Compare commits
12 commits
6ed08f382e
...
fba88f2f25
Author | SHA1 | Date | |
---|---|---|---|
fba88f2f25 | |||
|
f5d451d816 | ||
|
f84e00e481 | ||
|
fe0af1ec4b | ||
|
95312d5324 | ||
|
e3729ec600 | ||
|
20d6c19c30 | ||
|
7a7b03eb01 | ||
|
ea4f307fcd | ||
|
a6b00608d2 | ||
|
7b649e2f0c | ||
|
70968bc6a9 |
29 changed files with 124 additions and 107 deletions
|
@ -93,7 +93,7 @@ The example below is a file provider only version (`yaml`) of what this configur
|
||||||
```yaml tab="Static configuration"
|
```yaml tab="Static configuration"
|
||||||
# traefik.yml
|
# traefik.yml
|
||||||
|
|
||||||
entrypoints:
|
entryPoints:
|
||||||
web:
|
web:
|
||||||
address: :80
|
address: :80
|
||||||
|
|
||||||
|
|
|
@ -116,8 +116,8 @@ Please check the [configuration examples below](#configuration-examples) for mor
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
# ...
|
# ...
|
||||||
--certificatesresolvers.myresolver.acme.email=your-email@example.com
|
--certificatesresolvers.myresolver.acme.email=your-email@example.com
|
||||||
--certificatesresolvers.myresolver.acme.storage=acme.json
|
--certificatesresolvers.myresolver.acme.storage=acme.json
|
||||||
|
@ -241,8 +241,8 @@ when using the `HTTP-01` challenge, `certificatesresolvers.myresolver.acme.httpc
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
# ...
|
# ...
|
||||||
--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web
|
--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web
|
||||||
```
|
```
|
||||||
|
|
|
@ -354,7 +354,7 @@ To apply a redirection:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints=Name:web Address::80 Redirect.EntryPoint:websecure
|
--entryPoints=Name:web Address::80 Redirect.EntryPoint:websecure
|
||||||
--entryPoints='Name:websecure Address::443 TLS'
|
--entryPoints='Name:websecure Address::443 TLS'
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -394,10 +394,10 @@ To apply a redirection:
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## static configuration
|
## static configuration
|
||||||
|
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.web.http.redirections.entrypoint.to=websecure
|
--entryPoints.web.http.redirections.entrypoint.to=websecure
|
||||||
--entrypoints.web.http.redirections.entrypoint.scheme=https
|
--entryPoints.web.http.redirections.entrypoint.scheme=https
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--providers.docker=true
|
--providers.docker=true
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -750,8 +750,8 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--certificatesresolvers.myresolver.acme.email=your-email@example.com
|
--certificatesresolvers.myresolver.acme.email=your-email@example.com
|
||||||
--certificatesresolvers.myresolver.acme.storage=acme.json
|
--certificatesresolvers.myresolver.acme.storage=acme.json
|
||||||
--certificatesresolvers.myresolver.acme.tlschallenge=true
|
--certificatesresolvers.myresolver.acme.tlschallenge=true
|
||||||
|
@ -1078,7 +1078,7 @@ To activate the dashboard, you can either:
|
||||||
routers:
|
routers:
|
||||||
api:
|
api:
|
||||||
rule: Host(`traefik.docker.localhost`)
|
rule: Host(`traefik.docker.localhost`)
|
||||||
entrypoints:
|
entryPoints:
|
||||||
- websecure
|
- websecure
|
||||||
service: api@internal
|
service: api@internal
|
||||||
middlewares:
|
middlewares:
|
||||||
|
|
|
@ -622,7 +622,7 @@ Starting with `v2.11.2` the `<entrypoint>.transport.respondingTimeouts.tcp.linge
|
||||||
### RespondingTimeouts.TCP and RespondingTimeouts.HTTP
|
### RespondingTimeouts.TCP and RespondingTimeouts.HTTP
|
||||||
|
|
||||||
Starting with `v2.11.2` the `respondingTimeouts.tcp` and `respondingTimeouts.http` sections introduced in `v2.11.1` have been removed.
|
Starting with `v2.11.2` the `respondingTimeouts.tcp` and `respondingTimeouts.http` sections introduced in `v2.11.1` have been removed.
|
||||||
To configure responding timeouts
|
To configure the responding timeouts, please use the [`respondingTimeouts`](../routing/entrypoints.md#respondingtimeouts) section.
|
||||||
|
|
||||||
### EntryPoint.Transport.RespondingTimeouts.ReadTimeout
|
### EntryPoint.Transport.RespondingTimeouts.ReadTimeout
|
||||||
|
|
||||||
|
|
|
@ -835,6 +835,10 @@ spec:
|
||||||
breaker will try to recover (as soon as it is in recovering
|
breaker will try to recover (as soon as it is in recovering
|
||||||
state).
|
state).
