Compare commits
27 commits
ca45770bbd
...
e0b67d41e8
Author | SHA1 | Date | |
---|---|---|---|
e0b67d41e8 | |||
|
efa6ca0fa1 | ||
|
bc84fdd006 | ||
|
d5cb9b50f4 | ||
|
e11ff98608 | ||
56b53107a6 | |||
|
9df04df334 | ||
|
bb6cd581a6 | ||
|
8f9ad16f54 | ||
|
5d8b1949b7 | ||
|
d7ec0cedbf | ||
|
f1104ada65 | ||
|
3ba3ca6eb0 | ||
44af01ae7c | |||
|
85039e0d54 | ||
|
9be523d772 | ||
|
8b77f0c2dd | ||
|
d02be003ab | ||
|
4d539273ad | ||
|
40de310927 | ||
|
18203f57d2 | ||
|
ef0e9c6f05 | ||
|
d37ea3e882 | ||
|
49f04f2772 | ||
|
03d2e35488 | ||
|
547cd81599 | ||
|
b5251c6ac4 |
254 changed files with 12072 additions and 7719 deletions
|
@ -150,18 +150,14 @@ linters-settings:
|
|||
- github.com/jaguilar/vt100
|
||||
- github.com/cucumber/godog
|
||||
testifylint:
|
||||
enable:
|
||||
- bool-compare
|
||||
- compares
|
||||
- empty
|
||||
- error-is-as
|
||||
- error-nil
|
||||
- expected-actual
|
||||
- float-compare
|
||||
- len
|
||||
- suite-extra-assert-call
|
||||
- suite-thelper
|
||||
|
||||
disable:
|
||||
- suite-dont-use-pkg
|
||||
- require-error
|
||||
- go-require
|
||||
staticcheck:
|
||||
checks:
|
||||
- all
|
||||
- -SA1019
|
||||
linters:
|
||||
enable-all: true
|
||||
disable:
|
||||
|
@ -216,11 +212,12 @@ linters:
|
|||
|
||||
issues:
|
||||
exclude-use-default: false
|
||||
max-per-linter: 0
|
||||
max-issues-per-linter: 0
|
||||
max-same-issues: 0
|
||||
exclude:
|
||||
- 'Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked'
|
||||
- "should have a package comment, unless it's in another file for this package"
|
||||
- 'fmt.Sprintf can be replaced with string addition'
|
||||
exclude-rules:
|
||||
- path: '(.+)_test.go'
|
||||
linters:
|
||||
|
|
|
@ -19,13 +19,13 @@ global_job_config:
|
|||
prologue:
|
||||
commands:
|
||||
- curl -sSfL https://raw.githubusercontent.com/ldez/semgo/master/godownloader.sh | sudo sh -s -- -b "/usr/local/bin"
|
||||
- sudo semgo go1.21
|
||||
- sudo semgo go1.22
|
||||
- export "GOPATH=$(go env GOPATH)"
|
||||
- export "SEMAPHORE_GIT_DIR=${GOPATH}/src/github.com/traefik/${SEMAPHORE_PROJECT_NAME}"
|
||||
- export "PATH=${GOPATH}/bin:${PATH}"
|
||||
- mkdir -vp "${SEMAPHORE_GIT_DIR}" "${GOPATH}/bin"
|
||||
- export GOPROXY=https://proxy.golang.org,direct
|
||||
- curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.55.2
|
||||
- curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.56.0
|
||||
- curl -sSfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | bash -s -- -b "${GOPATH}/bin"
|
||||
- checkout
|
||||
- cache restore traefik-$(checksum go.sum)
|
||||
|
|
10
CHANGELOG.md
10
CHANGELOG.md
|
@ -1,3 +1,13 @@
|
|||
## [v2.11.0-rc2](https://github.com/traefik/traefik/tree/v2.11.0-rc2) (2024-01-24)
|
||||
[All Commits](https://github.com/traefik/traefik/compare/v2.11.0-rc1...v2.11.0-rc2)
|
||||
|
||||
**Bug fixes:**
|
||||
- **[middleware,tcp]** Add missing TCP IPAllowList middleware constructor ([#10331](https://github.com/traefik/traefik/pull/10331) by [youkoulayley](https://github.com/youkoulayley))
|
||||
- **[nomad]** Update the Nomad API dependency to v1.7.2 ([#10327](https://github.com/traefik/traefik/pull/10327) by [jrasell](https://github.com/jrasell))
|
||||
|
||||
**Documentation:**
|
||||
- Improve Concepts documentation page ([#10315](https://github.com/traefik/traefik/pull/10315) by [oliver-dvorski](https://github.com/oliver-dvorski))
|
||||
|
||||
## [v2.11.0-rc1](https://github.com/traefik/traefik/tree/v2.11.0-rc1) (2024-01-02)
|
||||
[All Commits](https://github.com/traefik/traefik/compare/0a7964300166d167f68d5502bc245b3b9c8842b4...v2.11.0-rc1)
|
||||
|
||||
|
|
58
Makefile
58
Makefile
|
@ -22,40 +22,41 @@ LINT_EXECUTABLES = misspell shellcheck
|
|||
DOCKER_BUILD_PLATFORMS ?= linux/amd64,linux/arm64
|
||||
|
||||
.PHONY: default
|
||||
#? default: Run `make generate` and `make binary`
|
||||
default: generate binary
|
||||
|
||||
## Create the "dist" directory
|
||||
#? dist: Create the "dist" directory
|
||||
dist:
|
||||
mkdir -p dist
|
||||
|
||||
## Build WebUI Docker image
|
||||
.PHONY: build-webui-image
|
||||
#? build-webui-image: Build WebUI Docker image
|
||||
build-webui-image:
|
||||
docker build -t traefik-webui -f webui/Dockerfile webui
|
||||
|
||||
## Clean WebUI static generated assets
|
||||
.PHONY: clean-webui
|
||||
#? clean-webui: Clean WebUI static generated assets
|
||||
clean-webui:
|
||||
rm -r webui/static
|
||||
mkdir -p webui/static
|
||||
printf 'For more information see `webui/readme.md`' > webui/static/DONT-EDIT-FILES-IN-THIS-DIRECTORY.md
|
||||
|
||||
## Generate WebUI
|
||||
webui/static/index.html:
|
||||
$(MAKE) build-webui-image
|
||||
docker run --rm -v "$(PWD)/webui/static":'/src/webui/static' traefik-webui npm run build:nc
|
||||
docker run --rm -v "$(PWD)/webui/static":'/src/webui/static' traefik-webui chown -R $(shell id -u):$(shell id -g) ./static
|
||||
|
||||
.PHONY: generate-webui
|
||||
#? generate-webui: Generate WebUI
|
||||
generate-webui: webui/static/index.html
|
||||
|
||||
## Generate code
|
||||
.PHONY: generate
|
||||
#? generate: Generate code (Dynamic and Static configuration documentation reference files)
|
||||
generate:
|
||||
go generate
|
||||
|
||||
## Build the binary
|
||||
.PHONY: binary
|
||||
#? binary: Build the binary
|
||||
binary: generate-webui dist
|
||||
@echo SHA: $(VERSION) $(CODENAME) $(DATE)
|
||||
CGO_ENABLED=0 GOGC=off GOOS=${GOOS} GOARCH=${GOARCH} go build ${FLAGS[*]} -ldflags "-s -w \
|
||||
|
@ -80,38 +81,39 @@ binary-windows-amd64: export BIN_NAME := traefik.exe
|
|||
binary-windows-amd64:
|
||||
@$(MAKE) binary
|
||||
|
||||
## Build the binary for the standard platforms (linux, darwin, windows)
|
||||
.PHONY: crossbinary-default
|
||||
#? crossbinary-default: Build the binary for the standard platforms (linux, darwin, windows)
|
||||
crossbinary-default: generate generate-webui
|
||||
$(CURDIR)/script/crossbinary-default.sh
|
||||
|
||||
## Run the unit and integration tests
|
||||
.PHONY: test
|
||||
#? test: Run the unit and integration tests
|
||||
test: test-unit test-integration
|
||||
|
||||
## Run the unit tests
|
||||
.PHONY: test-unit
|
||||
#? test-unit: Run the unit tests
|
||||
test-unit:
|
||||
GOOS=$(GOOS) GOARCH=$(GOARCH) go test -cover "-coverprofile=cover.out" -v $(TESTFLAGS) ./pkg/... ./cmd/...
|
||||
|
||||
## Run the integration tests
|
||||
.PHONY: test-integration
|
||||
#? test-integration: Run the integration tests
|
||||
test-integration: binary
|
||||
GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -test.timeout=20m -failfast -v $(TESTFLAGS)
|
||||
|
||||
## Run the conformance tests
|
||||
.PHONY: test-gateway-api-conformance
|
||||
#? test-gateway-api-conformance: Run the conformance tests
|
||||
test-gateway-api-conformance: binary
|
||||
GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -v -test.run K8sConformanceSuite -k8sConformance=true $(TESTFLAGS)
|
||||
|
||||
## TODO: Need to be fixed to work in all situations.
|
||||
## Run the conformance tests
|
||||
.PHONY: test-gateway-api-conformance-ci
|
||||
#? test-gateway-api-conformance-ci: Run the conformance tests
|
||||
test-gateway-api-conformance-ci:
|
||||
GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -v -test.run K8sConformanceSuite -k8sConformance=true $(TESTFLAGS)
|
||||
|
||||
## Pull all Docker images to avoid timeout during integration tests
|
||||
|
||||
.PHONY: pull-images
|
||||
#? pull-images: Pull all Docker images to avoid timeout during integration tests
|
||||
pull-images:
|
||||
grep --no-filename -E '^\s+image:' ./integration/resources/compose/*.yml \
|
||||
| awk '{print $$2}' \
|
||||
|
@ -119,21 +121,21 @@ pull-images:
|
|||
| uniq \
|
||||
| xargs -P 6 -n 1 docker pull
|
||||
|
||||
## Lint run golangci-lint
|
||||
.PHONY: lint
|
||||
#? lint: Run golangci-lint
|
||||
lint:
|
||||
golangci-lint run
|
||||
|
||||
## Validate code and docs
|
||||
.PHONY: validate-files
|
||||
#? validate-files: Validate code and docs
|
||||
validate-files: lint
|
||||
$(foreach exec,$(LINT_EXECUTABLES),\
|
||||
$(if $(shell which $(exec)),,$(error "No $(exec) in PATH")))
|
||||
$(CURDIR)/script/validate-misspell.sh
|
||||
$(CURDIR)/script/validate-shell-script.sh
|
||||
|
||||
## Validate code, docs, and vendor
|
||||
.PHONY: validate
|
||||
#? validate: Validate code, docs, and vendor
|
||||
validate: lint
|
||||
$(foreach exec,$(EXECUTABLES),\
|
||||
$(if $(shell which $(exec)),,$(error "No $(exec) in PATH")))
|
||||
|
@ -147,51 +149,57 @@ multi-arch-image-%: binary-linux-amd64 binary-linux-arm64
|
|||
docker buildx build $(DOCKER_BUILDX_ARGS) -t traefik/traefik:$* --platform=$(DOCKER_BUILD_PLATFORMS) -f Dockerfile .
|
||||
|
||||
|
||||
## Clean up static directory and build a Docker Traefik image
|
||||
.PHONY: build-image
|
||||
#? build-image: Clean up static directory and build a Docker Traefik image
|
||||
build-image: export DOCKER_BUILDX_ARGS := --load
|
||||
build-image: export DOCKER_BUILD_PLATFORMS := linux/$(GOARCH)
|
||||
build-image: clean-webui
|
||||
@$(MAKE) multi-arch-image-latest
|
||||
|
||||
## Build a Docker Traefik image without re-building the webui when it's already built
|
||||
.PHONY: build-image-dirty
|
||||
#? build-image-dirty: Build a Docker Traefik image without re-building the webui when it's already built
|
||||
build-image-dirty: export DOCKER_BUILDX_ARGS := --load
|
||||
build-image-dirty: export DOCKER_BUILD_PLATFORMS := linux/$(GOARCH)
|
||||
build-image-dirty:
|
||||
@$(MAKE) multi-arch-image-latest
|
||||
|
||||
## Build documentation site
|
||||
.PHONY: docs
|
||||
#? docs: Build documentation site
|
||||
docs:
|
||||
make -C ./docs docs
|
||||
|
||||
## Serve the documentation site locally
|
||||
.PHONY: docs-serve
|
||||
#? docs-serve: Serve the documentation site locally
|
||||
docs-serve:
|
||||
make -C ./docs docs-serve
|
||||
|
||||
## Pull image for doc building
|
||||
.PHONY: docs-pull-images
|
||||
#? docs-pull-images: Pull image for doc building
|
||||
docs-pull-images:
|
||||
make -C ./docs docs-pull-images
|
||||
|
||||
## Generate CRD clientset and CRD manifests
|
||||
.PHONY: generate-crd
|
||||
#? generate-crd: Generate CRD clientset and CRD manifests
|
||||
generate-crd:
|
||||
@$(CURDIR)/script/code-gen-docker.sh
|
||||
|
||||
## Generate code from dynamic configuration https://github.com/traefik/genconf
|
||||
.PHONY: generate-genconf
|
||||
#? generate-genconf: Generate code from dynamic configuration github.com/traefik/genconf
|
||||
generate-genconf:
|
||||
go run ./cmd/internal/gen/
|
||||
|
||||
## Create packages for the release
|
||||
.PHONY: release-packages
|
||||
#? release-packages: Create packages for the release
|
||||
release-packages: generate-webui
|
||||
$(CURDIR)/script/release-packages.sh
|
||||
|
||||
## Format the Code
|
||||
.PHONY: fmt
|
||||
#? fmt: Format the Code
|
||||
fmt:
|
||||
gofmt -s -l -w $(SRCS)
|
||||
|
||||
.PHONY: help
|
||||
#? help: Get more info on make commands
|
||||
help: Makefile
|
||||
@echo " Choose a command run in traefik:"
|
||||
@sed -n 's/^#?//p' $< | column -t -s ':' | sort | sed -e 's/^/ /'
|
||||
|
|
|
@ -72,6 +72,7 @@ _(But if you'd rather configure some of your routes manually, Traefik supports t
|
|||
|
||||
- [Docker](https://doc.traefik.io/traefik/providers/docker/) / [Swarm mode](https://doc.traefik.io/traefik/providers/docker/)
|
||||
- [Kubernetes](https://doc.traefik.io/traefik/providers/kubernetes-crd/)
|
||||
- [ECS](https://doc.traefik.io/traefik/providers/ecs/)
|
||||
- [File](https://doc.traefik.io/traefik/providers/file/)
|
||||
|
||||
## Quickstart
|
||||
|
|
|
@ -193,10 +193,13 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
|||
|
||||
tsProviders := initTailscaleProviders(staticConfiguration, &providerAggregator)
|
||||
|
||||
// Metrics
|
||||
// Observability
|
||||
|
||||
metricRegistries := registerMetricClients(staticConfiguration.Metrics)
|
||||
metricsRegistry := metrics.NewMultiRegistry(metricRegistries)
|
||||
accessLog := setupAccessLog(staticConfiguration.AccessLog)
|
||||
tracer, tracerCloser := setupTracing(staticConfiguration.Tracing)
|
||||
observabilityMgr := middleware.NewObservabilityMgr(*staticConfiguration, metricsRegistry, accessLog, tracer, tracerCloser)
|
||||
|
||||
// Entrypoints
|
||||
|
||||
|
@ -263,14 +266,11 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
|||
roundTripperManager := service.NewRoundTripperManager(spiffeX509Source)
|
||||
dialerManager := tcp.NewDialerManager(spiffeX509Source)
|
||||
acmeHTTPHandler := getHTTPChallengeHandler(acmeProviders, httpChallengeProvider)
|
||||
managerFactory := service.NewManagerFactory(*staticConfiguration, routinesPool, metricsRegistry, roundTripperManager, acmeHTTPHandler)
|
||||
managerFactory := service.NewManagerFactory(*staticConfiguration, routinesPool, observabilityMgr, roundTripperManager, acmeHTTPHandler)
|
||||
|
||||
// Router factory
|
||||
accessLog := setupAccessLog(staticConfiguration.AccessLog)
|
||||
|
||||
tracer, tracerCloser := setupTracing(staticConfiguration.Tracing)
|
||||
chainBuilder := middleware.NewChainBuilder(metricsRegistry, accessLog, tracer)
|
||||
routerFactory := server.NewRouterFactory(*staticConfiguration, managerFactory, tlsManager, chainBuilder, pluginBuilder, metricsRegistry, dialerManager)
|
||||
routerFactory := server.NewRouterFactory(*staticConfiguration, managerFactory, tlsManager, observabilityMgr, pluginBuilder, dialerManager)
|
||||
|
||||
// Watcher
|
||||
|
||||
|
@ -351,7 +351,7 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
|||
}
|
||||
})
|
||||
|
||||
return server.NewServer(routinesPool, serverEntryPointsTCP, serverEntryPointsUDP, watcher, chainBuilder, accessLog, tracerCloser), nil
|
||||
return server.NewServer(routinesPool, serverEntryPointsTCP, serverEntryPointsUDP, watcher, observabilityMgr), nil
|
||||
}
|
||||
|
||||
func getHTTPChallengeHandler(acmeProviders []*acme.Provider, httpChallengeProvider http.Handler) http.Handler {
|
||||
|
@ -520,15 +520,14 @@ func registerMetricClients(metricsConfig *types.Metrics) []metrics.Registry {
|
|||
}
|
||||
}
|
||||
|
||||
if metricsConfig.OpenTelemetry != nil {
|
||||
if metricsConfig.OTLP != nil {
|
||||
logger := log.With().Str(logs.MetricsProviderName, "openTelemetry").Logger()
|
||||
|
||||
openTelemetryRegistry := metrics.RegisterOpenTelemetry(logger.WithContext(context.Background()), metricsConfig.OpenTelemetry)
|
||||
openTelemetryRegistry := metrics.RegisterOpenTelemetry(logger.WithContext(context.Background()), metricsConfig.OTLP)
|
||||
if openTelemetryRegistry != nil {
|
||||
registries = append(registries, openTelemetryRegistry)
|
||||
logger.Debug().
|
||||
Str("address", metricsConfig.OpenTelemetry.Address).
|
||||
Str("pushInterval", metricsConfig.OpenTelemetry.PushInterval.String()).
|
||||
Str("pushInterval", metricsConfig.OTLP.PushInterval.String()).
|
||||
Msg("Configured OpenTelemetry metrics")
|
||||
}
|
||||
}
|
||||
|
|
|
@ -361,6 +361,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
|
|||
| [Hetzner](https://hetzner.com) | `hetzner` | `HETZNER_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/hetzner) |
|
||||
| [hosting.de](https://www.hosting.de) | `hostingde` | `HOSTINGDE_API_KEY`, `HOSTINGDE_ZONE_NAME` | [Additional configuration](https://go-acme.github.io/lego/dns/hostingde) |
|
||||
| [Hosttech](https://www.hosttech.eu) | `hosttech` | `HOSTTECH_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/hosttech) |
|
||||
| [http.net](https://www.http.net/) | `httpnet` | `HTTPNET_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/httpnet) |
|
||||
| [Hurricane Electric](https://dns.he.net) | `hurricane` | `HURRICANE_TOKENS` [^6] | [Additional configuration](https://go-acme.github.io/lego/dns/hurricane) |
|
||||
| [HyperOne](https://www.hyperone.com) | `hyperone` | `HYPERONE_PASSPORT_LOCATION`, `HYPERONE_LOCATION_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/hyperone) |
|
||||
| [IBM Cloud (SoftLayer)](https://www.ibm.com/cloud/) | `ibmcloud` | `SOFTLAYER_USERNAME`, `SOFTLAYER_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/ibmcloud) |
|
||||
|
@ -426,6 +427,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
|
|||
| [VK Cloud](https://mcs.mail.ru/) | `vkcloud` | `VK_CLOUD_PASSWORD`, `VK_CLOUD_PROJECT_ID`, `VK_CLOUD_USERNAME` | [Additional configuration](https://go-acme.github.io/lego/dns/vkcloud) |
|
||||
| [Vscale](https://vscale.io/) | `vscale` | `VSCALE_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/vscale) |
|
||||
| [VULTR](https://www.vultr.com) | `vultr` | `VULTR_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/vultr) |
|
||||
| [Webnames](https://www.webnames.ru/) | `webnames` | `WEBNAMES_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/webnames) |
|
||||
| [Websupport](https://websupport.sk) | `websupport` | `WEBSUPPORT_API_KEY`, `WEBSUPPORT_SECRET` | [Additional configuration](https://go-acme.github.io/lego/dns/websupport) |
|
||||
| [WEDOS](https://www.wedos.com) | `wedos` | `WEDOS_USERNAME`, `WEDOS_WAPI_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/wedos) |
|
||||
| [Yandex 360](https://360.yandex.ru) | `yandex360` | `YANDEX360_OAUTH_TOKEN`, `YANDEX360_ORG_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/yandex360) |
|
||||
|
|
|
@ -85,6 +85,7 @@ At specified intervals (`checkPeriod`), the circuit breaker evaluates `expressio
|
|||
### Open
|
||||
|
||||
While open, the fallback mechanism takes over the normal service calls for a duration of `FallbackDuration`.
|
||||
The fallback mechanism returns a `HTTP 503` (or `ResponseCode`) to the client.
|
||||
After this duration, it enters the recovering state.
|
||||
|
||||
### Recovering
|
||||
|
@ -179,3 +180,9 @@ The duration for which the circuit breaker will wait before trying to recover (f
|
|||
_Optional, Default="10s"_
|
||||
|
||||
The duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
|
||||
|
||||
### `ResponseCode`
|
||||
|
||||
_Optional, Default="503"_
|
||||
|
||||
The status code that the circuit breaker will return while it is in the open state.
|
||||
|
|
|
@ -52,3 +52,16 @@ http:
|
|||
[http.middlewares]
|
||||
[http.middlewares.autodetect.contentType]
|
||||
```
|
||||
|
||||
## Configuration Options
|
||||
|
||||
### `autoDetect`
|
||||
|
||||
!!! warning
|
||||
|
||||
`autoDetect` option is deprecated and should not be used.
|
||||
Moreover, it is redundant with an empty ContentType middleware declaration.
|
||||
|
||||
`autoDetect` specifies whether to let the `Content-Type` header,
|
||||
if it has not been set by the backend,
|
||||
be automatically set to a value derived from the contents of the response.
|
||||
|
|
|
@ -314,11 +314,43 @@ The `allowedHosts` option lists fully qualified domain names that are allowed.
|
|||
|
||||
The `hostsProxyHeaders` option is a set of header keys that may hold a proxied hostname value for the request.
|
||||
|
||||
### `sslRedirect`
|
||||
|
||||
!!! warning
|
||||
|
||||
Deprecated in favor of [EntryPoint redirection](../../routing/entrypoints.md#redirection) or the [RedirectScheme middleware](./redirectscheme.md).
|
||||
|
||||
The `sslRedirect` only allow HTTPS requests when set to `true`.
|
||||
|
||||
### `sslTemporaryRedirect`
|
||||
|
||||
!!! warning
|
||||
|
||||
Deprecated in favor of [EntryPoint redirection](../../routing/entrypoints.md#redirection) or the [RedirectScheme middleware](./redirectscheme.md).
|
||||
|
||||
Set `sslTemporaryRedirect` to `true` to force an SSL redirection using a 302 (instead of a 301).
|
||||
|
||||
### `sslHost`
|
||||
|
||||
!!! warning
|
||||
|
||||
Deprecated in favor of the [RedirectRegex middleware](./redirectregex.md).
|
||||
|
||||
The `sslHost` option is the host name that is used to redirect HTTP requests to HTTPS.
|
||||
|
||||
### `sslProxyHeaders`
|
||||
|
||||
The `sslProxyHeaders` option is set of header keys with associated values that would indicate a valid HTTPS request.
|
||||
It can be useful when using other proxies (example: `"X-Forwarded-Proto": "https"`).
|
||||
|
||||
### `sslForceHost`
|
||||
|
||||
!!! warning
|
||||
|
||||
Deprecated in favor of the [RedirectRegex middleware](./redirectregex.md).
|
||||
|
||||
Set `sslForceHost` to `true` and set `sslHost` to force requests to use `SSLHost` regardless of whether they already use SSL.
|
||||
|
||||
### `stsSeconds`
|
||||
|
||||
The `stsSeconds` is the max-age of the `Strict-Transport-Security` header.
|
||||
|
@ -370,6 +402,14 @@ The `publicKey` implements HPKP to prevent MITM attacks with forged certificates
|
|||
|
||||
The `referrerPolicy` allows sites to control whether browsers forward the `Referer` header to other sites.
|
||||
|
||||
### `featurePolicy`
|
||||
|
||||
!!! warning
|
||||
|
||||
Deprecated in favor of [`permissionsPolicy`](#permissionsPolicy)
|
||||
|
||||
The `featurePolicy` allows sites to control browser features.
|
||||
|
||||
### `permissionsPolicy`
|
||||
|
||||
The `permissionsPolicy` allows sites to control browser features.
|
||||
|
|
|
@ -76,3 +76,72 @@ For instance, `/products` also matches `/products/shoes` and `/products/shirts`.
|
|||
|
||||
If your backend is serving assets (e.g., images or JavaScript files), it can use the `X-Forwarded-Prefix` header to properly construct relative URLs.
|
||||
Using the previous example, the backend should return `/products/shoes/image.png` (and not `/image.png`, which Traefik would likely not be able to associate with the same backend).
|
||||
|
||||
### `forceSlash`
|
||||
|
||||
_Optional, Default=true_
|
||||
|
||||
!!! warning
|
||||
|
||||
`forceSlash` option is deprecated and should not be used.
|
||||
|
||||
The `forceSlash` option ensures the resulting stripped path is not the empty string, by replacing it with `/` when necessary.
|
||||
|
||||
??? info "Behavior examples"
|
||||
|
||||
- `forceSlash=true`
|
||||
|
||||
| Path | Prefix to strip | Result |
|
||||
|------------|-----------------|--------|
|
||||
| `/` | `/` | `/` |
|
||||
| `/foo` | `/foo` | `/` |
|
||||
| `/foo/` | `/foo` | `/` |
|
||||
| `/foo/` | `/foo/` | `/` |
|
||||
| `/bar` | `/foo` | `/bar` |
|
||||
| `/foo/bar` | `/foo` | `/bar` |
|
||||
|
||||
- `forceSlash=false`
|
||||
|
||||
| Path | Prefix to strip | Result |
|
||||
|------------|-----------------|--------|
|
||||
| `/` | `/` | empty |
|
||||
| `/foo` | `/foo` | empty |
|
||||
| `/foo/` | `/foo` | `/` |
|
||||
| `/foo/` | `/foo/` | empty |
|
||||
| `/bar` | `/foo` | `/bar` |
|
||||
| `/foo/bar` | `/foo` | `/bar` |
|
||||
|
||||
```yaml tab="Docker"
|
||||
labels:
|
||||
- "traefik.http.middlewares.example.stripprefix.prefixes=/foobar"
|
||||
- "traefik.http.middlewares.example.stripprefix.forceSlash=false"
|
||||
```
|
||||
|
||||
```yaml tab="Kubernetes"
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: example
|
||||
spec:
|
||||
stripPrefix:
|
||||
prefixes:
|
||||
- "/foobar"
|
||||
forceSlash: false
|
||||
```
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
http:
|
||||
middlewares:
|
||||
example:
|
||||
stripPrefix:
|
||||
prefixes:
|
||||
- "/foobar"
|
||||
forceSlash: false
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[http.middlewares]
|
||||
[http.middlewares.example.stripPrefix]
|
||||
prefixes = ["/foobar"]
|
||||
forceSlash = false
|
||||
```
|
||||
|
|
|
@ -693,3 +693,13 @@ Here are two possible transition strategies:
|
|||
This allows continued compatibility with the existing infrastructure.
|
||||
|
||||
Please check the [OpenTelemetry Tracing provider documention](../observability/tracing/opentelemetry.md) for more information.
|
||||
|
||||
#### Internal Resources Observability (AccessLogs, Metrics and Tracing)
|
||||
|
||||
In v3, observability for internal routers or services (e.g.: `ping@internal`) is disabled by default.
|
||||
To enable it one should use the new `addInternals` option for AccessLogs, Metrics or Tracing.
|
||||
Please take a look at the observability documentation for more information:
|
||||
|
||||
- [AccessLogs](../observability/access-logs.md#addinternals)
|
||||
- [Metrics](../observability/metrics/overview.md#addinternals)
|
||||
- [AccessLogs](../observability/tracing/overview.md#addinternals)
|
||||
|
|
|
@ -536,3 +536,30 @@ In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowL
|
|||
### IPWhiteList (TCP)
|
||||
|
||||
In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowList](../middlewares/tcp/ipallowlist.md) middleware instead.
|
||||
|
||||
### TLS CipherSuites
|
||||
|
||||
> By default, cipher suites without ECDHE support are no longer offered by either clients or servers during pre-TLS 1.3 handshakes.
|
||||
> This change can be reverted with the `tlsrsakex=1 GODEBUG` setting.
|
||||
> (https://go.dev/doc/go1.22#crypto/tls)
|
||||
|
||||
The _RSA key exchange_ cipher suites are way less secure than the modern ECDHE cipher suites and exposes to potential vulnerabilities like [the Marvin Attack](https://people.redhat.com/~hkario/marvin).
|
||||
Decision has been made to support ECDHE cipher suites only by default.
|
||||
|
||||
The following ciphers have been removed from the default list:
|
||||
|
||||
- `TLS_RSA_WITH_AES_128_CBC_SHA`
|
||||
- `TLS_RSA_WITH_AES_256_CBC_SHA`
|
||||
- `TLS_RSA_WITH_AES_128_GCM_SHA256`
|
||||
- `TLS_RSA_WITH_AES_256_GCM_SHA384`
|
||||
|
||||
To enable these ciphers, please set the option `CipherSuites` in your [TLS configuration](https://doc.traefik.io/traefik/https/tls/#cipher-suites) or set the environment variable `GODEBUG=tlsrsakex=1`.
|
||||
|
||||
### Minimum TLS Version
|
||||
|
||||
> By default, the minimum version offered by `crypto/tls` servers is now TLS 1.2 if not specified with config.MinimumVersion,
|
||||
> matching the behavior of crypto/tls clients.
|
||||
> This change can be reverted with the `tls10server=1 GODEBUG` setting.
|
||||
> (https://go.dev/doc/go1.22#crypto/tls)
|
||||
|
||||
To enable TLS 1.0, please set the option `MinVersion` to `VersionTLS10` in your [TLS configuration](https://doc.traefik.io/traefik/https/tls/#cipher-suites) or set the environment variable `GODEBUG=tls10server=1`.
|
||||
|
|
|
@ -26,6 +26,26 @@ accessLog: {}
|
|||
--accesslog=true
|
||||
```
|
||||
|
||||
### `addInternals`
|
||||
|
||||
_Optional, Default="false"_
|
||||
|
||||
Enables accessLogs for internal resources.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
accesslog:
|
||||
addInternals: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[accesslog]
|
||||
addInternals = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--accesslog.addinternals
|
||||
```
|
||||
|
||||
### `filePath`
|
||||
|
||||
By default access logs are written to the standard output.
|
||||
|
|
|
@ -27,6 +27,8 @@ _Required, Default="127.0.0.1:8125"_
|
|||
|
||||
Address instructs exporter to send metrics to datadog-agent at this address.
|
||||
|
||||
This address can be a Unix Domain Socket (UDS) address with the following form: `unix:///path/to/datadog.socket`.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
datadog:
|
||||
|
|
|
@ -5,45 +5,25 @@ description: "Traefik supports several metrics backends, including OpenTelemetry
|
|||
|
||||
# OpenTelemetry
|
||||
|
||||
To enable the OpenTelemetry:
|
||||
To enable the OpenTelemetry metrics:
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry: {}
|
||||
otlp: {}
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
[metrics.otlp]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry=true
|
||||
--metrics.otlp=true
|
||||
```
|
||||
|
||||
!!! info "The OpenTelemetry exporter will export metrics to the collector by using HTTP by default, see the [gRPC Section](#grpc-configuration) to use gRPC."
|
||||
!!! info "Default protocol"
|
||||
|
||||
#### `address`
|
||||
|
||||
_Required, Default="localhost:4318", Format="`<host>:<port>`"_
|
||||
|
||||
Address of the OpenTelemetry Collector to send metrics to.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
address: localhost:4318
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
address = "localhost:4318"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.address=localhost:4318
|
||||
```
|
||||
The OpenTelemetry exporter will export metrics to the collector using HTTP by default to https://localhost:4318/v1/metrics, see the [gRPC Section](#grpc-configuration) to use gRPC.
|
||||
|
||||
#### `addEntryPointsLabels`
|
||||
|
||||
|
@ -53,18 +33,18 @@ Enable metrics on entry points.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
addEntryPointsLabels: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
[metrics.otlp]
|
||||
addEntryPointsLabels = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.addEntryPointsLabels=true
|
||||
--metrics.otlp.addEntryPointsLabels=true
|
||||
```
|
||||
|
||||
#### `addRoutersLabels`
|
||||
|
@ -75,18 +55,18 @@ Enable metrics on routers.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
addRoutersLabels: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
[metrics.otlp]
|
||||
addRoutersLabels = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.addRoutersLabels=true
|
||||
--metrics.otlp.addRoutersLabels=true
|
||||
```
|
||||
|
||||
#### `addServicesLabels`
|
||||
|
@ -97,18 +77,18 @@ Enable metrics on services.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
addServicesLabels: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
[metrics.otlp]
|
||||
addServicesLabels = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.addServicesLabels=true
|
||||
--metrics.otlp.addServicesLabels=true
|
||||
```
|
||||
|
||||
#### `explicitBoundaries`
|
||||
|
@ -119,7 +99,7 @@ Explicit boundaries for Histogram data points.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
explicitBoundaries:
|
||||
- 0.1
|
||||
- 0.3
|
||||
|
@ -129,59 +109,12 @@ metrics:
|
|||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
[metrics.otlp]
|
||||
explicitBoundaries = [0.1,0.3,1.2,5.0]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.explicitBoundaries=0.1,0.3,1.2,5.0
|
||||
```
|
||||
|
||||
#### `headers`
|
||||
|
||||
_Optional, Default={}_
|
||||
|
||||
Additional headers sent with metrics by the reporter to the OpenTelemetry Collector.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
headers:
|
||||
foo: bar
|
||||
baz: buz
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry.headers]
|
||||
foo = "bar"
|
||||
baz = "buz"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.headers.foo=bar --metrics.openTelemetry.headers.baz=buz
|
||||
```
|
||||
|
||||
#### `insecure`
|
||||
|
||||
_Optional, Default=false_
|
||||
|
||||
Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
insecure: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
insecure = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.insecure=true
|
||||
--metrics.otlp.explicitBoundaries=0.1,0.3,1.2,5.0
|
||||
```
|
||||
|
||||
#### `pushInterval`
|
||||
|
@ -192,48 +125,95 @@ Interval at which metrics are sent to the OpenTelemetry Collector.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
pushInterval: 10s
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
[metrics.otlp]
|
||||
pushInterval = "10s"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.pushInterval=10s
|
||||
--metrics.otlp.pushInterval=10s
|
||||
```
|
||||
|
||||
#### `path`
|
||||
### HTTP configuration
|
||||
|
||||
_Required, Default="/v1/metrics"_
|
||||
_Optional_
|
||||
|
||||
Allows to override the default URL path used for sending metrics.
|
||||
This option has no effect when using gRPC transport.
|
||||
This instructs the exporter to send the metrics to the OpenTelemetry Collector using HTTP.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
path: /foo/v1/metrics
|
||||
otlp:
|
||||
http: {}
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry]
|
||||
path = "/foo/v1/metrics"
|
||||
[metrics.otlp.http]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.path=/foo/v1/metrics
|
||||
--metrics.otlp.http=true
|
||||
```
|
||||
|
||||
#### `endpoint`
|
||||
|
||||
_Required, Default="http://localhost:4318/v1/metrics", Format="`<scheme>://<host>:<port><path>`"_
|
||||
|
||||
URL of the OpenTelemetry Collector to send metrics to.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
http:
|
||||
endpoint: http://localhost:4318/v1/metrics
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.otlp.http]
|
||||
endpoint = "http://localhost:4318/v1/metrics"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.http.endpoint=http://localhost:4318/v1/metrics
|
||||
```
|
||||
|
||||
#### `headers`
|
||||
|
||||
_Optional, Default={}_
|
||||
|
||||
Additional headers sent with metrics by the exporter to the OpenTelemetry Collector.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
http:
|
||||
headers:
|
||||
foo: bar
|
||||
baz: buz
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.otlp.http.headers]
|
||||
foo = "bar"
|
||||
baz = "buz"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.http.headers.foo=bar --metrics.otlp.http.headers.baz=buz
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
_Optional_
|
||||
|
||||
Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector.
|
||||
Defines the Client TLS configuration used by the exporter to send metrics to the OpenTelemetry Collector.
|
||||
|
||||
##### `ca`
|
||||
|
||||
|
@ -244,18 +224,19 @@ it defaults to the system bundle.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
http:
|
||||
tls:
|
||||
ca: path/to/ca.crt
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.openTelemetry.tls]
|
||||
[metrics.otlp.http.tls]
|
||||
ca = "path/to/ca.crt"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.tls.ca=path/to/ca.crt
|
||||
--metrics.otlp.http.tls.ca=path/to/ca.crt
|
||||
```
|
||||
|
||||
##### `cert`
|
||||
|
@ -267,21 +248,22 @@ When using this option, setting the `key` option is required.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
http:
|
||||
tls:
|
||||
cert: path/to/foo.cert
|
||||
key: path/to/foo.key
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.openTelemetry.tls]
|
||||
[metrics.otlp.http.tls]
|
||||
cert = "path/to/foo.cert"
|
||||
key = "path/to/foo.key"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.tls.cert=path/to/foo.cert
|
||||
--metrics.openTelemetry.tls.key=path/to/foo.key
|
||||
--metrics.otlp.http.tls.cert=path/to/foo.cert
|
||||
--metrics.otlp.http.tls.key=path/to/foo.key
|
||||
```
|
||||
|
||||
##### `key`
|
||||
|
@ -293,21 +275,22 @@ When using this option, setting the `cert` option is required.
