
5f0b215e90 IP Whitelists for Frontend (with Docker- & Kubernetes-Provider Support) 2017-05-19 15:19:29 +02:00
Emile Vauge
aa4ed088bb
Unexport Kvclient & StoreType from kv Provider
Signed-off-by: Emile Vauge <emile@vauge.com>
2017-05-11 19:33:32 +02:00
Emile Vauge
3a4ec19817
Add missing description tag
Signed-off-by: Emile Vauge <emile@vauge.com>
2017-05-11 19:33:32 +02:00
Timo Reimann
fe6c35bc6b [Kubernetes] Ignore missing pass host header annotation.
A missing annotation would previously be handled in the default error
case, causing a noisy warning-level log message to be generated each
time.

We add another case statement to ignore the case where the annotation is
missing from the annotations map.

Also piggybacking a minor improvement to the log message.
2017-05-10 19:32:45 +02:00
Volodymyr Holovko
6fd40dbaa9
Using more sensible consul blocking query to detect health check changes 2017-05-04 16:54:27 +02:00
Emile Vauge
4e186cecf9
Merge v1.2.3 master 2017-05-03 23:24:53 +02:00
Emile Vauge
bf3f6e2029
Fix Docker filter empty rule
Signed-off-by: Emile Vauge <emile@vauge.com>
2017-05-03 22:53:58 +02:00
Timo Reimann
1dcf8d2ea6 Add tests lost during PR 1320.
The tests part of this change were originally in PR 1320 but got lost
during one of the rebases. Let's bring them back in.
2017-05-03 16:27:21 +02:00
tanyadegurechaff
79cbe56a41 Make port deterministic 2017-05-03 15:28:53 +02:00
Youcef Yekhlef
8de107866f feat(rancher): added constraint management for rancher provider 2017-05-03 13:48:44 +02:00
Alex Peters
89da3b15a4 Add basic auth to kubernetes provider 2017-05-03 13:18:40 +02:00
Matthew Kelch
44db6e9290 mprove Rancher provider functionality:
- Improves default filtering behavior to filter by container health/healthState
- Optionally allows filtering by service health/healthState
- Allows configuration of refresh interval
2017-04-29 15:37:54 -04:00
Timo Reimann
d57f83c31c Make Traefik health checks label-configurable with Marathon.
For the two existing health check parameters (path and interval), we add
support for Marathon labels.

Changes in detail:

- Extend the Marathon provider and template.
- Refactor Server.loadConfig to reduce duplication.
- Refactor the healthcheck package slightly to accommodate the changes
  and allow extending by future parameters.
- Update documentation.
2017-04-28 18:17:25 +02:00
Tristan Colgate
de6d771bc2 Add libkv Username and Password 2017-04-28 16:28:57 +02:00
Regner Blok-Andersen
d24ba90900 Updating Kubernetes tests to properly test missing endpoints code path
This fixes #1307
2017-04-28 15:25:03 +02:00
Timo Reimann
7eb3051a57 Improve and extend TestGetBackendServer.
- Cover error cases.
- Use sub-tests.
2017-04-26 11:35:30 +02:00
Timo Reimann
a4355569af Extract index functionality into generic helper function.
Allows to move specific test cases to dedicated tests for new function.
2017-04-26 11:35:30 +02:00
Timo Reimann
16c86022bb Cosmetic changes. 2017-04-26 11:35:30 +02:00
Timo Reimann
e615e833bc Use go-spew to display diffs. 2017-04-26 11:35:30 +02:00
Diego de Oliveira
592a12dca2 Fix unsound behavior
The IP-Per-Task feature changed the behavior for
clients without this configuration (using the task IP instead
of task hostname). This patch make the new behavior available
just for Mesos installation with IP-Per-Task enabled. It also
make it possible to force the use of task's hostname.
2017-04-26 11:35:30 +02:00
Timo Reimann
099d605aed Check for explicitly defined Marathon port first.
Previously, we did the check too late resulting in the traefik.port
label not being effective.

The change comes with additional refactorings in production and tests.
2017-04-25 23:18:30 +02:00
Timo Reimann
f1bc80ca12 Change getLabel signature to return bool instead of error.
The comma ok idiom fits better.
2017-04-25 23:18:30 +02:00
Timo Reimann
b44aca64e3 Move Docker test provider instantiation into t.Run body. 2017-04-25 14:56:43 +02:00
Emile Vauge
af1d0a7dce
Fix Consul catalog prefix flags
Signed-off-by: Emile Vauge <emile@vauge.com>
2017-04-25 10:51:03 +02:00
mattcollier
8764c43eaf Fix typo in command line help. 2017-04-21 14:01:45 +02:00
Manuel Laufenberg
8a892b21e1 Add Basic Auth per Frontend for Rancher & Docker Dynamic Provider 2017-04-19 21:05:43 +02:00
Martin Baillie
d1ee72b308
Merge branch 'master' into rancher-provider-pagination-fixes 2017-04-19 20:47:30 +10:00
Vincent Demeester
542c3673e4 Extract providers to their own package
This is just doing that and making it compile :)

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-04-18 13:24:17 +02:00
Martin Baillie
73f09f389e Fix Rancher API pagination limits
This fix allows the Traefik Rancher provider to obtain a complete view
of the environments, services and containers being managed by the
Rancher deployment.
2017-04-18 19:48:43 +10:00