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
|
responseCode:
|
||||||
|
description: ResponseCode is the status code that the circuit
|
||||||
|
breaker will return while it is in the open state.
|
||||||
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
compress:
|
compress:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -27,8 +27,8 @@ spec:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.0
|
||||||
args:
|
args:
|
||||||
- --entrypoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --entrypoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --experimental.kubernetesgateway
|
- --experimental.kubernetesgateway
|
||||||
- --providers.kubernetesgateway
|
- --providers.kubernetesgateway
|
||||||
|
|
||||||
|
|
|
@ -172,6 +172,10 @@ spec:
|
||||||
breaker will try to recover (as soon as it is in recovering
|
breaker will try to recover (as soon as it is in recovering
|
||||||
state).
|
state).
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
|
responseCode:
|
||||||
|
description: ResponseCode is the status code that the circuit
|
||||||
|
breaker will return while it is in the open state.
|
||||||
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
compress:
|
compress:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -227,8 +227,8 @@ If both TCP and UDP are wanted for the same port, two entryPoints definitions ar
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.specificIPv4.address=192.168.2.7:8888
|
--entryPoints.specificIPv4.address=192.168.2.7:8888
|
||||||
--entrypoints.specificIPv6.address=[2001:db8::1]:8888
|
--entryPoints.specificIPv6.address=[2001:db8::1]:8888
|
||||||
```
|
```
|
||||||
|
|
||||||
Full details for how to specify `address` can be found in [net.Listen](https://golang.org/pkg/net/#Listen) (and [net.Dial](https://golang.org/pkg/net/#Dial)) of the doc for go.
|
Full details for how to specify `address` can be found in [net.Listen](https://golang.org/pkg/net/#Listen) (and [net.Dial](https://golang.org/pkg/net/#Dial)) of the doc for go.
|
||||||
|
@ -270,8 +270,8 @@ reloading the static configuration without any service downtime.
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.web.reusePort=true
|
--entryPoints.web.reusePort=true
|
||||||
```
|
```
|
||||||
|
|
||||||
Now it is possible to run multiple Traefik processes with the same EntryPoint configuration.
|
Now it is possible to run multiple Traefik processes with the same EntryPoint configuration.
|
||||||
|
@ -298,10 +298,10 @@ reloading the static configuration without any service downtime.
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.web.reusePort=true
|
--entryPoints.web.reusePort=true
|
||||||
--entrypoints.privateWeb.address=192.168.1.2:80
|
--entryPoints.privateWeb.address=192.168.1.2:80
|
||||||
--entrypoints.privateWeb.reusePort=true
|
--entryPoints.privateWeb.reusePort=true
|
||||||
```
|
```
|
||||||
|
|
||||||
Requests to `192.168.1.2:80` will only be handled by routers that have `privateWeb` as the entry point.
|
Requests to `192.168.1.2:80` will only be handled by routers that have `privateWeb` as the entry point.