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
http:
|
||||
tls:
|
||||
cert: path/to/foo.cert
|
||||
key: path/to/foo.key
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.openTelemetry.tls]
|
||||
[metrics.otlp.http.tls]
|
||||
cert = "path/to/foo.cert"
|
||||
key = "path/to/foo.key"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.tls.cert=path/to/foo.cert
|
||||
--metrics.openTelemetry.tls.key=path/to/foo.key
|
||||
--metrics.otlp.http.tls.cert=path/to/foo.cert
|
||||
--metrics.otlp.http.tls.key=path/to/foo.key
|
||||
```
|
||||
|
||||
##### `insecureSkipVerify`
|
||||
|
@ -319,35 +302,218 @@ the TLS connection to the OpenTelemetry Collector accepts any certificate presen
|
|||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
http:
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.openTelemetry.tls]
|
||||
[metrics.otlp.http.tls]
|
||||
insecureSkipVerify = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.tls.insecureSkipVerify=true
|
||||
--metrics.otlp.http.tls.insecureSkipVerify=true
|
||||
```
|
||||
|
||||
#### gRPC configuration
|
||||
### gRPC configuration
|
||||
|
||||
This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC.
|
||||
_Optional_
|
||||
|
||||
This instructs the exporter to send metrics to the OpenTelemetry Collector using gRPC.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
openTelemetry:
|
||||
otlp:
|
||||
grpc: {}
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.openTelemetry.grpc]
|
||||
[metrics.otlp.grpc]
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.openTelemetry.grpc=true
|
||||
--metrics.otlp.grpc=true
|
||||
```
|
||||
|
||||
#### `endpoint`
|
||||
|
||||
_Required, Default="localhost:4317", Format="`<host>:<port>`"_
|
||||
|
||||
Address of the OpenTelemetry Collector to send metrics to.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
endpoint: localhost:4317
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.otlp.grpc]
|
||||
endpoint = "localhost:4317"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.endpoint=localhost:4317
|
||||
```
|
||||
|
||||
#### `insecure`
|
||||
|
||||
_Optional, Default=false_
|
||||
|
||||
Allows exporter to send metrics to the OpenTelemetry Collector without using a secured protocol.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
insecure: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.otlp.grpc]
|
||||
insecure = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.insecure=true
|
||||
```
|
||||
|
||||
#### `headers`
|
||||
|
||||
_Optional, Default={}_
|
||||
|
||||
Additional headers sent with metrics by the exporter to the OpenTelemetry Collector.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
headers:
|
||||
foo: bar
|
||||
baz: buz
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
[metrics.otlp.grpc.headers]
|
||||
foo = "bar"
|
||||
baz = "buz"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.headers.foo=bar --metrics.otlp.grpc.headers.baz=buz
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
_Optional_
|
||||
|
||||
Defines the Client TLS configuration used by the exporter to send metrics to the OpenTelemetry Collector.
|
||||
|
||||
##### `ca`
|
||||
|
||||
_Optional_
|
||||
|
||||
`ca` is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
|
||||
it defaults to the system bundle.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
tls:
|
||||
ca: path/to/ca.crt
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.otlp.grpc.tls]
|
||||
ca = "path/to/ca.crt"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.tls.ca=path/to/ca.crt
|
||||
```
|
||||
|
||||
##### `cert`
|
||||
|
||||
_Optional_
|
||||
|
||||
`cert` is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
|
||||
When using this option, setting the `key` option is required.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
tls:
|
||||
cert: path/to/foo.cert
|
||||
key: path/to/foo.key
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.otlp.grpc.tls]
|
||||
cert = "path/to/foo.cert"
|
||||
key = "path/to/foo.key"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.tls.cert=path/to/foo.cert
|
||||
--metrics.otlp.grpc.tls.key=path/to/foo.key
|
||||
```
|
||||
|
||||
##### `key`
|
||||
|
||||
_Optional_
|
||||
|
||||
`key` is the path to the private key used for the secure connection to the OpenTelemetry Collector.
|
||||
When using this option, setting the `cert` option is required.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
tls:
|
||||
cert: path/to/foo.cert
|
||||
key: path/to/foo.key
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.otlp.grpc.tls]
|
||||
cert = "path/to/foo.cert"
|
||||
key = "path/to/foo.key"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.tls.cert=path/to/foo.cert
|
||||
--metrics.otlp.grpc.tls.key=path/to/foo.key
|
||||
```
|
||||
|
||||
##### `insecureSkipVerify`
|
||||
|
||||
_Optional, Default=false_
|
||||
|
||||
If `insecureSkipVerify` is `true`,
|
||||
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
otlp:
|
||||
grpc:
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics.otlp.grpc.tls]
|
||||
insecureSkipVerify = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.otlp.grpc.tls.insecureSkipVerify=true
|
||||
```
|
||||
|
|
|
@ -14,6 +14,28 @@ Traefik supports these metrics backends:
|
|||
|
||||
Traefik Proxy hosts an official Grafana dashboard for both [on-premises](https://grafana.com/grafana/dashboards/17346) and [Kubernetes](https://grafana.com/grafana/dashboards/17347) deployments.
|
||||
|
||||
## Common Options
|
||||
|
||||
### `addInternals`
|
||||
|
||||
_Optional, Default="false"_
|
||||
|
||||
Enables metrics for internal resources.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
addInternals: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[metrics]
|
||||
addInternals = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--metrics.addinternals
|
||||
```
|
||||
|
||||
## Global Metrics
|
||||
|
||||
| Metric | Type | [Labels](#labels) | Description |
|
||||
|
|
42
docs/content/observability/overview.md
Normal file
42
docs/content/observability/overview.md
Normal file
|
@ -0,0 +1,42 @@
|
|||
---
|
||||
title: "Traefik Observability Overview"
|
||||
description: "Traefik provides Logs, Access Logs, Metrics and Tracing. Read the full documentation to get started."
|
||||
---
|
||||
|
||||
# Overview
|
||||
|
||||
Traefik's Observability system
|
||||
{: .subtitle }
|
||||
|
||||
## Logs
|
||||
|
||||
Traefik logs informs about everything that happens within Traefik (startup, configuration, events, shutdown, and so on).
|
||||
|
||||
Read the [Logs documentation](./logs.md) to learn how to configure it.
|
||||
|
||||
## Access Logs
|
||||
|
||||
Access logs are a key part of observability in Traefik.
|
||||
|
||||
They are providing valuable insights about incoming traffic, and allow to monitor it.
|
||||
The access logs record detailed information about each request received by Traefik,
|
||||
including the source IP address, requested URL, response status code, and more.
|
||||
|
||||
Read the [Access Logs documentation](./access-logs.md) to learn how to configure it.
|
||||
|
||||
## Metrics
|
||||
|
||||
Traefik offers a metrics feature that provides valuable insights about the performance and usage.
|
||||
These metrics include the number of requests received, the requests duration, and more.
|
||||
|
||||
Traefik supports these metrics systems: Prometheus, Datadog, InfluxDB 2.X, and StatsD.
|
||||
|
||||
Read the [Metrics documentation](./metrics/overview.md) to learn how to configure it.
|
||||
|
||||
## Tracing
|
||||
|
||||
The Traefik tracing system allows developers to gain deep visibility into the flow of requests through their infrastructure.
|
||||
|
||||
Traefik supports these tracing with OpenTelemetry.
|
||||
|
||||
Read the [Tracing documentation](./tracing/overview.md) to learn how to configure it.
|
|
@ -21,19 +21,20 @@ tracing:
|
|||
--tracing.otlp=true
|
||||
```
|
||||
|
||||
!!! info "The OpenTelemetry trace reporter will export traces to the collector using HTTP by default (http://localhost:4318/v1/traces),
|
||||
see the [gRPC Section](#grpc-configuration) to use gRPC."
|
||||
!!! info "Default protocol"
|
||||
|
||||
The OpenTelemetry trace exporter will export traces to the collector using HTTP by default to https://localhost:4318/v1/traces, see the [gRPC Section](#grpc-configuration) to use gRPC.
|
||||
|
||||
!!! info "Trace sampling"
|
||||
|
||||
By default, the OpenTelemetry trace reporter will sample 100% of traces.
|
||||
By default, the OpenTelemetry trace exporter will sample 100% of traces.
|
||||
See [OpenTelemetry's SDK configuration](https://opentelemetry.io/docs/reference/specification/sdk-environment-variables/#general-sdk-configuration) to customize the sampling strategy.
|
||||
|
||||
### HTTP configuration
|
||||
|
||||
_Optional_
|
||||
|
||||
This instructs the reporter to send spans to the OpenTelemetry Collector using HTTP.
|
||||
This instructs the exporter to send spans to the OpenTelemetry Collector using HTTP.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
|
@ -73,11 +74,37 @@ tracing:
|
|||
--tracing.otlp.http.endpoint=http://localhost:4318/v1/traces
|
||||
```
|
||||
|
||||
#### `headers`
|
||||
|
||||
_Optional, Default={}_
|
||||
|
||||
Additional headers sent with traces by the exporter to the OpenTelemetry Collector.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
otlp:
|
||||
http:
|
||||
headers:
|
||||
foo: bar
|
||||
baz: buz
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[tracing]
|
||||
[tracing.otlp.http.headers]
|
||||
foo = "bar"
|
||||
baz = "buz"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--tracing.otlp.http.headers.foo=bar --tracing.otlp.http.headers.baz=buz
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
_Optional_
|
||||
|
||||
Defines the Client TLS configuration used by the reporter to send spans to the OpenTelemetry Collector.
|
||||
Defines the Client TLS configuration used by the exporter to send spans to the OpenTelemetry Collector.
|
||||
|
||||
##### `ca`
|
||||
|
||||
|
@ -181,11 +208,11 @@ tracing:
|
|||
--tracing.otlp.http.tls.insecureSkipVerify=true
|
||||
```
|
||||
|
||||
#### gRPC configuration
|
||||
### gRPC configuration
|
||||
|
||||
_Optional_
|
||||
|
||||
This instructs the reporter to send spans to the OpenTelemetry Collector using gRPC.
|
||||
This instructs the exporter to send spans to the OpenTelemetry Collector using gRPC.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
|
@ -228,7 +255,7 @@ tracing:
|
|||
|
||||
_Optional, Default=false_
|
||||
|
||||
Allows reporter to send spans to the OpenTelemetry Collector without using a secured protocol.
|
||||
Allows exporter to send spans to the OpenTelemetry Collector without using a secured protocol.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
|
@ -247,11 +274,37 @@ tracing:
|
|||
--tracing.otlp.grpc.insecure=true
|
||||
```
|
||||
|
||||
#### `headers`
|
||||
|
||||
_Optional, Default={}_
|
||||
|
||||
Additional headers sent with traces by the exporter to the OpenTelemetry Collector.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
otlp:
|
||||
grpc:
|
||||
headers:
|
||||
foo: bar
|
||||
baz: buz
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[tracing]
|
||||
[tracing.otlp.grpc.headers]
|
||||
foo = "bar"
|
||||
baz = "buz"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--tracing.otlp.grpc.headers.foo=bar --tracing.otlp.grpc.headers.baz=buz
|
||||
```
|
||||
|
||||
#### `tls`
|
||||
|
||||
_Optional_
|
||||
|
||||
Defines the Client TLS configuration used by the reporter to send spans to the OpenTelemetry Collector.
|
||||
Defines the Client TLS configuration used by the exporter to send spans to the OpenTelemetry Collector.
|
||||
|
||||
##### `ca`
|
||||
|
||||
|
|
|
@ -14,10 +14,8 @@ Traefik uses [OpenTelemetry](https://opentelemetry.io/ "Link to website of OTel"
|
|||
|
||||
Please check our dedicated [OTel docs](./opentelemetry.md) to learn more.
|
||||
|
||||
|
||||
## Configuration
|
||||
|
||||
|
||||
To enable the tracing:
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
|
@ -34,6 +32,26 @@ tracing: {}
|
|||
|
||||
### Common Options
|
||||
|
||||
#### `addInternals`
|
||||
|
||||
_Optional, Default="false"_
|
||||
|
||||
Enables tracing for internal resources.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
addInternals: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[tracing]
|
||||
addInternals = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--tracing.addinternals
|
||||
```
|
||||
|
||||
#### `serviceName`
|
||||
|
||||
_Required, Default="traefik"_
|
||||
|
@ -74,30 +92,6 @@ tracing:
|
|||
--tracing.sampleRate=0.2
|
||||
```
|
||||
|
||||
#### `headers`
|
||||
|
||||
_Optional, Default={}_
|
||||
|
||||
Defines additional headers to be sent with the span's payload.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
tracing:
|
||||
headers:
|
||||
foo: bar
|
||||
baz: buz
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[tracing]
|
||||
[tracing.headers]
|
||||
foo = "bar"
|
||||
baz = "buz"
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--tracing.headers.foo=bar --tracing.headers.baz=buz
|
||||
```
|
||||
|
||||
#### `globalAttributes`
|
||||
|
||||
_Optional, Default=empty_
|
||||
|
|
|
@ -16,11 +16,13 @@
|
|||
- "traefik.http.middlewares.middleware05.circuitbreaker.expression=foobar"
|
||||
- "traefik.http.middlewares.middleware05.circuitbreaker.fallbackduration=42s"
|
||||
- "traefik.http.middlewares.middleware05.circuitbreaker.recoveryduration=42s"
|
||||
- "traefik.http.middlewares.middleware05.circuitbreaker.responsecode=42"
|
||||
- "traefik.http.middlewares.middleware06.compress=true"
|
||||
- "traefik.http.middlewares.middleware06.compress.excludedcontenttypes=foobar, foobar"
|
||||
- "traefik.http.middlewares.middleware06.compress.includedcontenttypes=foobar, foobar"
|
||||
- "traefik.http.middlewares.middleware06.compress.minresponsebodybytes=42"
|
||||
- "traefik.http.middlewares.middleware07.contenttype=true"
|
||||
- "traefik.http.middlewares.middleware07.contenttype.autodetect=true"
|
||||
- "traefik.http.middlewares.middleware08.digestauth.headerfield=foobar"
|
||||
- "traefik.http.middlewares.middleware08.digestauth.realm=foobar"
|
||||
- "traefik.http.middlewares.middleware08.digestauth.removeheader=true"
|
||||
|
@ -35,6 +37,7 @@
|
|||
- "traefik.http.middlewares.middleware10.forwardauth.authresponseheaders=foobar, foobar"
|
||||
- "traefik.http.middlewares.middleware10.forwardauth.authresponseheadersregex=foobar"
|
||||
- "traefik.http.middlewares.middleware10.forwardauth.tls.ca=foobar"
|
||||
- "traefik.http.middlewares.middleware10.forwardauth.tls.caoptional=true"
|
||||
- "traefik.http.middlewares.middleware10.forwardauth.tls.cert=foobar"
|
||||
- "traefik.http.middlewares.middleware10.forwardauth.tls.insecureskipverify=true"
|
||||
- "traefik.http.middlewares.middleware10.forwardauth.tls.key=foobar"
|
||||
|
@ -58,6 +61,7 @@
|
|||
- "traefik.http.middlewares.middleware12.headers.customrequestheaders.name1=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.customresponseheaders.name0=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.customresponseheaders.name1=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.featurepolicy=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.forcestsheader=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.framedeny=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.hostsproxyheaders=foobar, foobar"
|
||||
|
@ -65,8 +69,12 @@
|
|||
- "traefik.http.middlewares.middleware12.headers.permissionspolicy=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.publickey=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.referrerpolicy=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.sslforcehost=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.sslhost=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name0=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name1=foobar"
|
||||
- "traefik.http.middlewares.middleware12.headers.sslredirect=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.ssltemporaryredirect=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.stsincludesubdomains=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.stspreload=true"
|
||||
- "traefik.http.middlewares.middleware12.headers.stsseconds=42"
|
||||
|
@ -126,6 +134,7 @@
|
|||
- "traefik.http.middlewares.middleware22.replacepathregex.replacement=foobar"
|
||||
- "traefik.http.middlewares.middleware23.retry.attempts=42"
|
||||
- "traefik.http.middlewares.middleware23.retry.initialinterval=42s"
|
||||
- "traefik.http.middlewares.middleware24.stripprefix.forceslash=true"
|
||||
- "traefik.http.middlewares.middleware24.stripprefix.prefixes=foobar, foobar"
|
||||
- "traefik.http.middlewares.middleware25.stripprefixregex.regex=foobar, foobar"
|
||||
- "traefik.http.routers.router0.entrypoints=foobar, foobar"
|
||||
|
@ -213,6 +222,7 @@
|
|||
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol=true"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version=42"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.serverstransport=foobar"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay=42"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.server.tls=true"
|
||||
- "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar"
|
||||
|
|
|
@ -137,6 +137,7 @@
|
|||
checkPeriod = "42s"
|
||||
fallbackDuration = "42s"
|
||||
recoveryDuration = "42s"
|
||||
responseCode = 42
|
||||
[http.middlewares.Middleware06]
|
||||
[http.middlewares.Middleware06.compress]
|
||||
excludedContentTypes = ["foobar", "foobar"]
|
||||
|
@ -144,6 +145,7 @@
|
|||
minResponseBodyBytes = 42
|
||||
[http.middlewares.Middleware07]
|
||||
[http.middlewares.Middleware07.contentType]
|
||||
autoDetect = true
|
||||
[http.middlewares.Middleware08]
|
||||
[http.middlewares.Middleware08.digestAuth]
|
||||
users = ["foobar", "foobar"]
|
||||
|
@ -169,6 +171,7 @@
|
|||
cert = "foobar"
|
||||
key = "foobar"
|
||||
insecureSkipVerify = true
|
||||
caOptional = true
|
||||
[http.middlewares.Middleware11]
|
||||
[http.middlewares.Middleware11.grpcWeb]
|
||||
allowOrigins = ["foobar", "foobar"]
|
||||
|
@ -198,6 +201,11 @@
|
|||
referrerPolicy = "foobar"
|
||||
permissionsPolicy = "foobar"
|
||||
isDevelopment = true
|
||||
featurePolicy = "foobar"
|
||||
sslRedirect = true
|
||||
sslTemporaryRedirect = true
|
||||
sslHost = "foobar"
|
||||
sslForceHost = true
|
||||
[http.middlewares.Middleware12.headers.customRequestHeaders]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
|
@ -297,6 +305,7 @@
|
|||
[http.middlewares.Middleware24]
|
||||
[http.middlewares.Middleware24.stripPrefix]
|
||||
prefixes = ["foobar", "foobar"]
|
||||
forceSlash = true
|
||||
[http.middlewares.Middleware25]
|
||||
[http.middlewares.Middleware25.stripPrefixRegex]
|
||||
regex = ["foobar", "foobar"]
|
||||
|
@ -394,6 +403,7 @@
|
|||
[tcp.services.TCPService01]
|
||||
[tcp.services.TCPService01.loadBalancer]
|
||||
serversTransport = "foobar"
|
||||
terminationDelay = 42
|
||||
[tcp.services.TCPService01.loadBalancer.proxyProtocol]
|
||||
version = 42
|
||||
|
||||
|
@ -513,6 +523,7 @@
|
|||
curvePreferences = ["foobar", "foobar"]
|
||||
sniStrict = true
|
||||
alpnProtocols = ["foobar", "foobar"]
|
||||
preferServerCipherSuites = true
|
||||
[tls.options.Options0.clientAuth]
|
||||
caFiles = ["foobar", "foobar"]
|
||||
clientAuthType = "foobar"
|
||||
|
@ -523,6 +534,7 @@
|
|||
curvePreferences = ["foobar", "foobar"]
|
||||
sniStrict = true
|
||||
alpnProtocols = ["foobar", "foobar"]
|
||||
preferServerCipherSuites = true
|
||||
[tls.options.Options1.clientAuth]
|
||||
caFiles = ["foobar", "foobar"]
|
||||
clientAuthType = "foobar"
|
||||
|
|
|
@ -142,6 +142,7 @@ http:
|
|||
checkPeriod: 42s
|
||||
fallbackDuration: 42s
|
||||
recoveryDuration: 42s
|
||||
responseCode: 42
|
||||
Middleware06:
|
||||
compress:
|
||||
excludedContentTypes:
|
||||
|
@ -152,7 +153,8 @@ http:
|
|||
- foobar
|
||||
minResponseBodyBytes: 42
|
||||
Middleware07:
|
||||
contentType: {}
|
||||
contentType:
|
||||
autoDetect: true
|
||||
Middleware08:
|
||||
digestAuth:
|
||||
users:
|
||||
|
@ -177,6 +179,7 @@ http:
|
|||
cert: foobar
|
||||
key: foobar
|
||||
insecureSkipVerify: true
|
||||
caOptional: true
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- foobar
|
||||
|
@ -242,6 +245,11 @@ http:
|
|||
referrerPolicy: foobar
|
||||
permissionsPolicy: foobar
|
||||
isDevelopment: true
|
||||
featurePolicy: foobar
|
||||
sslRedirect: true
|
||||
sslTemporaryRedirect: true
|
||||
sslHost: foobar
|
||||
sslForceHost: true
|
||||
Middleware13:
|
||||
ipAllowList:
|
||||
sourceRange:
|
||||
|
@ -346,6 +354,7 @@ http:
|
|||
prefixes:
|
||||
- foobar
|
||||
- foobar
|
||||
forceSlash: true
|
||||
Middleware25:
|
||||
stripPrefixRegex:
|
||||
regex:
|
||||
|
@ -463,6 +472,7 @@ tcp:
|
|||
- address: foobar
|
||||
tls: true
|
||||
serversTransport: foobar
|
||||
terminationDelay: 42
|
||||
TCPService02:
|
||||
weighted:
|
||||
services:
|
||||
|
@ -583,6 +593,7 @@ tls:
|
|||
alpnProtocols:
|
||||
- foobar
|
||||
- foobar
|
||||
preferServerCipherSuites: true
|
||||
Options1:
|
||||
minVersion: foobar
|
||||
maxVersion: foobar
|
||||
|
@ -601,6 +612,7 @@ tls:
|
|||
alpnProtocols:
|
||||
- foobar
|
||||
- foobar
|
||||
preferServerCipherSuites: true
|
||||
stores:
|
||||
Store0:
|
||||
defaultCertificate:
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -20,12 +20,13 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/http/middlewares/Middleware05/circuitBreaker/expression` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware05/circuitBreaker/fallbackDuration` | `42s` |
|
||||
| `traefik/http/middlewares/Middleware05/circuitBreaker/recoveryDuration` | `42s` |
|
||||
| `traefik/http/middlewares/Middleware05/circuitBreaker/responseCode` | `42` |
|
||||
| `traefik/http/middlewares/Middleware06/compress/excludedContentTypes/0` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware06/compress/excludedContentTypes/1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware06/compress/includedContentTypes/0` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware06/compress/includedContentTypes/1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware06/compress/minResponseBodyBytes` | `42` |
|
||||
| `traefik/http/middlewares/Middleware07/contentType` | `` |
|
||||
| `traefik/http/middlewares/Middleware07/contentType/autoDetect` | `true` |
|
||||
| `traefik/http/middlewares/Middleware08/digestAuth/headerField` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware08/digestAuth/realm` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware08/digestAuth/removeHeader` | `true` |
|
||||
|
@ -45,6 +46,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeaders/1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeadersRegex` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/ca` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/caOptional` | `true` |
|
||||
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/cert` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/insecureSkipVerify` | `true` |
|
||||
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/key` | `foobar` |
|
||||
|
@ -75,6 +77,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/http/middlewares/Middleware12/headers/customRequestHeaders/name1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name0` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/featurePolicy` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/forceSTSHeader` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/frameDeny` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/hostsProxyHeaders/0` | `foobar` |
|
||||
|
@ -83,8 +86,12 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/http/middlewares/Middleware12/headers/permissionsPolicy` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/publicKey` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/referrerPolicy` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/sslForceHost` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/sslHost` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name0` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/sslRedirect` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/sslTemporaryRedirect` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/stsIncludeSubdomains` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/stsPreload` | `true` |
|
||||
| `traefik/http/middlewares/Middleware12/headers/stsSeconds` | `42` |
|
||||
|
@ -148,6 +155,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/http/middlewares/Middleware22/replacePathRegex/replacement` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware23/retry/attempts` | `42` |
|
||||
| `traefik/http/middlewares/Middleware23/retry/initialInterval` | `42s` |
|
||||
| `traefik/http/middlewares/Middleware24/stripPrefix/forceSlash` | `true` |
|
||||
| `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/0` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/1` | `foobar` |
|
||||
| `traefik/http/middlewares/Middleware25/stripPrefixRegex/regex/0` | `foobar` |
|
||||
|
@ -341,6 +349,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/address` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/tls` | `true` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/serversTransport` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService01/loadBalancer/terminationDelay` | `42` |
|
||||
| `traefik/tcp/services/TCPService02/weighted/services/0/name` | `foobar` |
|
||||
| `traefik/tcp/services/TCPService02/weighted/services/0/weight` | `42` |
|
||||
| `traefik/tcp/services/TCPService02/weighted/services/1/name` | `foobar` |
|
||||
|
@ -364,6 +373,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/tls/options/Options0/curvePreferences/1` | `foobar` |
|
||||
| `traefik/tls/options/Options0/maxVersion` | `foobar` |
|
||||
| `traefik/tls/options/Options0/minVersion` | `foobar` |
|
||||
| `traefik/tls/options/Options0/preferServerCipherSuites` | `true` |
|
||||
| `traefik/tls/options/Options0/sniStrict` | `true` |
|
||||
| `traefik/tls/options/Options1/alpnProtocols/0` | `foobar` |
|
||||
| `traefik/tls/options/Options1/alpnProtocols/1` | `foobar` |
|
||||
|
@ -376,6 +386,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
| `traefik/tls/options/Options1/curvePreferences/1` | `foobar` |
|
||||
| `traefik/tls/options/Options1/maxVersion` | `foobar` |
|
||||
| `traefik/tls/options/Options1/minVersion` | `foobar` |
|
||||
| `traefik/tls/options/Options1/preferServerCipherSuites` | `true` |
|
||||
| `traefik/tls/options/Options1/sniStrict` | `true` |
|
||||
| `traefik/tls/stores/Store0/defaultCertificate/certFile` | `foobar` |
|
||||
| `traefik/tls/stores/Store0/defaultCertificate/keyFile` | `foobar` |
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: ingressroutes.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -20,14 +20,19 @@ spec:
|
|||
description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -35,10 +40,11 @@ spec:
|
|||
description: IngressRouteSpec defines the desired state of IngressRoute.
|
||||
properties:
|
||||
entryPoints:
|
||||
description: 'EntryPoints defines the list of entry point names to
|
||||
bind to. Entry points have to be configured in the static configuration.
|
||||
description: |-
|
||||
EntryPoints defines the list of entry point names to bind to.
|
||||
Entry points have to be configured in the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
||||
Default: all.'
|
||||
Default: all.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
@ -48,17 +54,21 @@ spec:
|
|||
description: Route holds the HTTP route configuration.
|
||||
properties:
|
||||
kind:
|
||||
description: Kind defines the kind of the route. Rule is the
|
||||
only supported kind.
|
||||
description: |-
|
||||
Kind defines the kind of the route.
|
||||
Rule is the only supported kind.
|
||||
enum:
|
||||
- Rule
|
||||
type: string
|
||||
match:
|
||||
description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule'
|
||||
description: |-
|
||||
Match defines the router's rule.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule
|
||||
type: string
|
||||
middlewares:
|
||||
description: 'Middlewares defines the list of references to
|
||||
Middleware resources. More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware'
|
||||
description: |-
|
||||
Middlewares defines the list of references to Middleware resources.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware
|
||||
items:
|
||||
description: MiddlewareRef is a reference to a Middleware
|
||||
resource.
|
||||
|
@ -76,13 +86,14 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
priority:
|
||||
description: 'Priority defines the router''s priority. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority'
|
||||
description: |-
|
||||
Priority defines the router's priority.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority
|
||||
type: integer
|
||||
services:
|
||||
description: Services defines the list of Service. It can contain
|
||||
any combination of TraefikService and/or reference to a Kubernetes
|
||||
Service.
|
||||
description: |-
|
||||
Services defines the list of Service.
|
||||
It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
|
||||
items:
|
||||
description: Service defines an upstream HTTP service to proxy
|
||||
traffic to.
|
||||
|
@ -94,31 +105,32 @@ spec:
|
|||
- TraefikService
|
||||
type: string
|
||||
name:
|
||||
description: Name defines the name of the referenced Kubernetes
|
||||
Service or TraefikService. The differentiation between
|
||||
the two is specified in the Kind field.
|
||||
description: |-
|
||||
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
||||
The differentiation between the two is specified in the Kind field.
|
||||
type: string
|
||||
namespace:
|
||||
description: Namespace defines the namespace of the referenced
|
||||
Kubernetes Service or TraefikService.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs
|
||||
or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the
|
||||
pods. By default, NativeLB is false.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
passHostHeader:
|
||||
description: PassHostHeader defines whether the client
|
||||
Host header is forwarded to the upstream Kubernetes
|
||||
Service. By default, passHostHeader is true.
|
||||
description: |-
|
||||
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
||||
By default, passHostHeader is true.
|
||||
type: boolean
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
responseForwarding:
|
||||
|
@ -127,30 +139,29 @@ spec:
|
|||
the client.
|
||||
properties:
|
||||
flushInterval:
|
||||
description: 'FlushInterval defines the interval,
|
||||
in milliseconds, in between flushes to the client
|
||||
while copying the response body. A negative value
|
||||
means to flush immediately after each write to the
|
||||
client. This configuration is ignored when ReverseProxy
|
||||
recognizes a response as a streaming response; for
|
||||
such responses, writes are flushed to the client
|
||||
immediately. Default: 100ms'
|
||||
description: |-
|
||||
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
||||
A negative value means to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
||||
for such responses, writes are flushed to the client immediately.
|
||||
Default: 100ms
|
||||
type: string
|
||||
type: object
|
||||
scheme:
|
||||
description: Scheme defines the scheme to use for the
|
||||
request to the upstream Kubernetes Service. It defaults
|
||||
to https when Kubernetes Service port is 443, http otherwise.
|
||||
description: |-
|
||||
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
||||
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
||||
type: string
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransport
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
description: |-
|
||||
ServersTransport defines the name of ServersTransport resource to use.
|
||||
It allows to configure the transport between Traefik and your servers.
|
||||
Can only be used on a Kubernetes Service.
|
||||
type: string
|
||||
sticky:
|
||||
description: 'Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions'
|
||||
description: |-
|
||||
Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
||||
properties:
|
||||
cookie:
|
||||
description: Cookie defines the sticky cookie configuration.
|
||||
|
@ -161,17 +172,18 @@ spec:
|
|||
JavaScript.
|
||||
type: boolean
|
||||
maxAge:
|
||||
description: MaxAge indicates the number of seconds
|
||||
until the cookie expires. When set to a negative
|
||||
number, the cookie expires immediately. When
|
||||
set to zero, the cookie never expires.
|
||||
description: |-
|
||||
MaxAge indicates the number of seconds until the cookie expires.
|
||||
When set to a negative number, the cookie expires immediately.
|
||||
When set to zero, the cookie never expires.
|
||||
type: integer
|
||||
name:
|
||||
description: Name defines the Cookie name.
|
||||
type: string
|
||||
sameSite:
|
||||
description: 'SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
|
||||
description: |-
|
||||
SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
type: string
|
||||
secure:
|
||||
description: Secure defines whether the cookie
|
||||
|
@ -181,23 +193,23 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
strategy:
|
||||
description: Strategy defines the load balancing strategy
|
||||
between the servers. RoundRobin is the only supported
|
||||
value at the moment.
|
||||
description: |-
|
||||
Strategy defines the load balancing strategy between the servers.
|
||||
RoundRobin is the only supported value at the moment.
|
||||
type: string
|
||||
weight:
|
||||
description: Weight defines the weight and should only
|
||||
be specified when Name references a TraefikService object
|
||||
(and to be precise, one that embeds a Weighted Round
|
||||
Robin).
|
||||
description: |-
|
||||
Weight defines the weight and should only be specified when Name references a TraefikService object
|
||||
(and to be precise, one that embeds a Weighted Round Robin).
|
||||
type: integer
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
syntax:
|
||||
description: 'Syntax defines the router''s rule syntax. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax'
|
||||
description: |-
|
||||
Syntax defines the router's rule syntax.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax
|
||||
type: string
|
||||
required:
|
||||
- kind
|
||||
|
@ -205,16 +217,20 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
tls:
|
||||
description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls'
|
||||
description: |-
|
||||
TLS defines the TLS configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
|
||||
properties:
|
||||
certResolver:
|
||||
description: 'CertResolver defines the name of the certificate
|
||||
resolver to use. Cert resolvers have to be configured in the
|
||||
static configuration. More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers'
|
||||
description: |-
|
||||
CertResolver defines the name of the certificate resolver to use.
