Copys the incoming TLS client certificate to the outgoing
request. The backend can then use this certificate for
client authentication ie. k8s client cert authentication
We previously did not copy the sticky flag if the load-balancer
method validation failed, causing enabled stickiness to be dropped in
case of a validation error (which, technically, for us is the same as a
load-balancer configuration without an explicitly set method). This
change fixes that.
A few refactorings and improvements along the way:
- Move the frontend and backend configuration steps into separate
methods/functions for better testability.
- Include the invalid method name in the error value and avoid log
duplication.
- Add tests for the backend configuration part.
For the two existing health check parameters (path and interval), we add
support for Marathon labels.
Changes in detail:
- Extend the Marathon provider and template.
- Refactor Server.loadConfig to reduce duplication.
- Refactor the healthcheck package slightly to accommodate the changes
and allow extending by future parameters.
- Update documentation.
- This will help split stuff in smaller, better tested packages
- This moves some stuff like the traefik command to package `cmd`
Signed-off-by: Vincent Demeester <vincent@sbr.pm>