|
||||||
|
@ -349,9 +349,9 @@ EntryPoints in this list are used (by default) on HTTP and TCP routers that do n
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.websecure.asDefault=true
|
--entryPoints.websecure.asDefault=true
|
||||||
```
|
```
|
||||||
|
|
||||||
### HTTP/2
|
### HTTP/2
|
||||||
|
@ -401,7 +401,7 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.name.http3
|
--entryPoints.name.http3
|
||||||
```
|
```
|
||||||
|
|
||||||
??? info "HTTP/3 uses UDP+TLS"
|
??? info "HTTP/3 uses UDP+TLS"
|
||||||
|
@ -433,7 +433,7 @@ It can be used to override the authority in the `alt-svc` header, for example if
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.name.http3.advertisedport=443
|
--entryPoints.name.http3.advertisedport=443
|
||||||
```
|
```
|
||||||
|
|
||||||
### Forwarded Headers
|
### Forwarded Headers
|
||||||
|
@ -870,10 +870,10 @@ This whole section is dedicated to options, keyed by entry point, that will appl
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.web.http.redirections.entryPoint.to=websecure
|
--entryPoints.web.http.redirections.entryPoint.to=websecure
|
||||||
--entrypoints.web.http.redirections.entryPoint.scheme=https
|
--entryPoints.web.http.redirections.entryPoint.scheme=https
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
```
|
```
|
||||||
|
|
||||||
#### `entryPoint`
|
#### `entryPoint`
|
||||||
|
@ -908,7 +908,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.foo.http.redirections.entryPoint.to=websecure
|
--entryPoints.foo.http.redirections.entryPoint.to=websecure
|
||||||
```
|
```
|
||||||
|
|
||||||
??? info "`entryPoint.scheme`"
|
??? info "`entryPoint.scheme`"
|
||||||
|
@ -938,7 +938,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.foo.http.redirections.entryPoint.scheme=https
|
--entryPoints.foo.http.redirections.entryPoint.scheme=https
|
||||||
```
|
```
|
||||||
|
|
||||||
??? info "`entryPoint.permanent`"
|
??? info "`entryPoint.permanent`"
|
||||||
|
@ -968,7 +968,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.foo.http.redirections.entrypoint.permanent=true
|
--entryPoints.foo.http.redirections.entrypoint.permanent=true
|
||||||
```
|
```
|
||||||
|
|
||||||
??? info "`entryPoint.priority`"
|
??? info "`entryPoint.priority`"
|
||||||
|
@ -998,7 +998,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.foo.http.redirections.entrypoint.priority=10
|
--entryPoints.foo.http.redirections.entrypoint.priority=10
|
||||||
```
|
```
|
||||||
|
|
||||||
### EncodeQuerySemicolons
|
### EncodeQuerySemicolons
|
||||||
|
@ -1026,8 +1026,8 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.websecure.http.encodequerysemicolons=true
|
--entryPoints.websecure.http.encodequerysemicolons=true
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Examples
|
#### Examples
|
||||||
|
@ -1062,8 +1062,8 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.websecure.http.middlewares=auth@file,strip@file
|
--entryPoints.websecure.http.middlewares=auth@file,strip@file
|
||||||
```
|
```
|
||||||
|
|
||||||
### TLS
|
### TLS
|
||||||
|
@ -1109,13 +1109,13 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.websecure.http.tls.options=foobar
|
--entryPoints.websecure.http.tls.options=foobar
|
||||||
--entrypoints.websecure.http.tls.certResolver=leresolver
|
--entryPoints.websecure.http.tls.certResolver=leresolver
|
||||||
--entrypoints.websecure.http.tls.domains[0].main=example.com
|
--entryPoints.websecure.http.tls.domains[0].main=example.com
|
||||||
--entrypoints.websecure.http.tls.domains[0].sans=foo.example.com,bar.example.com
|
--entryPoints.websecure.http.tls.domains[0].sans=foo.example.com,bar.example.com
|
||||||
--entrypoints.websecure.http.tls.domains[1].main=test.com
|
--entryPoints.websecure.http.tls.domains[1].main=test.com
|
||||||
--entrypoints.websecure.http.tls.domains[1].sans=foo.test.com,bar.test.com
|
--entryPoints.websecure.http.tls.domains[1].sans=foo.test.com,bar.test.com
|
||||||
```
|
```
|
||||||
|
|
||||||
??? example "Let's Encrypt"
|
??? example "Let's Encrypt"
|
||||||
|
@ -1138,8 +1138,8 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.websecure.http.tls.certResolver=leresolver
|
--entryPoints.websecure.http.tls.certResolver=leresolver
|
||||||
```
|
```
|
||||||
|
|
||||||
## UDP Options
|
## UDP Options
|
||||||
|
@ -1170,8 +1170,8 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
entrypoints.foo.address=:8000/udp
|
--entryPoints.foo.address=:8000/udp
|
||||||
entrypoints.foo.udp.timeout=10s
|
--entryPoints.foo.udp.timeout=10s
|
||||||
```
|
```
|
||||||
|
|
||||||
{!traefik-for-business-applications.md!}
|
{!traefik-for-business-applications.md!}
|
||||||
|
|
|
@ -53,9 +53,9 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
|
||||||
- --log.level=DEBUG
|
- --log.level=DEBUG
|
||||||
- --api
|
- --api
|
||||||
- --api.insecure
|
- --api.insecure
|
||||||
- --entrypoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --entrypoints.tcpep.address=:8000
|
- --entryPoints.tcpep.address=:8000
|
||||||
- --entrypoints.udpep.address=:9000/udp
|
- --entryPoints.udpep.address=:9000/udp
|
||||||
- --providers.kubernetescrd
|
- --providers.kubernetescrd
|
||||||
ports:
|
ports:
|
||||||
- name: web
|
- name: web
|
||||||
|
|
|
@ -234,7 +234,7 @@ Kubernetes cluster before creating `HTTPRoute` objects.