|
||||
Cert resolvers have to be configured in the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
||||
type: string
|
||||
domains:
|
||||
description: 'Domains defines the list of domains that will be
|
||||
used to issue certificates. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains'
|
||||
description: |-
|
||||
Domains defines the list of domains that will be used to issue certificates.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
||||
items:
|
||||
description: Domain holds a domain name with SANs.
|
||||
properties:
|
||||
|
@ -230,17 +246,20 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
options:
|
||||
description: 'Options defines the reference to a TLSOption, that
|
||||
specifies the parameters of the TLS connection. If not defined,
|
||||
the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options'
|
||||
description: |-
|
||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||
If not defined, the `default` TLSOption is used.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
||||
properties:
|
||||
name:
|
||||
description: 'Name defines the name of the referenced TLSOption.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption'
|
||||
description: |-
|
||||
Name defines the name of the referenced TLSOption.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||
type: string
|
||||
namespace:
|
||||
description: 'Namespace defines the namespace of the referenced
|
||||
TLSOption. More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption'
|
||||
description: |-
|
||||
Namespace defines the namespace of the referenced TLSOption.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
|
@ -250,17 +269,19 @@ spec:
|
|||
Secret to specify the certificate details.
|
||||
type: string
|
||||
store:
|
||||
description: Store defines the reference to the TLSStore, that
|
||||
will be used to store certificates. Please note that only `default`
|
||||
TLSStore can be used.
|
||||
description: |-
|
||||
Store defines the reference to the TLSStore, that will be used to store certificates.
|
||||
Please note that only `default` TLSStore can be used.
|
||||
properties:
|
||||
name:
|
||||
description: 'Name defines the name of the referenced TLSStore.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore'
|
||||
description: |-
|
||||
Name defines the name of the referenced TLSStore.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||
type: string
|
||||
namespace:
|
||||
description: 'Namespace defines the namespace of the referenced
|
||||
TLSStore. More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore'
|
||||
description: |-
|
||||
Namespace defines the namespace of the referenced TLSStore.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: ingressroutetcps.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -20,14 +20,19 @@ spec:
|
|||
description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -35,10 +40,11 @@ spec:
|
|||
description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
|
||||
properties:
|
||||
entryPoints:
|
||||
description: 'EntryPoints defines the list of entry point names to
|
||||
bind to. Entry points have to be configured in the static configuration.
|
||||
description: |-
|
||||
EntryPoints defines the list of entry point names to bind to.
|
||||
Entry points have to be configured in the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
||||
Default: all.'
|
||||
Default: all.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
@ -48,7 +54,9 @@ spec:
|
|||
description: RouteTCP holds the TCP route configuration.
|
||||
properties:
|
||||
match:
|
||||
description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1'
|
||||
description: |-
|
||||
Match defines the router's rule.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1
|
||||
type: string
|
||||
middlewares:
|
||||
description: Middlewares defines the list of references to MiddlewareTCP
|
||||
|
@ -70,8 +78,9 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
priority:
|
||||
description: 'Priority defines the router''s priority. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1'
|
||||
description: |-
|
||||
Priority defines the router's priority.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1
|
||||
type: integer
|
||||
services:
|
||||
description: Services defines the list of TCP services.
|
||||
|
@ -88,22 +97,24 @@ spec:
|
|||
Kubernetes Service.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs
|
||||
or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the
|
||||
pods. By default, NativeLB is false.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
proxyProtocol:
|
||||
description: 'ProxyProtocol defines the PROXY protocol
|
||||
configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol'
|
||||
description: |-
|
||||
ProxyProtocol defines the PROXY protocol configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
||||
properties:
|
||||
version:
|
||||
description: Version defines the PROXY Protocol version
|
||||
|
@ -111,11 +122,20 @@ spec:
|
|||
type: integer
|
||||
type: object
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransportTCP
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
description: |-
|
||||
ServersTransport defines the name of ServersTransportTCP resource to use.
|
||||
It allows to configure the transport between Traefik and your servers.
|
||||
Can only be used on a Kubernetes Service.
|
||||
type: string
|
||||
terminationDelay:
|
||||
description: |-
|
||||
TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates
|
||||
it has closed the writing capability of its connection, to close the reading capability as well,
|
||||
hence fully terminating the connection.
|
||||
It is a duration in milliseconds, defaulting to 100.
|
||||
A negative value means an infinite deadline (i.e. the reading capability is never closed).
|
||||
Deprecated: TerminationDelay is not supported APIVersion traefik.io/v1, please use ServersTransport to configure the TerminationDelay instead.
|
||||
type: integer
|
||||
tls:
|
||||
description: TLS determines whether to use TLS when dialing
|
||||
with the backend.
|
||||
|
@ -130,25 +150,29 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
syntax:
|
||||
description: 'Syntax defines the router''s rule syntax. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1'
|
||||
description: |-
|
||||
Syntax defines the router's rule syntax.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1
|
||||
type: string
|
||||
required:
|
||||
- match
|
||||
type: object
|
||||
type: array
|
||||
tls:
|
||||
description: 'TLS defines the TLS configuration on a layer 4 / TCP
|
||||
Route. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1'
|
||||
description: |-
|
||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
|
||||
properties:
|
||||
certResolver:
|
||||
description: 'CertResolver defines the name of the certificate
|
||||
resolver to use. Cert resolvers have to be configured in the
|
||||
static configuration. More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers'
|
||||
description: |-
|
||||
CertResolver defines the name of the certificate resolver to use.
|
||||
Cert resolvers have to be configured in the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
||||
type: string
|
||||
domains:
|
||||
description: 'Domains defines the list of domains that will be
|
||||
used to issue certificates. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains'
|
||||
description: |-
|
||||
Domains defines the list of domains that will be used to issue certificates.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
||||
items:
|
||||
description: Domain holds a domain name with SANs.
|
||||
properties:
|
||||
|
@ -164,9 +188,10 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
options:
|
||||
description: 'Options defines the reference to a TLSOption, that
|
||||
specifies the parameters of the TLS connection. If not defined,
|
||||
the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options'
|
||||
description: |-
|
||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||
If not defined, the `default` TLSOption is used.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
||||
properties:
|
||||
name:
|
||||
description: Name defines the name of the referenced Traefik
|
||||
|
@ -188,9 +213,9 @@ spec:
|
|||
Secret to specify the certificate details.
|
||||
type: string
|
||||
store:
|
||||
description: Store defines the reference to the TLSStore, that
|
||||
will be used to store certificates. Please note that only `default`
|
||||
TLSStore can be used.
|
||||
description: |-
|
||||
Store defines the reference to the TLSStore, that will be used to store certificates.
|
||||
Please note that only `default` TLSStore can be used.
|
||||
properties:
|
||||
name:
|
||||
description: Name defines the name of the referenced Traefik
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: ingressrouteudps.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -20,14 +20,19 @@ spec:
|
|||
description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -35,10 +40,11 @@ spec:
|
|||
description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
|
||||
properties:
|
||||
entryPoints:
|
||||
description: 'EntryPoints defines the list of entry point names to
|
||||
bind to. Entry points have to be configured in the static configuration.
|
||||
description: |-
|
||||
EntryPoints defines the list of entry point names to bind to.
|
||||
Entry points have to be configured in the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
||||
Default: all.'
|
||||
Default: all.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
@ -62,17 +68,18 @@ spec:
|
|||
Kubernetes Service.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs
|
||||
or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the
|
||||
pods. By default, NativeLB is false.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
weight:
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: middlewares.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,18 +17,24 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'Middleware is the CRD implementation of a Traefik Middleware.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/'
|
||||
description: |-
|
||||
Middleware is the CRD implementation of a Traefik Middleware.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -36,33 +42,37 @@ spec:
|
|||
description: MiddlewareSpec defines the desired state of a Middleware.
|
||||
properties:
|
||||
addPrefix:
|
||||
description: 'AddPrefix holds the add prefix middleware configuration.
|
||||
This middleware updates the path of a request before forwarding
|
||||
it. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/'
|
||||
description: |-
|
||||
AddPrefix holds the add prefix middleware configuration.
|
||||
This middleware updates the path of a request before forwarding it.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/
|
||||
properties:
|
||||
prefix:
|
||||
description: Prefix is the string to add before the current path
|
||||
in the requested URL. It should include a leading slash (/).
|
||||
description: |-
|
||||
Prefix is the string to add before the current path in the requested URL.
|
||||
It should include a leading slash (/).
|
||||
type: string
|
||||
type: object
|
||||
basicAuth:
|
||||
description: 'BasicAuth holds the basic auth middleware configuration.
|
||||
description: |-
|
||||
BasicAuth holds the basic auth middleware configuration.
|
||||
This middleware restricts access to your services to known users.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
|
||||
properties:
|
||||
headerField:
|
||||
description: 'HeaderField defines a header field to store the
|
||||
authenticated user. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield'
|
||||
description: |-
|
||||
HeaderField defines a header field to store the authenticated user.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
||||
type: string
|
||||
realm:
|
||||
description: 'Realm allows the protected resources on a server
|
||||
to be partitioned into a set of protection spaces, each with
|
||||
its own authentication scheme. Default: traefik.'
|
||||
description: |-
|
||||
Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
|
||||
Default: traefik.
|
||||
type: string
|
||||
removeHeader:
|
||||
description: 'RemoveHeader sets the removeHeader option to true
|
||||
to remove the authorization header before forwarding the request
|
||||
to your service. Default: false.'
|
||||
description: |-
|
||||
RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service.
|
||||
Default: false.
|
||||
type: boolean
|
||||
secret:
|
||||
description: Secret is the name of the referenced Kubernetes Secret
|
||||
|
@ -70,48 +80,49 @@ spec:
|
|||
type: string
|
||||
type: object
|
||||
buffering:
|
||||
description: 'Buffering holds the buffering middleware configuration.
|
||||
This middleware retries or limits the size of requests that can
|
||||
be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes'
|
||||
description: |-
|
||||
Buffering holds the buffering middleware configuration.
|
||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes
|
||||
properties:
|
||||
maxRequestBodyBytes:
|
||||
description: 'MaxRequestBodyBytes defines the maximum allowed
|
||||
body size for the request (in bytes). If the request exceeds
|
||||
the allowed size, it is not forwarded to the service, and the
|
||||
client gets a 413 (Request Entity Too Large) response. Default:
|
||||
0 (no maximum).'
|
||||
description: |-
|
||||
MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
|
||||
If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
|
||||
Default: 0 (no maximum).
|
||||
format: int64
|
||||
type: integer
|
||||
maxResponseBodyBytes:
|
||||
description: 'MaxResponseBodyBytes defines the maximum allowed
|
||||
response size from the service (in bytes). If the response exceeds
|
||||
the allowed size, it is not forwarded to the client. The client
|
||||
gets a 500 (Internal Server Error) response instead. Default:
|
||||
0 (no maximum).'
|
||||
description: |-
|
||||
MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes).
|
||||
If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead.
|
||||
Default: 0 (no maximum).
|
||||
format: int64
|
||||
type: integer
|
||||
memRequestBodyBytes:
|
||||
description: 'MemRequestBodyBytes defines the threshold (in bytes)
|
||||
from which the request will be buffered on disk instead of in
|
||||
memory. Default: 1048576 (1Mi).'
|
||||
description: |-
|
||||
MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory.
|
||||
Default: 1048576 (1Mi).
|
||||
format: int64
|
||||
type: integer
|
||||
memResponseBodyBytes:
|
||||
description: 'MemResponseBodyBytes defines the threshold (in bytes)
|
||||
from which the response will be buffered on disk instead of
|
||||
in memory. Default: 1048576 (1Mi).'
|
||||
description: |-
|
||||
MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory.
|
||||
Default: 1048576 (1Mi).
|
||||
format: int64
|
||||
type: integer
|
||||
retryExpression:
|
||||
description: 'RetryExpression defines the retry conditions. It
|
||||
is a logical combination of functions with operators AND (&&)
|
||||
and OR (||). More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression'
|
||||
description: |-
|
||||
RetryExpression defines the retry conditions.
|
||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression
|
||||
type: string
|
||||
type: object
|
||||
chain:
|
||||
description: 'Chain holds the configuration of the chain middleware.
|
||||
This middleware enables to define reusable combinations of other
|
||||
pieces of middleware. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/'
|
||||
description: |-
|
||||
Chain holds the configuration of the chain middleware.
|
||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/
|
||||
properties:
|
||||
middlewares:
|
||||
description: Middlewares is the list of MiddlewareRef which composes
|
||||
|
@ -163,15 +174,15 @@ spec:
|
|||
x-kubernetes-int-or-string: true
|
||||
type: object
|
||||
compress:
|
||||
description: 'Compress holds the compress middleware configuration.
|
||||
This middleware compresses responses before sending them to the
|
||||
client, using gzip compression. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/'
|
||||
description: |-
|
||||
Compress holds the compress middleware configuration.
|
||||
This middleware compresses responses before sending them to the client, using gzip compression.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/
|
||||
properties:
|
||||
excludedContentTypes:
|
||||
description: ExcludedContentTypes defines the list of content
|
||||
types to compare the Content-Type header of the incoming requests
|
||||
and responses before compressing. `application/grpc` is always
|
||||
excluded.
|
||||
description: |-
|
||||
ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
|
||||
`application/grpc` is always excluded.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
@ -183,30 +194,38 @@ spec:
|
|||
type: string
|
||||
type: array
|
||||
minResponseBodyBytes:
|
||||
description: 'MinResponseBodyBytes defines the minimum amount
|
||||
of bytes a response body must have to be compressed. Default:
|
||||
1024.'
|
||||
description: |-
|
||||
MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed.
|
||||
Default: 1024.
|
||||
type: integer
|
||||
type: object
|
||||
contentType:
|
||||
description: ContentType holds the content-type middleware configuration.
|
||||
This middleware sets the `Content-Type` header value to the media
|
||||
type detected from the response content, when it is not set by the
|
||||
backend.
|
||||
description: |-
|
||||
ContentType holds the content-type middleware configuration.
|
||||
This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
|
||||
properties:
|
||||
autoDetect:
|
||||
description: |-
|
||||
AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
|
||||
be automatically set to a value derived from the contents of the response.
|
||||
Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.
|
||||
type: boolean
|
||||
type: object
|
||||
digestAuth:
|
||||
description: 'DigestAuth holds the digest auth middleware configuration.
|
||||
description: |-
|
||||
DigestAuth holds the digest auth middleware configuration.
|
||||
This middleware restricts access to your services to known users.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
|
||||
properties:
|
||||
headerField:
|
||||
description: 'HeaderField defines a header field to store the
|
||||
authenticated user. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield'
|
||||
description: |-
|
||||
HeaderField defines a header field to store the authenticated user.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
||||
type: string
|
||||
realm:
|
||||
description: 'Realm allows the protected resources on a server
|
||||
to be partitioned into a set of protection spaces, each with
|
||||
its own authentication scheme. Default: traefik.'
|
||||
description: |-
|
||||
Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
|
||||
Default: traefik.
|
||||
type: string
|
||||
removeHeader:
|
||||
description: RemoveHeader defines whether to remove the authorization
|
||||
|
@ -218,18 +237,20 @@ spec:
|
|||
type: string
|
||||
type: object
|
||||
errors:
|
||||
description: 'ErrorPage holds the custom error middleware configuration.
|
||||
This middleware returns a custom page in lieu of the default, according
|
||||
to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/'
|
||||
description: |-
|
||||
ErrorPage holds the custom error middleware configuration.
|
||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/
|
||||
properties:
|
||||
query:
|
||||
description: Query defines the URL for the error page (hosted
|
||||
by service). The {status} variable can be used in order to insert
|
||||
the status code in the URL.
|
||||
description: |-
|
||||
Query defines the URL for the error page (hosted by service).
|
||||
The {status} variable can be used in order to insert the status code in the URL.
|
||||
type: string
|
||||
service:
|
||||
description: 'Service defines the reference to a Kubernetes Service
|
||||
that will serve the error page. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service'
|
||||
description: |-
|
||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service
|
||||
properties:
|
||||
kind:
|
||||
description: Kind defines the kind of the Service.
|
||||
|
@ -238,31 +259,32 @@ spec:
|
|||
- TraefikService
|
||||
type: string
|
||||
name:
|
||||
description: Name defines the name of the referenced Kubernetes
|
||||
Service or TraefikService. The differentiation between the
|
||||
two is specified in the Kind field.
|
||||
description: |-
|
||||
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
||||
The differentiation between the two is specified in the Kind field.
|
||||
type: string
|
||||
namespace:
|
||||
description: Namespace defines the namespace of the referenced
|
||||
Kubernetes Service or TraefikService.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if
|
||||
the only child is the Kubernetes Service clusterIP. The
|
||||
Kubernetes Service itself does load-balance to the pods.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
passHostHeader:
|
||||
description: PassHostHeader defines whether the client Host
|
||||
header is forwarded to the upstream Kubernetes Service.
|
||||
description: |-
|
||||
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
||||
By default, passHostHeader is true.
|
||||
type: boolean
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
responseForwarding:
|
||||
|
@ -271,29 +293,29 @@ spec:
|
|||
client.
|
||||
properties:
|
||||
flushInterval:
|
||||
description: 'FlushInterval defines the interval, in milliseconds,
|
||||
in between flushes to the client while copying the response
|
||||
body. A negative value means to flush immediately after
|
||||
each write to the client. This configuration is ignored
|
||||
when ReverseProxy recognizes a response as a streaming
|
||||
response; for such responses, writes are flushed to
|
||||
the client immediately. Default: 100ms'
|
||||
description: |-
|
||||
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
||||
A negative value means to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
||||
for such responses, writes are flushed to the client immediately.
|
||||
Default: 100ms
|
||||
type: string
|
||||
type: object
|
||||
scheme:
|
||||
description: Scheme defines the scheme to use for the request
|
||||
to the upstream Kubernetes Service. It defaults to https
|
||||
when Kubernetes Service port is 443, http otherwise.
|
||||
description: |-
|
||||
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
||||
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
||||
type: string
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransport
|
||||
resource to use. It allows to configure the transport between
|
||||
Traefik and your servers. Can only be used on a Kubernetes
|
||||
Service.
|
||||
description: |-
|
||||
ServersTransport defines the name of ServersTransport resource to use.
|
||||
It allows to configure the transport between Traefik and your servers.
|
||||
Can only be used on a Kubernetes Service.
|
||||
type: string
|
||||
sticky:
|
||||
description: 'Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions'
|
||||
description: |-
|
||||
Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
||||
properties:
|
||||
cookie:
|
||||
description: Cookie defines the sticky cookie configuration.
|
||||
|
@ -303,17 +325,18 @@ spec:
|
|||
be accessed by client-side APIs, such as JavaScript.
|
||||
type: boolean
|
||||
maxAge:
|
||||
description: MaxAge indicates the number of seconds
|
||||
until the cookie expires. When set to a negative
|
||||
number, the cookie expires immediately. When set
|
||||
to zero, the cookie never expires.
|
||||
description: |-
|
||||
MaxAge indicates the number of seconds until the cookie expires.
|
||||
When set to a negative number, the cookie expires immediately.
|
||||
When set to zero, the cookie never expires.
|
||||
type: integer
|
||||
name:
|
||||
description: Name defines the Cookie name.
|
||||
type: string
|
||||
sameSite:
|
||||
description: 'SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
|
||||
description: |-
|
||||
SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
type: string
|
||||
secure:
|
||||
description: Secure defines whether the cookie can
|
||||
|
@ -323,32 +346,34 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
strategy:
|
||||
description: Strategy defines the load balancing strategy
|
||||
between the servers. RoundRobin is the only supported value
|
||||
at the moment.
|
||||
description: |-
|
||||
Strategy defines the load balancing strategy between the servers.
|
||||
RoundRobin is the only supported value at the moment.
|
||||
type: string
|
||||
weight:
|
||||
description: Weight defines the weight and should only be
|
||||
specified when Name references a TraefikService object (and
|
||||
to be precise, one that embeds a Weighted Round Robin).
|
||||
description: |-
|
||||
Weight defines the weight and should only be specified when Name references a TraefikService object
|
||||
(and to be precise, one that embeds a Weighted Round Robin).
|
||||
type: integer
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
status:
|
||||
description: Status defines which status or range of statuses
|
||||
should result in an error page. It can be either a status code
|
||||
as a number (500), as multiple comma-separated numbers (500,502),
|
||||
as ranges by separating two codes with a dash (500-599), or
|
||||
a combination of the two (404,418,500-599).
|
||||
description: |-
|
||||
Status defines which status or range of statuses should result in an error page.
|
||||
It can be either a status code as a number (500),
|
||||
as multiple comma-separated numbers (500,502),
|
||||
as ranges by separating two codes with a dash (500-599),
|
||||
or a combination of the two (404,418,500-599).
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
type: object
|
||||
forwardAuth:
|
||||
description: 'ForwardAuth holds the forward auth middleware configuration.
|
||||
description: |-
|
||||
ForwardAuth holds the forward auth middleware configuration.
|
||||
This middleware delegates the request authentication to a Service.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
|
||||
properties:
|
||||
addAuthCookiesToResponse:
|
||||
description: AddAuthCookiesToResponse defines the list of cookies
|
||||
|
@ -360,9 +385,9 @@ spec:
|
|||
description: Address defines the authentication server address.
|
||||
type: string
|
||||
authRequestHeaders:
|
||||
description: AuthRequestHeaders defines the list of the headers
|
||||
to copy from the request to the authentication server. If not
|
||||
set or empty then all request headers are passed.
|
||||
description: |-
|
||||
AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
||||
If not set or empty then all request headers are passed.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
@ -374,24 +399,27 @@ spec:
|
|||
type: string
|
||||
type: array
|
||||
authResponseHeadersRegex:
|
||||
description: 'AuthResponseHeadersRegex defines the regex to match
|
||||
headers to copy from the authentication server response and
|
||||
set on forwarded request, after stripping all headers that match
|
||||
the regex. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex'
|
||||
description: |-
|
||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
|
||||
type: string
|
||||
tls:
|
||||
description: TLS defines the configuration used to secure the
|
||||
connection to the authentication server.
|
||||
properties:
|
||||
caOptional:
|
||||
description: 'Deprecated: TLS client authentication is a server
|
||||
side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).'
|
||||
type: boolean
|
||||
caSecret:
|
||||
description: CASecret is the name of the referenced Kubernetes
|
||||
Secret containing the CA to validate the server certificate.
|
||||
description: |-
|
||||
CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate.
|
||||
The CA certificate is extracted from key `tls.ca` or `ca.crt`.
|
||||
type: string
|
||||
certSecret:
|
||||
description: CertSecret is the name of the referenced Kubernetes
|
||||
Secret containing the client certificate. The client certificate
|
||||
is extracted from the keys `tls.crt` and `tls.key`.
|
||||
description: |-
|
||||
CertSecret is the name of the referenced Kubernetes Secret containing the client certificate.
|
||||
The client certificate is extracted from the keys `tls.crt` and `tls.key`.
|
||||
type: string
|
||||
insecureSkipVerify:
|
||||
description: InsecureSkipVerify defines whether the server
|
||||
|
@ -404,20 +432,23 @@ spec:
|
|||
type: boolean
|
||||
type: object
|
||||
grpcWeb:
|
||||
description: GrpcWeb holds the gRPC web middleware configuration.
|
||||
description: |-
|
||||
GrpcWeb holds the gRPC web middleware configuration.
|
||||
This middleware converts a gRPC web request to an HTTP/2 gRPC request.
|
||||
properties:
|
||||
allowOrigins:
|
||||
description: AllowOrigins is a list of allowable origins. Can
|
||||
also be a wildcard origin "*".
|
||||
description: |-
|
||||
AllowOrigins is a list of allowable origins.
|
||||
Can also be a wildcard origin "*".
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
type: object
|
||||
headers:
|
||||
description: 'Headers holds the headers middleware configuration.
|
||||
This middleware manages the requests and responses headers. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders'
|
||||
description: |-
|
||||
Headers holds the headers middleware configuration.
|
||||
This middleware manages the requests and responses headers.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
|
||||
properties:
|
||||
accessControlAllowCredentials:
|
||||
description: AccessControlAllowCredentials defines whether the
|
||||
|
@ -482,12 +513,14 @@ spec:
|
|||
header with the nosniff value.
|
||||
type: boolean
|
||||
customBrowserXSSValue:
|
||||
description: CustomBrowserXSSValue defines the X-XSS-Protection
|
||||
header value. This overrides the BrowserXssFilter option.
|
||||
description: |-
|
||||
CustomBrowserXSSValue defines the X-XSS-Protection header value.
|
||||
This overrides the BrowserXssFilter option.
|
||||
type: string
|
||||
customFrameOptionsValue:
|
||||
description: CustomFrameOptionsValue defines the X-Frame-Options
|
||||
header value. This overrides the FrameDeny option.
|
||||
description: |-
|
||||
CustomFrameOptionsValue defines the X-Frame-Options header value.
|
||||
This overrides the FrameDeny option.
|
||||
type: string
|
||||
customRequestHeaders:
|
||||
additionalProperties:
|
||||
|
@ -501,6 +534,10 @@ spec:
|
|||
description: CustomResponseHeaders defines the header names and
|
||||
values to apply to the response.
|
||||
type: object
|
||||
featurePolicy:
|
||||
description: 'Deprecated: FeaturePolicy option is deprecated,
|
||||
please use PermissionsPolicy instead.'
|
||||
type: string
|
||||
forceSTSHeader:
|
||||
description: ForceSTSHeader defines whether to add the STS header
|
||||
even when the connection is HTTP.
|
||||
|
@ -516,34 +553,49 @@ spec:
|
|||
type: string
|
||||
type: array
|
||||
isDevelopment:
|
||||
description: IsDevelopment defines whether to mitigate the unwanted
|
||||
effects of the AllowedHosts, SSL, and STS options when developing.
|
||||
Usually testing takes place using HTTP, not HTTPS, and on localhost,
|
||||
not your production domain. If you would like your development
|
||||
environment to mimic production with complete Host blocking,
|
||||
SSL redirects, and STS headers, leave this as false.
|
||||
description: |-
|
||||
IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing.
|
||||
Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain.
|
||||
If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
|
||||
and STS headers, leave this as false.
|
||||
type: boolean
|
||||
permissionsPolicy:
|
||||
description: PermissionsPolicy defines the Permissions-Policy
|
||||
header value. This allows sites to control browser features.
|
||||
description: |-
|
||||
PermissionsPolicy defines the Permissions-Policy header value.
|
||||
This allows sites to control browser features.
|
||||
type: string
|
||||
publicKey:
|
||||
description: PublicKey is the public key that implements HPKP
|
||||
to prevent MITM attacks with forged certificates.
|
||||
type: string
|
||||
referrerPolicy:
|
||||
description: ReferrerPolicy defines the Referrer-Policy header
|
||||
value. This allows sites to control whether browsers forward
|
||||
the Referer header to other sites.
|
||||
description: |-
|
||||
ReferrerPolicy defines the Referrer-Policy header value.
|
||||
This allows sites to control whether browsers forward the Referer header to other sites.
|
||||
type: string
|
||||
sslForceHost:
|
||||
description: 'Deprecated: SSLForceHost option is deprecated, please
|
||||
use RedirectRegex instead.'
|
||||
type: boolean
|
||||
sslHost:
|
||||
description: 'Deprecated: SSLHost option is deprecated, please
|
||||
use RedirectRegex instead.'
|
||||
type: string
|
||||
sslProxyHeaders:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: 'SSLProxyHeaders defines the header keys with associated
|
||||
values that would indicate a valid HTTPS request. It can be
|
||||
useful when using other proxies (example: "X-Forwarded-Proto":
|
||||
"https").'
|
||||
description: |-
|
||||
SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request.
|
||||
It can be useful when using other proxies (example: "X-Forwarded-Proto": "https").
|
||||
type: object
|
||||
sslRedirect:
|
||||
description: 'Deprecated: SSLRedirect option is deprecated, please
|
||||
use EntryPoint redirection or RedirectScheme instead.'
|
||||
type: boolean
|
||||
sslTemporaryRedirect:
|
||||
description: 'Deprecated: SSLTemporaryRedirect option is deprecated,
|
||||
please use EntryPoint redirection or RedirectScheme instead.'
|
||||
type: boolean
|
||||
stsIncludeSubdomains:
|
||||
description: STSIncludeSubdomains defines whether the includeSubDomains
|
||||
directive is appended to the Strict-Transport-Security header.
|
||||
|
@ -553,33 +605,35 @@ spec:
|
|||
to the Strict-Transport-Security header.
|
||||
type: boolean
|
||||
stsSeconds:
|
||||
description: STSSeconds defines the max-age of the Strict-Transport-Security
|
||||
header. If set to 0, the header is not set.
|
||||
description: |-
|
||||
STSSeconds defines the max-age of the Strict-Transport-Security header.
|
||||
If set to 0, the header is not set.
|
||||
format: int64
|
||||
type: integer
|
||||
type: object
|
||||
inFlightReq:
|
||||
description: 'InFlightReq holds the in-flight request middleware configuration.
|
||||
This middleware limits the number of requests being processed and
|
||||
served concurrently. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/'
|
||||
description: |-
|
||||
InFlightReq holds the in-flight request middleware configuration.
|
||||
This middleware limits the number of requests being processed and served concurrently.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/
|
||||
properties:
|
||||
amount:
|
||||
description: Amount defines the maximum amount of allowed simultaneous
|
||||
in-flight request. The middleware responds with HTTP 429 Too
|
||||
Many Requests if there are already amount requests in progress
|
||||
(based on the same sourceCriterion strategy).
|
||||
description: |-
|
||||
Amount defines the maximum amount of allowed simultaneous in-flight request.
|
||||
The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
|
||||
format: int64
|
||||
type: integer
|
||||
sourceCriterion:
|
||||
description: 'SourceCriterion defines what criterion is used to
|
||||
group requests as originating from a common source. If several
|
||||
strategies are defined at the same time, an error will be raised.
|
||||
If none are set, the default is to use the requestHost. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion'
|
||||
description: |-
|
||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||
If several strategies are defined at the same time, an error will be raised.
|
||||
If none are set, the default is to use the requestHost.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion
|
||||
properties:
|
||||
ipStrategy:
|
||||
description: 'IPStrategy holds the IP strategy configuration
|
||||
used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy'
|
||||
description: |-
|
||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
||||
properties:
|
||||
depth:
|
||||
description: Depth tells Traefik to use the X-Forwarded-For
|
||||
|
@ -605,13 +659,15 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
ipAllowList:
|
||||
description: 'IPAllowList holds the IP allowlist middleware configuration.
|
||||
description: |-
|
||||
IPAllowList holds the IP allowlist middleware configuration.
|
||||
This middleware accepts / refuses requests based on the client IP.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/
|
||||
properties:
|
||||
ipStrategy:
|
||||
description: 'IPStrategy holds the IP strategy configuration used
|
||||
by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy'
|
||||
description: |-
|
||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
||||
properties:
|
||||
depth:
|
||||
description: Depth tells Traefik to use the X-Forwarded-For
|
||||
|
@ -626,8 +682,9 @@ spec:
|
|||
type: array
|
||||
type: object
|
||||
rejectStatusCode:
|
||||
description: RejectStatusCode defines the HTTP status code used
|
||||
for refused requests. If not set, the default is 403 (Forbidden).
|
||||
description: |-
|
||||
RejectStatusCode defines the HTTP status code used for refused requests.
|
||||
If not set, the default is 403 (Forbidden).
|
||||
type: integer
|
||||
sourceRange:
|
||||
description: SourceRange defines the set of allowed IPs (or ranges
|
||||
|
@ -640,8 +697,9 @@ spec:
|
|||
description: 'Deprecated: please use IPAllowList instead.'
|
||||
properties:
|
||||
ipStrategy:
|
||||
description: 'IPStrategy holds the IP strategy configuration used
|
||||
by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy'
|
||||
description: |-
|
||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
||||
properties:
|
||||
depth:
|
||||
description: Depth tells Traefik to use the X-Forwarded-For
|
||||
|
@ -663,9 +721,10 @@ spec:
|
|||
type: array
|
||||
type: object
|
||||
passTLSClientCert:
|
||||
description: 'PassTLSClientCert holds the pass TLS client cert middleware
|
||||
configuration. This middleware adds the selected data from the passed
|
||||
client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/'
|
||||
description: |-
|
||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/
|
||||
properties:
|
||||
info:
|
||||
description: Info selects the specific client certificate details
|
||||
|
@ -766,46 +825,48 @@ spec:
|
|||
plugin:
|
||||
additionalProperties:
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
description: 'Plugin defines the middleware plugin configuration.
|
||||
More info: https://doc.traefik.io/traefik/plugins/'
|
||||
description: |-
|
||||
Plugin defines the middleware plugin configuration.
|
||||
More info: https://doc.traefik.io/traefik/plugins/
|
||||
type: object
|
||||
rateLimit:
|
||||
description: 'RateLimit holds the rate limit configuration. This middleware
|
||||
ensures that services will receive a fair amount of requests, and
|
||||
allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/'
|
||||
description: |-
|
||||
RateLimit holds the rate limit configuration.
|
||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/
|
||||
properties:
|
||||
average:
|
||||
description: Average is the maximum rate, by default in requests/s,
|
||||
allowed for the given source. It defaults to 0, which means
|
||||
no rate limiting. The rate is actually defined by dividing Average
|
||||
by Period. So for a rate below 1req/s, one needs to define a
|
||||
Period larger than a second.
|
||||
description: |-
|
||||
Average is the maximum rate, by default in requests/s, allowed for the given source.
|
||||
It defaults to 0, which means no rate limiting.
|
||||
The rate is actually defined by dividing Average by Period. So for a rate below 1req/s,
|
||||
one needs to define a Period larger than a second.
|
||||
format: int64
|
||||
type: integer
|
||||
burst:
|
||||
description: Burst is the maximum number of requests allowed to
|
||||
arrive in the same arbitrarily small period of time. It defaults
|
||||
to 1.
|
||||
description: |-
|
||||
Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time.
|
||||
It defaults to 1.
|
||||
format: int64
|
||||
type: integer
|
||||
period:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Period, in combination with Average, defines the
|
||||
actual maximum rate, such as: r = Average / Period. It defaults
|
||||
to a second.'
|
||||
description: |-
|
||||
Period, in combination with Average, defines the actual maximum rate, such as:
|
||||
r = Average / Period. It defaults to a second.
|
||||
x-kubernetes-int-or-string: true
|
||||
sourceCriterion:
|
||||
description: SourceCriterion defines what criterion is used to
|
||||
group requests as originating from a common source. If several
|
||||
strategies are defined at the same time, an error will be raised.
|
||||
If none are set, the default is to use the request's remote
|
||||
address field (as an ipStrategy).
|
||||
description: |-
|
||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||
If several strategies are defined at the same time, an error will be raised.
|
||||
If none are set, the default is to use the request's remote address field (as an ipStrategy).
|
||||
properties:
|
||||
ipStrategy:
|
||||
description: 'IPStrategy holds the IP strategy configuration
|
||||
used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy'
|
||||
description: |-
|
||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
||||
properties:
|
||||
depth:
|
||||
description: Depth tells Traefik to use the X-Forwarded-For
|
||||
|
@ -831,9 +892,10 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
redirectRegex:
|
||||
description: 'RedirectRegex holds the redirect regex middleware configuration.
|
||||
description: |-
|
||||
RedirectRegex holds the redirect regex middleware configuration.
|
||||
This middleware redirects a request using regex matching and replacement.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex
|
||||
properties:
|
||||
permanent:
|
||||
description: Permanent defines whether the redirection is permanent
|
||||
|
@ -849,9 +911,10 @@ spec:
|
|||
type: string
|
||||
type: object
|
||||
redirectScheme:
|
||||
description: 'RedirectScheme holds the redirect scheme middleware
|
||||
configuration. This middleware redirects requests from a scheme/port
|
||||
to another. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/'
|
||||
description: |-
|
||||
RedirectScheme holds the redirect scheme middleware configuration.
|
||||
This middleware redirects requests from a scheme/port to another.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/
|
||||
properties:
|
||||
permanent:
|
||||
description: Permanent defines whether the redirection is permanent
|
||||
|
@ -865,9 +928,10 @@ spec:
|
|||
type: string
|
||||
type: object
|
||||
replacePath:
|
||||
description: 'ReplacePath holds the replace path middleware configuration.
|
||||
This middleware replaces the path of the request URL and store the
|
||||
original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/'
|
||||
description: |-
|
||||
ReplacePath holds the replace path middleware configuration.
|
||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/
|
||||
properties:
|
||||
path:
|
||||
description: Path defines the path to use as replacement in the
|
||||
|
@ -875,9 +939,10 @@ spec:
|
|||
type: string
|
||||
type: object
|
||||
replacePathRegex:
|
||||
description: 'ReplacePathRegex holds the replace path regex middleware
|
||||
configuration. This middleware replaces the path of a URL using
|
||||
regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/'
|
||||
description: |-
|
||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||
This middleware replaces the path of a URL using regex matching and replacement.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/
|
||||
properties:
|
||||
regex:
|
||||
description: Regex defines the regular expression used to match
|
||||
|
@ -889,11 +954,11 @@ spec:
|
|||
type: string
|
||||
type: object
|
||||
retry:
|
||||
description: 'Retry holds the retry middleware configuration. This
|
||||
middleware reissues requests a given number of times to a backend
|
||||
server if that server does not reply. As soon as the server answers,
|
||||
the middleware stops retrying, regardless of the response status.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/'
|
||||
description: |-
|
||||
Retry holds the retry middleware configuration.
|
||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
|
||||
properties:
|
||||
attempts:
|
||||
description: Attempts defines how many times the request should
|
||||
|
@ -903,18 +968,26 @@ spec:
|
|||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: InitialInterval defines the first wait time in the
|
||||
exponential backoff series. The maximum interval is calculated
|
||||
as twice the initialInterval. If unspecified, requests will
|
||||
be retried immediately. The value of initialInterval should
|
||||
be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration.
|
||||
description: |-
|
||||
InitialInterval defines the first wait time in the exponential backoff series.
|
||||
The maximum interval is calculated as twice the initialInterval.
|
||||
If unspecified, requests will be retried immediately.
|
||||
The value of initialInterval should be provided in seconds or as a valid duration format,
|
||||
see https://pkg.go.dev/time#ParseDuration.
|
||||
x-kubernetes-int-or-string: true
|
||||
type: object
|
||||
stripPrefix:
|
||||
description: 'StripPrefix holds the strip prefix middleware configuration.
|
||||
description: |-
|
||||
StripPrefix holds the strip prefix middleware configuration.
|
||||
This middleware removes the specified prefixes from the URL path.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/
|
||||
properties:
|
||||
forceSlash:
|
||||
description: |-
|
||||
Deprecated: ForceSlash option is deprecated, please remove any usage of this option.
|
||||
ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
|
||||
Default: true.
|
||||
type: boolean
|
||||
prefixes:
|
||||
description: Prefixes defines the prefixes to strip from the request
|
||||
URL.
|
||||
|
@ -923,9 +996,10 @@ spec:
|
|||
type: array
|
||||
type: object
|
||||
stripPrefixRegex:
|
||||
description: 'StripPrefixRegex holds the strip prefix regex middleware
|
||||
configuration. This middleware removes the matching prefixes from
|
||||
the URL path. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/'
|
||||
description: |-
|
||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||
This middleware removes the matching prefixes from the URL path.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/
|
||||
properties:
|
||||
regex:
|
||||
description: Regex defines the regular expression to match the
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: middlewaretcps.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,18 +17,24 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/'
|
||||
description: |-
|
||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -39,14 +45,17 @@ spec:
|
|||
description: InFlightConn defines the InFlightConn middleware configuration.
|
||||
properties:
|
||||
amount:
|
||||
description: Amount defines the maximum amount of allowed simultaneous
|
||||
connections. The middleware closes the connection if there are
|
||||
already amount connections opened.
|
||||
description: |-
|
||||
Amount defines the maximum amount of allowed simultaneous connections.
|
||||
The middleware closes the connection if there are already amount connections opened.
|
||||
format: int64
|
||||
type: integer
|
||||
type: object
|
||||
ipAllowList:
|
||||
description: IPAllowList defines the IPAllowList middleware configuration.
|
||||
description: |-
|
||||
IPAllowList defines the IPAllowList middleware configuration.
|
||||
This middleware accepts/refuses connections based on the client IP.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
|
||||
properties:
|
||||
sourceRange:
|
||||
description: SourceRange defines the allowed IPs (or ranges of
|
||||
|
@ -56,8 +65,11 @@ spec:
|
|||
type: array
|
||||
type: object
|
||||
ipWhiteList:
|
||||
description: 'IPWhiteList defines the IPWhiteList middleware configuration.
|
||||
Deprecated: please use IPAllowList instead.'
|
||||
description: |-
|
||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||
This middleware accepts/refuses connections based on the client IP.
|
||||
Deprecated: please use IPAllowList instead.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/
|
||||
properties:
|
||||
sourceRange:
|
||||
description: SourceRange defines the allowed IPs (or ranges of
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: serverstransports.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,20 +17,26 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'ServersTransport is the CRD implementation of a ServersTransport.
|
||||
description: |-
|
||||
ServersTransport is the CRD implementation of a ServersTransport.
|
||||
If no serversTransport is specified, the default@internal will be used.
|
||||
The default@internal serversTransport is created from the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1'
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: serverstransporttcps.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,20 +17,26 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||
If no tcpServersTransport is specified, a default one named default@internal
|
||||
will be used. The default@internal tcpServersTransport can be configured
|
||||
in the static configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3'
|
||||
description: |-
|
||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -76,9 +82,9 @@ spec:
|
|||
description: InsecureSkipVerify disables TLS certificate verification.
|
||||
type: boolean
|
||||
peerCertURI:
|
||||
description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
|
||||
to keep per-host. PeerCertURI defines the peer cert URI used
|
||||
to match against SAN URI during the peer certificate verification.
|
||||
description: |-
|
||||
MaxIdleConnsPerHost controls the maximum idle (keep-alive) to keep per-host.
|
||||
PeerCertURI defines the peer cert URI used to match against SAN URI during the peer certificate verification.
|
||||
type: string
|
||||
rootCAsSecrets:
|
||||
description: RootCAsSecrets defines a list of CA secret used to
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: tlsoptions.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,19 +17,24 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'TLSOption is the CRD implementation of a Traefik TLS Option,
|
||||
allowing to configure some parameters of the TLS connection. More info:
|
||||
https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options'
|
||||
description: |-
|
||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -37,15 +42,16 @@ spec:
|
|||
description: TLSOptionSpec defines the desired state of a TLSOption.
|
||||
properties:
|
||||
alpnProtocols:
|
||||
description: 'ALPNProtocols defines the list of supported application
|
||||
level protocols for the TLS handshake, in order of preference. More
|
||||
info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols'
|
||||
description: |-
|
||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
cipherSuites:
|
||||
description: 'CipherSuites defines the list of supported cipher suites
|
||||
for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites'
|
||||
description: |-
|
||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
@ -71,21 +77,30 @@ spec:
|
|||
type: array
|
||||
type: object
|
||||
curvePreferences:
|
||||
description: 'CurvePreferences defines the preferred elliptic curves
|
||||
in a specific order. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences'
|
||||
description: |-
|
||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
maxVersion:
|
||||
description: 'MaxVersion defines the maximum TLS version that Traefik
|
||||
will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
|
||||
VersionTLS13. Default: None.'
|
||||
description: |-
|
||||
MaxVersion defines the maximum TLS version that Traefik will accept.
|
||||
Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
|
||||
Default: None.
|
||||
type: string
|
||||
minVersion:
|
||||
description: 'MinVersion defines the minimum TLS version that Traefik
|
||||
will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
|
||||
VersionTLS13. Default: VersionTLS10.'
|
||||
description: |-
|
||||
MinVersion defines the minimum TLS version that Traefik will accept.
|
||||
Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
|
||||
Default: VersionTLS10.
|
||||
type: string
|
||||
preferServerCipherSuites:
|
||||
description: |-
|
||||
PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
|
||||
It is enabled automatically when minVersion or maxVersion is set.
|
||||
Deprecated: https://github.com/golang/go/issues/45430
|
||||
type: boolean
|
||||
sniStrict:
|
||||
description: SniStrict defines whether Traefik allows connections
|
||||
from clients connections that do not specify a server_name extension.
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: tlsstores.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,20 +17,26 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For
|
||||
the time being, only the TLSStore named default is supported. This means
|
||||
that you cannot have two stores that are named default in different Kubernetes
|
||||
namespaces. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores'
|
||||
description: |-
|
||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||
For the time being, only the TLSStore named default is supported.
|
||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.13.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: traefikservices.traefik.io
|
||||
spec:
|
||||
group: traefik.io
|
||||
|
@ -17,19 +17,27 @@ spec:
|
|||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: 'TraefikService is the CRD implementation of a Traefik Service.
|
||||
TraefikService object allows to: - Apply weight to Services on load-balancing
|
||||
- Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice'
|
||||
description: |-
|
||||
TraefikService is the CRD implementation of a Traefik Service.
|
||||
TraefikService object allows to:
|
||||
- Apply weight to Services on load-balancing
|
||||
- Mirror traffic on services
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
|
@ -46,10 +54,10 @@ spec:
|
|||
- TraefikService
|
||||
type: string
|
||||
maxBodySize:
|
||||
description: MaxBodySize defines the maximum size allowed for
|
||||
the body of the request. If the body is larger, the request
|
||||
is not mirrored. Default value is -1, which means unlimited
|
||||
size.
|
||||
description: |-
|
||||
MaxBodySize defines the maximum size allowed for the body of the request.
|
||||
If the body is larger, the request is not mirrored.
|
||||
Default value is -1, which means unlimited size.
|
||||
format: int64
|
||||
type: integer
|
||||
mirrors:
|
||||
|
@ -65,35 +73,37 @@ spec:
|
|||
- TraefikService
|
||||
type: string
|
||||
name:
|
||||
description: Name defines the name of the referenced Kubernetes
|
||||
Service or TraefikService. The differentiation between
|
||||
the two is specified in the Kind field.
|
||||
description: |-
|
||||
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
||||
The differentiation between the two is specified in the Kind field.
|
||||
type: string
|
||||
namespace:
|
||||
description: Namespace defines the namespace of the referenced
|
||||
Kubernetes Service or TraefikService.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or
|
||||
if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the
|
||||
pods. By default, NativeLB is false.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
passHostHeader:
|
||||
description: PassHostHeader defines whether the client Host
|
||||
header is forwarded to the upstream Kubernetes Service.
|
||||
description: |-
|
||||
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
||||
By default, passHostHeader is true.
|
||||
type: boolean
|
||||
percent:
|
||||
description: 'Percent defines the part of the traffic to
|
||||
mirror. Supported values: 0 to 100.'
|
||||
description: |-
|
||||
Percent defines the part of the traffic to mirror.
|
||||
Supported values: 0 to 100.
|
||||
type: integer
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
responseForwarding:
|
||||
|
@ -102,30 +112,29 @@ spec:
|
|||
client.
|
||||
properties:
|
||||
flushInterval:
|
||||
description: 'FlushInterval defines the interval, in
|
||||
milliseconds, in between flushes to the client while
|
||||
copying the response body. A negative value means
|
||||
to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes
|
||||
a response as a streaming response; for such responses,
|
||||
writes are flushed to the client immediately. Default:
|
||||
100ms'
|
||||
description: |-
|
||||
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
||||
A negative value means to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
||||
for such responses, writes are flushed to the client immediately.
|
||||
Default: 100ms
|
||||
type: string
|
||||
type: object
|
||||
scheme:
|
||||
description: Scheme defines the scheme to use for the request
|
||||
to the upstream Kubernetes Service. It defaults to https
|
||||
when Kubernetes Service port is 443, http otherwise.
|
||||
description: |-
|
||||
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
||||
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
||||
type: string
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransport
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
description: |-
|
||||
ServersTransport defines the name of ServersTransport resource to use.
|
||||
It allows to configure the transport between Traefik and your servers.
|
||||
Can only be used on a Kubernetes Service.
|
||||
type: string
|
||||
sticky:
|
||||
description: 'Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions'
|
||||
description: |-
|
||||
Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
||||
properties:
|
||||
cookie:
|
||||
description: Cookie defines the sticky cookie configuration.
|
||||
|
@ -135,17 +144,18 @@ spec:
|
|||
can be accessed by client-side APIs, such as JavaScript.
|
||||
type: boolean
|
||||
maxAge:
|
||||
description: MaxAge indicates the number of seconds
|
||||
until the cookie expires. When set to a negative
|
||||
number, the cookie expires immediately. When set
|
||||
to zero, the cookie never expires.
|
||||
description: |-
|
||||
MaxAge indicates the number of seconds until the cookie expires.
|
||||
When set to a negative number, the cookie expires immediately.
|
||||
When set to zero, the cookie never expires.
|
||||
type: integer
|
||||
name:
|
||||
description: Name defines the Cookie name.
|
||||
type: string
|
||||
sameSite:
|
||||
description: 'SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
|
||||
description: |-
|
||||
SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
type: string
|
||||
secure:
|
||||
description: Secure defines whether the cookie can
|
||||
|
@ -155,13 +165,13 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
strategy:
|
||||
description: Strategy defines the load balancing strategy
|
||||
between the servers. RoundRobin is the only supported
|
||||
value at the moment.
|
||||
description: |-
|
||||
Strategy defines the load balancing strategy between the servers.
|
||||
RoundRobin is the only supported value at the moment.
|
||||
type: string
|
||||
weight:
|
||||
description: Weight defines the weight and should only be
|
||||
specified when Name references a TraefikService object
|
||||
description: |-
|
||||
Weight defines the weight and should only be specified when Name references a TraefikService object
|
||||
(and to be precise, one that embeds a Weighted Round Robin).
|
||||
type: integer
|
||||
required:
|
||||
|
@ -169,60 +179,62 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
name:
|
||||
description: Name defines the name of the referenced Kubernetes
|
||||
Service or TraefikService. The differentiation between the two
|
||||
is specified in the Kind field.
|
||||
description: |-
|
||||
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
||||
The differentiation between the two is specified in the Kind field.
|
||||
type: string
|
||||
namespace:
|
||||
description: Namespace defines the namespace of the referenced
|
||||
Kubernetes Service or TraefikService.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the
|
||||
only child is the Kubernetes Service clusterIP. The Kubernetes
|
||||
Service itself does load-balance to the pods. By default, NativeLB
|
||||
is false.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
passHostHeader:
|
||||
description: PassHostHeader defines whether the client Host header
|
||||
is forwarded to the upstream Kubernetes Service. By default,
|
||||
passHostHeader is true.
|
||||
description: |-
|
||||
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
||||
By default, passHostHeader is true.
|
||||
type: boolean
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service. This
|
||||
can be a reference to a named port.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
responseForwarding:
|
||||
description: ResponseForwarding defines how Traefik forwards the
|
||||
response from the upstream Kubernetes Service to the client.
|
||||
properties:
|
||||
flushInterval:
|
||||
description: 'FlushInterval defines the interval, in milliseconds,
|
||||
in between flushes to the client while copying the response
|
||||
body. A negative value means to flush immediately after
|
||||
each write to the client. This configuration is ignored
|
||||
when ReverseProxy recognizes a response as a streaming response;
|
||||
description: |-
|
||||
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
||||
A negative value means to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
||||
for such responses, writes are flushed to the client immediately.
|
||||
Default: 100ms'
|
||||
Default: 100ms
|
||||
type: string
|
||||
type: object
|
||||
scheme:
|
||||
description: Scheme defines the scheme to use for the request
|
||||
to the upstream Kubernetes Service. It defaults to https when
|
||||
Kubernetes Service port is 443, http otherwise.
|
||||
description: |-
|
||||
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
||||
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
||||
type: string
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransport
|
||||
resource to use. It allows to configure the transport between
|
||||
Traefik and your servers. Can only be used on a Kubernetes Service.
|
||||
description: |-
|
||||
ServersTransport defines the name of ServersTransport resource to use.
|
||||
It allows to configure the transport between Traefik and your servers.
|
||||
Can only be used on a Kubernetes Service.
|
||||
type: string
|
||||
sticky:
|
||||
description: 'Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions'
|
||||
description: |-
|
||||
Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
||||
properties:
|
||||
cookie:
|
||||
description: Cookie defines the sticky cookie configuration.
|
||||
|
@ -232,17 +244,18 @@ spec:
|
|||
accessed by client-side APIs, such as JavaScript.
|
||||
type: boolean
|
||||
maxAge:
|
||||
description: MaxAge indicates the number of seconds until
|
||||
the cookie expires. When set to a negative number, the
|
||||
cookie expires immediately. When set to zero, the cookie
|
||||
never expires.
|
||||
description: |-
|
||||
MaxAge indicates the number of seconds until the cookie expires.
|
||||
When set to a negative number, the cookie expires immediately.
|
||||
When set to zero, the cookie never expires.
|
||||
type: integer
|
||||
name:
|
||||
description: Name defines the Cookie name.
|
||||
type: string
|
||||
sameSite:
|
||||
description: 'SameSite defines the same site policy. More
|
||||
info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
|
||||
description: |-
|
||||
SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
type: string
|
||||
secure:
|
||||
description: Secure defines whether the cookie can only
|
||||
|
@ -251,13 +264,14 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
strategy:
|
||||
description: Strategy defines the load balancing strategy between
|
||||
the servers. RoundRobin is the only supported value at the moment.
|
||||
description: |-
|
||||
Strategy defines the load balancing strategy between the servers.
|
||||
RoundRobin is the only supported value at the moment.
|
||||
type: string
|
||||
weight:
|
||||
description: Weight defines the weight and should only be specified
|
||||
when Name references a TraefikService object (and to be precise,
|
||||
one that embeds a Weighted Round Robin).
|
||||
description: |-
|
||||
Weight defines the weight and should only be specified when Name references a TraefikService object
|
||||
(and to be precise, one that embeds a Weighted Round Robin).
|
||||
type: integer
|
||||
required:
|
||||
- name
|
||||
|
@ -279,31 +293,32 @@ spec:
|
|||
- TraefikService
|
||||
type: string
|
||||
name:
|
||||
description: Name defines the name of the referenced Kubernetes
|
||||
Service or TraefikService. The differentiation between
|
||||
the two is specified in the Kind field.
|
||||
description: |-
|
||||
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
||||
The differentiation between the two is specified in the Kind field.
|
||||
type: string
|
||||
namespace:
|
||||
description: Namespace defines the namespace of the referenced
|
||||
Kubernetes Service or TraefikService.
|
||||
type: string
|
||||
nativeLB:
|
||||
description: NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or
|
||||
if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the
|
||||
pods. By default, NativeLB is false.
|
||||
description: |-
|
||||
NativeLB controls, when creating the load-balancer,
|
||||
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
||||
The Kubernetes Service itself does load-balance to the pods.
|
||||
By default, NativeLB is false.
|
||||
type: boolean
|
||||
passHostHeader:
|
||||
description: PassHostHeader defines whether the client Host
|
||||
header is forwarded to the upstream Kubernetes Service.
|
||||
description: |-
|
||||
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
||||
By default, passHostHeader is true.
|
||||
type: boolean
|
||||
port:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Port defines the port of a Kubernetes Service.
|
||||
description: |-
|
||||
Port defines the port of a Kubernetes Service.
|
||||
This can be a reference to a named port.
|
||||
x-kubernetes-int-or-string: true
|
||||
responseForwarding:
|
||||
|
@ -312,30 +327,29 @@ spec:
|
|||
client.
|
||||
properties:
|
||||
flushInterval:
|
||||
description: 'FlushInterval defines the interval, in
|
||||
milliseconds, in between flushes to the client while
|
||||
copying the response body. A negative value means
|
||||
to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes
|
||||
a response as a streaming response; for such responses,
|
||||
writes are flushed to the client immediately. Default:
|
||||
100ms'
|
||||
description: |-
|
||||
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
||||
A negative value means to flush immediately after each write to the client.
|
||||
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
||||
for such responses, writes are flushed to the client immediately.
|
||||
Default: 100ms
|
||||
type: string
|
||||
type: object
|
||||
scheme:
|
||||
description: Scheme defines the scheme to use for the request
|
||||
to the upstream Kubernetes Service. It defaults to https
|
||||
when Kubernetes Service port is 443, http otherwise.
|
||||
description: |-
|
||||
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
||||
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
||||
type: string
|
||||
serversTransport:
|
||||
description: ServersTransport defines the name of ServersTransport
|
||||
resource to use. It allows to configure the transport
|
||||
between Traefik and your servers. Can only be used on
|
||||
a Kubernetes Service.
|
||||
description: |-
|
||||
ServersTransport defines the name of ServersTransport resource to use.
|
||||
It allows to configure the transport between Traefik and your servers.
|
||||
Can only be used on a Kubernetes Service.
|
||||
type: string
|
||||
sticky:
|
||||
description: 'Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions'
|
||||
description: |-
|
||||
Sticky defines the sticky sessions configuration.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
||||
properties:
|
||||
cookie:
|
||||
description: Cookie defines the sticky cookie configuration.
|
||||
|
@ -345,17 +359,18 @@ spec:
|
|||
can be accessed by client-side APIs, such as JavaScript.
|
||||
type: boolean
|
||||
maxAge:
|
||||
description: MaxAge indicates the number of seconds
|
||||
until the cookie expires. When set to a negative
|
||||
number, the cookie expires immediately. When set
|
||||
to zero, the cookie never expires.
|
||||
description: |-
|
||||
MaxAge indicates the number of seconds until the cookie expires.
|
||||
When set to a negative number, the cookie expires immediately.
|
||||
When set to zero, the cookie never expires.
|
||||
type: integer
|
||||
name:
|
||||
description: Name defines the Cookie name.
|
||||
type: string
|
||||
sameSite:
|
||||
description: 'SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
|
||||
description: |-
|
||||
SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
type: string
|
||||
secure:
|
||||
description: Secure defines whether the cookie can
|
||||
|
@ -365,13 +380,13 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
strategy:
|
||||
description: Strategy defines the load balancing strategy
|
||||
between the servers. RoundRobin is the only supported
|
||||
value at the moment.
|
||||
description: |-
|
||||
Strategy defines the load balancing strategy between the servers.
|
||||
RoundRobin is the only supported value at the moment.
|
||||
type: string
|
||||
weight:
|
||||
description: Weight defines the weight and should only be
|
||||
specified when Name references a TraefikService object
|
||||
description: |-
|
||||
Weight defines the weight and should only be specified when Name references a TraefikService object
|
||||
(and to be precise, one that embeds a Weighted Round Robin).
|
||||
type: integer
|
||||
required:
|
||||
|
@ -379,8 +394,9 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
sticky:
|
||||
description: 'Sticky defines whether sticky sessions are enabled.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing'
|
||||
description: |-
|
||||
Sticky defines whether sticky sessions are enabled.
|
||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||
properties:
|
||||
cookie:
|
||||
description: Cookie defines the sticky cookie configuration.
|
||||
|
@ -390,17 +406,18 @@ spec:
|
|||
accessed by client-side APIs, such as JavaScript.
|
||||
type: boolean
|
||||
maxAge:
|
||||
description: MaxAge indicates the number of seconds until
|
||||
the cookie expires. When set to a negative number, the
|
||||
cookie expires immediately. When set to zero, the cookie
|
||||
never expires.
|
||||
description: |-
|
||||
MaxAge indicates the number of seconds until the cookie expires.
|
||||
When set to a negative number, the cookie expires immediately.
|
||||
When set to zero, the cookie never expires.
|
||||
type: integer
|
||||
name:
|
||||
description: Name defines the Cookie name.
|
||||
type: string
|
||||
sameSite:
|
||||
description: 'SameSite defines the same site policy. More
|
||||
info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
|
||||
description: |-
|
||||
SameSite defines the same site policy.
|
||||
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
type: string
|
||||
secure:
|
||||
description: Secure defines whether the cookie can only
|
||||
|
|
|
@ -6,6 +6,9 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
`--accesslog`:
|
||||
Access log settings. (Default: ```false```)
|
||||
|
||||
`--accesslog.addinternals`:
|
||||
Enables access log for internal services (ping, dashboard, etc...). (Default: ```false```)
|
||||
|
||||
`--accesslog.bufferingsize`:
|
||||
Number of access log lines to process in a buffered way. (Default: ```0```)
|
||||
|
||||
|
@ -180,6 +183,9 @@ Trust all. (Default: ```false```)
|
|||
`--entrypoints.<name>.proxyprotocol.trustedips`:
|
||||
Trust only selected IPs.
|
||||
|
||||
`--entrypoints.<name>.reuseport`:
|
||||
Enables EntryPoints from the same or different processes listening on the same TCP/UDP port. (Default: ```false```)
|
||||
|
||||
`--entrypoints.<name>.transport.keepalivemaxrequests`:
|
||||
Maximum number of requests before closing a keep-alive connection. (Default: ```0```)
|
||||
|
||||
|
@ -264,6 +270,9 @@ Maximum size in megabytes of the log file before it gets rotated. (Default: ```0
|
|||
`--log.nocolor`:
|
||||
When using the 'common' format, disables the colorized output. (Default: ```false```)
|
||||
|
||||
`--metrics.addinternals`:
|
||||
Enables metrics for internal services (ping, dashboard, etc...). (Default: ```false```)
|
||||
|
||||
`--metrics.datadog`:
|
||||
Datadog metrics exporter type. (Default: ```false```)
|
||||
|
||||
|
@ -315,51 +324,63 @@ InfluxDB v2 push interval. (Default: ```10```)
|
|||
`--metrics.influxdb2.token`:
|
||||
InfluxDB v2 access token.
|
||||
|
||||
`--metrics.opentelemetry`:
|
||||
`--metrics.otlp`:
|
||||
OpenTelemetry metrics exporter type. (Default: ```false```)
|
||||
|
||||
`--metrics.opentelemetry.addentrypointslabels`:
|
||||
`--metrics.otlp.addentrypointslabels`:
|
||||
Enable metrics on entry points. (Default: ```true```)
|
||||
|
||||
`--metrics.opentelemetry.address`:
|
||||
Address (host:port) of the collector endpoint. (Default: ```localhost:4318```)
|
||||
|
||||
`--metrics.opentelemetry.addrouterslabels`:
|
||||
`--metrics.otlp.addrouterslabels`:
|
||||
Enable metrics on routers. (Default: ```false```)
|
||||
|
||||
`--metrics.opentelemetry.addserviceslabels`:
|
||||
`--metrics.otlp.addserviceslabels`:
|
||||
Enable metrics on services. (Default: ```true```)
|
||||
|
||||
`--metrics.opentelemetry.explicitboundaries`:
|
||||
`--metrics.otlp.explicitboundaries`:
|
||||
Boundaries for latency metrics. (Default: ```0.005000, 0.010000, 0.025000, 0.050000, 0.100000, 0.250000, 0.500000, 1.000000, 2.500000, 5.000000, 10.000000```)
|
||||
|
||||
`--metrics.opentelemetry.grpc`:
|
||||
gRPC specific configuration for the OpenTelemetry collector. (Default: ```true```)
|
||||
`--metrics.otlp.grpc.endpoint`:
|
||||
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
|
||||
|
||||
`--metrics.opentelemetry.headers.<name>`:
|
||||
`--metrics.otlp.grpc.headers.<name>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`--metrics.opentelemetry.insecure`:
|
||||
`--metrics.otlp.grpc.insecure`:
|
||||
Disables client transport security for the exporter. (Default: ```false```)
|
||||
|
||||
`--metrics.opentelemetry.path`:
|
||||
Set the URL path of the collector endpoint.
|
||||
|
||||
`--metrics.opentelemetry.pushinterval`:
|
||||
Period between calls to collect a checkpoint. (Default: ```10```)
|
||||
|
||||
`--metrics.opentelemetry.tls.ca`:
|
||||
`--metrics.otlp.grpc.tls.ca`:
|
||||
TLS CA
|
||||
|
||||
`--metrics.opentelemetry.tls.cert`:
|
||||
`--metrics.otlp.grpc.tls.cert`:
|
||||
TLS cert
|
||||
|
||||
`--metrics.opentelemetry.tls.insecureskipverify`:
|
||||
`--metrics.otlp.grpc.tls.insecureskipverify`:
|
||||
TLS insecure skip verify (Default: ```false```)
|
||||
|
||||
`--metrics.opentelemetry.tls.key`:
|
||||
`--metrics.otlp.grpc.tls.key`:
|
||||
TLS key
|
||||
|
||||
`--metrics.otlp.http.endpoint`:
|
||||
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
|
||||
|
||||
`--metrics.otlp.http.headers.<name>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`--metrics.otlp.http.tls.ca`:
|
||||
TLS CA
|
||||
|
||||
`--metrics.otlp.http.tls.cert`:
|
||||
TLS cert
|
||||
|
||||
`--metrics.otlp.http.tls.insecureskipverify`:
|
||||
TLS insecure skip verify (Default: ```false```)
|
||||
|
||||
`--metrics.otlp.http.tls.key`:
|
||||
TLS key
|
||||
|
||||
`--metrics.otlp.pushinterval`:
|
||||
Period between calls to collect a checkpoint. (Default: ```10```)
|
||||
|
||||
`--metrics.prometheus`:
|
||||
Prometheus metrics exporter type. (Default: ```false```)
|
||||
|
||||
|
@ -990,18 +1011,21 @@ Defines the allowed SPIFFE trust domain.
|
|||
`--tracing`:
|
||||
OpenTracing configuration. (Default: ```false```)
|
||||
|
||||
`--tracing.addinternals`:
|
||||
Enables tracing for internal services (ping, dashboard, etc...). (Default: ```false```)
|
||||
|
||||
`--tracing.globalattributes.<name>`:
|
||||
Defines additional attributes (key:value) on all spans.
|
||||
|
||||
`--tracing.headers.<name>`:
|
||||
Defines additional headers to be sent with the payloads.
|
||||
|
||||
`--tracing.otlp`:
|
||||
Settings for OpenTelemetry. (Default: ```false```)
|
||||
|
||||
`--tracing.otlp.grpc.endpoint`:
|
||||
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
|
||||
|
||||
`--tracing.otlp.grpc.headers.<name>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`--tracing.otlp.grpc.insecure`:
|
||||
Disables client transport security for the exporter. (Default: ```false```)
|
||||
|
||||
|
@ -1018,7 +1042,10 @@ TLS insecure skip verify (Default: ```false```)
|
|||
TLS key
|
||||
|
||||
`--tracing.otlp.http.endpoint`:
|
||||
Sets the HTTP endpoint (scheme://host:port/v1/traces) of the collector. (Default: ```localhost:4318```)
|
||||
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
|
||||
|
||||
`--tracing.otlp.http.headers.<name>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`--tracing.otlp.http.tls.ca`:
|
||||
TLS CA
|
||||
|
|
|
@ -6,6 +6,9 @@ THIS FILE MUST NOT BE EDITED BY HAND
|
|||
`TRAEFIK_ACCESSLOG`:
|
||||
Access log settings. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_ACCESSLOG_ADDINTERNALS`:
|
||||
Enables access log for internal services (ping, dashboard, etc...). (Default: ```false```)
|
||||
|
||||
`TRAEFIK_ACCESSLOG_BUFFERINGSIZE`:
|
||||
Number of access log lines to process in a buffered way. (Default: ```0```)
|
||||
|
||||
|
@ -180,6 +183,9 @@ Trust all. (Default: ```false```)
|
|||
`TRAEFIK_ENTRYPOINTS_<NAME>_PROXYPROTOCOL_TRUSTEDIPS`:
|
||||
Trust only selected IPs.
|
||||
|
||||
`TRAEFIK_ENTRYPOINTS_<NAME>_REUSEPORT`:
|
||||
Enables EntryPoints from the same or different processes listening on the same TCP/UDP port. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_ENTRYPOINTS_<NAME>_TRANSPORT_KEEPALIVEMAXREQUESTS`:
|
||||
Maximum number of requests before closing a keep-alive connection. (Default: ```0```)
|
||||
|
||||
|
@ -264,6 +270,9 @@ Maximum size in megabytes of the log file before it gets rotated. (Default: ```0
|
|||
`TRAEFIK_LOG_NOCOLOR`:
|
||||
When using the 'common' format, disables the colorized output. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_ADDINTERNALS`:
|
||||
Enables metrics for internal services (ping, dashboard, etc...). (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_DATADOG`:
|
||||
Datadog metrics exporter type. (Default: ```false```)
|
||||
|
||||
|
@ -315,51 +324,63 @@ InfluxDB v2 push interval. (Default: ```10```)
|
|||
`TRAEFIK_METRICS_INFLUXDB2_TOKEN`:
|
||||
InfluxDB v2 access token.
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY`:
|
||||
`TRAEFIK_METRICS_OTLP`:
|
||||
OpenTelemetry metrics exporter type. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_ADDENTRYPOINTSLABELS`:
|
||||
`TRAEFIK_METRICS_OTLP_ADDENTRYPOINTSLABELS`:
|
||||
Enable metrics on entry points. (Default: ```true```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_ADDRESS`:
|
||||
Address (host:port) of the collector endpoint. (Default: ```localhost:4318```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_ADDROUTERSLABELS`:
|
||||
`TRAEFIK_METRICS_OTLP_ADDROUTERSLABELS`:
|
||||
Enable metrics on routers. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_ADDSERVICESLABELS`:
|
||||
`TRAEFIK_METRICS_OTLP_ADDSERVICESLABELS`:
|
||||
Enable metrics on services. (Default: ```true```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_EXPLICITBOUNDARIES`:
|
||||
`TRAEFIK_METRICS_OTLP_EXPLICITBOUNDARIES`:
|
||||
Boundaries for latency metrics. (Default: ```0.005000, 0.010000, 0.025000, 0.050000, 0.100000, 0.250000, 0.500000, 1.000000, 2.500000, 5.000000, 10.000000```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_GRPC`:
|
||||
gRPC specific configuration for the OpenTelemetry collector. (Default: ```true```)
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_ENDPOINT`:
|
||||
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_HEADERS_<NAME>`:
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_HEADERS_<NAME>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_INSECURE`:
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_INSECURE`:
|
||||
Disables client transport security for the exporter. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_PATH`:
|
||||
Set the URL path of the collector endpoint.