|
||||||
- headers: # [11]
|
- headers: # [11]
|
||||||
name: foo # [12]
|
name: foo # [12]
|
||||||
value: bar # [13]
|
value: bar # [13]
|
||||||
- backendRefs: # [14]
|
backendRefs: # [14]
|
||||||
- name: whoamitcp # [15]
|
- name: whoamitcp # [15]
|
||||||
weight: 1 # [16]
|
weight: 1 # [16]
|
||||||
port: 8080 # [17]
|
port: 8080 # [17]
|
||||||
|
@ -273,7 +273,7 @@ Kubernetes cluster before creating `HTTPRoute` objects.
|
||||||
| [6] | `rules` | A list of HTTP matchers, filters and actions. |
|
| [6] | `rules` | A list of HTTP matchers, filters and actions. |
|
||||||
| [7] | `matches` | Conditions used for matching the rule against incoming HTTP requests. Each match is independent, i.e. this rule will be matched if **any** one of the matches is satisfied. |
|
| [7] | `matches` | Conditions used for matching the rule against incoming HTTP requests. Each match is independent, i.e. this rule will be matched if **any** one of the matches is satisfied. |
|
||||||
| [8] | `path` | An HTTP request path matcher. If this field is not specified, a default prefix match on the "/" path is provided. |
|
| [8] | `path` | An HTTP request path matcher. If this field is not specified, a default prefix match on the "/" path is provided. |
|
||||||
| [9] | `type` | Type of match against the path Value (supported types: `Exact`, `Prefix`). |
|
| [9] | `type` | Type of match against the path Value (supported types: `Exact`, `PathPrefix`). |
|
||||||
| [10] | `value` | The value of the HTTP path to match against. |
|
| [10] | `value` | The value of the HTTP path to match against. |
|
||||||
| [11] | `headers` | Conditions to select a HTTP route by matching HTTP request headers. |
|
| [11] | `headers` | Conditions to select a HTTP route by matching HTTP request headers. |
|
||||||
| [12] | `name` | Name of the HTTP header to be matched. |
|
| [12] | `name` | Name of the HTTP header to be matched. |
|
||||||
|
|
|
@ -126,7 +126,7 @@ which in turn will create the resulting routers, services, handlers, etc.
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.0
|
||||||
args:
|
args:
|
||||||
- --entrypoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
ports:
|
ports:
|
||||||
- name: web
|
- name: web
|
||||||
|
@ -391,8 +391,8 @@ TLS can be enabled through the [HTTP options](../entrypoints.md#tls) of an Entry
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
# Static configuration
|
# Static configuration
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.websecure.http.tls
|
--entryPoints.websecure.http.tls
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
|
@ -524,8 +524,8 @@ This way, any Ingress attached to this Entrypoint will have TLS termination by d
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.0
|
||||||
args:
|
args:
|
||||||
- --entrypoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --entrypoints.websecure.http.tls
|
- --entryPoints.websecure.http.tls
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
ports:
|
ports:
|
||||||
- name: websecure
|
- name: websecure
|
||||||
|
@ -710,7 +710,7 @@ For more options, please refer to the available [annotations](#on-ingress).