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_PUSHINTERVAL`:
|
||||
Period between calls to collect a checkpoint. (Default: ```10```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_CA`:
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_TLS_CA`:
|
||||
TLS CA
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_CERT`:
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_TLS_CERT`:
|
||||
TLS cert
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_INSECURESKIPVERIFY`:
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_TLS_INSECURESKIPVERIFY`:
|
||||
TLS insecure skip verify (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_KEY`:
|
||||
`TRAEFIK_METRICS_OTLP_GRPC_TLS_KEY`:
|
||||
TLS key
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_HTTP_ENDPOINT`:
|
||||
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_HTTP_HEADERS_<NAME>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_HTTP_TLS_CA`:
|
||||
TLS CA
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_HTTP_TLS_CERT`:
|
||||
TLS cert
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_HTTP_TLS_INSECURESKIPVERIFY`:
|
||||
TLS insecure skip verify (Default: ```false```)
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_HTTP_TLS_KEY`:
|
||||
TLS key
|
||||
|
||||
`TRAEFIK_METRICS_OTLP_PUSHINTERVAL`:
|
||||
Period between calls to collect a checkpoint. (Default: ```10```)
|
||||
|
||||
`TRAEFIK_METRICS_PROMETHEUS`:
|
||||
Prometheus metrics exporter type. (Default: ```false```)
|
||||
|
||||
|
@ -990,18 +1011,21 @@ Defines the allowed SPIFFE trust domain.
|
|||
`TRAEFIK_TRACING`:
|
||||
OpenTracing configuration. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TRACING_ADDINTERNALS`:
|
||||
Enables tracing for internal services (ping, dashboard, etc...). (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TRACING_GLOBALATTRIBUTES_<NAME>`:
|
||||
Defines additional attributes (key:value) on all spans.
|
||||
|
||||
`TRAEFIK_TRACING_HEADERS_<NAME>`:
|
||||
Defines additional headers to be sent with the payloads.
|
||||
|
||||
`TRAEFIK_TRACING_OTLP`:
|
||||
Settings for OpenTelemetry. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TRACING_OTLP_GRPC_ENDPOINT`:
|
||||
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
|
||||
|
||||
`TRAEFIK_TRACING_OTLP_GRPC_HEADERS_<NAME>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`TRAEFIK_TRACING_OTLP_GRPC_INSECURE`:
|
||||
Disables client transport security for the exporter. (Default: ```false```)
|
||||
|
||||
|
@ -1018,7 +1042,10 @@ TLS insecure skip verify (Default: ```false```)
|
|||
TLS key
|
||||
|
||||
`TRAEFIK_TRACING_OTLP_HTTP_ENDPOINT`:
|
||||
Sets the HTTP endpoint (scheme://host:port/v1/traces) of the collector. (Default: ```localhost:4318```)
|
||||
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
|
||||
|
||||
`TRAEFIK_TRACING_OTLP_HTTP_HEADERS_<NAME>`:
|
||||
Headers sent with payload.
|
||||
|
||||
`TRAEFIK_TRACING_OTLP_HTTP_TLS_CA`:
|
||||
TLS CA
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
[entryPoints]
|
||||
[entryPoints.EntryPoint0]
|
||||
address = "foobar"
|
||||
reusePort = true
|
||||
asDefault = true
|
||||
[entryPoints.EntryPoint0.transport]
|
||||
keepAliveMaxTime = "42s"
|
||||
|
@ -276,6 +277,7 @@
|
|||
disableDashboardAd = true
|
||||
|
||||
[metrics]
|
||||
addInternals = true
|
||||
[metrics.prometheus]
|
||||
buckets = [42.0, 42.0]
|
||||
addEntryPointsLabels = true
|
||||
|
@ -312,24 +314,33 @@
|
|||
[metrics.influxDB2.additionalLabels]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
[metrics.openTelemetry]
|
||||
address = "foobar"
|
||||
[metrics.otlp]
|
||||
addEntryPointsLabels = true
|
||||
addRoutersLabels = true
|
||||
addServicesLabels = true
|
||||
explicitBoundaries = [42.0, 42.0]
|
||||
insecure = true
|
||||
path = "foobar"
|
||||
pushInterval = "42s"
|
||||
[metrics.openTelemetry.grpc]
|
||||
[metrics.openTelemetry.headers]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
[metrics.openTelemetry.tls]
|
||||
[metrics.otlp.grpc]
|
||||
endpoint = "foobar"
|
||||
insecure = true
|
||||
[metrics.otlp.grpc.tls]
|
||||
ca = "foobar"
|
||||
cert = "foobar"
|
||||
key = "foobar"
|
||||
insecureSkipVerify = true
|
||||
[metrics.otlp.grpc.headers]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
[metrics.otlp.http]
|
||||
endpoint = "foobar"
|
||||
[metrics.otlp.http.tls]
|
||||
ca = "foobar"
|
||||
cert = "foobar"
|
||||
key = "foobar"
|
||||
insecureSkipVerify = true
|
||||
[metrics.otlp.http.headers]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
|
||||
[ping]
|
||||
entryPoint = "foobar"
|
||||
|
@ -350,6 +361,7 @@
|
|||
filePath = "foobar"
|
||||
format = "foobar"
|
||||
bufferingSize = 42
|
||||
addInternals = true
|
||||
[accessLog.filters]
|
||||
statusCodes = ["foobar", "foobar"]
|
||||
retryAttempts = true
|
||||
|
@ -368,9 +380,7 @@
|
|||
[tracing]
|
||||
serviceName = "foobar"
|
||||
sampleRate = 42.0
|
||||
[tracing.headers]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
addInternals = true
|
||||
[tracing.globalAttributes]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
|
@ -383,6 +393,9 @@
|
|||
cert = "foobar"
|
||||
key = "foobar"
|
||||
insecureSkipVerify = true
|
||||
[tracing.otlp.grpc.headers]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
[tracing.otlp.http]
|
||||
endpoint = "foobar"
|
||||
[tracing.otlp.http.tls]
|
||||
|
@ -390,6 +403,9 @@
|
|||
cert = "foobar"
|
||||
key = "foobar"
|
||||
insecureSkipVerify = true
|
||||
[tracing.otlp.http.headers]
|
||||
name0 = "foobar"
|
||||
name1 = "foobar"
|
||||
|
||||
[hostResolver]
|
||||
cnameFlattening = true
|
||||
|
|
|
@ -35,6 +35,7 @@ tcpServersTransport:
|
|||
entryPoints:
|
||||
EntryPoint0:
|
||||
address: foobar
|
||||
reusePort: true
|
||||
asDefault: true
|
||||
transport:
|
||||
lifeCycle:
|
||||
|
@ -307,6 +308,7 @@ api:
|
|||
debug: true
|
||||
disableDashboardAd: true
|
||||
metrics:
|
||||
addInternals: true
|
||||
prometheus:
|
||||
buckets:
|
||||
- 42
|
||||
|
@ -345,26 +347,35 @@ metrics:
|
|||
additionalLabels:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
openTelemetry:
|
||||
grpc: {}
|
||||
address: foobar
|
||||
otlp:
|
||||
grpc:
|
||||
endpoint: foobar
|
||||
insecure: true
|
||||
tls:
|
||||
ca: foobar
|
||||
cert: foobar
|
||||
key: foobar
|
||||
insecureSkipVerify: true
|
||||
headers:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
http:
|
||||
endpoint: foobar
|
||||
tls:
|
||||
ca: foobar
|
||||
cert: foobar
|
||||
key: foobar
|
||||
insecureSkipVerify: true
|
||||
headers:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
addEntryPointsLabels: true
|
||||
addRoutersLabels: true
|
||||
addServicesLabels: true
|
||||
explicitBoundaries:
|
||||
- 42
|
||||
- 42
|
||||
headers:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
insecure: true
|
||||
path: foobar
|
||||
pushInterval: 42s
|
||||
tls:
|
||||
ca: foobar
|
||||
cert: foobar
|
||||
key: foobar
|
||||
insecureSkipVerify: true
|
||||
ping:
|
||||
entryPoint: foobar
|
||||
manualRouting: true
|
||||
|
@ -398,15 +409,14 @@ accessLog:
|
|||
name0: foobar
|
||||
name1: foobar
|
||||
bufferingSize: 42
|
||||
addInternals: true
|
||||
tracing:
|
||||
serviceName: foobar
|
||||
headers:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
globalAttributes:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
sampleRate: 42
|
||||
addInternals: true
|
||||
otlp:
|
||||
grpc:
|
||||
endpoint: foobar
|
||||
|
@ -416,6 +426,9 @@ tracing:
|
|||
cert: foobar
|
||||
key: foobar
|
||||
insecureSkipVerify: true
|
||||
headers:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
http:
|
||||
endpoint: foobar
|
||||
tls:
|
||||
|
@ -423,6 +436,9 @@ tracing:
|
|||
cert: foobar
|
||||
key: foobar
|
||||
insecureSkipVerify: true
|
||||
headers:
|
||||
name0: foobar
|
||||
name1: foobar
|
||||
hostResolver:
|
||||
cnameFlattening: true
|
||||
resolvConfig: foobar
|
||||
|
|
|
@ -233,6 +233,79 @@ If both TCP and UDP are wanted for the same port, two entryPoints definitions ar
|
|||
|
||||
Full details for how to specify `address` can be found in [net.Listen](https://golang.org/pkg/net/#Listen) (and [net.Dial](https://golang.org/pkg/net/#Dial)) of the doc for go.
|
||||
|
||||
### ReusePort
|
||||
|
||||
_Optional, Default=false_
|
||||
|
||||
The `ReusePort` option enables EntryPoints from the same or different processes
|
||||
listening on the same TCP/UDP port by utilizing the `SO_REUSEPORT` socket option.
|
||||
It also allows the kernel to act like a load balancer to distribute incoming
|
||||
connections between entry points.
|
||||
|
||||
For example, you can use it with the [transport.lifeCycle](#lifecycle) to do
|
||||
canary deployments against Traefik itself. Like upgrading Traefik version or
|
||||
reloading the static configuration without any service downtime.
|
||||
|
||||
!!! warning "Supported platforms"
|
||||
|
||||
The `ReusePort` option currently works only on Linux, FreeBSD, OpenBSD and Darwin.
|
||||
It will be ignored on other platforms.
|
||||
|
||||
There is a known bug in the Linux kernel that may cause unintended TCP connection failures when using the `ReusePort` option.
|
||||
For more details, see https://lwn.net/Articles/853637/.
|
||||
|
||||
??? example "Listen on the same port"
|
||||
|
||||
```yaml tab="File (yaml)"
|
||||
entryPoints:
|
||||
web:
|
||||
address: ":80"
|
||||
reusePort: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[entryPoints.web]
|
||||
address = ":80"
|
||||
reusePort = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--entrypoints.web.address=:80
|
||||
--entrypoints.web.reusePort=true
|
||||
```
|
||||
|
||||
Now it is possible to run multiple Traefik processes with the same EntryPoint configuration.
|
||||
|
||||
??? example "Listen on the same port but bind to a different host"
|
||||
|
||||
```yaml tab="File (yaml)"
|
||||
entryPoints:
|
||||
web:
|
||||
address: ":80"
|
||||
reusePort: true
|
||||
privateWeb:
|
||||
address: "192.168.1.2:80"
|
||||
reusePort: true
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
[entryPoints.web]
|
||||
address = ":80"
|
||||
reusePort = true
|
||||
[entryPoints.privateWeb]
|
||||
address = "192.168.1.2:80"
|
||||
reusePort = true
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
--entrypoints.web.address=:80
|
||||
--entrypoints.web.reusePort=true
|
||||
--entrypoints.privateWeb.address=192.168.1.2:80
|
||||
--entrypoints.privateWeb.reusePort=true
|
||||
```
|
||||
|
||||
Requests to `192.168.1.2:80` will only be handled by routers that have `privateWeb` as the entry point.
|
||||
|
||||
### AsDefault
|
||||
|
||||
_Optional, Default=false_
|
||||
|
@ -650,7 +723,7 @@ The maximum number of requests Traefik can handle before sending a `Connection:
|
|||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--entryPoints.name.address=:8888
|
||||
--entryPoints.name.transport.keepAliveRequests=42
|
||||
--entryPoints.name.transport.keepAliveMaxRequests=42
|
||||
```
|
||||
|
||||
#### `keepAliveMaxTime`
|
||||
|
@ -680,7 +753,7 @@ The maximum duration Traefik can handle requests before sending a `Connection: C
|
|||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--entryPoints.name.address=:8888
|
||||
--entryPoints.name.transport.keepAliveTime=42s
|
||||
--entryPoints.name.transport.keepAliveMaxTime=42s
|
||||
```
|
||||
|
||||
### ProxyProtocol
|
||||
|
|
|
@ -1617,6 +1617,46 @@ Below are the available options for the PROXY protocol:
|
|||
version = 1
|
||||
```
|
||||
|
||||
#### Termination Delay
|
||||
|
||||
!!! warning
|
||||
|
||||
Deprecated in favor of [`serversTransport.terminationDelay`](#terminationdelay).
|
||||
Please note that if any `serversTransport` configuration on the servers load balancer is found,
|
||||
it will take precedence over the servers load balancer `terminationDelay` value,
|
||||
even if the `serversTransport.terminationDelay` is undefined.
|
||||
|
||||
As a proxy between a client and a server, it can happen that either side (e.g. client side) decides to terminate its writing capability on the connection (i.e. issuance of a FIN packet).
|
||||
The proxy needs to propagate that intent to the other side, and so when that happens, it also does the same on its connection with the other side (e.g. backend side).
|
||||
|
||||
However, if for some reason (bad implementation, or malicious intent) the other side does not eventually do the same as well,
|
||||
the connection would stay half-open, which would lock resources for however long.
|
||||
|
||||
To that end, as soon as the proxy enters this termination sequence, it sets a deadline on fully terminating the connections on both sides.
|
||||
|
||||
The termination delay controls that deadline.
|
||||
It is a duration in milliseconds, defaulting to 100.
|
||||
A negative value means an infinite deadline (i.e. the connection is never fully terminated by the proxy itself).
|
||||
|
||||
??? example "A Service with a termination delay -- Using the [File Provider](../../providers/file.md)"
|
||||
|
||||
```yaml tab="YAML"
|
||||
## Dynamic configuration
|
||||
tcp:
|
||||
services:
|
||||
my-service:
|
||||
loadBalancer:
|
||||
terminationDelay: 200
|
||||
```
|
||||
|
||||
```toml tab="TOML"
|
||||
## Dynamic configuration
|
||||
[tcp.services]
|
||||
[tcp.services.my-service.loadBalancer]
|
||||
[[tcp.services.my-service.loadBalancer]]
|
||||
terminationDelay = 200
|
||||
```
|
||||
|
||||
### Weighted Round Robin
|
||||
|
||||
The Weighted Round Robin (alias `WRR`) load-balancer of services is in charge of balancing the requests between multiple services based on provided weights.
|
||||
|
|
|
@ -149,11 +149,16 @@ nav:
|
|||
- 'API': 'operations/api.md'
|
||||
- 'Ping': 'operations/ping.md'
|
||||
- 'Observability':
|
||||
- 'Overview': 'observability/overview.md'
|
||||
- 'Logs': 'observability/logs.md'
|
||||
- 'Access Logs': 'observability/access-logs.md'
|
||||
- 'Metrics':
|
||||
- 'Overview': 'observability/metrics/overview.md'
|
||||
- 'Datadog': 'observability/metrics/datadog.md'
|
||||
- 'InfluxDB2': 'observability/metrics/influxdb2.md'
|
||||
- 'OpenTelemetry': 'observability/metrics/opentelemetry.md'
|
||||
- 'Prometheus': 'observability/metrics/prometheus.md'
|
||||
- 'StatsD': 'observability/metrics/statsd.md'
|
||||
- 'Tracing':
|
||||
- 'Overview': 'observability/tracing/overview.md'
|
||||
- 'OpenTelemetry': 'observability/tracing/opentelemetry.md'
|
||||
|
|
91
go.mod
91
go.mod
|
@ -1,6 +1,6 @@
|
|||
module github.com/traefik/traefik/v3
|
||||
|
||||
go 1.21
|
||||
go 1.22
|
||||
|
||||
require (
|
||||
github.com/BurntSushi/toml v1.3.2
|
||||
|
@ -17,7 +17,7 @@ require (
|
|||
github.com/docker/go-connections v0.4.0
|
||||
github.com/fatih/structs v1.1.0
|
||||
github.com/fsnotify/fsnotify v1.7.0
|
||||
github.com/go-acme/lego/v4 v4.14.0
|
||||
github.com/go-acme/lego/v4 v4.15.0
|
||||
github.com/go-kit/kit v0.10.1-0.20200915143503-439c4d2ed3ea
|
||||
github.com/golang/protobuf v1.5.3
|
||||
github.com/google/go-github/v28 v28.1.1
|
||||
|
@ -26,7 +26,7 @@ require (
|
|||
github.com/hashicorp/consul/api v1.26.1
|
||||
github.com/hashicorp/go-hclog v1.5.0
|
||||
github.com/hashicorp/go-multierror v1.1.1
|
||||
github.com/hashicorp/go-retryablehttp v0.7.4
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5
|
||||
github.com/hashicorp/go-version v1.6.0
|
||||
github.com/hashicorp/nomad/api v0.0.0-20240122103822-8a4bd61caf74
|
||||
github.com/http-wasm/http-wasm-host-go v0.5.2
|
||||
|
@ -39,7 +39,7 @@ require (
|
|||
github.com/kvtools/valkeyrie v1.0.0
|
||||
github.com/kvtools/zookeeper v1.0.2
|
||||
github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f
|
||||
github.com/miekg/dns v1.1.55
|
||||
github.com/miekg/dns v1.1.58
|
||||
github.com/mitchellh/copystructure v1.2.0
|
||||
github.com/mitchellh/hashstructure v1.0.0
|
||||
github.com/mitchellh/mapstructure v1.5.0
|
||||
|
@ -78,11 +78,12 @@ require (
|
|||
go.opentelemetry.io/otel/sdk/metric v1.21.0
|
||||
go.opentelemetry.io/otel/trace v1.21.0
|
||||
golang.org/x/exp v0.0.0-20231006140011-7918f672742d
|
||||
golang.org/x/mod v0.13.0
|
||||
golang.org/x/net v0.17.0
|
||||
golang.org/x/text v0.13.0
|
||||
golang.org/x/time v0.3.0
|
||||
golang.org/x/tools v0.14.0
|
||||
golang.org/x/mod v0.14.0
|
||||
golang.org/x/net v0.20.0
|
||||
golang.org/x/sys v0.16.0
|
||||
golang.org/x/text v0.14.0
|
||||
golang.org/x/time v0.5.0
|
||||
golang.org/x/tools v0.17.0
|
||||
google.golang.org/grpc v1.59.0
|
||||
gopkg.in/yaml.v3 v3.0.1
|
||||
k8s.io/api v0.28.4
|
||||
|
@ -108,8 +109,8 @@ require (
|
|||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.1.0 // indirect
|
||||
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
|
||||
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
|
||||
github.com/Azure/go-autorest/autorest v0.11.27 // indirect
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect
|
||||
github.com/Azure/go-autorest/autorest v0.11.29 // indirect
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.22 // indirect
|
||||
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 // indirect
|
||||
github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect
|
||||
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
|
||||
|
@ -128,26 +129,27 @@ require (
|
|||
github.com/aliyun/alibaba-cloud-sdk-go v1.61.1755 // indirect
|
||||
github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 // indirect
|
||||
github.com/armon/go-metrics v0.4.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2 v1.20.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.28 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.27 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.40 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.34 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.34 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/lightsail v1.27.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/route53 v1.28.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 // indirect
|
||||
github.com/aws/smithy-go v1.14.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.6 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/lightsail v1.34.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
|
||||
github.com/aws/smithy-go v1.19.0 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
|
||||
github.com/bytedance/sonic v1.10.0 // indirect
|
||||
github.com/cespare/xxhash/v2 v2.2.0 // indirect
|
||||
github.com/civo/civogo v0.3.11 // indirect
|
||||
github.com/cloudflare/cloudflare-go v0.70.0 // indirect
|
||||
github.com/cloudflare/cloudflare-go v0.86.0 // indirect
|
||||
github.com/containerd/containerd v1.7.11 // indirect
|
||||
github.com/containerd/log v0.1.0 // indirect
|
||||
github.com/coreos/go-semver v0.3.1 // indirect
|
||||
|
@ -164,12 +166,12 @@ require (
|
|||
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
|
||||
github.com/evanphx/json-patch v5.7.0+incompatible // indirect
|
||||
github.com/evanphx/json-patch/v5 v5.7.0 // indirect
|
||||
github.com/exoscale/egoscale v0.100.1 // indirect
|
||||
github.com/exoscale/egoscale v0.102.3 // indirect
|
||||
github.com/fatih/color v1.15.0 // indirect
|
||||
github.com/ghodss/yaml v1.0.0 // indirect
|
||||
github.com/gin-gonic/gin v1.9.1 // indirect
|
||||
github.com/go-errors/errors v1.0.1 // indirect
|
||||
github.com/go-jose/go-jose/v3 v3.0.0 // indirect
|
||||
github.com/go-jose/go-jose/v3 v3.0.1 // indirect
|
||||
github.com/go-logfmt/logfmt v0.5.1 // indirect
|
||||
github.com/go-logr/logr v1.3.0 // indirect
|
||||
github.com/go-logr/stdr v1.2.2 // indirect
|
||||
|
@ -178,9 +180,10 @@ require (
|
|||
github.com/go-openapi/jsonreference v0.20.2 // indirect
|
||||
github.com/go-openapi/swag v0.22.4 // indirect
|
||||
github.com/go-playground/validator/v10 v10.15.1 // indirect
|
||||
github.com/go-resty/resty/v2 v2.7.0 // indirect
|
||||
github.com/go-resty/resty/v2 v2.11.0 // indirect
|
||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
|
||||
github.com/go-zookeeper/zk v1.0.3 // indirect
|
||||
github.com/goccy/go-json v0.10.2 // indirect
|
||||
github.com/gofrs/uuid v4.4.0+incompatible // indirect
|
||||
github.com/gogo/protobuf v1.3.2 // indirect
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
|
||||
|
@ -220,10 +223,9 @@ require (
|
|||
github.com/kylelemons/godebug v1.1.0 // indirect
|
||||
github.com/labbsr0x/bindman-dns-webhook v1.0.2 // indirect
|
||||
github.com/labbsr0x/goh v1.0.1 // indirect
|
||||
github.com/linode/linodego v1.17.2 // indirect
|
||||
github.com/liquidweb/go-lwApi v0.0.5 // indirect
|
||||
github.com/linode/linodego v1.28.0 // indirect
|
||||
github.com/liquidweb/liquidweb-cli v0.6.9 // indirect
|
||||
github.com/liquidweb/liquidweb-go v1.6.3 // indirect
|
||||
github.com/liquidweb/liquidweb-go v1.6.4 // indirect
|
||||
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
|
||||
github.com/magiconair/properties v1.8.7 // indirect
|
||||
github.com/mailgun/minheap v0.0.0-20170619185613-3dbe6c6bf55f // indirect
|
||||
|
@ -247,13 +249,14 @@ require (
|
|||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
||||
github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
|
||||
github.com/nrdcg/auroradns v1.1.0 // indirect
|
||||
github.com/nrdcg/bunny-go v0.0.0-20230728143221-c9dda82568d9 // indirect
|
||||
github.com/nrdcg/desec v0.7.0 // indirect
|
||||
github.com/nrdcg/dnspod-go v0.4.0 // indirect
|
||||
github.com/nrdcg/freemyip v0.2.0 // indirect
|
||||
github.com/nrdcg/goinwx v0.8.2 // indirect
|
||||
github.com/nrdcg/goinwx v0.10.0 // indirect
|
||||
github.com/nrdcg/namesilo v0.2.1 // indirect
|
||||
github.com/nrdcg/nodion v0.1.0 // indirect
|
||||
github.com/nrdcg/porkbun v0.2.0 // indirect
|
||||
github.com/nrdcg/porkbun v0.3.0 // indirect
|
||||
github.com/nzdjb/go-metaname v1.0.0 // indirect
|
||||
github.com/onsi/ginkgo v1.16.5 // indirect
|
||||
github.com/onsi/ginkgo/v2 v2.11.0 // indirect
|
||||
|
@ -261,7 +264,7 @@ require (
|
|||
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
|
||||
github.com/opencontainers/runc v1.1.5 // indirect
|
||||
github.com/oracle/oci-go-sdk v24.3.0+incompatible // indirect
|
||||
github.com/ovh/go-ovh v1.4.1 // indirect
|
||||
github.com/ovh/go-ovh v1.4.3 // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.0.9 // indirect
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
|
@ -277,13 +280,12 @@ require (
|
|||
github.com/sacloud/go-http v0.1.6 // indirect
|
||||
github.com/sacloud/iaas-api-go v1.11.1 // indirect
|
||||
github.com/sacloud/packages-go v0.0.9 // indirect
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17 // indirect
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22 // indirect
|
||||
github.com/shirou/gopsutil/v3 v3.23.11 // indirect
|
||||
github.com/shoenig/go-m1cpu v0.1.6 // indirect
|
||||
github.com/shopspring/decimal v1.2.0 // indirect
|
||||
github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04 // indirect
|
||||
github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect
|
||||
github.com/softlayer/softlayer-go v1.1.2 // indirect
|
||||
github.com/softlayer/softlayer-go v1.1.3 // indirect
|
||||
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
|
||||
github.com/spf13/cast v1.3.1 // indirect
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
|
@ -294,8 +296,8 @@ require (
|
|||
github.com/tidwall/pretty v1.2.1 // indirect
|
||||
github.com/tklauser/go-sysconf v0.3.12 // indirect
|
||||
github.com/tklauser/numcpus v0.6.1 // indirect
|
||||
github.com/transip/gotransip/v6 v6.20.0 // indirect
|
||||
github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c // indirect
|
||||
github.com/transip/gotransip/v6 v6.23.0 // indirect
|
||||
github.com/ultradns/ultradns-go-sdk v1.6.1-20231103022937-8589b6a // indirect
|
||||
github.com/vinyldns/go-vinyldns v0.9.16 // indirect
|
||||
github.com/vultr/govultr/v2 v2.17.2 // indirect
|
||||
github.com/yandex-cloud/go-genproto v0.0.0-20220805142335-27b56ddae16f // indirect
|
||||
|
@ -313,10 +315,9 @@ require (
|
|||
go.uber.org/ratelimit v0.2.0 // indirect
|
||||
go.uber.org/zap v1.26.0 // indirect
|
||||
golang.org/x/arch v0.4.0 // indirect
|
||||
golang.org/x/crypto v0.14.0 // indirect
|
||||
golang.org/x/oauth2 v0.13.0 // indirect
|
||||
golang.org/x/sys v0.15.0 // indirect
|
||||
golang.org/x/term v0.13.0 // indirect
|
||||
golang.org/x/crypto v0.18.0 // indirect
|
||||
golang.org/x/oauth2 v0.16.0 // indirect
|
||||
golang.org/x/term v0.16.0 // indirect
|
||||
google.golang.org/api v0.128.0 // indirect
|
||||
google.golang.org/appengine v1.6.8 // indirect
|
||||
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect
|
||||
|
@ -326,7 +327,7 @@ require (
|
|||
gopkg.in/h2non/gock.v1 v1.0.16 // indirect
|
||||
gopkg.in/inf.v0 v0.9.1 // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
gopkg.in/ns1/ns1-go.v2 v2.7.6 // indirect
|
||||
gopkg.in/ns1/ns1-go.v2 v2.7.13 // indirect
|
||||
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
|
||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||
k8s.io/klog/v2 v2.100.1 // indirect
|
||||
|
|
193
go.sum
193
go.sum
|
@ -42,11 +42,11 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg6
|
|||
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
|
||||
github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
|
||||
github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc=
|
||||
github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A=
|
||||
github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U=
|
||||
github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw=
|
||||
github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs=
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ=
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg=
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ=
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.22 h1:/GblQdIudfEM3AWWZ0mrYJQSd7JS4S/Mbzh6F0ov0Xc=
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk=
|
||||
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 h1:wkAZRgT/pn8HhFyzfe9UnqOjJYqlembgCTi72Bm/xKk=
|
||||
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12/go.mod h1:84w/uV8E37feW2NCJ08uT9VBfjfUHpgLVnG2InYD6cg=
|
||||
github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 h1:0W/yGmFdTIT77fvdlGZ0LMISoLHFJ7Tx4U0yeB+uFs4=
|
||||
|
@ -122,39 +122,36 @@ github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN
|
|||
github.com/aws/aws-sdk-go v1.44.327 h1:ZS8oO4+7MOBLhkdwIhgtVeDzCeWOlTfKJS7EgggbIEY=
|
||||
github.com/aws/aws-sdk-go v1.44.327/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
|
||||
github.com/aws/aws-sdk-go-v2 v1.19.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
|
||||
github.com/aws/aws-sdk-go-v2 v1.20.3 h1:lgeKmAZhlj1JqN43bogrM75spIvYnRxqTAh1iupu1yE=
|
||||
github.com/aws/aws-sdk-go-v2 v1.20.3/go.mod h1:/RfNgGmRxI+iFOB1OeJUyxiU+9s88k3pfHvDagGEp0M=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.28 h1:TINEaKyh1Td64tqFvn09iYpKiWjmHYrG1fa91q2gnqw=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.28/go.mod h1:nIL+4/8JdAuNHEjn/gPEXqtnS02Q3NXB/9Z7o5xE4+A=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.27 h1:dz0yr/yR1jweAnsCx+BmjerUILVPQ6FS5AwF/OyG1kA=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.27/go.mod h1:syOqAek45ZXZp29HlnRS/BNgMIW6uiRmeuQsz4Qh2UE=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 h1:kP3Me6Fy3vdi+9uHd7YLr6ewPxRL+PU6y15urfTaamU=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5/go.mod h1:Gj7tm95r+QsDoN2Fhuz/3npQvcZbkEf5mL70n3Xfluc=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35/go.mod h1:ipR5PvpSPqIqL5Mi82BxLnfMkHVbmco8kUwO2xrCi0M=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.40 h1:CXceCS9BrDInRc74GDCQ8Qyk/Gp9VLdK+Rlve+zELSE=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.40/go.mod h1:5kKmFhLeOVy6pwPDpDNA6/hK/d6URC98pqDDqHgdBx4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29/go.mod h1:M/eUABlDbw2uVrdAn+UsI6M727qp2fxkp8K0ejcBDUY=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.34 h1:B+nZtd22cbko5+793hg7LEaTeLMiZwlgCLUrN5Y0uzg=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.34/go.mod h1:RZP0scceAyhMIQ9JvFp7HvkpcgqjL4l/4C+7RAeGbuM=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 h1:8r5m1BoAWkn0TDC34lUculryf7nUF25EgIMdjvGCkgo=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36/go.mod h1:Rmw2M1hMVTwiUhjwMoIBFWFJMhvJbct06sSidxInkhY=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29/go.mod h1:fDbkK4o7fpPXWn8YAPmTieAMuB9mk/VgvW64uaUqxd4=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.34 h1:JwvXk+1ePAD9xkFHprhHYqwsxLDcbNFsPI1IAT2sPS0=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.34/go.mod h1:ytsF+t+FApY2lFnN51fJKPhH6ICKOPXKEcwwgmJEdWI=
|
||||
github.com/aws/aws-sdk-go-v2/service/lightsail v1.27.2 h1:PwNeYoonBzmTdCztKiiutws3U24KrnDBuabzRfIlZY4=
|
||||
github.com/aws/aws-sdk-go-v2/service/lightsail v1.27.2/go.mod h1:gQhLZrTEath4zik5ixIe6axvgY5jJrgSBDJ360Fxnco=
|
||||
github.com/aws/aws-sdk-go-v2/service/route53 v1.28.4 h1:p4mTxJfCAyiTT4Wp6p/mOPa6j5MqCSRGot8qZwFs+Z0=
|
||||
github.com/aws/aws-sdk-go-v2/service/route53 v1.28.4/go.mod h1:VBLWpaHvhQNeu7N9rMEf00SWeOONb/HvaDUxe/7b44k=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 h1:sWDv7cMITPcZ21QdreULwxOOAmE05JjEsT6fCDtDA9k=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.12.13/go.mod h1:DfX0sWuT46KpcqbMhJ9QWtxAIP1VozkDWf8VAkByjYY=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 h1:BFubHS/xN5bjl818QaroN6mQdjneYQ+AOx44KNXlyH4=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13/go.mod h1:BzqsVVFduubEmzrVtUFQQIQdFqvUItF8XUq2EnS8Wog=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 h1:e5mnydVdCVWxP+5rPAGi2PYxC7u2OZgH1ypC114H04U=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.3/go.mod h1:yVGZA1CPkmUhBdA039jXNJJG7/6t+G+EBWmFq23xqnY=
|
||||
github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
|
||||
github.com/aws/smithy-go v1.14.2 h1:MJU9hqBGbvWZdApzpvoF2WAIJDbtjK2NDJSiJP7HblQ=
|
||||
github.com/aws/smithy-go v1.14.2/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.1 h1:xAojnj+ktS95YZlDf0zxWBkbFtymPeDP+rvUQIH3uAU=
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.1/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.6 h1:Z/7w9bUqlRI0FFQpetVuFYEsjzE3h7fpU6HuGmfPL/o=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.6/go.mod h1:uKU6cnDmYCvJ+pxO9S4cWDb2yWWIH5hra+32hVh1MI4=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.16 h1:8q6Rliyv0aUFAVtzaldUEcS+T5gbadPbWdV1WcAddK8=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.16/go.mod h1:UHVZrdUsv63hPXFo1H7c5fEneoVo9UXiz36QG1GEPi0=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 h1:c5I5iH+DZcH3xOIMlz3/tCKJDaHFwYEmxvlh2fAcFo8=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11/go.mod h1:cRrYDYAMUohBJUtUnOhydaMHtiK/1NZ0Otc9lIb6O0Y=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 h1:vF+Zgd9s+H4vOXd5BMaPWykta2a6Ih0AKLq/X6NYKn4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10/go.mod h1:6BkRjejp/GR4411UGqkX8+wFMbFbqsUIimfK4XjOKR4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 h1:nYPe006ktcqUji8S2mqXf9c/7NdiKriOwMvWQHgYztw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10/go.mod h1:6UV4SZkVvmODfXKql4LCbaZUpF7HO2BX38FgBf9ZOLw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 h1:n3GDfwqF2tzEkXlv5cuy4iy7LpKDtqDMcNLfZDu9rls=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 h1:DBYTXwIGQSGs9w4jKm60F5dmCQ3EEruxdc0MFh+3EY4=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10/go.mod h1:wohMUQiFdzo0NtxbBg0mSRGZ4vL3n0dKjLTINdcIino=
|
||||
github.com/aws/aws-sdk-go-v2/service/lightsail v1.34.0 h1:LvWkxBi/bsWHqj3bFTUuDLl4OAlbaM1HDZ9YPhj5+jg=
|
||||
github.com/aws/aws-sdk-go-v2/service/lightsail v1.34.0/go.mod h1:35MKNS46RX7Lb9EIFP2bPy3WrJu+bxU6QgLis8K1aa4=
|
||||
github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0 h1:f3hBZWtpn9clZGXJoqahQeec9ZPZnu22g8pg+zNyif0=
|
||||
github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0/go.mod h1:8qqfpG4mug2JLlEyWPSFhEGvJiaZ9iPmMDDMYc5Xtas=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 h1:eajuO3nykDPdYicLlP3AGgOyVN3MOlFmZv7WGTuJPow=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.7/go.mod h1:+mJNDdF+qiUlNKNC3fxn74WWNN+sOiGOEImje+3ScPM=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 h1:QPMJf+Jw8E1l7zqhZmMlFw6w1NmfkfiSK8mS4zOx3BA=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7/go.mod h1:ykf3COxYI0UJmxcfcxcVuz7b6uADi1FkiUz6Eb7AgM8=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 h1:NzO4Vrau795RkUdSHKEwiR01FaGzGOH1EETJ+5QHnm0=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7/go.mod h1:6h2YuIoxaMSCFf5fi1EgZAwdfkGMgDY+DVfa61uLe4U=
|
||||
github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM=
|
||||
github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
||||
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
||||
|
@ -199,8 +196,8 @@ github.com/civo/civogo v0.3.11 h1:mON/fyrV946Sbk6paRtOSGsN+asCgCmHCgArf5xmGxM=
|
|||
github.com/civo/civogo v0.3.11/go.mod h1:7+GeeFwc4AYTULaEshpT2vIcl3Qq8HPoxA17viX3l6g=
|
||||
github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
|
||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||
github.com/cloudflare/cloudflare-go v0.70.0 h1:4opGbUygM8DjirUuaz23jn3akuAcnOCEx+0nQtQEcFo=
|
||||
github.com/cloudflare/cloudflare-go v0.70.0/go.mod h1:VW6GuazkaZ4xEDkFt24lkXQUsE8q7BiGqDniC2s8WEM=
|
||||
github.com/cloudflare/cloudflare-go v0.86.0 h1:jEKN5VHNYNYtfDL2lUFLTRo+nOVNPFxpXTstVx0rqHI=
|
||||
github.com/cloudflare/cloudflare-go v0.86.0/go.mod h1:wYW/5UP02TUfBToa/yKbQHV+r6h1NnJ1Je7XjuGM4Jw=
|
||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
|
||||
github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
|
||||
|
@ -306,8 +303,8 @@ github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ
|
|||
github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
|
||||
github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc=
|
||||
github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
|
||||
github.com/exoscale/egoscale v0.100.1 h1:iXsV1Ei7daqe/6FYSCSDyrFs1iUG1l1X9qNh2uMw6z0=
|
||||
github.com/exoscale/egoscale v0.100.1/go.mod h1:BAb9p4rmyU+Wl400CJZO5270H2sXtdsZjLcm5xMKkz4=
|
||||
github.com/exoscale/egoscale v0.102.3 h1:DYqN2ipoLKpiFoprRGQkp2av/Ze7sUYYlGhi1N62tfY=
|
||||
github.com/exoscale/egoscale v0.102.3/go.mod h1:RPf2Gah6up+6kAEayHTQwqapzXlm93f0VQas/UEGU5c=
|
||||
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
|
||||
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
|
||||
github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
|
||||
|
@ -338,15 +335,15 @@ github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwv
|
|||
github.com/gin-gonic/gin v1.7.4/go.mod h1:jD2toBW3GZUr5UMcdrwQA10I7RuaFOl/SGeDjXkfUtY=
|
||||
github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
|
||||
github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
|
||||
github.com/go-acme/lego/v4 v4.14.0 h1:/skZoRHgVh0d2RK7l1g3Ch8HqeqP9LB8ZEjLdGEpcDE=
|
||||
github.com/go-acme/lego/v4 v4.14.0/go.mod h1:zjmvNCDLGz7GrC1OqdVpVmZFKSRabEDtWbdzmcpBsGo=
|
||||
github.com/go-acme/lego/v4 v4.15.0 h1:A7MHEU3b+TDFqhC/HmzMJnzPbyeaYvMZQBbqgvbThhU=
|
||||
github.com/go-acme/lego/v4 v4.15.0/go.mod h1:eeGhjW4zWT7Ccqa3sY7ayEqFLCAICx+mXgkMHKIkLxg=
|
||||
github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJpoZOs=
|
||||
github.com/go-cmd/cmd v1.0.5/go.mod h1:y8q8qlK5wQibcw63djSl/ntiHUHXHGdCkPk0j4QeW4s=
|
||||
github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w=
|
||||
github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo=
|
||||
github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
|
||||
github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA=
|
||||
github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
|
||||
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||
github.com/go-kit/kit v0.10.1-0.20200915143503-439c4d2ed3ea h1:CnEQOUv4ilElSwFB9g/lVmz206oLE4aNZDYngIY1Gvg=
|
||||
|
@ -390,8 +387,8 @@ github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn
|
|||
github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
|
||||
github.com/go-playground/validator/v10 v10.15.1 h1:BSe8uhN+xQ4r5guV/ywQI4gO59C2raYcGffYWZEjZzM=
|
||||
github.com/go-playground/validator/v10 v10.15.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
|
||||
github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY=
|
||||
github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I=
|
||||
github.com/go-resty/resty/v2 v2.11.0 h1:i7jMfNOJYMp69lq7qozJP+bjgzfAzeOhuGlyDrqxT/8=
|
||||
github.com/go-resty/resty/v2 v2.11.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A=
|
||||
github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
|
||||
github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
|
||||
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
||||
|
@ -480,7 +477,6 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
|
|||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
|
||||
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
|
@ -569,8 +565,8 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+
|
|||
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
|
||||
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
|
||||
github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||
github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
|
||||
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
|
||||
github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
|
||||
|
@ -709,15 +705,13 @@ github.com/lestrrat-go/jwx v1.2.7/go.mod h1:bw24IXWbavc0R2RsOtpXL7RtMyP589yZ1+L7
|
|||
github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
|
||||
github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
|
||||
github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
|
||||
github.com/linode/linodego v1.17.2 h1:b32dj4662PGG5P9qVa6nBezccWdqgukndlMIuPGq1CQ=
|
||||
github.com/linode/linodego v1.17.2/go.mod h1:C2iyT3Vg2O2sPxkWka4XAQ5WSUtm5LmTZ3Adw43Ra7Q=
|
||||
github.com/linode/linodego v1.28.0 h1:lzxxJebsYg5cCWRNDLyL2StW3sfMyAwf/FYfxFjFrlk=
|
||||
github.com/linode/linodego v1.28.0/go.mod h1:5oAsx+uinHtVo6U77nXXXtox7MWzUW6aEkTOKXxA9uo=
|
||||
github.com/liquidweb/go-lwApi v0.0.0-20190605172801-52a4864d2738/go.mod h1:0sYF9rMXb0vlG+4SzdiGMXHheCZxjguMq+Zb4S2BfBs=
|
||||
github.com/liquidweb/go-lwApi v0.0.5 h1:CT4cdXzJXmo0bon298kS7NeSk+Gt8/UHpWBBol1NGCA=
|
||||
github.com/liquidweb/go-lwApi v0.0.5/go.mod h1:0sYF9rMXb0vlG+4SzdiGMXHheCZxjguMq+Zb4S2BfBs=
|
||||
github.com/liquidweb/liquidweb-cli v0.6.9 h1:acbIvdRauiwbxIsOCEMXGwF75aSJDbDiyAWPjVnwoYM=
|
||||
github.com/liquidweb/liquidweb-cli v0.6.9/go.mod h1:cE1uvQ+x24NGUL75D0QagOFCG8Wdvmwu8aL9TLmA/eQ=
|
||||
github.com/liquidweb/liquidweb-go v1.6.3 h1:NVHvcnX3eb3BltiIoA+gLYn15nOpkYkdizOEYGSKrk4=
|
||||
github.com/liquidweb/liquidweb-go v1.6.3/go.mod h1:SuXXp+thr28LnjEw18AYtWwIbWMHSUiajPQs8T9c/Rc=
|
||||
github.com/liquidweb/liquidweb-go v1.6.4 h1:6S0m3hHSpiLqGD7AFSb7lH/W/qr1wx+tKil9fgIbjMc=
|
||||
github.com/liquidweb/liquidweb-go v1.6.4/go.mod h1:B934JPIIcdA+uTq2Nz5PgOtG6CuCaEvQKe/Ge/5GgZ4=
|
||||
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
|
||||
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
|
||||
github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
|
||||
|
@ -771,8 +765,8 @@ github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3N
|
|||
github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
|
||||
github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI=
|
||||
github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
|
||||
github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo=
|
||||
github.com/miekg/dns v1.1.55/go.mod h1:uInx36IzPl7FYnDcMeVWxj9byh7DutNykX4G9Sj60FY=
|
||||
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
|
||||
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
|
||||
github.com/mimuret/golang-iij-dpf v0.9.1 h1:Gj6EhHJkOhr+q2RnvRPJsPMcjuVnWPSccEHyoEehU34=
|
||||
github.com/mimuret/golang-iij-dpf v0.9.1/go.mod h1:sl9KyOkESib9+KRD3HaGpgi1xk7eoN2+d96LCLsME2M=
|
||||
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
|
||||
|
@ -839,20 +833,22 @@ github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uY
|
|||
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
|
||||
github.com/nrdcg/auroradns v1.1.0 h1:KekGh8kmf2MNwqZVVYo/fw/ZONt8QMEmbMFOeljteWo=
|
||||
github.com/nrdcg/auroradns v1.1.0/go.mod h1:O7tViUZbAcnykVnrGkXzIJTHoQCHcgalgAe6X1mzHfk=
|
||||
github.com/nrdcg/bunny-go v0.0.0-20230728143221-c9dda82568d9 h1:qpB3wZR4+MPK92cTC9zZPnndkJgDgPvQqPUAgVc1NXU=
|
||||
github.com/nrdcg/bunny-go v0.0.0-20230728143221-c9dda82568d9/go.mod h1:HUoHXDrFvidN1NK9Wb/mZKNOfDNutKkzF2Pg71M9hHA=
|
||||
github.com/nrdcg/desec v0.7.0 h1:iuGhi4pstF3+vJWwt292Oqe2+AsSPKDynQna/eu1fDs=
|
||||
github.com/nrdcg/desec v0.7.0/go.mod h1:e1uRqqKv1mJdd5+SQROAhmy75lKMphLzWIuASLkpeFY=
|
||||
github.com/nrdcg/dnspod-go v0.4.0 h1:c/jn1mLZNKF3/osJ6mz3QPxTudvPArXTjpkmYj0uK6U=
|
||||
github.com/nrdcg/dnspod-go v0.4.0/go.mod h1:vZSoFSFeQVm2gWLMkyX61LZ8HI3BaqtHZWgPTGKr6KQ=
|
||||
github.com/nrdcg/freemyip v0.2.0 h1:/GscavT4GVqAY13HExl5UyoB4wlchv6Cg5NYDGsUoJ8=
|
||||
github.com/nrdcg/freemyip v0.2.0/go.mod h1:HjF0Yz0lSb37HD2ihIyGz9esyGcxbCrrGFLPpKevbx4=
|
||||
github.com/nrdcg/goinwx v0.8.2 h1:RmjiHlEA+lzi3toXyPSaE6hWnBQ0+G+1u7w8C6Fpp4g=
|
||||
github.com/nrdcg/goinwx v0.8.2/go.mod h1:mnMSTi7CXBu2io4DzdOBoGFA1XclD0sEPWJaDhNgkA4=
|
||||
github.com/nrdcg/goinwx v0.10.0 h1:6W630bjDxQD6OuXKqrFRYVpTt0G/9GXXm3CeOrN0zJM=
|
||||
github.com/nrdcg/goinwx v0.10.0/go.mod h1:mnMSTi7CXBu2io4DzdOBoGFA1XclD0sEPWJaDhNgkA4=
|
||||
github.com/nrdcg/namesilo v0.2.1 h1:kLjCjsufdW/IlC+iSfAqj0iQGgKjlbUUeDJio5Y6eMg=
|
||||
github.com/nrdcg/namesilo v0.2.1/go.mod h1:lwMvfQTyYq+BbjJd30ylEG4GPSS6PII0Tia4rRpRiyw=
|
||||
github.com/nrdcg/nodion v0.1.0 h1:zLKaqTn2X0aDuBHHfyA1zFgeZfiCpmu/O9DM73okavw=
|
||||
github.com/nrdcg/nodion v0.1.0/go.mod h1:inbuh3neCtIWlMPZHtEpe43TmRXxHV6+hk97iCZicms=
|
||||
github.com/nrdcg/porkbun v0.2.0 h1:ghaqPtIKcffba99epWFkK3VWf6TKJT9WMXMgaTqv95Y=
|
||||
github.com/nrdcg/porkbun v0.2.0/go.mod h1:i0uLMn9ItFsLsSQIAeEu1wQ9/+6EvX1eQw15hulMMRw=
|
||||
github.com/nrdcg/porkbun v0.3.0 h1:jnRV7j2zd3hmh+tSDOGetJyy3+WklaMxbs7HtTTmWMs=
|
||||
github.com/nrdcg/porkbun v0.3.0/go.mod h1:jh1DKz96jGHW+NCdG3AmTbbnQeBlNUz1KeSgeN/cBVw=
|
||||
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
||||
github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
|
||||
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
|
||||
|
@ -899,8 +895,8 @@ github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnh
|
|||
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
|
||||
github.com/oracle/oci-go-sdk v24.3.0+incompatible h1:x4mcfb4agelf1O4/1/auGlZ1lr97jXRSSN5MxTgG/zU=
|
||||
github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888=
|
||||
github.com/ovh/go-ovh v1.4.1 h1:VBGa5wMyQtTP7Zb+w97zRCh9sLtM/2YKRyy+MEJmWaM=
|
||||
github.com/ovh/go-ovh v1.4.1/go.mod h1:6bL6pPyUT7tBfI0pqOegJgRjgjuO+mOo+MyXd1EEC0M=
|
||||
github.com/ovh/go-ovh v1.4.3 h1:Gs3V823zwTFpzgGLZNI6ILS4rmxZgJwJCz54Er9LwD0=
|
||||
github.com/ovh/go-ovh v1.4.3/go.mod h1:AkPXVtgwB6xlKblMjRKJJmjRp+ogrE7fz2lVgcQY8SY=
|
||||
github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
|
||||
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
|
||||
github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
|
||||
|
@ -1003,8 +999,8 @@ github.com/sacloud/iaas-api-go v1.11.1/go.mod h1:uBDSa06F/V0OnoR66jGdbH0PVnCJw+N
|
|||
github.com/sacloud/packages-go v0.0.9 h1:GbinkBLC/eirFhHpLjoDW6JV7+95Rnd2d8RWj7Afeks=
|
||||
github.com/sacloud/packages-go v0.0.9/go.mod h1:k+EEUMF2LlncjbNIJNOqLyZ9wjTESPIWIk1OA7x9j2Q=
|
||||
github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17 h1:1WuWJu7/e8SqK+uQl7lfk/N/oMZTL2NE/TJsNKRNMc4=
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22 h1:wJrcTdddKOI8TFxs8cemnhKP2EmKy3yfUKHj3ZdfzYo=
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
|
||||
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I=
|
||||
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
|
||||
github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg=
|
||||
|
@ -1020,8 +1016,6 @@ github.com/shoenig/test v1.7.0/go.mod h1:UxJ6u/x2v/TNs/LoLxBNJRV9DiwBBKYxXSyczsB
|
|||
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
|
||||
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
|
||||
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
|
||||
github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04 h1:ZTzdx88+AcnjqUfJwnz89UBrMSBQ1NEysg9u5d+dU9c=
|
||||
github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04/go.mod h1:5KS21fpch8TIMyAUv/qQqTa3GZfBDYgjaZbd2KXKYfg=
|
||||
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
|
||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
|
||||
|
@ -1036,8 +1030,8 @@ github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h
|
|||
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
|
||||
github.com/smartystreets/gunit v1.0.4 h1:tpTjnuH7MLlqhoD21vRoMZbMIi5GmBsAJDFyF67GhZA=
|
||||
github.com/smartystreets/gunit v1.0.4/go.mod h1:EH5qMBab2UclzXUcpR8b93eHsIlp9u+pDQIRp5DZNzQ=
|
||||
github.com/softlayer/softlayer-go v1.1.2 h1:rUSSGCyaxymvTOsaFjwr+cGxA8muw3xg2LSrIMNcN/c=
|
||||
github.com/softlayer/softlayer-go v1.1.2/go.mod h1:hvAbzGH4LRXA6yXY8BNx99yoqZ7urfDdtl9mvBf0G+g=
|
||||
github.com/softlayer/softlayer-go v1.1.3 h1:dfFzt5eOKIAyB/b78fHMyDu5ICx0ZtxL9NRhBlf831A=
|
||||
github.com/softlayer/softlayer-go v1.1.3/go.mod h1:Pc7F57OgUKaAam7TtpqkUeqL7QyKknfiUI4R49h41/U=
|
||||
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e h1:3OgWYFw7jxCZPcvAg+4R8A50GZ+CCkARF10lxu2qDsQ=
|
||||
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e/go.mod h1:fKZCUVdirrxrBpwd9wb+lSoVixvpwAu8eHzbQB2tums=
|
||||
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
|
||||
|
@ -1115,8 +1109,8 @@ github.com/traefik/paerser v0.2.0 h1:zqCLGSXoNlcBd+mzqSCLjon/I6phqIjeJL2xFB2ysgQ
|
|||
github.com/traefik/paerser v0.2.0/go.mod h1:afzaVcgF8A+MpTnPG4wBr4whjanCSYA6vK5RwaYVtRc=
|
||||
github.com/traefik/yaegi v0.15.1 h1:YA5SbaL6HZA0Exh9T/oArRHqGN2HQ+zgmCY7dkoTXu4=
|
||||
github.com/traefik/yaegi v0.15.1/go.mod h1:AVRxhaI2G+nUsaM1zyktzwXn69G3t/AuTDrCiTds9p0=
|
||||
github.com/transip/gotransip/v6 v6.20.0 h1:AuvwyOZ51f2brzMbTqlRy/wmaM3kF7Vx5Wds8xcDflY=
|
||||
github.com/transip/gotransip/v6 v6.20.0/go.mod h1:nzv9eN2tdsUrm5nG5ZX6AugYIU4qgsMwIn2c0EZLk8c=
|
||||
github.com/transip/gotransip/v6 v6.23.0 h1:PsTdjortrEZ8IFFifEryzjVjOy9SgK4ahlnhKBBIQgA=
|
||||
github.com/transip/gotransip/v6 v6.23.0/go.mod h1:nzv9eN2tdsUrm5nG5ZX6AugYIU4qgsMwIn2c0EZLk8c=
|
||||
github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
|
||||
github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
|
||||
github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
|
||||
|
@ -1127,8 +1121,8 @@ github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLY
|
|||
github.com/ugorji/go/codec v1.2.6/go.mod h1:V6TCNZ4PHqoHGFZuSG1W8nrCzzdgA2DozYxWFFpvxTw=
|
||||
github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
|
||||
github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
|
||||
github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c h1:mKnW6IGLw7uXu6DL6RitufZWcXS6hCnauXRUFof7rKM=
|
||||
github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c/go.mod h1:F4UyVEmq4/m5lAmx+GccrxyRCXmnBjzUL09JLTQFp94=
|
||||
github.com/ultradns/ultradns-go-sdk v1.6.1-20231103022937-8589b6a h1:w4PK5/N9kq8PfNxBv8a5t1bqlYRrVT7XzT7iTPTtiPk=
|
||||
github.com/ultradns/ultradns-go-sdk v1.6.1-20231103022937-8589b6a/go.mod h1:Xwz7o+ExFtxR/i0aJDnTXuiccQJlOxDgNe6FsZC4TzQ=
|
||||
github.com/unrolled/render v1.0.2 h1:dGS3EmChQP3yOi1YeFNO/Dx+MbWZhdvhQJTXochM5bs=
|
||||
github.com/unrolled/render v1.0.2/go.mod h1:gN9T0NhL4Bfbwu8ann7Ry/TGHYfosul+J0obPf6NBdM=
|
||||
github.com/unrolled/secure v1.0.9 h1:BWRuEb1vDrBFFDdbCnKkof3gZ35I/bnHGyt0LB0TNyQ=
|
||||
|
@ -1253,9 +1247,12 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y
|
|||
golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
|
||||
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
|
||||
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
|
||||
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
|
||||
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
|
||||
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
|
||||
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
|
@ -1286,8 +1283,9 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
|||
golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
|
||||
golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
|
||||
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
|
@ -1322,20 +1320,22 @@ golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy
|
|||
golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
|
||||
golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
|
||||
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
|
||||
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
|
||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
|
||||
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
|
||||
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY=
|
||||
golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0=
|
||||
golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
|
||||
golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
|
@ -1346,8 +1346,9 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ
|
|||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=
|
||||
golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
|
||||
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
|
@ -1424,15 +1425,20 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|||
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
|
||||
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
|
||||
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
|
||||
golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
|
||||
golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
|
||||
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||
|
@ -1443,16 +1449,20 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
|||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
|
||||
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
|
||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
|
||||
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
|
||||
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
|
@ -1487,8 +1497,9 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f
|
|||
golang.org/x/tools v0.0.0-20210114065538-d78b04bdf963/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
|
||||
golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc=
|
||||
golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
|
@ -1598,8 +1609,8 @@ gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
|||
gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
|
||||
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||
gopkg.in/ns1/ns1-go.v2 v2.7.6 h1:mCPl7q0jbIGACXvGBljAuuApmKZo3rRi4tlRIEbMvjA=
|
||||
gopkg.in/ns1/ns1-go.v2 v2.7.6/go.mod h1:GMnKY+ZuoJ+lVLL+78uSTjwTz2jMazq6AfGKQOYhsPk=
|
||||
gopkg.in/ns1/ns1-go.v2 v2.7.13 h1:r07CLALg18f/L1KIK1ZJdbirBV349UtYT1rDWGjnaTk=
|
||||
gopkg.in/ns1/ns1-go.v2 v2.7.13/go.mod h1:pfaU0vECVP7DIOr453z03HXS6dFJpXdNRwOyRzwmPSc=
|
||||
gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
|
||||
gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
|
||||
gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w=
|
||||
|
|
|
@ -61,7 +61,7 @@ func (s *AccessLogSuite) TestAccessLog() {
|
|||
ensureWorkingDirectoryIsClean()
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
defer func() {
|
||||
traefikLog, err := os.ReadFile(traefikTestLogFile)
|
||||
|
@ -130,7 +130,7 @@ func (s *AccessLogSuite) TestAccessLogAuthFrontend() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -194,7 +194,7 @@ func (s *AccessLogSuite) TestAccessLogDigestAuthMiddleware() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -304,7 +304,7 @@ func (s *AccessLogSuite) TestAccessLogFrontendRedirect() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -410,7 +410,7 @@ func (s *AccessLogSuite) TestAccessLogRateLimit() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -454,7 +454,7 @@ func (s *AccessLogSuite) TestAccessLogBackendNotFound() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.waitForTraefik("server1")
|
||||
|
||||
|
@ -494,7 +494,7 @@ func (s *AccessLogSuite) TestAccessLogFrontendAllowlist() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -534,7 +534,7 @@ func (s *AccessLogSuite) TestAccessLogAuthFrontendSuccess() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -575,7 +575,7 @@ func (s *AccessLogSuite) TestAccessLogPreflightHeadersMiddleware() {
|
|||
}
|
||||
|
||||
// Start Traefik
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml"))
|
||||
s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
|
@ -603,6 +603,56 @@ func (s *AccessLogSuite) TestAccessLogPreflightHeadersMiddleware() {
|
|||
s.checkNoOtherTraefikProblems()
|
||||
}
|
||||
|
||||
func (s *AccessLogSuite) TestAccessLogDisabledForInternals() {
|
||||
ensureWorkingDirectoryIsClean()
|
||||
|
||||
file := s.adaptFile("fixtures/access_log/access_log_ping.toml", struct{}{})
|
||||
|
||||
// Start Traefik.
|
||||
s.traefikCmd(withConfigFile(file))
|
||||
|
||||
defer func() {
|
||||
traefikLog, err := os.ReadFile(traefikTestLogFile)
|
||||
require.NoError(s.T(), err)
|
||||
log.Info().Msg(string(traefikLog))
|
||||
}()
|
||||
|
||||
// waitForTraefik makes at least one call to the rawdata api endpoint,
|
||||
// but the logs for this endpoint are ignored in checkAccessLogOutput.
|
||||
s.waitForTraefik("customPing")
|
||||
|
||||
s.checkStatsForLogFile()
|
||||
|
||||
// Verify Traefik started OK.
|
||||
s.checkTraefikStarted()
|
||||
|
||||
// Make some requests on the internal ping router.
|
||||
req, err := http.NewRequest(http.MethodGet, "http://127.0.0.1:8080/ping", nil)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
|
||||
require.NoError(s.T(), err)
|
||||
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
// Make some requests on the custom ping router.
|
||||
req, err = http.NewRequest(http.MethodGet, "http://127.0.0.1:8000/ping", nil)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
|
||||
require.NoError(s.T(), err)
|
||||
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
// Verify access.log output as expected.
|
||||
count := s.checkAccessLogOutput()
|
||||
|
||||
require.Equal(s.T(), 0, count)
|
||||
|
||||
// Verify no other Traefik problems.
|
||||
s.checkNoOtherTraefikProblems()
|
||||
}
|
||||
|
||||
func (s *AccessLogSuite) checkNoOtherTraefikProblems() {
|
||||
traefikLog, err := os.ReadFile(traefikTestLogFile)
|
||||
require.NoError(s.T(), err)
|
||||
|
@ -612,6 +662,8 @@ func (s *AccessLogSuite) checkNoOtherTraefikProblems() {
|
|||
}
|
||||
|
||||
func (s *AccessLogSuite) checkAccessLogOutput() int {
|
||||
s.T().Helper()
|
||||
|
||||
lines := s.extractLines()
|
||||
count := 0
|
||||
for i, line := range lines {
|
||||
|
@ -624,6 +676,8 @@ func (s *AccessLogSuite) checkAccessLogOutput() int {
|
|||
}
|
||||
|
||||
func (s *AccessLogSuite) checkAccessLogExactValuesOutput(values []accessLogValue) int {
|
||||
s.T().Helper()
|
||||
|
||||
lines := s.extractLines()
|
||||
count := 0
|
||||
for i, line := range lines {
|
||||
|
@ -641,6 +695,8 @@ func (s *AccessLogSuite) checkAccessLogExactValuesOutput(values []accessLogValue
|
|||
}
|
||||
|
||||
func (s *AccessLogSuite) extractLines() []string {
|
||||
s.T().Helper()
|
||||
|
||||
accessLog, err := os.ReadFile(traefikTestAccessLogFile)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
|
@ -656,6 +712,8 @@ func (s *AccessLogSuite) extractLines() []string {
|
|||
}
|
||||
|
||||
func (s *AccessLogSuite) checkStatsForLogFile() {
|
||||
s.T().Helper()
|
||||
|
||||
err := try.Do(1*time.Second, func() error {
|
||||
if _, errStat := os.Stat(traefikTestLogFile); errStat != nil {
|
||||
return fmt.Errorf("could not get stats for log file: %w", errStat)
|
||||
|
@ -671,6 +729,8 @@ func ensureWorkingDirectoryIsClean() {
|
|||
}
|
||||
|
||||
func (s *AccessLogSuite) checkTraefikStarted() []byte {
|
||||
s.T().Helper()
|
||||
|
||||
traefikLog, err := os.ReadFile(traefikTestLogFile)
|
||||
require.NoError(s.T(), err)
|
||||
if len(traefikLog) > 0 {
|
||||
|
@ -680,6 +740,8 @@ func (s *AccessLogSuite) checkTraefikStarted() []byte {
|
|||
}
|
||||
|
||||
func (s *BaseSuite) CheckAccessLogFormat(line string, i int) {
|
||||
s.T().Helper()
|
||||
|
||||
results, err := accesslog.ParseAccessLog(line)
|
||||
require.NoError(s.T(), err)
|
||||
assert.Len(s.T(), results, 14)
|
||||
|
@ -692,6 +754,8 @@ func (s *BaseSuite) CheckAccessLogFormat(line string, i int) {
|
|||
}
|
||||
|
||||
func (s *AccessLogSuite) checkAccessLogExactValues(line string, i int, v accessLogValue) {
|
||||
s.T().Helper()
|
||||
|
||||
results, err := accesslog.ParseAccessLog(line)
|
||||
require.NoError(s.T(), err)
|
||||
assert.Len(s.T(), results, 14)
|
||||
|
|
30
integration/fixtures/access_log/access_log_ping.toml
Normal file
30
integration/fixtures/access_log/access_log_ping.toml
Normal file
|
@ -0,0 +1,30 @@
|
|||
[global]
|
||||
checkNewVersion = false
|
||||
sendAnonymousUsage = false
|
||||
|
||||
[log]
|
||||
level = "ERROR"
|
||||
filePath = "traefik.log"
|
||||
|
||||
[accessLog]
|
||||
filePath = "access.log"
|
||||
|
||||
[entryPoints]
|
||||
[entryPoints.web]
|
||||
address = ":8000"
|
||||
|
||||
[api]
|
||||
insecure = true
|
||||
|
||||
[ping]
|
||||
|
||||
[providers]
|
||||
[providers.file]
|
||||
filename = "{{ .SelfFilename }}"
|
||||
|
||||
## dynamic configuration ##
|
||||
[http.routers]
|
||||
[http.routers.customPing]
|
||||
entryPoints = ["web"]
|
||||
rule = "PathPrefix(`/ping`)"
|
||||
service = "ping@internal"
|
File diff suppressed because it is too large
Load diff
|
@ -19,5 +19,6 @@
|
|||
insecure = true
|
||||
|
||||
[metrics]
|
||||
addInternals = true
|
||||
[metrics.prometheus]
|
||||
buckets = [0.1,0.3,1.2,5.0]
|
||||
|
|
|
@ -9,6 +9,8 @@
|
|||
[api]
|
||||
insecure = true
|
||||
|
||||
[ping]
|
||||
|
||||
[entryPoints]
|
||||
[entryPoints.web]
|
||||
address = ":8000"
|
||||
|
@ -47,6 +49,10 @@
|
|||
Service = "service3"
|
||||
Middlewares = ["retry", "basic-auth"]
|
||||
Rule = "Path(`/auth`)"
|
||||
[http.routers.customPing]
|
||||
entryPoints = ["web"]
|
||||
rule = "PathPrefix(`/ping`)"
|
||||
service = "ping@internal"
|
||||
|
||||
[http.middlewares]
|
||||
[http.middlewares.retry.retry]
|
||||
|
|
|
@ -153,17 +153,16 @@ func (s *K8sConformanceSuite) TestK8sGatewayAPIConformance() {
|
|||
RequiredConsecutiveSuccesses: 0,
|
||||
},
|
||||
SupportedFeatures: sets.New[ksuite.SupportedFeature]().
|
||||
Insert(ksuite.GatewayCoreFeatures.UnsortedList()...),
|
||||
Insert(ksuite.GatewayCoreFeatures.UnsortedList()...).
|
||||
Insert(ksuite.ReferenceGrantCoreFeatures.UnsortedList()...),
|
||||
EnableAllSupportedFeatures: false,
|
||||
RunTest: *k8sConformanceRunTest,
|
||||
// Until the feature are all supported, following tests are skipped.
|
||||
SkipTests: []string{
|
||||
"HTTPExactPathMatching",
|
||||
"HTTPRouteHostnameIntersection",
|
||||
"GatewaySecretReferenceGrantAllInNamespace",
|
||||
"HTTPRouteListenerHostnameMatching",
|
||||
"HTTPRouteRequestHeaderModifier",
|
||||
"GatewaySecretInvalidReferenceGrant",
|
||||
"GatewayClassObservedGenerationBump",
|
||||
"HTTPRouteInvalidNonExistentBackendRef",
|
||||
"GatewayWithAttachedRoutes",
|
||||
|
@ -171,14 +170,11 @@ func (s *K8sConformanceSuite) TestK8sGatewayAPIConformance() {
|
|||
"HTTPRouteDisallowedKind",
|
||||
"HTTPRouteInvalidReferenceGrant",
|
||||
"HTTPRouteObservedGenerationBump",
|
||||
"GatewayInvalidRouteKind",
|
||||
"TLSRouteSimpleSameNamespace",
|
||||
"TLSRouteInvalidReferenceGrant",
|
||||
"HTTPRouteInvalidCrossNamespaceParentRef",
|
||||
"HTTPRouteInvalidParentRefNotMatchingSectionName",
|
||||
"GatewaySecretReferenceGrantSpecific",
|
||||
"GatewayModifyListeners",
|
||||
"GatewaySecretMissingReferenceGrant",
|
||||
"GatewayInvalidTLSConfiguration",
|
||||
"HTTPRouteInvalidCrossNamespaceBackendRef",
|
||||
"HTTPRouteMatchingAcrossRoutes",
|
||||
|
|
|
@ -57,7 +57,7 @@ func (s *LogRotationSuite) TearDownSuite() {
|
|||
|
||||
func (s *LogRotationSuite) TestAccessLogRotation() {
|
||||
// Start Traefik
|
||||
cmd, _ := s.cmdTraefik(withConfigFile("fixtures/access_log_config.toml"))
|
||||
cmd, _ := s.cmdTraefik(withConfigFile("fixtures/access_log/access_log_base.toml"))
|
||||
defer s.displayTraefikLogFile(traefikTestLogFile)
|
||||
|
||||
// Verify Traefik started ok
|
||||
|
|
|
@ -287,6 +287,10 @@ func (s *SimpleSuite) TestMetricsPrometheusDefaultEntryPoint() {
|
|||
|
||||
err = try.GetRequest("http://127.0.0.1:8080/metrics", 1*time.Second, try.BodyContains("_service_"))
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
// No metrics for internals.
|
||||
err = try.GetRequest("http://127.0.0.1:8080/metrics", 1*time.Second, try.BodyNotContains("router=\"api@internal\"", "service=\"api@internal\""))
|
||||
require.NoError(s.T(), err)
|
||||
}
|
||||
|
||||
func (s *SimpleSuite) TestMetricsPrometheusTwoRoutersOneService() {
|
||||
|
|
|
@ -302,7 +302,7 @@ func (s *TCPSuite) TestWRR() {
|
|||
time.Sleep(time.Second)
|
||||
}
|
||||
|
||||
assert.EqualValues(s.T(), call, map[string]int{"whoami-b": 3, "whoami-ab": 1})
|
||||
assert.EqualValues(s.T(), map[string]int{"whoami-b": 3, "whoami-ab": 1}, call)
|
||||
}
|
||||
|
||||
func welcome(addr string) (string, error) {
|
||||
|
@ -404,7 +404,6 @@ func guessWhoTLSPassthrough(addr, serverName string) (string, error) {
|
|||
return fmt.Errorf("tls: no valid certificate for serverName %s", serverName)
|
||||
},
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
@ -414,6 +414,67 @@ func (s *TracingSuite) TestOpentelemetryAuth() {
|
|||
s.checkTraceContent(contains)
|
||||
}
|
||||
|
||||
func (s *TracingSuite) TestNoInternals() {
|
||||
file := s.adaptFile("fixtures/tracing/simple-opentelemetry.toml", TracingTemplate{
|
||||
WhoamiIP: s.whoamiIP,
|
||||
WhoamiPort: s.whoamiPort,
|
||||
IP: s.otelCollectorIP,
|
||||
IsHTTP: true,
|
||||
})
|
||||
|
||||
s.traefikCmd(withConfigFile(file))
|
||||
|
||||
// wait for traefik
|
||||
err := try.GetRequest("http://127.0.0.1:8080/api/rawdata", time.Second, try.BodyContains("basic-auth"))
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
err = try.GetRequest("http://127.0.0.1:8000/ratelimit", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
err = try.GetRequest("http://127.0.0.1:8000/ping", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
|
||||
require.NoError(s.T(), err)
|
||||
err = try.GetRequest("http://127.0.0.1:8080/ping", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
baseURL, err := url.Parse("http://" + s.tempoIP + ":3200/api/search")
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
req := &http.Request{
|
||||
Method: http.MethodGet,
|
||||
URL: baseURL,
|
||||
}
|
||||
// Wait for traces to be available.