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.0
|
||||||
args:
|
args:
|
||||||
- --entrypoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
ports:
|
ports:
|
||||||
- name: websecure
|
- name: websecure
|
||||||
|
|
|
@ -146,9 +146,9 @@ If you want to limit the router scope to a set of entry points, set the `entryPo
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## Static configuration
|
## Static configuration
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.other.address=:9090
|
--entryPoints.other.address=:9090
|
||||||
```
|
```
|
||||||
|
|
||||||
??? example "Listens to Specific EntryPoints"
|
??? example "Listens to Specific EntryPoints"
|
||||||
|
@ -204,9 +204,9 @@ If you want to limit the router scope to a set of entry points, set the `entryPo
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## Static configuration
|
## Static configuration
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.other.address=:9090
|
--entryPoints.other.address=:9090
|
||||||
```
|
```
|
||||||
|
|
||||||
### Rule
|
### Rule
|
||||||
|
@ -959,9 +959,9 @@ If you want to limit the router scope to a set of entry points, set the entry po
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## Static configuration
|
## Static configuration
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.other.address=:9090
|
--entryPoints.other.address=:9090
|
||||||
```
|
```
|
||||||
|
|
||||||
??? example "Listens to Specific EntryPoints"
|
??? example "Listens to Specific EntryPoints"
|
||||||
|
@ -1023,9 +1023,9 @@ If you want to limit the router scope to a set of entry points, set the entry po
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## Static configuration
|
## Static configuration
|
||||||
--entrypoints.web.address=:80
|
--entryPoints.web.address=:80
|
||||||
--entrypoints.websecure.address=:443
|
--entryPoints.websecure.address=:443
|
||||||
--entrypoints.other.address=:9090
|
--entryPoints.other.address=:9090
|
||||||
```
|
```
|
||||||
|
|
||||||
### Rule
|
### Rule
|
||||||
|
@ -1610,9 +1610,9 @@ If one wants to limit the router scope to a set of EntryPoints, one should set t
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## Static configuration
|
## Static configuration
|
||||||
--entrypoints.web.address=":80"
|
--entryPoints.web.address=":80"
|
||||||
--entrypoints.other.address=":9090/udp"
|
--entryPoints.other.address=":9090/udp"
|
||||||
--entrypoints.streaming.address=":9191/udp"
|
--entryPoints.streaming.address=":9191/udp"
|
||||||
```
|
```
|
||||||
|
|
||||||
??? example "Listens to Specific EntryPoints"
|
??? example "Listens to Specific EntryPoints"
|
||||||
|
@ -1667,9 +1667,9 @@ If one wants to limit the router scope to a set of EntryPoints, one should set t
|
||||||
|
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
## Static configuration
|
## Static configuration
|
||||||
--entrypoints.web.address=":80"
|
--entryPoints.web.address=":80"
|
||||||
--entrypoints.other.address=":9090/udp"
|
--entryPoints.other.address=":9090/udp"
|
||||||
--entrypoints.streaming.address=":9191/udp"
|
--entryPoints.streaming.address=":9191/udp"
|
||||||
```
|
```
|
||||||
|
|
||||||
### Services
|
### Services
|
||||||
|
|
|
@ -30,8 +30,8 @@ spec:
|
||||||
args:
|
args:
|
||||||
- --api.insecure
|
- --api.insecure
|
||||||
- --accesslog
|
- --accesslog
|
||||||
- --entrypoints.web.Address=:8000
|
- --entryPoints.web.Address=:8000
|
||||||
- --entrypoints.websecure.Address=:4443
|
- --entryPoints.websecure.Address=:4443
|
||||||
- --providers.kubernetescrd
|
- --providers.kubernetescrd
|
||||||
- --certificatesresolvers.myresolver.acme.tlschallenge
|
- --certificatesresolvers.myresolver.acme.tlschallenge
|
||||||
- --certificatesresolvers.myresolver.acme.email=foo@you.com
|
- --certificatesresolvers.myresolver.acme.email=foo@you.com
|
||||||
|
|
|
@ -10,8 +10,8 @@ services:
|
||||||
- "--api.insecure=true"
|
- "--api.insecure=true"
|
||||||
- "--providers.docker=true"
|
- "--providers.docker=true"
|
||||||
- "--providers.docker.exposedbydefault=false"
|
- "--providers.docker.exposedbydefault=false"
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entryPoints.web.address=:80"
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
|
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
|
||||||
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
|
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
|
||||||
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||||
|
|
|
@ -20,8 +20,8 @@ services:
|
||||||
- "--api.insecure=true"
|
- "--api.insecure=true"
|
||||||
- "--providers.docker=true"
|
- "--providers.docker=true"
|
||||||
- "--providers.docker.exposedbydefault=false"
|
- "--providers.docker.exposedbydefault=false"
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entryPoints.web.address=:80"
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
|
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
|
||||||
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
|
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
|
||||||
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||||
|
|
|
@ -64,7 +64,7 @@ What changed between the initial setup:
|
||||||
```yaml
|
```yaml
|
||||||
command:
|
command:
|
||||||
# Traefik will listen to incoming request on the port 443 (https)
|
# Traefik will listen to incoming request on the port 443 (https)
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
ports:
|
ports:
|
||||||
- "443:443"
|
- "443:443"
|
||||||
```
|
```
|
||||||
|
|
|
@ -10,8 +10,8 @@ services:
|
||||||
- "--api.insecure=true"
|
- "--api.insecure=true"
|
||||||
- "--providers.docker=true"
|
- "--providers.docker=true"
|
||||||
- "--providers.docker.exposedbydefault=false"
|
- "--providers.docker.exposedbydefault=false"
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entryPoints.web.address=:80"
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
|
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
|
||||||
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
|
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
|
||||||
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||||
|
|
|
@ -50,7 +50,7 @@ What changed between the basic example:
|
||||||
```yaml
|
```yaml
|
||||||
command:
|
command:
|
||||||
# Traefik will listen to incoming request on the port 443 (https)
|
# Traefik will listen to incoming request on the port 443 (https)
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
ports:
|
ports:
|
||||||
- "443:443"
|
- "443:443"
|
||||||
```
|
```
|
||||||
|
|
|
@ -10,7 +10,7 @@ services:
|
||||||
- "--api.insecure=true"
|
- "--api.insecure=true"
|
||||||
- "--providers.docker=true"
|
- "--providers.docker=true"
|
||||||
- "--providers.docker.exposedbydefault=false"
|
- "--providers.docker.exposedbydefault=false"
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
|
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
|
||||||
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||||
- "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
|
- "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
|
||||||
|
|
|
@ -50,7 +50,7 @@ What changed between the basic example:
|
||||||
```yaml
|
```yaml
|
||||||
command:
|
command:
|
||||||
# Traefik will listen to incoming request on the port 443 (https)
|
# Traefik will listen to incoming request on the port 443 (https)
|
||||||
- "--entrypoints.websecure.address=:443"
|
- "--entryPoints.websecure.address=:443"
|
||||||
ports:
|
ports:
|
||||||
- "443:443"
|
- "443:443"
|
||||||
```
|
```
|
||||||
|
|
|
@ -10,7 +10,7 @@ services:
|
||||||
- "--api.insecure=true"
|
- "--api.insecure=true"
|
||||||
- "--providers.docker=true"
|
- "--providers.docker=true"
|
||||||
- "--providers.docker.exposedbydefault=false"
|
- "--providers.docker.exposedbydefault=false"
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entryPoints.web.address=:80"
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
- "8080:8080"
|
- "8080:8080"
|
||||||
|
|
|
@ -86,7 +86,7 @@ Second, you define an entry point, along with the exposure of the matching port
|
||||||
```yaml
|
```yaml
|
||||||
command:
|
command:
|
||||||
# Traefik will listen to incoming request on the port 80 (HTTP)
|
# Traefik will listen to incoming request on the port 80 (HTTP)
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entryPoints.web.address=:80"
|
||||||
|
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
|
|
|
@ -835,6 +835,10 @@ spec:
|
||||||
breaker will try to recover (as soon as it is in recovering
|
breaker will try to recover (as soon as it is in recovering
|
||||||
state).
|
state).
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
|
responseCode:
|
||||||
|
description: ResponseCode is the status code that the circuit
|
||||||
|
breaker will return while it is in the open state.
|
||||||
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
compress:
|
compress:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -141,7 +141,7 @@ func newMiddlewareBuilder(ctx context.Context, goPath string, manifest *Manifest
|
||||||
case runtimeYaegi, "":
|
case runtimeYaegi, "":
|
||||||
i, err := newInterpreter(ctx, goPath, manifest.Import)
|
i, err := newInterpreter(ctx, goPath, manifest.Import)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("failed to craete Yaegi intepreter: %w", err)
|
return nil, fmt.Errorf("failed to create Yaegi interpreter: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return newYaegiMiddlewareBuilder(i, manifest.BasePkg, manifest.Import)
|
return newYaegiMiddlewareBuilder(i, manifest.BasePkg, manifest.Import)
|
||||||
|
|
|
@ -648,6 +648,10 @@ func createCircuitBreakerMiddleware(circuitBreaker *traefikv1alpha1.CircuitBreak
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if circuitBreaker.ResponseCode != 0 {
|
||||||
|
cb.ResponseCode = circuitBreaker.ResponseCode
|
||||||
|
}
|
||||||
|
|
||||||
return cb, nil
|
return cb, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -88,6 +88,8 @@ type CircuitBreaker struct {
|
||||||
FallbackDuration *intstr.IntOrString `json:"fallbackDuration,omitempty" toml:"fallbackDuration,omitempty" yaml:"fallbackDuration,omitempty" export:"true"`
|
FallbackDuration *intstr.IntOrString `json:"fallbackDuration,omitempty" toml:"fallbackDuration,omitempty" yaml:"fallbackDuration,omitempty" export:"true"`
|
||||||
// RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
|
// RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
|
||||||
RecoveryDuration *intstr.IntOrString `json:"recoveryDuration,omitempty" toml:"recoveryDuration,omitempty" yaml:"recoveryDuration,omitempty" export:"true"`
|
RecoveryDuration *intstr.IntOrString `json:"recoveryDuration,omitempty" toml:"recoveryDuration,omitempty" yaml:"recoveryDuration,omitempty" export:"true"`
|
||||||
|
// ResponseCode is the status code that the circuit breaker will return while it is in the open state.
|
||||||
|
ResponseCode int `json:"responseCode,omitempty" toml:"responseCode,omitempty" yaml:"responseCode,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
|
@ -100,6 +100,11 @@ func (r *Router) ServeTCP(conn tcp.WriteCloser) {
|
||||||
// If there is a handler matching the connection metadata,
|
// If there is a handler matching the connection metadata,
|
||||||
// we let it handle the connection.
|
// we let it handle the connection.
|
||||||
if handler != nil {
|
if handler != nil {
|
||||||
|
// Remove read/write deadline and delegate this to underlying TCP server.
|
||||||
|
if err := conn.SetDeadline(time.Time{}); err != nil {
|
||||||
|
log.Error().Err(err).Msg("Error while setting deadline")
|
||||||
|
}
|
||||||
|
|
||||||
handler.ServeTCP(conn)
|
handler.ServeTCP(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -128,15 +133,9 @@ func (r *Router) ServeTCP(conn tcp.WriteCloser) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove read/write deadline and delegate this to underlying tcp server (for now only handled by HTTP Server)
|
// Remove read/write deadline and delegate this to underlying TCP server (for now only handled by HTTP Server)
|
||||||
err = conn.SetReadDeadline(time.Time{})
|
if err := conn.SetDeadline(time.Time{}); err != nil {
|
||||||
if err != nil {
|
log.Error().Err(err).Msg("Error while setting deadline")
|
||||||
log.Error().Err(err).Msg("Error while setting read deadline")
|
|
||||||
}
|
|
||||||
|
|
||||||
err = conn.SetWriteDeadline(time.Time{})
|
|
||||||
if err != nil {
|
|
||||||
log.Error().Err(err).Msg("Error while setting write deadline")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
connData, err := tcpmuxer.NewConnData(hello.serverName, conn, hello.protos)
|
connData, err := tcpmuxer.NewConnData(hello.serverName, conn, hello.protos)
|
||||||
|
|
|
@ -536,7 +536,7 @@ func (f *fakeSpiffePKI) genSVID(id spiffeid.ID) (*x509svid.SVID, error) {
|
||||||
return x509svid.ParseRaw(certDER, keyPKCS8)
|
return x509svid.ParseRaw(certDER, keyPKCS8)
|
||||||
}
|
}
|
||||||
|
|
||||||
// fakeSpiffeSource allows retrieving staticly an SVID and its associated bundle.
|
// fakeSpiffeSource allows retrieving statically an SVID and its associated bundle.
|
||||||
type fakeSpiffeSource struct {
|
type fakeSpiffeSource struct {
|
||||||
bundle *x509bundle.Bundle
|
bundle *x509bundle.Bundle
|
||||||
svid *x509svid.SVID
|
svid *x509svid.SVID
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
<q-card-section>
|
<q-card-section>
|
||||||
<div class="row items-center no-wrap">
|
<div class="row items-center no-wrap">
|
||||||
<div class="col text-center">
|
<div class="col text-center">
|
||||||
<q-avatar class="provider-logo">
|
<q-avatar class="provider-logo" font-size="inherit">
|
||||||
<q-icon :name="`img:${getLogoPath}`" />
|
<q-icon :name="`img:${getLogoPath}`" />
|
||||||
</q-avatar>
|
</q-avatar>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in a new issue