|
||||
time.Sleep(10 * time.Second)
|
||||
resp, err := try.Response(req, 5*time.Second)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
out := &TraceResponse{}
|
||||
content, err := io.ReadAll(resp.Body)
|
||||
require.NoError(s.T(), err)
|
||||
err = json.Unmarshal(content, &out)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
s.NotEmptyf(len(out.Traces), "expected at least one trace")
|
||||
|
||||
for _, t := range out.Traces {
|
||||
baseURL, err := url.Parse("http://" + s.tempoIP + ":3200/api/traces/" + t.TraceID)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
req := &http.Request{
|
||||
Method: http.MethodGet,
|
||||
URL: baseURL,
|
||||
}
|
||||
|
||||
resp, err := try.Response(req, 5*time.Second)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
content, err := io.ReadAll(resp.Body)
|
||||
require.NoError(s.T(), err)
|
||||
|
||||
require.NotContains(s.T(), content, "@internal")
|
||||
}
|
||||
}
|
||||
|
||||
func (s *TracingSuite) checkTraceContent(expectedJSON []map[string]string) {
|
||||
s.T().Helper()
|
||||
|
||||
|
|
|
@ -96,7 +96,7 @@ func (s *UDPSuite) TestWRR() {
|
|||
call["unknown"]++
|
||||
}
|
||||
}
|
||||
assert.EqualValues(s.T(), call, map[string]int{"whoami-a": 3, "whoami-b": 2, "whoami-c": 3})
|
||||
assert.EqualValues(s.T(), map[string]int{"whoami-a": 3, "whoami-b": 2, "whoami-c": 3}, call)
|
||||
close(stop)
|
||||
}()
|
||||
|
||||
|
|
|
@ -76,7 +76,7 @@ func New(staticConfig static.Configuration, runtimeConfig *runtime.Configuration
|
|||
|
||||
// createRouter creates API routes and router.
|
||||
func (h Handler) createRouter() *mux.Router {
|
||||
router := mux.NewRouter()
|
||||
router := mux.NewRouter().UseEncodedPath()
|
||||
|
||||
if h.staticConfig.API.Debug {
|
||||
DebugHandler{}.Append(router)
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"sort"
|
||||
"strconv"
|
||||
|
||||
|
@ -49,7 +50,13 @@ func (h Handler) getEntryPoints(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getEntryPoint(rw http.ResponseWriter, request *http.Request) {
|
||||
entryPointID := mux.Vars(request)["entryPointID"]
|
||||
scapedEntryPointID := mux.Vars(request)["entryPointID"]
|
||||
|
||||
entryPointID, err := url.PathUnescape(scapedEntryPointID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode entryPointID %q: %s", scapedEntryPointID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -64,7 +71,7 @@ func (h Handler) getEntryPoint(rw http.ResponseWriter, request *http.Request) {
|
|||
Name: entryPointID,
|
||||
}
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
"testing"
|
||||
|
@ -169,6 +170,21 @@ func TestHandler_EntryPoints(t *testing.T) {
|
|||
jsonFile: "testdata/entrypoint-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one entry point by id containing slash",
|
||||
path: "/api/entrypoints/" + url.PathEscape("foo / bar"),
|
||||
conf: static.Configuration{
|
||||
Global: &static.Global{},
|
||||
API: &static.API{},
|
||||
EntryPoints: map[string]*static.EntryPoint{
|
||||
"foo / bar": {Address: ":81"},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/entrypoint-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one entry point by id, that does not exist",
|
||||
path: "/api/entrypoints/foo",
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
|
@ -97,7 +98,13 @@ func (h Handler) getRouters(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getRouter(rw http.ResponseWriter, request *http.Request) {
|
||||
routerID := mux.Vars(request)["routerID"]
|
||||
scapedRouterID := mux.Vars(request)["routerID"]
|
||||
|
||||
routerID, err := url.PathUnescape(scapedRouterID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode routerID %q: %s", scapedRouterID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -109,7 +116,7 @@ func (h Handler) getRouter(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newRouterRepresentation(routerID, router)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
@ -148,7 +155,13 @@ func (h Handler) getServices(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getService(rw http.ResponseWriter, request *http.Request) {
|
||||
serviceID := mux.Vars(request)["serviceID"]
|
||||
scapedServiceID := mux.Vars(request)["serviceID"]
|
||||
|
||||
serviceID, err := url.PathUnescape(scapedServiceID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode serviceID %q: %s", scapedServiceID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Add("Content-Type", "application/json")
|
||||
|
||||
|
@ -160,7 +173,7 @@ func (h Handler) getService(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newServiceRepresentation(serviceID, service)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
@ -199,7 +212,13 @@ func (h Handler) getMiddlewares(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getMiddleware(rw http.ResponseWriter, request *http.Request) {
|
||||
middlewareID := mux.Vars(request)["middlewareID"]
|
||||
scapedMiddlewareID := mux.Vars(request)["middlewareID"]
|
||||
|
||||
middlewareID, err := url.PathUnescape(scapedMiddlewareID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode middlewareID %q: %s", scapedMiddlewareID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -211,7 +230,7 @@ func (h Handler) getMiddleware(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newMiddlewareRepresentation(middlewareID, middleware)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
"testing"
|
||||
|
@ -301,6 +302,27 @@ func TestHandler_HTTP(t *testing.T) {
|
|||
jsonFile: "testdata/router-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one router by id containing slash",
|
||||
path: "/api/http/routers/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
Routers: map[string]*runtime.RouterInfo{
|
||||
"foo / bar@myprovider": {
|
||||
Router: &dynamic.Router{
|
||||
EntryPoints: []string{"web"},
|
||||
Service: "foo-service@myprovider",
|
||||
Rule: "Host(`foo.bar`)",
|
||||
Middlewares: []string{"auth", "addPrefixTest@anotherprovider"},
|
||||
},
|
||||
Status: "enabled",
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/router-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one router by id, implicitly using default TLS options",
|
||||
path: "/api/http/routers/baz@myprovider",
|
||||
|
@ -661,6 +683,35 @@ func TestHandler_HTTP(t *testing.T) {
|
|||
jsonFile: "testdata/service-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one service by id containing slash",
|
||||
path: "/api/http/services/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
Services: map[string]*runtime.ServiceInfo{
|
||||
"foo / bar@myprovider": func() *runtime.ServiceInfo {
|
||||
si := &runtime.ServiceInfo{
|
||||
Service: &dynamic.Service{
|
||||
LoadBalancer: &dynamic.ServersLoadBalancer{
|
||||
PassHostHeader: Bool(true),
|
||||
Servers: []dynamic.Server{
|
||||
{
|
||||
URL: "http://127.0.0.1",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
UsedBy: []string{"foo@myprovider", "test@myprovider"},
|
||||
}
|
||||
si.UpdateServerStatus("http://127.0.0.1", "UP")
|
||||
return si
|
||||
}(),
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/service-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one service by id, that does not exist",
|
||||
path: "/api/http/services/nono@myprovider",
|
||||
|
@ -897,6 +948,26 @@ func TestHandler_HTTP(t *testing.T) {
|
|||
jsonFile: "testdata/middleware-auth.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one middleware by id containing slash",
|
||||
path: "/api/http/middlewares/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
Middlewares: map[string]*runtime.MiddlewareInfo{
|
||||
"foo / bar@myprovider": {
|
||||
Middleware: &dynamic.Middleware{
|
||||
AddPrefix: &dynamic.AddPrefix{
|
||||
Prefix: "/titi",
|
||||
},
|
||||
},
|
||||
UsedBy: []string{"test@myprovider"},
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/middleware-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one middleware by id, that does not exist",
|
||||
path: "/api/http/middlewares/foo@myprovider",
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
|
@ -90,7 +91,13 @@ func (h Handler) getTCPRouters(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getTCPRouter(rw http.ResponseWriter, request *http.Request) {
|
||||
routerID := mux.Vars(request)["routerID"]
|
||||
scapedRouterID := mux.Vars(request)["routerID"]
|
||||
|
||||
routerID, err := url.PathUnescape(scapedRouterID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode routerID %q: %s", scapedRouterID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -102,7 +109,7 @@ func (h Handler) getTCPRouter(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newTCPRouterRepresentation(routerID, router)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
@ -141,7 +148,13 @@ func (h Handler) getTCPServices(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getTCPService(rw http.ResponseWriter, request *http.Request) {
|
||||
serviceID := mux.Vars(request)["serviceID"]
|
||||
scapedServiceID := mux.Vars(request)["serviceID"]
|
||||
|
||||
serviceID, err := url.PathUnescape(scapedServiceID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode serviceID %q: %s", scapedServiceID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -153,7 +166,7 @@ func (h Handler) getTCPService(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newTCPServiceRepresentation(serviceID, service)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
@ -192,7 +205,13 @@ func (h Handler) getTCPMiddlewares(rw http.ResponseWriter, request *http.Request
|
|||
}
|
||||
|
||||
func (h Handler) getTCPMiddleware(rw http.ResponseWriter, request *http.Request) {
|
||||
middlewareID := mux.Vars(request)["middlewareID"]
|
||||
scapedMiddlewareID := mux.Vars(request)["middlewareID"]
|
||||
|
||||
middlewareID, err := url.PathUnescape(scapedMiddlewareID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode middlewareID %q: %s", scapedMiddlewareID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -204,7 +223,7 @@ func (h Handler) getTCPMiddleware(rw http.ResponseWriter, request *http.Request)
|
|||
|
||||
result := newTCPMiddlewareRepresentation(middlewareID, middleware)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
|
@ -295,6 +296,25 @@ func TestHandler_TCP(t *testing.T) {
|
|||
jsonFile: "testdata/tcprouter-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one TCP router by id containing slash",
|
||||
path: "/api/tcp/routers/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
TCPRouters: map[string]*runtime.TCPRouterInfo{
|
||||
"foo / bar@myprovider": {
|
||||
TCPRouter: &dynamic.TCPRouter{
|
||||
EntryPoints: []string{"web"},
|
||||
Service: "foo-service@myprovider",
|
||||
Rule: "Host(`foo.bar`)",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/tcprouter-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one TCP router by id, that does not exist",
|
||||
path: "/api/tcp/routers/foo@myprovider",
|
||||
|
@ -559,6 +579,30 @@ func TestHandler_TCP(t *testing.T) {
|
|||
jsonFile: "testdata/tcpservice-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one tcp service by id containing slash",
|
||||
path: "/api/tcp/services/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
TCPServices: map[string]*runtime.TCPServiceInfo{
|
||||
"foo / bar@myprovider": {
|
||||
TCPService: &dynamic.TCPService{
|
||||
LoadBalancer: &dynamic.TCPServersLoadBalancer{
|
||||
Servers: []dynamic.TCPServer{
|
||||
{
|
||||
Address: "127.0.0.1:2345",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
UsedBy: []string{"foo@myprovider", "test@myprovider"},
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/tcpservice-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one tcp service by id, that does not exist",
|
||||
path: "/api/tcp/services/nono@myprovider",
|
||||
|
@ -780,6 +824,26 @@ func TestHandler_TCP(t *testing.T) {
|
|||
jsonFile: "testdata/tcpmiddleware-ipallowlist.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one middleware by id containing slash",
|
||||
path: "/api/tcp/middlewares/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
TCPMiddlewares: map[string]*runtime.TCPMiddlewareInfo{
|
||||
"foo / bar@myprovider": {
|
||||
TCPMiddleware: &dynamic.TCPMiddleware{
|
||||
IPWhiteList: &dynamic.TCPIPWhiteList{
|
||||
SourceRange: []string{"127.0.0.1/32"},
|
||||
},
|
||||
},
|
||||
UsedBy: []string{"bar@myprovider", "test@myprovider"},
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/tcpmiddleware-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one middleware by id, that does not exist",
|
||||
path: "/api/tcp/middlewares/foo@myprovider",
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
|
@ -74,7 +75,13 @@ func (h Handler) getUDPRouters(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getUDPRouter(rw http.ResponseWriter, request *http.Request) {
|
||||
routerID := mux.Vars(request)["routerID"]
|
||||
scapedRouterID := mux.Vars(request)["routerID"]
|
||||
|
||||
routerID, err := url.PathUnescape(scapedRouterID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode routerID %q: %s", scapedRouterID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -86,7 +93,7 @@ func (h Handler) getUDPRouter(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newUDPRouterRepresentation(routerID, router)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
@ -125,7 +132,13 @@ func (h Handler) getUDPServices(rw http.ResponseWriter, request *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) getUDPService(rw http.ResponseWriter, request *http.Request) {
|
||||
serviceID := mux.Vars(request)["serviceID"]
|
||||
scapedServiceID := mux.Vars(request)["serviceID"]
|
||||
|
||||
serviceID, err := url.PathUnescape(scapedServiceID)
|
||||
if err != nil {
|
||||
writeError(rw, fmt.Sprintf("unable to decode serviceID %q: %s", scapedServiceID, err), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
rw.Header().Set("Content-Type", "application/json")
|
||||
|
||||
|
@ -137,7 +150,7 @@ func (h Handler) getUDPService(rw http.ResponseWriter, request *http.Request) {
|
|||
|
||||
result := newUDPServiceRepresentation(serviceID, service)
|
||||
|
||||
err := json.NewEncoder(rw).Encode(result)
|
||||
err = json.NewEncoder(rw).Encode(result)
|
||||
if err != nil {
|
||||
log.Ctx(request.Context()).Error().Err(err).Send()
|
||||
writeError(rw, err.Error(), http.StatusInternalServerError)
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
|
@ -224,6 +225,24 @@ func TestHandler_UDP(t *testing.T) {
|
|||
jsonFile: "testdata/udprouter-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one UDP router by id containing slash",
|
||||
path: "/api/udp/routers/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
UDPRouters: map[string]*runtime.UDPRouterInfo{
|
||||
"foo / bar@myprovider": {
|
||||
UDPRouter: &dynamic.UDPRouter{
|
||||
EntryPoints: []string{"web"},
|
||||
Service: "foo-service@myprovider",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/udprouter-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one UDP router by id, that does not exist",
|
||||
path: "/api/udp/routers/foo@myprovider",
|
||||
|
@ -487,6 +506,30 @@ func TestHandler_UDP(t *testing.T) {
|
|||
jsonFile: "testdata/udpservice-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one udp service by id containing slash",
|
||||
path: "/api/udp/services/" + url.PathEscape("foo / bar@myprovider"),
|
||||
conf: runtime.Configuration{
|
||||
UDPServices: map[string]*runtime.UDPServiceInfo{
|
||||
"foo / bar@myprovider": {
|
||||
UDPService: &dynamic.UDPService{
|
||||
LoadBalancer: &dynamic.UDPServersLoadBalancer{
|
||||
Servers: []dynamic.UDPServer{
|
||||
{
|
||||
Address: "127.0.0.1:2345",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
UsedBy: []string{"foo@myprovider", "test@myprovider"},
|
||||
},
|
||||
},
|
||||
},
|
||||
expected: expected{
|
||||
statusCode: http.StatusOK,
|
||||
jsonFile: "testdata/udpservice-foo-slash-bar.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "one udp service by id, that does not exist",
|
||||
path: "/api/udp/services/nono@myprovider",
|
||||
|
|
5
pkg/api/testdata/entrypoint-foo-slash-bar.json
vendored
Normal file
5
pkg/api/testdata/entrypoint-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
"address": ":81",
|
||||
"http": {},
|
||||
"name": "foo / bar"
|
||||
}
|
12
pkg/api/testdata/middleware-foo-slash-bar.json
vendored
Normal file
12
pkg/api/testdata/middleware-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
"addPrefix": {
|
||||
"prefix": "/titi"
|
||||
},
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"status": "enabled",
|
||||
"type": "addprefix",
|
||||
"usedBy": [
|
||||
"test@myprovider"
|
||||
]
|
||||
}
|
17
pkg/api/testdata/router-foo-slash-bar.json
vendored
Normal file
17
pkg/api/testdata/router-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
"entryPoints": [
|
||||
"web"
|
||||
],
|
||||
"middlewares": [
|
||||
"auth",
|
||||
"addPrefixTest@anotherprovider"
|
||||
],
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"rule": "Host(`foo.bar`)",
|
||||
"service": "foo-service@myprovider",
|
||||
"status": "enabled",
|
||||
"using": [
|
||||
"web"
|
||||
]
|
||||
}
|
21
pkg/api/testdata/service-foo-slash-bar.json
vendored
Normal file
21
pkg/api/testdata/service-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,21 @@
|
|||
{
|
||||
"loadBalancer": {
|
||||
"passHostHeader": true,
|
||||
"servers": [
|
||||
{
|
||||
"url": "http://127.0.0.1"
|
||||
}
|
||||
]
|
||||
},
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"serverStatus": {
|
||||
"http://127.0.0.1": "UP"
|
||||
},
|
||||
"status": "enabled",
|
||||
"type": "loadbalancer",
|
||||
"usedBy": [
|
||||
"foo@myprovider",
|
||||
"test@myprovider"
|
||||
]
|
||||
}
|
13
pkg/api/testdata/tcpmiddleware-foo-slash-bar.json
vendored
Normal file
13
pkg/api/testdata/tcpmiddleware-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"ipWhiteList": {
|
||||
"sourceRange": ["127.0.0.1/32"]
|
||||
},
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"status": "enabled",
|
||||
"type": "ipwhitelist",
|
||||
"usedBy": [
|
||||
"bar@myprovider",
|
||||
"test@myprovider"
|
||||
]
|
||||
}
|
13
pkg/api/testdata/tcprouter-foo-slash-bar.json
vendored
Normal file
13
pkg/api/testdata/tcprouter-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"entryPoints": [
|
||||
"web"
|
||||
],
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"rule": "Host(`foo.bar`)",
|
||||
"service": "foo-service@myprovider",
|
||||
"status": "enabled",
|
||||
"using": [
|
||||
"web"
|
||||
]
|
||||
}
|
17
pkg/api/testdata/tcpservice-foo-slash-bar.json
vendored
Normal file
17
pkg/api/testdata/tcpservice-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
"loadBalancer": {
|
||||
"servers": [
|
||||
{
|
||||
"address": "127.0.0.1:2345"
|
||||
}
|
||||
]
|
||||
},
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"status": "enabled",
|
||||
"type": "loadbalancer",
|
||||
"usedBy": [
|
||||
"foo@myprovider",
|
||||
"test@myprovider"
|
||||
]
|
||||
}
|
12
pkg/api/testdata/udprouter-foo-slash-bar.json
vendored
Normal file
12
pkg/api/testdata/udprouter-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
"entryPoints": [
|
||||
"web"
|
||||
],
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"service": "foo-service@myprovider",
|
||||
"status": "enabled",
|
||||
"using": [
|
||||
"web"
|
||||
]
|
||||
}
|
17
pkg/api/testdata/udpservice-foo-slash-bar.json
vendored
Normal file
17
pkg/api/testdata/udpservice-foo-slash-bar.json
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
"loadBalancer": {
|
||||
"servers": [
|
||||
{
|
||||
"address": "127.0.0.1:2345"
|
||||
}
|
||||
]
|
||||
},
|
||||
"name": "foo / bar@myprovider",
|
||||
"provider": "myprovider",
|
||||
"status": "enabled",
|
||||
"type": "loadbalancer",
|
||||
"usedBy": [
|
||||
"foo@myprovider",
|
||||
"test@myprovider"
|
||||
]
|
||||
}
|
|
@ -20,8 +20,6 @@ import (
|
|||
const collectorURL = "https://collect.traefik.io/yYaUej3P42cziRVzv6T5w2aYy9po2Mrn"
|
||||
|
||||
// Collected data.
|
||||
//
|
||||
//nolint:musttag // cannot be changed for historical reasons.
|
||||
type data struct {
|
||||
Version string
|
||||
Codename string
|
||||
|
@ -67,7 +65,7 @@ func createBody(staticConfiguration *static.Configuration) (*bytes.Buffer, error
|
|||
}
|
||||
|
||||
buf := new(bytes.Buffer)
|
||||
err = json.NewEncoder(buf).Encode(data)
|
||||
err = json.NewEncoder(buf).Encode(data) //nolint:musttag // cannot be changed for historical reasons.
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
package dynamic
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
ptypes "github.com/traefik/paerser/types"
|
||||
"github.com/traefik/traefik/v3/pkg/ip"
|
||||
"github.com/traefik/traefik/v3/pkg/types"
|
||||
)
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
@ -54,9 +54,13 @@ type GrpcWeb struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// ContentType holds the content-type middleware configuration.
|
||||
// This middleware sets the `Content-Type` header value to the media type detected from the response content,
|
||||
// when it is not set by the backend.
|
||||
type ContentType struct{}
|
||||
// This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
|
||||
type ContentType struct {
|
||||
// AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
|
||||
// be automatically set to a value derived from the contents of the response.
|
||||
// Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.
|
||||
AutoDetect *bool `json:"autoDetect,omitempty" toml:"autoDetect,omitempty" yaml:"autoDetect,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
|
@ -141,6 +145,8 @@ type CircuitBreaker struct {
|
|||
FallbackDuration ptypes.Duration `json:"fallbackDuration,omitempty" toml:"fallbackDuration,omitempty" yaml:"fallbackDuration,omitempty" export:"true"`
|
||||
// RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
|
||||
RecoveryDuration ptypes.Duration `json:"recoveryDuration,omitempty" toml:"recoveryDuration,omitempty" yaml:"recoveryDuration,omitempty" export:"true"`
|
||||
// ResponseCode is the status code that the circuit breaker will return while it is in the open state.
|
||||
ResponseCode int `json:"responseCode,omitempty" toml:"responseCode,omitempty" yaml:"responseCode,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// SetDefaults sets the default values on a RateLimit.
|
||||
|
@ -148,6 +154,7 @@ func (c *CircuitBreaker) SetDefaults() {
|
|||
c.CheckPeriod = ptypes.Duration(100 * time.Millisecond)
|
||||
c.FallbackDuration = ptypes.Duration(10 * time.Second)
|
||||
c.RecoveryDuration = ptypes.Duration(10 * time.Second)
|
||||
c.ResponseCode = http.StatusServiceUnavailable
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
@ -214,7 +221,7 @@ type ForwardAuth struct {
|
|||
// Address defines the authentication server address.
|
||||
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
|
||||
// TLS defines the configuration used to secure the connection to the authentication server.
|
||||
TLS *types.ClientTLS `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
|
||||
TLS *ClientTLS `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
|
||||
// TrustForwardHeader defines whether to trust (ie: forward) all X-Forwarded-* headers.
|
||||
TrustForwardHeader bool `json:"trustForwardHeader,omitempty" toml:"trustForwardHeader,omitempty" yaml:"trustForwardHeader,omitempty" export:"true"`
|
||||
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
||||
|
@ -231,6 +238,20 @@ type ForwardAuth struct {
|
|||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// ClientTLS holds TLS specific configurations as client
|
||||
// CA, Cert and Key can be either path or file contents.
|
||||
// TODO: remove this struct when CAOptional option will be removed.
|
||||
type ClientTLS struct {
|
||||
CA string `description:"TLS CA" json:"ca,omitempty" toml:"ca,omitempty" yaml:"ca,omitempty"`
|
||||
Cert string `description:"TLS cert" json:"cert,omitempty" toml:"cert,omitempty" yaml:"cert,omitempty"`
|
||||
Key string `description:"TLS key" json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty" loggable:"false"`
|
||||
InsecureSkipVerify bool `description:"TLS insecure skip verify" json:"insecureSkipVerify,omitempty" toml:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty" export:"true"`
|
||||
// Deprecated: TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).
|
||||
CAOptional *bool `description:"TLS CA.Optional" json:"caOptional,omitempty" toml:"caOptional,omitempty" yaml:"caOptional,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// Headers holds the headers middleware configuration.
|
||||
// This middleware manages the requests and responses headers.
|
||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
|
||||
|
@ -299,6 +320,17 @@ type Headers struct {
|
|||
// If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
|
||||
// and STS headers, leave this as false.
|
||||
IsDevelopment bool `json:"isDevelopment,omitempty" toml:"isDevelopment,omitempty" yaml:"isDevelopment,omitempty" export:"true"`
|
||||
|
||||
// Deprecated: FeaturePolicy option is deprecated, please use PermissionsPolicy instead.
|
||||
FeaturePolicy *string `json:"featurePolicy,omitempty" toml:"featurePolicy,omitempty" yaml:"featurePolicy,omitempty" export:"true"`
|
||||
// Deprecated: SSLRedirect option is deprecated, please use EntryPoint redirection or RedirectScheme instead.
|
||||
SSLRedirect *bool `json:"sslRedirect,omitempty" toml:"sslRedirect,omitempty" yaml:"sslRedirect,omitempty" export:"true"`
|
||||
// Deprecated: SSLTemporaryRedirect option is deprecated, please use EntryPoint redirection or RedirectScheme instead.
|
||||
SSLTemporaryRedirect *bool `json:"sslTemporaryRedirect,omitempty" toml:"sslTemporaryRedirect,omitempty" yaml:"sslTemporaryRedirect,omitempty" export:"true"`
|
||||
// Deprecated: SSLHost option is deprecated, please use RedirectRegex instead.
|
||||
SSLHost *string `json:"sslHost,omitempty" toml:"sslHost,omitempty" yaml:"sslHost,omitempty"`
|
||||
// Deprecated: SSLForceHost option is deprecated, please use RedirectRegex instead.
|
||||
SSLForceHost *bool `json:"sslForceHost,omitempty" toml:"sslForceHost,omitempty" yaml:"sslForceHost,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// HasCustomHeadersDefined checks to see if any of the custom header elements have been set.
|
||||
|
@ -323,6 +355,10 @@ func (h *Headers) HasCorsHeadersDefined() bool {
|
|||
func (h *Headers) HasSecureHeadersDefined() bool {
|
||||
return h != nil && (len(h.AllowedHosts) != 0 ||
|
||||
len(h.HostsProxyHeaders) != 0 ||
|
||||
(h.SSLRedirect != nil && *h.SSLRedirect) ||
|
||||
(h.SSLTemporaryRedirect != nil && *h.SSLTemporaryRedirect) ||
|
||||
(h.SSLForceHost != nil && *h.SSLForceHost) ||
|
||||
(h.SSLHost != nil && *h.SSLHost != "") ||
|
||||
len(h.SSLProxyHeaders) != 0 ||
|
||||
h.STSSeconds != 0 ||
|
||||
h.STSIncludeSubdomains ||
|
||||
|
@ -336,6 +372,7 @@ func (h *Headers) HasSecureHeadersDefined() bool {
|
|||
h.ContentSecurityPolicy != "" ||
|
||||
h.PublicKey != "" ||
|
||||
h.ReferrerPolicy != "" ||
|
||||
(h.FeaturePolicy != nil && *h.FeaturePolicy != "") ||
|
||||
h.PermissionsPolicy != "" ||
|
||||
h.IsDevelopment)
|
||||
}
|
||||
|
@ -553,6 +590,11 @@ type Retry struct {
|
|||
type StripPrefix struct {
|
||||
// Prefixes defines the prefixes to strip from the request URL.
|
||||
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
|
||||
|
||||
// Deprecated: ForceSlash option is deprecated, please remove any usage of this option.
|
||||
// ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
|
||||
// Default: true.
|
||||
ForceSlash *bool `json:"forceSlash,omitempty" toml:"forceSlash,omitempty" yaml:"forceSlash,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
|
|
@ -86,6 +86,14 @@ type TCPServersLoadBalancer struct {
|
|||
ProxyProtocol *ProxyProtocol `json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"`
|
||||
Servers []TCPServer `json:"servers,omitempty" toml:"servers,omitempty" yaml:"servers,omitempty" label-slice-as-struct:"server" export:"true"`
|
||||
ServersTransport string `json:"serversTransport,omitempty" toml:"serversTransport,omitempty" yaml:"serversTransport,omitempty" export:"true"`
|
||||
|
||||
// TerminationDelay, corresponds to the deadline that the proxy sets, after one
|
||||
// of its connected peers indicates it has closed the writing capability of its
|
||||
// connection, to close the reading capability as well, hence fully terminating the
|
||||
// connection. It is a duration in milliseconds, defaulting to 100. A negative value
|
||||
// means an infinite deadline (i.e. the reading capability is never closed).
|
||||
// Deprecated: use ServersTransport to configure the TerminationDelay instead.
|
||||
TerminationDelay *int `json:"terminationDelay,omitempty" toml:"terminationDelay,omitempty" yaml:"terminationDelay,omitempty" export:"true"`
|
||||
}
|
||||
|
||||
// Mergeable tells if the given service is mergeable.
|
||||
|
|
|
@ -124,6 +124,27 @@ func (in *CircuitBreaker) DeepCopy() *CircuitBreaker {
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ClientTLS) DeepCopyInto(out *ClientTLS) {
|
||||
*out = *in
|
||||
if in.CAOptional != nil {
|
||||
in, out := &in.CAOptional, &out.CAOptional
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientTLS.
|
||||
func (in *ClientTLS) DeepCopy() *ClientTLS {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ClientTLS)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Compress) DeepCopyInto(out *Compress) {
|
||||
*out = *in
|
||||
|
@ -219,6 +240,11 @@ func (in Configurations) DeepCopy() Configurations {
|
|||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ContentType) DeepCopyInto(out *ContentType) {
|
||||
*out = *in
|
||||
if in.AutoDetect != nil {
|
||||
in, out := &in.AutoDetect, &out.AutoDetect
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -316,8 +342,8 @@ func (in *ForwardAuth) DeepCopyInto(out *ForwardAuth) {
|
|||
*out = *in
|
||||
if in.TLS != nil {
|
||||
in, out := &in.TLS, &out.TLS
|
||||
*out = new(types.ClientTLS)
|
||||
**out = **in
|
||||
*out = new(ClientTLS)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.AuthResponseHeaders != nil {
|
||||
in, out := &in.AuthResponseHeaders, &out.AuthResponseHeaders
|
||||
|
@ -534,6 +560,31 @@ func (in *Headers) DeepCopyInto(out *Headers) {
|
|||
(*out)[key] = val
|
||||
}
|
||||
}
|
||||
if in.FeaturePolicy != nil {
|
||||
in, out := &in.FeaturePolicy, &out.FeaturePolicy
|
||||
*out = new(string)
|
||||
**out = **in
|
||||
}
|
||||
if in.SSLRedirect != nil {
|
||||
in, out := &in.SSLRedirect, &out.SSLRedirect
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
if in.SSLTemporaryRedirect != nil {
|
||||
in, out := &in.SSLTemporaryRedirect, &out.SSLTemporaryRedirect
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
if in.SSLHost != nil {
|
||||
in, out := &in.SSLHost, &out.SSLHost
|
||||
*out = new(string)
|
||||
**out = **in
|
||||
}
|
||||
if in.SSLForceHost != nil {
|
||||
in, out := &in.SSLForceHost, &out.SSLForceHost
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -794,7 +845,7 @@ func (in *Middleware) DeepCopyInto(out *Middleware) {
|
|||
if in.ContentType != nil {
|
||||
in, out := &in.ContentType, &out.ContentType
|
||||
*out = new(ContentType)
|
||||
**out = **in
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.GrpcWeb != nil {
|
||||
in, out := &in.GrpcWeb, &out.GrpcWeb
|
||||
|
@ -1362,6 +1413,11 @@ func (in *StripPrefix) DeepCopyInto(out *StripPrefix) {
|
|||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.ForceSlash != nil {
|
||||
in, out := &in.ForceSlash, &out.ForceSlash
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -1652,6 +1708,11 @@ func (in *TCPServersLoadBalancer) DeepCopyInto(out *TCPServersLoadBalancer) {
|
|||
*out = make([]TCPServer, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.TerminationDelay != nil {
|
||||
in, out := &in.TerminationDelay, &out.TerminationDelay
|
||||
*out = new(int)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
@ -9,9 +9,11 @@ import (
|
|||
"github.com/stretchr/testify/require"
|
||||
ptypes "github.com/traefik/paerser/types"
|
||||
"github.com/traefik/traefik/v3/pkg/config/dynamic"
|
||||
"github.com/traefik/traefik/v3/pkg/types"
|
||||
)
|
||||
|
||||
func Bool(v bool) *bool { return &v }
|
||||
func String(v string) *string { return &v }
|
||||
|
||||
func TestDecodeConfiguration(t *testing.T) {
|
||||
labels := map[string]string{
|
||||
"traefik.http.middlewares.Middleware0.addprefix.prefix": "foobar",
|
||||
|
@ -30,6 +32,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.checkperiod": "1s",
|
||||
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.fallbackduration": "1s",
|
||||
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.recoveryduration": "1s",
|
||||
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.responsecode": "403",
|
||||
"traefik.http.middlewares.Middleware5.digestauth.headerfield": "foobar",
|
||||
"traefik.http.middlewares.Middleware5.digestauth.realm": "foobar",
|
||||
"traefik.http.middlewares.Middleware5.digestauth.removeheader": "true",
|
||||
|
@ -42,6 +45,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.http.middlewares.Middleware7.forwardauth.authresponseheaders": "foobar, fiibar",
|
||||
"traefik.http.middlewares.Middleware7.forwardauth.authrequestheaders": "foobar, fiibar",
|
||||
"traefik.http.middlewares.Middleware7.forwardauth.tls.ca": "foobar",
|
||||
"traefik.http.middlewares.Middleware7.forwardauth.tls.caoptional": "true",
|
||||
"traefik.http.middlewares.Middleware7.forwardauth.tls.cert": "foobar",
|
||||
"traefik.http.middlewares.Middleware7.forwardauth.tls.insecureskipverify": "true",
|
||||
"traefik.http.middlewares.Middleware7.forwardauth.tls.key": "foobar",
|
||||
|
@ -70,9 +74,14 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.http.middlewares.Middleware8.headers.isdevelopment": "true",
|
||||
"traefik.http.middlewares.Middleware8.headers.publickey": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.referrerpolicy": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.featurepolicy": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.permissionspolicy": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.sslforcehost": "true",
|
||||
"traefik.http.middlewares.Middleware8.headers.sslhost": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name0": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name1": "foobar",
|
||||
"traefik.http.middlewares.Middleware8.headers.sslredirect": "true",
|
||||
"traefik.http.middlewares.Middleware8.headers.ssltemporaryredirect": "true",
|
||||
"traefik.http.middlewares.Middleware8.headers.stsincludesubdomains": "true",
|
||||
"traefik.http.middlewares.Middleware8.headers.stspreload": "true",
|
||||
"traefik.http.middlewares.Middleware8.headers.stsseconds": "42",
|
||||
|
@ -123,6 +132,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.http.middlewares.Middleware16.retry.attempts": "42",
|
||||
"traefik.http.middlewares.Middleware16.retry.initialinterval": "1s",
|
||||
"traefik.http.middlewares.Middleware17.stripprefix.prefixes": "foobar, fiibar",
|
||||
"traefik.http.middlewares.Middleware17.stripprefix.forceslash": "true",
|
||||
"traefik.http.middlewares.Middleware18.stripprefixregex.regex": "foobar, fiibar",
|
||||
"traefik.http.middlewares.Middleware19.compress.minresponsebodybytes": "42",
|
||||
"traefik.http.middlewares.Middleware20.plugin.tomato.aaa": "foo1",
|
||||
|
@ -193,9 +203,11 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"traefik.tcp.routers.Router1.tls.options": "foo",
|
||||
"traefik.tcp.routers.Router1.tls.passthrough": "false",
|
||||
"traefik.tcp.services.Service0.loadbalancer.server.Port": "42",
|
||||
"traefik.tcp.services.Service0.loadbalancer.TerminationDelay": "42",
|
||||
"traefik.tcp.services.Service0.loadbalancer.proxyProtocol.version": "42",
|
||||
"traefik.tcp.services.Service0.loadbalancer.serversTransport": "foo",
|
||||
"traefik.tcp.services.Service1.loadbalancer.server.Port": "42",
|
||||
"traefik.tcp.services.Service1.loadbalancer.TerminationDelay": "42",
|
||||
"traefik.tcp.services.Service1.loadbalancer.proxyProtocol": "true",
|
||||
"traefik.tcp.services.Service1.loadbalancer.serversTransport": "foo",
|
||||
|
||||
|
@ -260,6 +272,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
Port: "42",
|
||||
},
|
||||
},
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
ProxyProtocol: &dynamic.ProxyProtocol{Version: 42},
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
|
@ -271,6 +284,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
Port: "42",
|
||||
},
|
||||
},
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
ProxyProtocol: &dynamic.ProxyProtocol{Version: 2},
|
||||
ServersTransport: "foo",
|
||||
},
|
||||
|
@ -458,6 +472,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"foobar",
|
||||
"fiibar",
|
||||
},
|
||||
ForceSlash: Bool(true),
|
||||
},
|
||||
},
|
||||
"Middleware18": {
|
||||
|
@ -496,6 +511,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
CheckPeriod: ptypes.Duration(time.Second),
|
||||
FallbackDuration: ptypes.Duration(time.Second),
|
||||
RecoveryDuration: ptypes.Duration(time.Second),
|
||||
ResponseCode: 403,
|
||||
},
|
||||
},
|
||||
"Middleware5": {
|
||||
|
@ -523,11 +539,12 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"Middleware7": {
|
||||
ForwardAuth: &dynamic.ForwardAuth{
|
||||
Address: "foobar",
|
||||
TLS: &types.ClientTLS{
|
||||
TLS: &dynamic.ClientTLS{
|
||||
CA: "foobar",
|
||||
Cert: "foobar",
|
||||
Key: "foobar",
|
||||
InsecureSkipVerify: true,
|
||||
CAOptional: Bool(true),
|
||||
},
|
||||
TrustForwardHeader: true,
|
||||
AuthResponseHeaders: []string{
|
||||
|
@ -581,10 +598,14 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
"foobar",
|
||||
"fiibar",
|
||||
},
|
||||
SSLRedirect: Bool(true),
|
||||
SSLTemporaryRedirect: Bool(true),
|
||||
SSLHost: String("foobar"),
|
||||
SSLProxyHeaders: map[string]string{
|
||||
"name0": "foobar",
|
||||
"name1": "foobar",
|
||||
},
|
||||
SSLForceHost: Bool(true),
|
||||
STSSeconds: 42,
|
||||
STSIncludeSubdomains: true,
|
||||
STSPreload: true,
|
||||
|
@ -597,6 +618,7 @@ func TestDecodeConfiguration(t *testing.T) {
|
|||
ContentSecurityPolicy: "foobar",
|
||||
PublicKey: "foobar",
|
||||
ReferrerPolicy: "foobar",
|
||||
FeaturePolicy: String("foobar"),
|
||||
PermissionsPolicy: "foobar",
|
||||
IsDevelopment: true,
|
||||
},
|
||||
|
@ -756,6 +778,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
ServersTransport: "foo",
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
},
|
||||
},
|
||||
"Service1": {
|
||||
|
@ -766,6 +789,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
ServersTransport: "foo",
|
||||
TerminationDelay: func(i int) *int { return &i }(42),
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -950,6 +974,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"foobar",
|
||||
"fiibar",
|
||||
},
|
||||
ForceSlash: Bool(true),
|
||||
},
|
||||
},
|
||||
"Middleware18": {
|
||||
|
@ -996,6 +1021,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
CheckPeriod: ptypes.Duration(time.Second),
|
||||
FallbackDuration: ptypes.Duration(time.Second),
|
||||
RecoveryDuration: ptypes.Duration(time.Second),
|
||||
ResponseCode: 404,
|
||||
},
|
||||
},
|
||||
"Middleware5": {
|
||||
|
@ -1023,11 +1049,12 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"Middleware7": {
|
||||
ForwardAuth: &dynamic.ForwardAuth{
|
||||
Address: "foobar",
|
||||
TLS: &types.ClientTLS{
|
||||
TLS: &dynamic.ClientTLS{
|
||||
CA: "foobar",
|
||||
Cert: "foobar",
|
||||
Key: "foobar",
|
||||
InsecureSkipVerify: true,
|
||||
CAOptional: Bool(true),
|
||||
},
|
||||
TrustForwardHeader: true,
|
||||
AuthResponseHeaders: []string{
|
||||
|
@ -1081,10 +1108,14 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"foobar",
|
||||
"fiibar",
|
||||
},
|
||||
SSLRedirect: Bool(true),
|
||||
SSLTemporaryRedirect: Bool(true),
|
||||
SSLHost: String("foobar"),
|
||||
SSLProxyHeaders: map[string]string{
|
||||
"name0": "foobar",
|
||||
"name1": "foobar",
|
||||
},
|
||||
SSLForceHost: Bool(true),
|
||||
STSSeconds: 42,
|
||||
STSIncludeSubdomains: true,
|
||||
STSPreload: true,
|
||||
|
@ -1097,6 +1128,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
ContentSecurityPolicy: "foobar",
|
||||
PublicKey: "foobar",
|
||||
ReferrerPolicy: "foobar",
|
||||
FeaturePolicy: String("foobar"),
|
||||
PermissionsPolicy: "foobar",
|
||||
IsDevelopment: true,
|
||||
},
|
||||
|
@ -1206,6 +1238,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.CheckPeriod": "1000000000",
|
||||
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.FallbackDuration": "1000000000",
|
||||
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.RecoveryDuration": "1000000000",
|
||||
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.ResponseCode": "404",
|
||||
"traefik.HTTP.Middlewares.Middleware5.DigestAuth.HeaderField": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware5.DigestAuth.Realm": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware5.DigestAuth.RemoveHeader": "true",
|
||||
|
@ -1218,6 +1251,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.AuthResponseHeaders": "foobar, fiibar",
|
||||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.AuthRequestHeaders": "foobar, fiibar",
|
||||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.CA": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.CAOptional": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.Cert": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.InsecureSkipVerify": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.Key": "foobar",
|
||||
|
@ -1246,9 +1280,14 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Middlewares.Middleware8.Headers.IsDevelopment": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.PublicKey": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.ReferrerPolicy": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.FeaturePolicy": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.PermissionsPolicy": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLForceHost": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLHost": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name0": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name1": "foobar",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLRedirect": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLTemporaryRedirect": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.STSIncludeSubdomains": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.STSPreload": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware8.Headers.STSSeconds": "42",
|
||||
|
@ -1300,6 +1339,7 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.HTTP.Middlewares.Middleware16.Retry.Attempts": "42",
|
||||
"traefik.HTTP.Middlewares.Middleware16.Retry.InitialInterval": "1000000000",
|
||||
"traefik.HTTP.Middlewares.Middleware17.StripPrefix.Prefixes": "foobar, fiibar",
|
||||
"traefik.HTTP.Middlewares.Middleware17.StripPrefix.ForceSlash": "true",
|
||||
"traefik.HTTP.Middlewares.Middleware18.StripPrefixRegex.Regex": "foobar, fiibar",
|
||||
"traefik.HTTP.Middlewares.Middleware19.Compress.MinResponseBodyBytes": "42",
|
||||
"traefik.HTTP.Middlewares.Middleware20.Plugin.tomato.aaa": "foo1",
|
||||
|
@ -1369,9 +1409,11 @@ func TestEncodeConfiguration(t *testing.T) {
|
|||
"traefik.TCP.Services.Service0.LoadBalancer.server.Port": "42",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.server.TLS": "false",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.ServersTransport": "foo",
|
||||
"traefik.TCP.Services.Service0.LoadBalancer.TerminationDelay": "42",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.server.Port": "42",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.server.TLS": "false",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.ServersTransport": "foo",
|
||||
"traefik.TCP.Services.Service1.LoadBalancer.TerminationDelay": "42",
|
||||
|
||||
"traefik.UDP.Routers.Router0.EntryPoints": "foobar, fiibar",
|
||||
"traefik.UDP.Routers.Router0.Service": "foobar",
|
||||
|
|
|
@ -2,6 +2,7 @@ package runtime
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"slices"
|
||||
"sort"
|
||||
|
@ -43,7 +44,7 @@ func (c *Configuration) GetRoutersByEntryPoints(ctx context.Context, entryPoints
|
|||
}
|
||||
|
||||
if entryPointsCount == 0 {
|
||||
rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true)
|
||||
rt.AddError(errors.New("no valid entryPoint for this router"), true)
|
||||
logger.Error().Msg("No valid entryPoint for this router")
|
||||
}
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@ package runtime
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"slices"
|
||||
|
||||
|
@ -37,7 +38,7 @@ func (c *Configuration) GetTCPRoutersByEntryPoints(ctx context.Context, entryPoi
|
|||
}
|
||||
|
||||
if entryPointsCount == 0 {
|
||||
rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true)
|
||||
rt.AddError(errors.New("no valid entryPoint for this router"), true)
|
||||
logger.Error().Msg("No valid entryPoint for this router")
|
||||
}
|
||||
}
|
||||
|
|
|
@ -2,6 +2,7 @@ package runtime
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"slices"
|
||||
|
||||
|
@ -43,7 +44,7 @@ func (c *Configuration) GetUDPRoutersByEntryPoints(ctx context.Context, entryPoi
|
|||
}
|
||||
|
||||
if entryPointsCount == 0 {
|
||||
rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true)
|
||||
rt.AddError(errors.New("no valid entryPoint for this router"), true)
|
||||
logger.Error().Msg("No valid entryPoint for this router")
|
||||
}
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
// EntryPoint holds the entry point configuration.
|
||||
type EntryPoint struct {
|
||||
Address string `description:"Entry point address." json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
|
||||
ReusePort bool `description:"Enables EntryPoints from the same or different processes listening on the same TCP/UDP port." json:"reusePort,omitempty" toml:"reusePort,omitempty" yaml:"reusePort,omitempty"`
|
||||
AsDefault bool `description:"Adds this EntryPoint to the list of default EntryPoints to be used on routers that don't have any Entrypoint defined." json:"asDefault,omitempty" toml:"asDefault,omitempty" yaml:"asDefault,omitempty"`
|
||||
Transport *EntryPointsTransport `description:"Configures communication between clients and Traefik." json:"transport,omitempty" toml:"transport,omitempty" yaml:"transport,omitempty" export:"true"`
|
||||
ProxyProtocol *ProxyProtocol `description:"Proxy-Protocol configuration." json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
|
|
|
@ -194,9 +194,9 @@ func (a *LifeCycle) SetDefaults() {
|
|||
// Tracing holds the tracing configuration.
|
||||
type Tracing struct {
|
||||
ServiceName string `description:"Set the name for this service." json:"serviceName,omitempty" toml:"serviceName,omitempty" yaml:"serviceName,omitempty" export:"true"`
|
||||
Headers map[string]string `description:"Defines additional headers to be sent with the payloads." json:"headers,omitempty" toml:"headers,omitempty" yaml:"headers,omitempty" export:"true"`
|
||||
GlobalAttributes map[string]string `description:"Defines additional attributes (key:value) on all spans." json:"globalAttributes,omitempty" toml:"globalAttributes,omitempty" yaml:"globalAttributes,omitempty" export:"true"`
|
||||
SampleRate float64 `description:"Sets the rate between 0.0 and 1.0 of requests to trace." json:"sampleRate,omitempty" toml:"sampleRate,omitempty" yaml:"sampleRate,omitempty" export:"true"`
|
||||
AddInternals bool `description:"Enables tracing for internal services (ping, dashboard, etc...)." json:"addInternals,omitempty" toml:"addInternals,omitempty" yaml:"addInternals,omitempty" export:"true"`
|
||||
|
||||
OTLP *opentelemetry.Config `description:"Settings for OpenTelemetry." json:"otlp,omitempty" toml:"otlp,omitempty" yaml:"otlp,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
}
|
||||
|
@ -218,7 +218,7 @@ type Providers struct {
|
|||
KubernetesIngress *ingress.Provider `description:"Enable Kubernetes backend with default settings." json:"kubernetesIngress,omitempty" toml:"kubernetesIngress,omitempty" yaml:"kubernetesIngress,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
KubernetesCRD *crd.Provider `description:"Enable Kubernetes backend with default settings." json:"kubernetesCRD,omitempty" toml:"kubernetesCRD,omitempty" yaml:"kubernetesCRD,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
KubernetesGateway *gateway.Provider `description:"Enable Kubernetes gateway api provider with default settings." json:"kubernetesGateway,omitempty" toml:"kubernetesGateway,omitempty" yaml:"kubernetesGateway,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
Rest *rest.Provider ` description:"Enable Rest backend with default settings." json:"rest,omitempty" toml:"rest,omitempty" yaml:"rest,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
Rest *rest.Provider `description:"Enable Rest backend with default settings." json:"rest,omitempty" toml:"rest,omitempty" yaml:"rest,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
ConsulCatalog *consulcatalog.ProviderBuilder `description:"Enable ConsulCatalog backend with default settings." json:"consulCatalog,omitempty" toml:"consulCatalog,omitempty" yaml:"consulCatalog,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
Nomad *nomad.ProviderBuilder `description:"Enable Nomad backend with default settings." json:"nomad,omitempty" toml:"nomad,omitempty" yaml:"nomad,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
Ecs *ecs.Provider `description:"Enable AWS ECS backend with default settings." json:"ecs,omitempty" toml:"ecs,omitempty" yaml:"ecs,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
|
||||
|
@ -341,19 +341,17 @@ func (c *Configuration) ValidateConfiguration() error {
|
|||
}
|
||||
|
||||
if c.Tracing != nil && c.Tracing.OTLP != nil {
|
||||
if c.Tracing.OTLP.HTTP == nil && c.Tracing.OTLP.GRPC == nil {
|
||||
return errors.New("tracing OTLP: at least one of HTTP and gRPC options should be defined")
|
||||
}
|
||||
|
||||
if c.Tracing.OTLP.HTTP != nil && c.Tracing.OTLP.GRPC != nil {
|
||||
return errors.New("tracing OTLP: HTTP and gRPC options are mutually exclusive")
|
||||
}
|
||||
|
||||
if c.Tracing.OTLP.GRPC != nil && c.Tracing.OTLP.GRPC.TLS != nil && c.Tracing.OTLP.GRPC.Insecure {
|
||||
return errors.New("tracing OTLP GRPC: TLS and Insecure options are mutually exclusive")
|
||||
}
|
||||
}
|
||||
|
||||
if c.Metrics != nil && c.Metrics.OTLP != nil {
|
||||
if c.Metrics.OTLP.GRPC != nil && c.Metrics.OTLP.GRPC.TLS != nil && c.Metrics.OTLP.GRPC.Insecure {
|
||||
return errors.New("metrics OTLP GRPC: TLS and Insecure options are mutually exclusive")
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@ package metrics
|
|||
|
||||
import (
|
||||
"context"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-kit/kit/metrics/dogstatsd"
|
||||
|
@ -16,6 +17,8 @@ var (
|
|||
datadogLoopCancelFunc context.CancelFunc
|
||||
)
|
||||
|
||||
const unixAddressPrefix = "unix://"
|
||||
|
||||
// Metric names consistent with https://github.com/DataDog/integrations-extras/pull/64
|
||||
const (
|
||||
ddConfigReloadsName = "config.reload.total"
|
||||
|
@ -99,10 +102,7 @@ func RegisterDatadog(ctx context.Context, config *types.Datadog) Registry {
|
|||
}
|
||||
|
||||
func initDatadogClient(ctx context.Context, config *types.Datadog) {
|
||||
address := config.Address
|
||||
if len(address) == 0 {
|
||||
address = "localhost:8125"
|
||||
}
|
||||
network, address := parseDatadogAddress(config.Address)
|
||||
|
||||
ctx, datadogLoopCancelFunc = context.WithCancel(ctx)
|
||||
|
||||
|
@ -110,10 +110,27 @@ func initDatadogClient(ctx context.Context, config *types.Datadog) {
|
|||
ticker := time.NewTicker(time.Duration(config.PushInterval))
|
||||
defer ticker.Stop()
|
||||
|
||||
datadogClient.SendLoop(ctx, ticker.C, "udp", address)
|
||||
datadogClient.SendLoop(ctx, ticker.C, network, address)
|
||||
})
|
||||
}
|
||||
|
||||
func parseDatadogAddress(address string) (string, string) {
|
||||
network := "udp"
|
||||
|
||||
var addr string
|
||||
switch {
|
||||
case strings.HasPrefix(address, unixAddressPrefix):
|
||||
network = "unix"
|
||||
addr = address[len(unixAddressPrefix):]
|
||||
case address != "":
|
||||
addr = address
|
||||
default:
|
||||
addr = "localhost:8125"
|
||||
}
|
||||
|
||||
return network, addr
|
||||
}
|
||||
|
||||
// StopDatadog stops the Datadog metrics pusher.
|
||||
func StopDatadog() {
|
||||
if datadogLoopCancelFunc != nil {
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stvp/go-udp-testing"
|
||||
ptypes "github.com/traefik/paerser/types"
|
||||
"github.com/traefik/traefik/v3/pkg/types"
|
||||
|
@ -39,6 +40,44 @@ func TestDatadogWithPrefix(t *testing.T) {
|
|||
testDatadogRegistry(t, "testPrefix", datadogRegistry)
|
||||
}
|
||||
|
||||
func TestDatadog_parseDatadogAddress(t *testing.T) {
|
||||
tests := []struct {
|
||||
desc string
|
||||
address string
|
||||
expNetwork string
|
||||
expAddress string
|
||||
}{
|
||||
{
|
||||
desc: "empty address",
|
||||
expNetwork: "udp",
|
||||
expAddress: "localhost:8125",
|
||||
},
|
||||
{
|
||||
desc: "udp address",
|
||||
address: "127.0.0.1:8080",
|
||||
expNetwork: "udp",
|
||||
expAddress: "127.0.0.1:8080",
|
||||
},
|
||||
{
|
||||
desc: "unix address",
|
||||
address: "unix:///path/to/datadog.socket",
|
||||
expNetwork: "unix",
|
||||
expAddress: "/path/to/datadog.socket",
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range tests {
|
||||
test := test
|
||||
t.Run(test.desc, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
gotNetwork, gotAddress := parseDatadogAddress(test.address)
|
||||
assert.Equal(t, test.expNetwork, gotNetwork)
|
||||
assert.Equal(t, test.expAddress, gotAddress)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func testDatadogRegistry(t *testing.T, metricsPrefix string, datadogRegistry Registry) {
|
||||
t.Helper()
|
||||
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/url"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
@ -30,7 +31,7 @@ var (
|
|||
)
|
||||
|
||||
// RegisterOpenTelemetry registers all OpenTelemetry metrics.
|
||||
func RegisterOpenTelemetry(ctx context.Context, config *types.OpenTelemetry) Registry {
|
||||
func RegisterOpenTelemetry(ctx context.Context, config *types.OTLP) Registry {
|
||||
if openTelemetryMeterProvider == nil {
|
||||
var err error
|
||||
if openTelemetryMeterProvider, err = newOpenTelemetryMeterProvider(ctx, config); err != nil {
|
||||
|
@ -123,15 +124,15 @@ func StopOpenTelemetry() {
|
|||
}
|
||||
|
||||
// newOpenTelemetryMeterProvider creates a new controller.Controller.
|
||||
func newOpenTelemetryMeterProvider(ctx context.Context, config *types.OpenTelemetry) (*sdkmetric.MeterProvider, error) {
|
||||
func newOpenTelemetryMeterProvider(ctx context.Context, config *types.OTLP) (*sdkmetric.MeterProvider, error) {
|
||||
var (
|
||||
exporter sdkmetric.Exporter
|
||||
err error
|
||||
)
|
||||
if config.GRPC != nil {
|
||||
exporter, err = newGRPCExporter(ctx, config)
|
||||
exporter, err = newGRPCExporter(ctx, config.GRPC)
|
||||
} else {
|
||||
exporter, err = newHTTPExporter(ctx, config)
|
||||
exporter, err = newHTTPExporter(ctx, config.HTTP)
|
||||
}
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("creating exporter: %w", err)
|
||||
|
@ -168,24 +169,24 @@ func newOpenTelemetryMeterProvider(ctx context.Context, config *types.OpenTeleme
|
|||
return meterProvider, nil
|
||||
}
|
||||
|
||||
func newHTTPExporter(ctx context.Context, config *types.OpenTelemetry) (sdkmetric.Exporter, error) {
|
||||
host, port, err := net.SplitHostPort(config.Address)
|
||||
func newHTTPExporter(ctx context.Context, config *types.OtelHTTP) (sdkmetric.Exporter, error) {
|
||||
endpoint, err := url.Parse(config.Endpoint)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid collector address %q: %w", config.Address, err)
|
||||
return nil, fmt.Errorf("invalid collector endpoint %q: %w", config.Endpoint, err)
|
||||
}
|
||||
|
||||
opts := []otlpmetrichttp.Option{
|
||||
otlpmetrichttp.WithEndpoint(fmt.Sprintf("%s:%s", host, port)),
|
||||
otlpmetrichttp.WithEndpoint(endpoint.Host),
|
||||
otlpmetrichttp.WithHeaders(config.Headers),
|
||||
otlpmetrichttp.WithCompression(otlpmetrichttp.GzipCompression),
|
||||
}
|
||||
|
||||
if config.Insecure {
|
||||
if endpoint.Scheme == "http" {
|
||||
opts = append(opts, otlpmetrichttp.WithInsecure())
|
||||
}
|
||||
|
||||
if config.Path != "" {
|
||||
opts = append(opts, otlpmetrichttp.WithURLPath(config.Path))
|
||||
if endpoint.Path != "" {
|
||||
opts = append(opts, otlpmetrichttp.WithURLPath(endpoint.Path))
|
||||
}
|
||||
|
||||
if config.TLS != nil {
|
||||
|
@ -200,10 +201,10 @@ func newHTTPExporter(ctx context.Context, config *types.OpenTelemetry) (sdkmetri
|
|||
return otlpmetrichttp.New(ctx, opts...)
|
||||
}
|
||||
|
||||
func newGRPCExporter(ctx context.Context, config *types.OpenTelemetry) (sdkmetric.Exporter, error) {
|
||||
host, port, err := net.SplitHostPort(config.Address)
|
||||
func newGRPCExporter(ctx context.Context, config *types.OtelGRPC) (sdkmetric.Exporter, error) {
|
||||
host, port, err := net.SplitHostPort(config.Endpoint)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid collector address %q: %w", config.Address, err)
|
||||
return nil, fmt.Errorf("invalid collector endpoint %q: %w", config.Endpoint, err)
|
||||
}
|
||||
|
||||
opts := []otlpmetricgrpc.Option{
|
||||
|
|
|
@ -8,7 +8,6 @@ import (
|
|||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"testing"
|
||||
|
@ -316,14 +315,12 @@ func TestOpenTelemetry(t *testing.T) {
|
|||
ts.Close()
|
||||
})
|
||||
|
||||
sURL, err := url.Parse(ts.URL)
|
||||
require.NoError(t, err)
|
||||
|
||||
var cfg types.OpenTelemetry
|
||||
var cfg types.OTLP
|
||||
(&cfg).SetDefaults()
|
||||
cfg.AddRoutersLabels = true
|
||||
cfg.Address = sURL.Host
|
||||
cfg.Insecure = true
|
||||
cfg.HTTP = &types.OtelHTTP{
|
||||
Endpoint: ts.URL,
|
||||
}
|
||||
cfg.PushInterval = ptypes.Duration(10 * time.Millisecond)
|
||||
|
||||
registry := RegisterOpenTelemetry(context.Background(), &cfg)
|
||||
|
|
|
@ -27,6 +27,8 @@ import (
|
|||
"github.com/traefik/traefik/v3/pkg/types"
|
||||
)
|
||||
|
||||
const delta float64 = 1e-10
|
||||
|
||||
var (
|
||||
logFileNameSuffix = "/traefik/logger/test.log"
|
||||
testContent = "Hello, World"
|
||||
|
@ -280,7 +282,7 @@ func assertFloat64(exp float64) func(t *testing.T, actual interface{}) {
|
|||
return func(t *testing.T, actual interface{}) {
|
||||
t.Helper()
|
||||
|
||||
assert.Equal(t, exp, actual)
|
||||
assert.InDelta(t, exp, actual, delta)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@ package addprefix
|
|||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/traefik/traefik/v3/pkg/config/dynamic"
|
||||
|
@ -33,7 +33,7 @@ func New(ctx context.Context, next http.Handler, config dynamic.AddPrefix, name
|
|||
name: name,
|
||||
}
|
||||
} else {
|
||||
return nil, fmt.Errorf("prefix cannot be empty")
|
||||
return nil, errors.New("prefix cannot be empty")
|
||||
}
|
||||
|
||||
return result, nil
|
||||
|
|
|
@ -15,6 +15,7 @@ import (
|
|||
"github.com/traefik/traefik/v3/pkg/middlewares"
|
||||
"github.com/traefik/traefik/v3/pkg/middlewares/connectionheader"
|
||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||
"github.com/traefik/traefik/v3/pkg/types"
|
||||
"github.com/vulcand/oxy/v2/forward"
|
||||
"github.com/vulcand/oxy/v2/utils"
|
||||
"go.opentelemetry.io/otel/trace"
|
||||
|
@ -53,7 +54,8 @@ type forwardAuth struct {
|
|||
|
||||
// NewForward creates a forward auth middleware.
|
||||
func NewForward(ctx context.Context, next http.Handler, config dynamic.ForwardAuth, name string) (http.Handler, error) {
|
||||
middlewares.GetLogger(ctx, name, typeNameForward).Debug().Msg("Creating middleware")
|
||||
logger := middlewares.GetLogger(ctx, name, typeNameForward)
|
||||
logger.Debug().Msg("Creating middleware")
|
||||
|
||||
addAuthCookiesToResponse := make(map[string]struct{})
|
||||
for _, cookieName := range config.AddAuthCookiesToResponse {
|
||||
|
@ -79,7 +81,18 @@ func NewForward(ctx context.Context, next http.Handler, config dynamic.ForwardAu
|
|||
}
|
||||
|
||||
if config.TLS != nil {
|
||||
tlsConfig, err := config.TLS.CreateTLSConfig(ctx)
|
||||
if config.TLS.CAOptional != nil {
|
||||
logger.Warn().Msg("CAOptional option is deprecated, TLS client authentication is a server side option, please remove any usage of this option.")
|
||||
}
|
||||
|
||||
clientTLS := &types.ClientTLS{
|
||||
CA: config.TLS.CA,
|
||||
Cert: config.TLS.Cert,
|
||||
Key: config.TLS.Key,
|
||||
InsecureSkipVerify: config.TLS.InsecureSkipVerify,
|
||||
}
|
||||
|
||||
tlsConfig, err := clientTLS.CreateTLSConfig(ctx)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create client TLS configuration: %w", err)
|
||||
}
|
||||
|
|
|
@ -17,6 +17,7 @@ import (
|
|||
"github.com/traefik/traefik/v3/pkg/testhelpers"
|
||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||
"github.com/traefik/traefik/v3/pkg/tracing/opentelemetry"
|
||||
"github.com/traefik/traefik/v3/pkg/types"
|
||||
"github.com/traefik/traefik/v3/pkg/version"
|
||||
"github.com/vulcand/oxy/v2/forward"
|
||||
"go.opentelemetry.io/otel"
|
||||
|
@ -500,7 +501,7 @@ func TestForwardAuthUsesTracing(t *testing.T) {
|
|||
ServiceName: "testApp",
|
||||
SampleRate: 1,
|
||||
OTLP: &opentelemetry.Config{
|
||||
HTTP: &opentelemetry.HTTP{
|
||||
HTTP: &types.OtelHTTP{
|
||||
Endpoint: "http://127.0.0.1:8080",
|
||||
},
|
||||
},
|
||||
|
|
|
@ -30,12 +30,14 @@ func New(ctx context.Context, next http.Handler, confCircuitBreaker dynamic.Circ
|
|||
logger.Debug().Msg("Creating middleware")
|
||||
logger.Debug().Msgf("Setting up with expression: %s", expression)
|
||||
|
||||
responseCode := confCircuitBreaker.ResponseCode
|
||||
|
||||
cbOpts := []cbreaker.Option{
|
||||
cbreaker.Fallback(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
tracing.SetStatusErrorf(req.Context(), "blocked by circuit-breaker (%q)", expression)
|
||||
rw.WriteHeader(http.StatusServiceUnavailable)
|
||||
rw.WriteHeader(responseCode)
|
||||
|
||||
if _, err := rw.Write([]byte(http.StatusText(http.StatusServiceUnavailable))); err != nil {
|
||||
if _, err := rw.Write([]byte(http.StatusText(responseCode))); err != nil {
|
||||
log.Ctx(req.Context()).Error().Err(err).Send()
|
||||
}
|
||||
})),
|
||||
|
|
|
@ -2,6 +2,7 @@ package brotli
|
|||
|
||||
import (
|
||||
"bufio"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"mime"
|
||||
|
@ -34,11 +35,11 @@ type Config struct {
|
|||
// NewWrapper returns a new Brotli compressing wrapper.
|
||||
func NewWrapper(cfg Config) (func(http.Handler) http.HandlerFunc, error) {
|
||||
if cfg.MinSize < 0 {
|
||||
return nil, fmt.Errorf("minimum size must be greater than or equal to zero")
|
||||
return nil, errors.New("minimum size must be greater than or equal to zero")
|
||||
}
|
||||
|
||||
if len(cfg.ExcludedContentTypes) > 0 && len(cfg.IncludedContentTypes) > 0 {
|
||||
return nil, fmt.Errorf("excludedContentTypes and includedContentTypes options are mutually exclusive")
|
||||
return nil, errors.New("excludedContentTypes and includedContentTypes options are mutually exclusive")
|
||||
}
|
||||
|
||||
var excludedContentTypes []parsedContentType
|
||||
|
@ -138,6 +139,7 @@ func (r *responseWriter) Write(p []byte) (int, error) {
|
|||
// If we detect a contentEncoding, we know we are never going to compress.
|
||||
if r.rw.Header().Get(contentEncoding) != "" {
|
||||
r.compressionDisabled = true
|
||||
r.rw.WriteHeader(r.statusCode)
|
||||
return r.rw.Write(p)
|
||||
}
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ func Test_Vary(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
h.ServeHTTP(rw, req)
|
||||
|
||||
assert.Equal(t, http.StatusOK, rw.Code)
|
||||
assert.Equal(t, http.StatusAccepted, rw.Code)
|
||||
assert.Equal(t, acceptEncoding, rw.Header().Get(vary))
|
||||
}
|
||||
|
||||
|
@ -41,7 +41,7 @@ func Test_SmallBodyNoCompression(t *testing.T) {
|
|||
h.ServeHTTP(rw, req)
|
||||
|
||||
// With less than 1024 bytes the response should not be compressed.
|
||||
assert.Equal(t, http.StatusOK, rw.Code)
|
||||
assert.Equal(t, http.StatusAccepted, rw.Code)
|
||||
assert.Empty(t, rw.Header().Get(contentEncoding))
|
||||
assert.Equal(t, smallTestBody, rw.Body.Bytes())
|
||||
}
|
||||
|
@ -55,6 +55,7 @@ func Test_AlreadyCompressed(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
h.ServeHTTP(rw, req)
|
||||
|
||||
assert.Equal(t, http.StatusAccepted, rw.Code)
|
||||
assert.Equal(t, bigTestBody, rw.Body.Bytes())
|
||||
}
|
||||
|
||||
|
@ -749,6 +750,7 @@ func newTestHandler(t *testing.T, body []byte) http.Handler {
|
|||
rw.Header().Set("Content-Encoding", "br")
|
||||
}
|
||||
|
||||
rw.WriteHeader(http.StatusAccepted)
|
||||
_, err := rw.Write(body)
|
||||
require.NoError(t, err)
|
||||
}),
|
||||
|
|
|
@ -2,6 +2,7 @@ package compress
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"mime"
|
||||
"net/http"
|
||||
|
@ -38,7 +39,7 @@ func New(ctx context.Context, next http.Handler, conf dynamic.Compress, name str
|
|||
middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware")
|
||||
|
||||
if len(conf.ExcludedContentTypes) > 0 && len(conf.IncludedContentTypes) > 0 {
|
||||
return nil, fmt.Errorf("excludedContentTypes and includedContentTypes options are mutually exclusive")
|
||||
return nil, errors.New("excludedContentTypes and includedContentTypes options are mutually exclusive")
|
||||
}
|
||||
|
||||
excludes := []string{"application/grpc"}
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"context"
|
||||
"net/http"
|
||||
|
||||
"github.com/traefik/traefik/v3/pkg/config/dynamic"
|
||||
"github.com/traefik/traefik/v3/pkg/middlewares"
|
||||
)
|
||||
|
||||
|
@ -18,8 +19,19 @@ type contentType struct {
|
|||
}
|
||||
|
||||
// New creates a new handler.
|
||||
func New(ctx context.Context, next http.Handler, name string) (http.Handler, error) {
|
||||
middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware")
|
||||
func New(ctx context.Context, next http.Handler, config dynamic.ContentType, name string) (http.Handler, error) {
|
||||
logger := middlewares.GetLogger(ctx, name, typeName)
|
||||
logger.Debug().Msg("Creating middleware")
|
||||
|
||||
if config.AutoDetect != nil {
|
||||
logger.Warn().Msg("AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.")
|
||||
|
||||
// Disable content-type detection (idempotent).
|
||||
if !*config.AutoDetect {
|
||||
return next, nil
|
||||
}
|
||||
}
|
||||
|
||||
return &contentType{next: next, name: name}, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ import (
|
|||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/traefik/traefik/v3/pkg/config/dynamic"
|
||||
"github.com/traefik/traefik/v3/pkg/testhelpers"
|
||||
)
|
||||
|
||||
|
@ -60,7 +61,7 @@ func TestAutoDetection(t *testing.T) {
|
|||
|
||||
if test.autoDetect {
|
||||
var err error
|
||||
next, err = New(context.Background(), next, "foo-content-type")
|
||||
next, err = New(context.Background(), next, dynamic.ContentType{}, "foo-content-type")
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
|
|
|
@ -21,15 +21,27 @@ type stripPrefix struct {
|
|||
next http.Handler
|
||||
prefixes []string
|
||||
name string
|
||||
|
||||
// Deprecated: Must be removed (breaking), the default behavior must be forceSlash=false
|
||||
forceSlash bool
|
||||
}
|
||||
|
||||
// New creates a new strip prefix middleware.
|
||||
func New(ctx context.Context, next http.Handler, config dynamic.StripPrefix, name string) (http.Handler, error) {
|
||||
middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware")
|
||||
logger := middlewares.GetLogger(ctx, name, typeName)
|
||||
logger.Debug().Msg("Creating middleware")
|
||||
|
||||
if config.ForceSlash != nil {
|
||||
logger.Warn().Msgf("`ForceSlash` option is deprecated, please remove any usage of this option.")
|
||||
}
|
||||
// Handle default value (here because of deprecation and the removal of setDefault).
|
||||
forceSlash := config.ForceSlash != nil && *config.ForceSlash
|
||||
|
||||
return &stripPrefix{
|
||||
prefixes: config.Prefixes,
|
||||
next: next,
|
||||
name: name,
|
||||
forceSlash: forceSlash,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -58,6 +70,13 @@ func (s *stripPrefix) serveRequest(rw http.ResponseWriter, req *http.Request, pr
|
|||
}
|
||||
|
||||
func (s *stripPrefix) getPrefixStripped(urlPath, prefix string) string {
|
||||
if s.forceSlash {
|
||||
// Only for compatibility reason with the previous behavior,
|
||||
// but the previous behavior is wrong.
|
||||
// This needs to be removed in the next breaking version.
|
||||
return "/" + strings.TrimPrefix(strings.TrimPrefix(urlPath, prefix), "/")
|
||||
}
|
||||
|
||||
return ensureLeadingSlash(strings.TrimPrefix(urlPath, prefix))
|
||||
}
|
||||
|
||||
|
|
|
@ -146,6 +146,9 @@ func TestStripPrefix(t *testing.T) {
|
|||
requestURI = r.RequestURI
|
||||
})
|
||||
|
||||
pointer := func(v bool) *bool { return &v }
|
||||
test.config.ForceSlash = pointer(false)
|
||||
|
||||
handler, err := New(context.Background(), next, test.config, "foo-strip-prefix")
|
||||
require.NoError(t, err)
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue