Compare commits
12 commits
fd015c5a9b
...
4b7594bc56
Author | SHA1 | Date | |
---|---|---|---|
4b7594bc56 | |||
|
b1b4e6b918 | ||
|
8cb1829698 | ||
|
2f9905061e | ||
|
0a7a6afd59 | ||
|
b577b3a6ba | ||
|
230019eccf | ||
|
2090baa938 | ||
|
b7de043991 | ||
|
9e0800f938 | ||
|
e7d1a98c5e | ||
|
2798e18e18 |
91 changed files with 1402 additions and 663 deletions
|
@ -146,6 +146,7 @@ linters-settings:
|
||||||
- github.com/mailgun/multibuf
|
- github.com/mailgun/multibuf
|
||||||
- github.com/jaguilar/vt100
|
- github.com/jaguilar/vt100
|
||||||
- github.com/cucumber/godog
|
- github.com/cucumber/godog
|
||||||
|
- github.com/http-wasm/http-wasm-host-go
|
||||||
testifylint:
|
testifylint:
|
||||||
disable:
|
disable:
|
||||||
- suite-dont-use-pkg
|
- suite-dont-use-pkg
|
||||||
|
|
|
@ -46,7 +46,7 @@ blocks:
|
||||||
- name: GH_VERSION
|
- name: GH_VERSION
|
||||||
value: 2.32.1
|
value: 2.32.1
|
||||||
- name: CODENAME
|
- name: CODENAME
|
||||||
value: "beaufort"
|
value: "comte"
|
||||||
prologue:
|
prologue:
|
||||||
commands:
|
commands:
|
||||||
- export VERSION=${SEMAPHORE_GIT_TAG_NAME}
|
- export VERSION=${SEMAPHORE_GIT_TAG_NAME}
|
||||||
|
|
43
CHANGELOG.md
43
CHANGELOG.md
|
@ -1,3 +1,46 @@
|
||||||
|
## [v3.1.0-rc1](https://github.com/traefik/traefik/tree/v3.1.0-rc1) (2024-06-27)
|
||||||
|
[All Commits](https://github.com/traefik/traefik/compare/v3.0.0-beta3...v3.1.0-rc1)
|
||||||
|
|
||||||
|
**Enhancements:**
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support invalid HTTPRoute status ([#10714](https://github.com/traefik/traefik/pull/10714) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** KubernetesGateway provider is no longer experimental ([#10840](https://github.com/traefik/traefik/pull/10840) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Bump Gateway API to v1.1.0 ([#10835](https://github.com/traefik/traefik/pull/10835) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Fix route attachments to gateways ([#10761](https://github.com/traefik/traefik/pull/10761) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support HTTPRoute method and query param matching ([#10815](https://github.com/traefik/traefik/pull/10815) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support HTTPURLRewrite filter ([#10571](https://github.com/traefik/traefik/pull/10571) by [SantoDE](https://github.com/SantoDE))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Set Gateway HTTPRoute status ([#10667](https://github.com/traefik/traefik/pull/10667) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support ReferenceGrant for HTTPRoute backends ([#10771](https://github.com/traefik/traefik/pull/10771) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Compute HTTPRoute priorities ([#10766](https://github.com/traefik/traefik/pull/10766) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[k8s,k8s/gatewayapi]** Support RegularExpression for path matching ([#10717](https://github.com/traefik/traefik/pull/10717) by [dmavrommatis](https://github.com/dmavrommatis))
|
||||||
|
- **[k8s/crd,k8s]** Support HealthCheck for ExternalName services ([#10467](https://github.com/traefik/traefik/pull/10467) by [marcmognol](https://github.com/marcmognol))
|
||||||
|
- **[k8s/ingress,k8s/crd,k8s,k8s/gatewayapi]** Migrate to EndpointSlices API ([#10664](https://github.com/traefik/traefik/pull/10664) by [jnoordsij](https://github.com/jnoordsij))
|
||||||
|
- **[k8s/ingress,k8s/crd,k8s]** Change log level from Warning to Info when ExternalName services is enabled ([#10682](https://github.com/traefik/traefik/pull/10682) by [marcmognol](https://github.com/marcmognol))
|
||||||
|
- **[k8s/ingress,k8s/crd,k8s]** Allow to use internal Node IPs for NodePort services ([#10278](https://github.com/traefik/traefik/pull/10278) by [jorisvergeer](https://github.com/jorisvergeer))
|
||||||
|
- **[middleware,k8s,k8s/gatewayapi]** Improve HTTPRoute Redirect Filter with port and scheme ([#10784](https://github.com/traefik/traefik/pull/10784) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[middleware,k8s,k8s/gatewayapi]** Support HTTPRoute redirect port and scheme ([#10802](https://github.com/traefik/traefik/pull/10802) by [rtribotte](https://github.com/rtribotte))
|
||||||
|
- **[middleware]** Support Content-Security-Policy-Report-Only in the headers middleware ([#10709](https://github.com/traefik/traefik/pull/10709) by [SpecLad](https://github.com/SpecLad))
|
||||||
|
- **[middleware]** Add support for Zstandard to the compression middleware ([#10660](https://github.com/traefik/traefik/pull/10660) by [Belphemur](https://github.com/Belphemur))
|
||||||
|
- **[plugins]** Enhance wasm plugins ([#10829](https://github.com/traefik/traefik/pull/10829) by [juliens](https://github.com/juliens))
|
||||||
|
- **[plugins]** Add logs for plugins load ([#10848](https://github.com/traefik/traefik/pull/10848) by [mmatur](https://github.com/mmatur))
|
||||||
|
- **[server]** Support systemd socket-activation ([#10399](https://github.com/traefik/traefik/pull/10399) by [juliens](https://github.com/juliens))
|
||||||
|
|
||||||
|
**Bug fixes:**
|
||||||
|
- **[healthcheck,k8s/crd,k8s]** Fix Healthcheck default value for ExternalName services ([#10778](https://github.com/traefik/traefik/pull/10778) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- **[middleware,metrics,tracing]** Upgrade to OpenTelemetry Semantic Conventions v1.26.0 ([#10850](https://github.com/traefik/traefik/pull/10850) by [mmatur](https://github.com/mmatur))
|
||||||
|
|
||||||
|
**Documentation:**
|
||||||
|
- **[k8s,k8s/gatewayapi]** Fix the Kubernetes GatewayAPI documentation ([#10844](https://github.com/traefik/traefik/pull/10844) by [nmengin](https://github.com/nmengin))
|
||||||
|
|
||||||
|
**Misc:**
|
||||||
|
- Merge current v3.0 into master ([#10853](https://github.com/traefik/traefik/pull/10853) by [mmatur](https://github.com/mmatur))
|
||||||
|
- Merge current v3.0 into master ([#10811](https://github.com/traefik/traefik/pull/10811) by [mmatur](https://github.com/mmatur))
|
||||||
|
- Merge current v3.0 into master ([#10789](https://github.com/traefik/traefik/pull/10789) by [ldez](https://github.com/ldez))
|
||||||
|
- Merge current v3.0 into master ([#10750](https://github.com/traefik/traefik/pull/10750) by [kevinpollet](https://github.com/kevinpollet))
|
||||||
|
- Merge current v3.0 into master ([#10655](https://github.com/traefik/traefik/pull/10655) by [ldez](https://github.com/ldez))
|
||||||
|
- Merge current v3.0 into master ([#10567](https://github.com/traefik/traefik/pull/10567) by [ldez](https://github.com/ldez))
|
||||||
|
- Merge current v3.0 into master ([#10418](https://github.com/traefik/traefik/pull/10418) by [mmatur](https://github.com/mmatur))
|
||||||
|
- Merge current v3.0 into master ([#10040](https://github.com/traefik/traefik/pull/10040) by [mmatur](https://github.com/mmatur))
|
||||||
|
|
||||||
## [v3.0.3](https://github.com/traefik/traefik/tree/v3.0.3) (2024-06-18)
|
## [v3.0.3](https://github.com/traefik/traefik/tree/v3.0.3) (2024-06-18)
|
||||||
[All Commits](https://github.com/traefik/traefik/compare/v3.0.2...v3.0.3)
|
[All Commits](https://github.com/traefik/traefik/compare/v3.0.2...v3.0.3)
|
||||||
|
|
||||||
|
|
|
@ -46,6 +46,7 @@ import (
|
||||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||||
"github.com/traefik/traefik/v3/pkg/types"
|
"github.com/traefik/traefik/v3/pkg/types"
|
||||||
"github.com/traefik/traefik/v3/pkg/version"
|
"github.com/traefik/traefik/v3/pkg/version"
|
||||||
|
"golang.org/x/exp/maps"
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
@ -224,10 +225,21 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Plugins
|
// Plugins
|
||||||
|
pluginLogger := log.Ctx(ctx).With().Logger()
|
||||||
|
hasPlugins := staticConfiguration.Experimental != nil && (staticConfiguration.Experimental.Plugins != nil || staticConfiguration.Experimental.LocalPlugins != nil)
|
||||||
|
if hasPlugins {
|
||||||
|
pluginsList := maps.Keys(staticConfiguration.Experimental.Plugins)
|
||||||
|
pluginsList = append(pluginsList, maps.Keys(staticConfiguration.Experimental.LocalPlugins)...)
|
||||||
|
|
||||||
|
pluginLogger = pluginLogger.With().Strs("plugins", pluginsList).Logger()
|
||||||
|
pluginLogger.Info().Msg("Loading plugins...")
|
||||||
|
}
|
||||||
|
|
||||||
pluginBuilder, err := createPluginBuilder(staticConfiguration)
|
pluginBuilder, err := createPluginBuilder(staticConfiguration)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().Err(err).Msg("Plugins are disabled because an error has occurred.")
|
pluginLogger.Err(err).Msg("Plugins are disabled because an error has occurred.")
|
||||||
|
} else if hasPlugins {
|
||||||
|
pluginLogger.Info().Msg("Plugins loaded.")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Providers plugins
|
// Providers plugins
|
||||||
|
|
|
@ -79,7 +79,7 @@ traefik --help
|
||||||
# or
|
# or
|
||||||
|
|
||||||
docker run traefik[:version] --help
|
docker run traefik[:version] --help
|
||||||
# ex: docker run traefik:v3.0 --help
|
# ex: docker run traefik:v3.1 --help
|
||||||
```
|
```
|
||||||
|
|
||||||
Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments.
|
Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments.
|
||||||
|
|
|
@ -16,12 +16,12 @@ You can install Traefik with the following flavors:
|
||||||
|
|
||||||
Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file:
|
Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file:
|
||||||
|
|
||||||
* [YAML](https://raw.githubusercontent.com/traefik/traefik/v3.0/traefik.sample.yml)
|
* [YAML](https://raw.githubusercontent.com/traefik/traefik/v3.1/traefik.sample.yml)
|
||||||
* [TOML](https://raw.githubusercontent.com/traefik/traefik/v3.0/traefik.sample.toml)
|
* [TOML](https://raw.githubusercontent.com/traefik/traefik/v3.1/traefik.sample.toml)
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker run -d -p 8080:8080 -p 80:80 \
|
docker run -d -p 8080:8080 -p 80:80 \
|
||||||
-v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v3.0
|
-v $PWD/traefik.yml:/etc/traefik/traefik.yml traefik:v3.1
|
||||||
```
|
```
|
||||||
|
|
||||||
For more details, go to the [Docker provider documentation](../providers/docker.md)
|
For more details, go to the [Docker provider documentation](../providers/docker.md)
|
||||||
|
@ -29,7 +29,7 @@ For more details, go to the [Docker provider documentation](../providers/docker.
|
||||||
!!! tip
|
!!! tip
|
||||||
|
|
||||||
* Prefer a fixed version than the latest that could be an unexpected version.
|
* Prefer a fixed version than the latest that could be an unexpected version.
|
||||||
ex: `traefik:v3.0`
|
ex: `traefik:v3.1`
|
||||||
* Docker images are based from the [Alpine Linux Official image](https://hub.docker.com/_/alpine).
|
* Docker images are based from the [Alpine Linux Official image](https://hub.docker.com/_/alpine).
|
||||||
* Any orchestrator using docker images can fetch the official Traefik docker image.
|
* Any orchestrator using docker images can fetch the official Traefik docker image.
|
||||||
|
|
||||||
|
|
|
@ -136,7 +136,7 @@ spec:
|
||||||
serviceAccountName: traefik-account
|
serviceAccountName: traefik-account
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --api.insecure
|
- --api.insecure
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
|
|
|
@ -20,7 +20,7 @@ version: '3'
|
||||||
services:
|
services:
|
||||||
reverse-proxy:
|
reverse-proxy:
|
||||||
# The official v3 Traefik docker image
|
# The official v3 Traefik docker image
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
# Enables the web UI and tells Traefik to listen to docker
|
# Enables the web UI and tells Traefik to listen to docker
|
||||||
command: --api.insecure=true --providers.docker
|
command: --api.insecure=true --providers.docker
|
||||||
ports:
|
ports:
|
||||||
|
|
|
@ -1,14 +1,10 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
!!! question "Using Traefik for Business Applications?"
|
!!! question "Using Traefik OSS in Production? Consider Adding Advanced Capabilities."
|
||||||
|
|
||||||
If you are using Traefik in your organization, consider our enterprise-grade solutions:
|
Add API Gateway or API Management capabilities seamlessly to your existing Traefik deployments.
|
||||||
|
No rip and replace. No learning curve.
|
||||||
|
|
||||||
- API Management
|
- [Explore our API Gateway](https://traefik.io/traefik-hub-api-gateway/)
|
||||||
[Explore](https://traefik.io/solutions/api-management/) // [Watch Demo Video](https://info.traefik.io/watch-traefik-hub-demo)
|
- [Explore our API Management](https://traefik.io/traefik-hub/)
|
||||||
- API Gateway
|
- [Get 24/7/365 Commercial Support for Traefik OSS](https://info.traefik.io/request-commercial-support)
|
||||||
[Explore](https://traefik.io/solutions/api-gateway/) // [Watch Demo Video](https://info.traefik.io/watch-traefikee-demo)
|
|
||||||
- Ingress Controller
|
|
||||||
[Kubernetes](https://traefik.io/solutions/kubernetes-ingress/) // [Docker Swarm](https://traefik.io/solutions/docker-swarm-ingress/)
|
|
||||||
|
|
||||||
These tools help businesses discover, deploy, secure, and manage microservices and APIs easily, at scale, across any environment.
|
|
||||||
|
|
|
@ -24,8 +24,6 @@ Developing Traefik, our main goal is to make it effortless to use, and we're sur
|
||||||
|
|
||||||
!!! info
|
!!! info
|
||||||
|
|
||||||
Join our user friendly and active [Community Forum](https://community.traefik.io "Link to Traefik Community Forum") to discuss, learn, and connect with the traefik community.
|
Join our user friendly and active [Community Forum](https://community.traefik.io "Link to Traefik Community Forum") to discuss, learn, and connect with the Traefik community.
|
||||||
|
|
||||||
Using Traefik in your organization? Consider [Traefik Enterprise](https://traefik.io/traefik-enterprise/ "Lino to Traefik Enterprise"), our unified API Gateway and Ingress that simplifies the discovery, security, and deployment of APIs and microservices across any environment.
|
Using Traefik OSS in Production? Add enterprise-grade API Gateway and API Management capabilities to your existing deployments seamlessly. No rip and replace. No learning curve. Learn more from [this short video](https://info.traefik.io/traefik-upgrade-walkthrough)
|
||||||
|
|
||||||
See it in action in [this short video walkthrough](https://info.traefik.io/watch-traefikee-demo "Link to video walkthrough").
|
|
||||||
|
|
|
@ -275,7 +275,7 @@ version: "3.7"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
environment:
|
environment:
|
||||||
- TZ=US/Alaska
|
- TZ=US/Alaska
|
||||||
command:
|
command:
|
||||||
|
|
|
@ -5,6 +5,8 @@ description: "Traefik supports several tracing backends, including OpenTelemetry
|
||||||
|
|
||||||
# OpenTelemetry
|
# OpenTelemetry
|
||||||
|
|
||||||
|
Traefik Proxy follows [official OpenTelemetry semantic conventions v1.26.0](https://github.com/open-telemetry/semantic-conventions/blob/v1.26.0/docs/http/http-spans.md).
|
||||||
|
|
||||||
To enable the OpenTelemetry tracer:
|
To enable the OpenTelemetry tracer:
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
|
|
|
@ -160,3 +160,28 @@ tracing:
|
||||||
```bash tab="CLI"
|
```bash tab="CLI"
|
||||||
--tracing.capturedResponseHeaders[0]=X-CustomHeader
|
--tracing.capturedResponseHeaders[0]=X-CustomHeader
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### `safeQueryParams`
|
||||||
|
|
||||||
|
_Optional, Default={}_
|
||||||
|
|
||||||
|
By default, all query parameters are redacted.
|
||||||
|
Defines the list of query parameters to not redact.
|
||||||
|
|
||||||
|
```yaml tab="File (YAML)"
|
||||||
|
tracing:
|
||||||
|
otlp:
|
||||||
|
safeQueryParams:
|
||||||
|
- bar
|
||||||
|
- buz
|
||||||
|
```
|
||||||
|
|
||||||
|
```toml tab="File (TOML)"
|
||||||
|
[tracing]
|
||||||
|
[tracing.otlp]
|
||||||
|
safeQueryParams = ["bar", "buz"]
|
||||||
|
```
|
||||||
|
|
||||||
|
```bash tab="CLI"
|
||||||
|
--tracing.otlp.safeQueryParams=bar,buz
|
||||||
|
```
|
||||||
|
|
|
@ -163,7 +163,7 @@ See the [Docker API Access](#docker-api-access) section for more information.
|
||||||
|
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik:v3.0 # The official v3 Traefik docker image
|
image: traefik:v3.1 # The official v3 Traefik docker image
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
volumes:
|
volumes:
|
||||||
|
|
|
@ -31,10 +31,10 @@ the Traefik engineering team developed a [Custom Resource Definition](https://ku
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Install Traefik Resource Definitions:
|
# Install Traefik Resource Definitions:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
||||||
|
|
||||||
# Install RBAC for Traefik:
|
# Install RBAC for Traefik:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
## Resource Configuration
|
## Resource Configuration
|
||||||
|
|
|
@ -5,7 +5,7 @@ description: "Learn how to use the Kubernetes Gateway API as a provider for conf
|
||||||
|
|
||||||
# Traefik & Kubernetes with Gateway API
|
# Traefik & Kubernetes with Gateway API
|
||||||
|
|
||||||
The Kubernetes Gateway API, The Experimental Way.
|
The Kubernetes Gateway API Controller.
|
||||||
{: .subtitle }
|
{: .subtitle }
|
||||||
|
|
||||||
Gateway API is the evolution of Kubernetes APIs that relate to `Services`, such as `Ingress`.
|
Gateway API is the evolution of Kubernetes APIs that relate to `Services`, such as `Ingress`.
|
||||||
|
@ -14,32 +14,7 @@ The Gateway API project is part of Kubernetes, working under SIG-NETWORK.
|
||||||
The Kubernetes Gateway provider is a Traefik implementation of the [Gateway API](https://gateway-api.sigs.k8s.io/)
|
The Kubernetes Gateway provider is a Traefik implementation of the [Gateway API](https://gateway-api.sigs.k8s.io/)
|
||||||
specifications from the Kubernetes Special Interest Groups (SIGs).
|
specifications from the Kubernetes Special Interest Groups (SIGs).
|
||||||
|
|
||||||
This provider is proposed as an experimental feature and partially supports Gateway API [v1.0.0](https://github.com/kubernetes-sigs/gateway-api/releases/tag/v1.0.0) specification.
|
This provider supports Gateway API [v1.1.0](https://github.com/kubernetes-sigs/gateway-api/releases/tag/v1.1.0) specification.
|
||||||
|
|
||||||
!!! warning "Enabling The Experimental Kubernetes Gateway Provider"
|
|
||||||
|
|
||||||
Since this provider is still experimental, it needs to be activated in the experimental section of the static configuration.
|
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
|
||||||
experimental:
|
|
||||||
kubernetesGateway: true
|
|
||||||
|
|
||||||
providers:
|
|
||||||
kubernetesGateway: {}
|
|
||||||
#...
|
|
||||||
```
|
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
|
||||||
[experimental]
|
|
||||||
kubernetesGateway = true
|
|
||||||
|
|
||||||
[providers.kubernetesGateway]
|
|
||||||
#...
|
|
||||||
```
|
|
||||||
|
|
||||||
```bash tab="CLI"
|
|
||||||
--experimental.kubernetesgateway=true --providers.kubernetesgateway=true #...
|
|
||||||
```
|
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
|
|
|
@ -494,6 +494,6 @@ providers:
|
||||||
### Further
|
### Further
|
||||||
|
|
||||||
To learn more about the various aspects of the Ingress specification that Traefik supports,
|
To learn more about the various aspects of the Ingress specification that Traefik supports,
|
||||||
many examples of Ingresses definitions are located in the test [examples](https://github.com/traefik/traefik/tree/v3.0/pkg/provider/kubernetes/ingress/fixtures) of the Traefik repository.
|
many examples of Ingresses definitions are located in the test [examples](https://github.com/traefik/traefik/tree/v3.1/pkg/provider/kubernetes/ingress/fixtures) of the Traefik repository.
|
||||||
|
|
||||||
{!traefik-for-business-applications.md!}
|
{!traefik-for-business-applications.md!}
|
||||||
|
|
|
@ -209,7 +209,7 @@ See the [Docker Swarm API Access](#docker-api-access) section for more informati
|
||||||
|
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik:v3.0 # The official v3 Traefik docker image
|
image: traefik:v3.1 # The official v3 Traefik docker image
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
volumes:
|
volumes:
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -63,12 +63,12 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: |-
|
description: |-
|
||||||
Middlewares defines the list of references to Middleware resources.
|
Middlewares defines the list of references to Middleware resources.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
items:
|
items:
|
||||||
description: MiddlewareRef is a reference to a Middleware
|
description: MiddlewareRef is a reference to a Middleware
|
||||||
resource.
|
resource.
|
||||||
|
@ -88,7 +88,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -229,7 +229,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -277,7 +277,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- kind
|
- kind
|
||||||
|
@ -287,18 +287,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration.
|
TLS defines the TLS configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -317,17 +317,17 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSOption.
|
Name defines the name of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSOption.
|
Namespace defines the namespace of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -344,12 +344,12 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSStore.
|
Name defines the name of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSStore.
|
Namespace defines the namespace of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -409,7 +409,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -422,7 +422,7 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares defines the list of references to MiddlewareTCP
|
description: Middlewares defines the list of references to MiddlewareTCP
|
||||||
|
@ -446,7 +446,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: Services defines the list of TCP services.
|
description: Services defines the list of TCP services.
|
||||||
|
@ -487,7 +487,7 @@ spec:
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
description: |-
|
description: |-
|
||||||
ProxyProtocol defines the PROXY protocol configuration.
|
ProxyProtocol defines the PROXY protocol configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
||||||
properties:
|
properties:
|
||||||
version:
|
version:
|
||||||
description: Version defines the PROXY Protocol version
|
description: Version defines the PROXY Protocol version
|
||||||
|
@ -525,7 +525,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- match
|
- match
|
||||||
|
@ -534,18 +534,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -564,7 +564,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: Name defines the name of the referenced Traefik
|
description: Name defines the name of the referenced Traefik
|
||||||
|
@ -656,7 +656,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -743,7 +743,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
Middleware is the CRD implementation of a Traefik Middleware.
|
Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -769,7 +769,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
AddPrefix holds the add prefix middleware configuration.
|
AddPrefix holds the add prefix middleware configuration.
|
||||||
This middleware updates the path of a request before forwarding it.
|
This middleware updates the path of a request before forwarding it.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
||||||
properties:
|
properties:
|
||||||
prefix:
|
prefix:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -781,12 +781,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
BasicAuth holds the basic auth middleware configuration.
|
BasicAuth holds the basic auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -807,7 +807,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Buffering holds the buffering middleware configuration.
|
Buffering holds the buffering middleware configuration.
|
||||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
properties:
|
properties:
|
||||||
maxRequestBodyBytes:
|
maxRequestBodyBytes:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -839,14 +839,14 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RetryExpression defines the retry conditions.
|
RetryExpression defines the retry conditions.
|
||||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
chain:
|
chain:
|
||||||
description: |-
|
description: |-
|
||||||
Chain holds the configuration of the chain middleware.
|
Chain holds the configuration of the chain middleware.
|
||||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
||||||
properties:
|
properties:
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares is the list of MiddlewareRef which composes
|
description: Middlewares is the list of MiddlewareRef which composes
|
||||||
|
@ -905,7 +905,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Compress holds the compress middleware configuration.
|
Compress holds the compress middleware configuration.
|
||||||
This middleware compresses responses before sending them to the client, using gzip compression.
|
This middleware compresses responses before sending them to the client, using gzip compression.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
||||||
properties:
|
properties:
|
||||||
defaultEncoding:
|
defaultEncoding:
|
||||||
description: DefaultEncoding specifies the default encoding if
|
description: DefaultEncoding specifies the default encoding if
|
||||||
|
@ -948,12 +948,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
DigestAuth holds the digest auth middleware configuration.
|
DigestAuth holds the digest auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -973,7 +973,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ErrorPage holds the custom error middleware configuration.
|
ErrorPage holds the custom error middleware configuration.
|
||||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
||||||
properties:
|
properties:
|
||||||
query:
|
query:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -983,7 +983,7 @@ spec:
|
||||||
service:
|
service:
|
||||||
description: |-
|
description: |-
|
||||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
||||||
properties:
|
properties:
|
||||||
healthCheck:
|
healthCheck:
|
||||||
description: Healthcheck defines health checks for ExternalName
|
description: Healthcheck defines health checks for ExternalName
|
||||||
|
@ -1116,7 +1116,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -1174,7 +1174,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ForwardAuth holds the forward auth middleware configuration.
|
ForwardAuth holds the forward auth middleware configuration.
|
||||||
This middleware delegates the request authentication to a Service.
|
This middleware delegates the request authentication to a Service.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
||||||
properties:
|
properties:
|
||||||
addAuthCookiesToResponse:
|
addAuthCookiesToResponse:
|
||||||
description: AddAuthCookiesToResponse defines the list of cookies
|
description: AddAuthCookiesToResponse defines the list of cookies
|
||||||
|
@ -1202,7 +1202,7 @@ spec:
|
||||||
authResponseHeadersRegex:
|
authResponseHeadersRegex:
|
||||||
description: |-
|
description: |-
|
||||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
type: string
|
type: string
|
||||||
tls:
|
tls:
|
||||||
description: TLS defines the configuration used to secure the
|
description: TLS defines the configuration used to secure the
|
||||||
|
@ -1249,7 +1249,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Headers holds the headers middleware configuration.
|
Headers holds the headers middleware configuration.
|
||||||
This middleware manages the requests and responses headers.
|
This middleware manages the requests and responses headers.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
||||||
properties:
|
properties:
|
||||||
accessControlAllowCredentials:
|
accessControlAllowCredentials:
|
||||||
description: AccessControlAllowCredentials defines whether the
|
description: AccessControlAllowCredentials defines whether the
|
||||||
|
@ -1420,7 +1420,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
InFlightReq holds the in-flight request middleware configuration.
|
InFlightReq holds the in-flight request middleware configuration.
|
||||||
This middleware limits the number of requests being processed and served concurrently.
|
This middleware limits the number of requests being processed and served concurrently.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
||||||
properties:
|
properties:
|
||||||
amount:
|
amount:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1433,12 +1433,12 @@ spec:
|
||||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
If several strategies are defined at the same time, an error will be raised.
|
If several strategies are defined at the same time, an error will be raised.
|
||||||
If none are set, the default is to use the requestHost.
|
If none are set, the default is to use the requestHost.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1467,12 +1467,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList holds the IP allowlist middleware configuration.
|
IPAllowList holds the IP allowlist middleware configuration.
|
||||||
This middleware limits allowed requests based on the client IP.
|
This middleware limits allowed requests based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1504,7 +1504,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1529,7 +1529,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
||||||
properties:
|
properties:
|
||||||
info:
|
info:
|
||||||
description: Info selects the specific client certificate details
|
description: Info selects the specific client certificate details
|
||||||
|
@ -1638,7 +1638,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RateLimit holds the rate limit configuration.
|
RateLimit holds the rate limit configuration.
|
||||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
||||||
properties:
|
properties:
|
||||||
average:
|
average:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1671,7 +1671,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1700,7 +1700,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectRegex holds the redirect regex middleware configuration.
|
RedirectRegex holds the redirect regex middleware configuration.
|
||||||
This middleware redirects a request using regex matching and replacement.
|
This middleware redirects a request using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1719,7 +1719,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectScheme holds the redirect scheme middleware configuration.
|
RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
This middleware redirects requests from a scheme/port to another.
|
This middleware redirects requests from a scheme/port to another.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1736,7 +1736,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePath holds the replace path middleware configuration.
|
ReplacePath holds the replace path middleware configuration.
|
||||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
||||||
properties:
|
properties:
|
||||||
path:
|
path:
|
||||||
description: Path defines the path to use as replacement in the
|
description: Path defines the path to use as replacement in the
|
||||||
|
@ -1747,7 +1747,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
This middleware replaces the path of a URL using regex matching and replacement.
|
This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression used to match
|
description: Regex defines the regular expression used to match
|
||||||
|
@ -1763,7 +1763,7 @@ spec:
|
||||||
Retry holds the retry middleware configuration.
|
Retry holds the retry middleware configuration.
|
||||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
||||||
properties:
|
properties:
|
||||||
attempts:
|
attempts:
|
||||||
description: Attempts defines how many times the request should
|
description: Attempts defines how many times the request should
|
||||||
|
@ -1785,7 +1785,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefix holds the strip prefix middleware configuration.
|
StripPrefix holds the strip prefix middleware configuration.
|
||||||
This middleware removes the specified prefixes from the URL path.
|
This middleware removes the specified prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
||||||
properties:
|
properties:
|
||||||
forceSlash:
|
forceSlash:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1804,7 +1804,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
This middleware removes the matching prefixes from the URL path.
|
This middleware removes the matching prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression to match the
|
description: Regex defines the regular expression to match the
|
||||||
|
@ -1841,7 +1841,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1877,7 +1877,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList defines the IPAllowList middleware configuration.
|
IPAllowList defines the IPAllowList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1891,7 +1891,7 @@ spec:
|
||||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
Deprecated: please use IPAllowList instead.
|
Deprecated: please use IPAllowList instead.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1930,7 +1930,7 @@ spec:
|
||||||
ServersTransport is the CRD implementation of a ServersTransport.
|
ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
If no serversTransport is specified, the default@internal will be used.
|
If no serversTransport is specified, the default@internal will be used.
|
||||||
The default@internal serversTransport is created from the static configuration.
|
The default@internal serversTransport is created from the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2069,7 +2069,7 @@ spec:
|
||||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2187,7 +2187,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2212,14 +2212,14 @@ spec:
|
||||||
alpnProtocols:
|
alpnProtocols:
|
||||||
description: |-
|
description: |-
|
||||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
cipherSuites:
|
cipherSuites:
|
||||||
description: |-
|
description: |-
|
||||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2247,7 +2247,7 @@ spec:
|
||||||
curvePreferences:
|
curvePreferences:
|
||||||
description: |-
|
description: |-
|
||||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2303,7 +2303,7 @@ spec:
|
||||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
For the time being, only the TLSStore named default is supported.
|
For the time being, only the TLSStore named default is supported.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2401,7 +2401,7 @@ spec:
|
||||||
TraefikService object allows to:
|
TraefikService object allows to:
|
||||||
- Apply weight to Services on load-balancing
|
- Apply weight to Services on load-balancing
|
||||||
- Mirror traffic on services
|
- Mirror traffic on services
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2642,7 +2642,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2749,7 +2749,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2932,7 +2932,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2979,7 +2979,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines whether sticky sessions are enabled.
|
Sticky defines whether sticky sessions are enabled.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
|
|
@ -25,7 +25,7 @@ spec:
|
||||||
serviceAccountName: traefik-controller
|
serviceAccountName: traefik-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --entryPoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --entryPoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -63,12 +63,12 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: |-
|
description: |-
|
||||||
Middlewares defines the list of references to Middleware resources.
|
Middlewares defines the list of references to Middleware resources.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
items:
|
items:
|
||||||
description: MiddlewareRef is a reference to a Middleware
|
description: MiddlewareRef is a reference to a Middleware
|
||||||
resource.
|
resource.
|
||||||
|
@ -88,7 +88,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -229,7 +229,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -277,7 +277,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- kind
|
- kind
|
||||||
|
@ -287,18 +287,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration.
|
TLS defines the TLS configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -317,17 +317,17 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSOption.
|
Name defines the name of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSOption.
|
Namespace defines the namespace of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -344,12 +344,12 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSStore.
|
Name defines the name of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSStore.
|
Namespace defines the namespace of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -56,7 +56,7 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares defines the list of references to MiddlewareTCP
|
description: Middlewares defines the list of references to MiddlewareTCP
|
||||||
|
@ -80,7 +80,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: Services defines the list of TCP services.
|
description: Services defines the list of TCP services.
|
||||||
|
@ -121,7 +121,7 @@ spec:
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
description: |-
|
description: |-
|
||||||
ProxyProtocol defines the PROXY protocol configuration.
|
ProxyProtocol defines the PROXY protocol configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
||||||
properties:
|
properties:
|
||||||
version:
|
version:
|
||||||
description: Version defines the PROXY Protocol version
|
description: Version defines the PROXY Protocol version
|
||||||
|
@ -159,7 +159,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- match
|
- match
|
||||||
|
@ -168,18 +168,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -198,7 +198,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: Name defines the name of the referenced Traefik
|
description: Name defines the name of the referenced Traefik
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
Middleware is the CRD implementation of a Traefik Middleware.
|
Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -45,7 +45,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
AddPrefix holds the add prefix middleware configuration.
|
AddPrefix holds the add prefix middleware configuration.
|
||||||
This middleware updates the path of a request before forwarding it.
|
This middleware updates the path of a request before forwarding it.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
||||||
properties:
|
properties:
|
||||||
prefix:
|
prefix:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -57,12 +57,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
BasicAuth holds the basic auth middleware configuration.
|
BasicAuth holds the basic auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -83,7 +83,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Buffering holds the buffering middleware configuration.
|
Buffering holds the buffering middleware configuration.
|
||||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
properties:
|
properties:
|
||||||
maxRequestBodyBytes:
|
maxRequestBodyBytes:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -115,14 +115,14 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RetryExpression defines the retry conditions.
|
RetryExpression defines the retry conditions.
|
||||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
chain:
|
chain:
|
||||||
description: |-
|
description: |-
|
||||||
Chain holds the configuration of the chain middleware.
|
Chain holds the configuration of the chain middleware.
|
||||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
||||||
properties:
|
properties:
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares is the list of MiddlewareRef which composes
|
description: Middlewares is the list of MiddlewareRef which composes
|
||||||
|
@ -181,7 +181,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Compress holds the compress middleware configuration.
|
Compress holds the compress middleware configuration.
|
||||||
This middleware compresses responses before sending them to the client, using gzip compression.
|
This middleware compresses responses before sending them to the client, using gzip compression.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
||||||
properties:
|
properties:
|
||||||
defaultEncoding:
|
defaultEncoding:
|
||||||
description: DefaultEncoding specifies the default encoding if
|
description: DefaultEncoding specifies the default encoding if
|
||||||
|
@ -224,12 +224,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
DigestAuth holds the digest auth middleware configuration.
|
DigestAuth holds the digest auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -249,7 +249,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ErrorPage holds the custom error middleware configuration.
|
ErrorPage holds the custom error middleware configuration.
|
||||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
||||||
properties:
|
properties:
|
||||||
query:
|
query:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -259,7 +259,7 @@ spec:
|
||||||
service:
|
service:
|
||||||
description: |-
|
description: |-
|
||||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
||||||
properties:
|
properties:
|
||||||
healthCheck:
|
healthCheck:
|
||||||
description: Healthcheck defines health checks for ExternalName
|
description: Healthcheck defines health checks for ExternalName
|
||||||
|
@ -392,7 +392,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -450,7 +450,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ForwardAuth holds the forward auth middleware configuration.
|
ForwardAuth holds the forward auth middleware configuration.
|
||||||
This middleware delegates the request authentication to a Service.
|
This middleware delegates the request authentication to a Service.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
||||||
properties:
|
properties:
|
||||||
addAuthCookiesToResponse:
|
addAuthCookiesToResponse:
|
||||||
description: AddAuthCookiesToResponse defines the list of cookies
|
description: AddAuthCookiesToResponse defines the list of cookies
|
||||||
|
@ -478,7 +478,7 @@ spec:
|
||||||
authResponseHeadersRegex:
|
authResponseHeadersRegex:
|
||||||
description: |-
|
description: |-
|
||||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
type: string
|
type: string
|
||||||
tls:
|
tls:
|
||||||
description: TLS defines the configuration used to secure the
|
description: TLS defines the configuration used to secure the
|
||||||
|
@ -525,7 +525,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Headers holds the headers middleware configuration.
|
Headers holds the headers middleware configuration.
|
||||||
This middleware manages the requests and responses headers.
|
This middleware manages the requests and responses headers.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
||||||
properties:
|
properties:
|
||||||
accessControlAllowCredentials:
|
accessControlAllowCredentials:
|
||||||
description: AccessControlAllowCredentials defines whether the
|
description: AccessControlAllowCredentials defines whether the
|
||||||
|
@ -696,7 +696,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
InFlightReq holds the in-flight request middleware configuration.
|
InFlightReq holds the in-flight request middleware configuration.
|
||||||
This middleware limits the number of requests being processed and served concurrently.
|
This middleware limits the number of requests being processed and served concurrently.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
||||||
properties:
|
properties:
|
||||||
amount:
|
amount:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -709,12 +709,12 @@ spec:
|
||||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
If several strategies are defined at the same time, an error will be raised.
|
If several strategies are defined at the same time, an error will be raised.
|
||||||
If none are set, the default is to use the requestHost.
|
If none are set, the default is to use the requestHost.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -743,12 +743,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList holds the IP allowlist middleware configuration.
|
IPAllowList holds the IP allowlist middleware configuration.
|
||||||
This middleware limits allowed requests based on the client IP.
|
This middleware limits allowed requests based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -780,7 +780,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -805,7 +805,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
||||||
properties:
|
properties:
|
||||||
info:
|
info:
|
||||||
description: Info selects the specific client certificate details
|
description: Info selects the specific client certificate details
|
||||||
|
@ -914,7 +914,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RateLimit holds the rate limit configuration.
|
RateLimit holds the rate limit configuration.
|
||||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
||||||
properties:
|
properties:
|
||||||
average:
|
average:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -947,7 +947,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -976,7 +976,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectRegex holds the redirect regex middleware configuration.
|
RedirectRegex holds the redirect regex middleware configuration.
|
||||||
This middleware redirects a request using regex matching and replacement.
|
This middleware redirects a request using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -995,7 +995,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectScheme holds the redirect scheme middleware configuration.
|
RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
This middleware redirects requests from a scheme/port to another.
|
This middleware redirects requests from a scheme/port to another.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1012,7 +1012,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePath holds the replace path middleware configuration.
|
ReplacePath holds the replace path middleware configuration.
|
||||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
||||||
properties:
|
properties:
|
||||||
path:
|
path:
|
||||||
description: Path defines the path to use as replacement in the
|
description: Path defines the path to use as replacement in the
|
||||||
|
@ -1023,7 +1023,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
This middleware replaces the path of a URL using regex matching and replacement.
|
This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression used to match
|
description: Regex defines the regular expression used to match
|
||||||
|
@ -1039,7 +1039,7 @@ spec:
|
||||||
Retry holds the retry middleware configuration.
|
Retry holds the retry middleware configuration.
|
||||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
||||||
properties:
|
properties:
|
||||||
attempts:
|
attempts:
|
||||||
description: Attempts defines how many times the request should
|
description: Attempts defines how many times the request should
|
||||||
|
@ -1061,7 +1061,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefix holds the strip prefix middleware configuration.
|
StripPrefix holds the strip prefix middleware configuration.
|
||||||
This middleware removes the specified prefixes from the URL path.
|
This middleware removes the specified prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
||||||
properties:
|
properties:
|
||||||
forceSlash:
|
forceSlash:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1080,7 +1080,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
This middleware removes the matching prefixes from the URL path.
|
This middleware removes the matching prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression to match the
|
description: Regex defines the regular expression to match the
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -55,7 +55,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList defines the IPAllowList middleware configuration.
|
IPAllowList defines the IPAllowList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -69,7 +69,7 @@ spec:
|
||||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
Deprecated: please use IPAllowList instead.
|
Deprecated: please use IPAllowList instead.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
|
|
@ -21,7 +21,7 @@ spec:
|
||||||
ServersTransport is the CRD implementation of a ServersTransport.
|
ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
If no serversTransport is specified, the default@internal will be used.
|
If no serversTransport is specified, the default@internal will be used.
|
||||||
The default@internal serversTransport is created from the static configuration.
|
The default@internal serversTransport is created from the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -21,7 +21,7 @@ spec:
|
||||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -44,14 +44,14 @@ spec:
|
||||||
alpnProtocols:
|
alpnProtocols:
|
||||||
description: |-
|
description: |-
|
||||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
cipherSuites:
|
cipherSuites:
|
||||||
description: |-
|
description: |-
|
||||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -79,7 +79,7 @@ spec:
|
||||||
curvePreferences:
|
curvePreferences:
|
||||||
description: |-
|
description: |-
|
||||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
|
|
@ -21,7 +21,7 @@ spec:
|
||||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
For the time being, only the TLSStore named default is supported.
|
For the time being, only the TLSStore named default is supported.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
|
|
@ -22,7 +22,7 @@ spec:
|
||||||
TraefikService object allows to:
|
TraefikService object allows to:
|
||||||
- Apply weight to Services on load-balancing
|
- Apply weight to Services on load-balancing
|
||||||
- Mirror traffic on services
|
- Mirror traffic on services
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -263,7 +263,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -370,7 +370,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -553,7 +553,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -600,7 +600,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines whether sticky sessions are enabled.
|
Sticky defines whether sticky sessions are enabled.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
|
|
@ -217,11 +217,29 @@ Timeout defines how long to wait on an idle session before releasing the related
|
||||||
Local plugins configuration. (Default: ```false```)
|
Local plugins configuration. (Default: ```false```)
|
||||||
|
|
||||||
`--experimental.localplugins.<name>.modulename`:
|
`--experimental.localplugins.<name>.modulename`:
|
||||||
plugin's module name.
|
Plugin's module name.
|
||||||
|
|
||||||
|
`--experimental.localplugins.<name>.settings`:
|
||||||
|
Plugin's settings (works only for wasm plugins).
|
||||||
|
|
||||||
|
`--experimental.localplugins.<name>.settings.envs`:
|
||||||
|
Environment variables to forward to the wasm guest.
|
||||||
|
|
||||||
|
`--experimental.localplugins.<name>.settings.mounts`:
|
||||||
|
Directory to mount to the wasm guest.
|
||||||
|
|
||||||
`--experimental.plugins.<name>.modulename`:
|
`--experimental.plugins.<name>.modulename`:
|
||||||
plugin's module name.
|
plugin's module name.
|
||||||
|
|
||||||
|
`--experimental.plugins.<name>.settings`:
|
||||||
|
Plugin's settings (works only for wasm plugins).
|
||||||
|
|
||||||
|
`--experimental.plugins.<name>.settings.envs`:
|
||||||
|
Environment variables to forward to the wasm guest.
|
||||||
|
|
||||||
|
`--experimental.plugins.<name>.settings.mounts`:
|
||||||
|
Directory to mount to the wasm guest.
|
||||||
|
|
||||||
`--experimental.plugins.<name>.version`:
|
`--experimental.plugins.<name>.version`:
|
||||||
plugin's version.
|
plugin's version.
|
||||||
|
|
||||||
|
@ -1107,6 +1125,9 @@ TLS insecure skip verify (Default: ```false```)
|
||||||
`--tracing.otlp.http.tls.key`:
|
`--tracing.otlp.http.tls.key`:
|
||||||
TLS key
|
TLS key
|
||||||
|
|
||||||
|
`--tracing.safequeryparams`:
|
||||||
|
Query params to not redact.
|
||||||
|
|
||||||
`--tracing.samplerate`:
|
`--tracing.samplerate`:
|
||||||
Sets the rate between 0.0 and 1.0 of requests to trace. (Default: ```1.000000```)
|
Sets the rate between 0.0 and 1.0 of requests to trace. (Default: ```1.000000```)
|
||||||
|
|
||||||
|
|
|
@ -217,11 +217,29 @@ Timeout defines how long to wait on an idle session before releasing the related
|
||||||
Local plugins configuration. (Default: ```false```)
|
Local plugins configuration. (Default: ```false```)
|
||||||
|
|
||||||
`TRAEFIK_EXPERIMENTAL_LOCALPLUGINS_<NAME>_MODULENAME`:
|
`TRAEFIK_EXPERIMENTAL_LOCALPLUGINS_<NAME>_MODULENAME`:
|
||||||
plugin's module name.
|
Plugin's module name.
|
||||||
|
|
||||||
|
`TRAEFIK_EXPERIMENTAL_LOCALPLUGINS_<NAME>_SETTINGS`:
|
||||||
|
Plugin's settings (works only for wasm plugins).
|
||||||
|
|
||||||
|
`TRAEFIK_EXPERIMENTAL_LOCALPLUGINS_<NAME>_SETTINGS_ENVS`:
|
||||||
|
Environment variables to forward to the wasm guest.
|
||||||
|
|
||||||
|
`TRAEFIK_EXPERIMENTAL_LOCALPLUGINS_<NAME>_SETTINGS_MOUNTS`:
|
||||||
|
Directory to mount to the wasm guest.
|
||||||
|
|
||||||
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_MODULENAME`:
|
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_MODULENAME`:
|
||||||
plugin's module name.
|
plugin's module name.
|
||||||
|
|
||||||
|
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_SETTINGS`:
|
||||||
|
Plugin's settings (works only for wasm plugins).
|
||||||
|
|
||||||
|
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_SETTINGS_ENVS`:
|
||||||
|
Environment variables to forward to the wasm guest.
|
||||||
|
|
||||||
|
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_SETTINGS_MOUNTS`:
|
||||||
|
Directory to mount to the wasm guest.
|
||||||
|
|
||||||
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_VERSION`:
|
`TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>_VERSION`:
|
||||||
plugin's version.
|
plugin's version.
|
||||||
|
|
||||||
|
@ -1107,6 +1125,9 @@ TLS insecure skip verify (Default: ```false```)
|
||||||
`TRAEFIK_TRACING_OTLP_HTTP_TLS_KEY`:
|
`TRAEFIK_TRACING_OTLP_HTTP_TLS_KEY`:
|
||||||
TLS key
|
TLS key
|
||||||
|
|
||||||
|
`TRAEFIK_TRACING_SAFEQUERYPARAMS`:
|
||||||
|
Query params to not redact.
|
||||||
|
|
||||||
`TRAEFIK_TRACING_SAMPLERATE`:
|
`TRAEFIK_TRACING_SAMPLERATE`:
|
||||||
Sets the rate between 0.0 and 1.0 of requests to trace. (Default: ```1.000000```)
|
Sets the rate between 0.0 and 1.0 of requests to trace. (Default: ```1.000000```)
|
||||||
|
|
||||||
|
|
|
@ -392,6 +392,7 @@
|
||||||
serviceName = "foobar"
|
serviceName = "foobar"
|
||||||
capturedRequestHeaders = ["foobar", "foobar"]
|
capturedRequestHeaders = ["foobar", "foobar"]
|
||||||
capturedResponseHeaders = ["foobar", "foobar"]
|
capturedResponseHeaders = ["foobar", "foobar"]
|
||||||
|
safeQueryParams = ["foobar", "foobar"]
|
||||||
sampleRate = 42.0
|
sampleRate = 42.0
|
||||||
addInternals = true
|
addInternals = true
|
||||||
[tracing.globalAttributes]
|
[tracing.globalAttributes]
|
||||||
|
@ -473,14 +474,26 @@
|
||||||
[experimental.plugins.Descriptor0]
|
[experimental.plugins.Descriptor0]
|
||||||
moduleName = "foobar"
|
moduleName = "foobar"
|
||||||
version = "foobar"
|
version = "foobar"
|
||||||
|
[experimental.plugins.Descriptor0.settings]
|
||||||
|
envs = ["foobar", "foobar"]
|
||||||
|
mounts = ["foobar", "foobar"]
|
||||||
[experimental.plugins.Descriptor1]
|
[experimental.plugins.Descriptor1]
|
||||||
moduleName = "foobar"
|
moduleName = "foobar"
|
||||||
version = "foobar"
|
version = "foobar"
|
||||||
|
[experimental.plugins.Descriptor1.settings]
|
||||||
|
envs = ["foobar", "foobar"]
|
||||||
|
mounts = ["foobar", "foobar"]
|
||||||
[experimental.localPlugins]
|
[experimental.localPlugins]
|
||||||
[experimental.localPlugins.LocalDescriptor0]
|
[experimental.localPlugins.LocalDescriptor0]
|
||||||
moduleName = "foobar"
|
moduleName = "foobar"
|
||||||
|
[experimental.localPlugins.LocalDescriptor0.settings]
|
||||||
|
envs = ["foobar", "foobar"]
|
||||||
|
mounts = ["foobar", "foobar"]
|
||||||
[experimental.localPlugins.LocalDescriptor1]
|
[experimental.localPlugins.LocalDescriptor1]
|
||||||
moduleName = "foobar"
|
moduleName = "foobar"
|
||||||
|
[experimental.localPlugins.LocalDescriptor1.settings]
|
||||||
|
envs = ["foobar", "foobar"]
|
||||||
|
mounts = ["foobar", "foobar"]
|
||||||
|
|
||||||
[core]
|
[core]
|
||||||
defaultRuleSyntax = "foobar"
|
defaultRuleSyntax = "foobar"
|
||||||
|
|
|
@ -434,6 +434,9 @@ tracing:
|
||||||
capturedResponseHeaders:
|
capturedResponseHeaders:
|
||||||
- foobar
|
- foobar
|
||||||
- foobar
|
- foobar
|
||||||
|
safeQueryParams:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
sampleRate: 42
|
sampleRate: 42
|
||||||
addInternals: true
|
addInternals: true
|
||||||
otlp:
|
otlp:
|
||||||
|
@ -512,14 +515,42 @@ experimental:
|
||||||
Descriptor0:
|
Descriptor0:
|
||||||
moduleName: foobar
|
moduleName: foobar
|
||||||
version: foobar
|
version: foobar
|
||||||
|
settings:
|
||||||
|
envs:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
|
mounts:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
Descriptor1:
|
Descriptor1:
|
||||||
moduleName: foobar
|
moduleName: foobar
|
||||||
version: foobar
|
version: foobar
|
||||||
|
settings:
|
||||||
|
envs:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
|
mounts:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
localPlugins:
|
localPlugins:
|
||||||
LocalDescriptor0:
|
LocalDescriptor0:
|
||||||
moduleName: foobar
|
moduleName: foobar
|
||||||
|
settings:
|
||||||
|
envs:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
|
mounts:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
LocalDescriptor1:
|
LocalDescriptor1:
|
||||||
moduleName: foobar
|
moduleName: foobar
|
||||||
|
settings:
|
||||||
|
envs:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
|
mounts:
|
||||||
|
- foobar
|
||||||
|
- foobar
|
||||||
kubernetesGateway: true
|
kubernetesGateway: true
|
||||||
core:
|
core:
|
||||||
defaultRuleSyntax: foobar
|
defaultRuleSyntax: foobar
|
||||||
|
|
|
@ -1175,3 +1175,25 @@ entryPoints:
|
||||||
```
|
```
|
||||||
|
|
||||||
{!traefik-for-business-applications.md!}
|
{!traefik-for-business-applications.md!}
|
||||||
|
|
||||||
|
## Systemd Socket Activation
|
||||||
|
|
||||||
|
Traefik supports [systemd socket activation](https://www.freedesktop.org/software/systemd/man/latest/systemd-socket-activate.html).
|
||||||
|
|
||||||
|
When a socket activation file descriptor name matches an EntryPoint name, the corresponding file descriptor will be used as the TCP listener for the matching EntryPoint.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
systemd-socket-activate -l 80 -l 443 --fdname web:websecure ./traefik --entrypoints.web --entrypoints.websecure
|
||||||
|
```
|
||||||
|
|
||||||
|
!!! warning "EntryPoint Address"
|
||||||
|
|
||||||
|
When a socket activation file descriptor name matches an EntryPoint name its address configuration is ignored.
|
||||||
|
|
||||||
|
!!! warning "TCP Only"
|
||||||
|
|
||||||
|
Socket activation is not yet supported with UDP entryPoints.
|
||||||
|
|
||||||
|
!!! warning "Docker Support"
|
||||||
|
|
||||||
|
Socket activation is not supported by Docker but works with Podman containers.
|
||||||
|
|
|
@ -48,7 +48,7 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --log.level=DEBUG
|
- --log.level=DEBUG
|
||||||
- --api
|
- --api
|
||||||
|
|
|
@ -5,7 +5,7 @@ description: "The Kubernetes Gateway API can be used as a provider for routing a
|
||||||
|
|
||||||
# Traefik & Kubernetes
|
# Traefik & Kubernetes
|
||||||
|
|
||||||
The Kubernetes Gateway API, The Experimental Way.
|
The Kubernetes Gateway API Controller.
|
||||||
{: .subtitle }
|
{: .subtitle }
|
||||||
|
|
||||||
## Configuration Examples
|
## Configuration Examples
|
||||||
|
|
|
@ -130,7 +130,7 @@ which in turn will create the resulting routers, services, handlers, etc.
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --entryPoints.web.address=:80
|
- --entryPoints.web.address=:80
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
|
@ -535,7 +535,7 @@ This way, any Ingress attached to this Entrypoint will have TLS termination by d
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --entryPoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --entryPoints.websecure.http.tls
|
- --entryPoints.websecure.http.tls
|
||||||
|
@ -728,7 +728,7 @@ For more options, please refer to the available [annotations](#on-ingress).
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --entryPoints.websecure.address=:443
|
- --entryPoints.websecure.address=:443
|
||||||
- --providers.kubernetesingress
|
- --providers.kubernetesingress
|
||||||
|
|
|
@ -26,7 +26,7 @@ spec:
|
||||||
serviceAccountName: traefik-ingress-controller
|
serviceAccountName: traefik-ingress-controller
|
||||||
containers:
|
containers:
|
||||||
- name: traefik
|
- name: traefik
|
||||||
image: traefik:v3.0
|
image: traefik:v3.1
|
||||||
args:
|
args:
|
||||||
- --api.insecure
|
- --api.insecure
|
||||||
- --accesslog
|
- --accesslog
|
||||||
|
|
|
@ -49,10 +49,10 @@ and the RBAC authorization resources which will be referenced through the `servi
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Install Traefik Resource Definitions:
|
# Install Traefik Resource Definitions:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
|
||||||
|
|
||||||
# Install RBAC for Traefik:
|
# Install RBAC for Traefik:
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
### Services
|
### Services
|
||||||
|
@ -60,7 +60,7 @@ kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/con
|
||||||
Then, the services. One for Traefik itself, and one for the app it routes for, i.e. in this case our demo HTTP server: [whoami](https://github.com/traefik/whoami).
|
Then, the services. One for Traefik itself, and one for the app it routes for, i.e. in this case our demo HTTP server: [whoami](https://github.com/traefik/whoami).
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/user-guides/crd-acme/02-services.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/02-services.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
@ -73,7 +73,7 @@ Next, the deployments, i.e. the actual pods behind the services.
|
||||||
Again, one pod for Traefik, and one for the whoami app.
|
Again, one pod for Traefik, and one for the whoami app.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/user-guides/crd-acme/03-deployments.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/03-deployments.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
@ -100,7 +100,7 @@ Look it up.
|
||||||
We can now finally apply the actual ingressRoutes, with:
|
We can now finally apply the actual ingressRoutes, with:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/user-guides/crd-acme/04-ingressroutes.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/04-ingressroutes.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
@ -126,7 +126,7 @@ Nowadays, TLS v1.0 and v1.1 are deprecated.
|
||||||
In order to force TLS v1.2 or later on all your IngressRoute, you can define the `default` TLSOption:
|
In order to force TLS v1.2 or later on all your IngressRoute, you can define the `default` TLSOption:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/user-guides/crd-acme/05-tlsoption.yml
|
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.1/docs/content/user-guides/crd-acme/05-tlsoption.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
|
|
@ -26,5 +26,5 @@ node:
|
||||||
- K3S_CLUSTER_SECRET=somethingtotallyrandom
|
- K3S_CLUSTER_SECRET=somethingtotallyrandom
|
||||||
volumes:
|
volumes:
|
||||||
# this is where you would place a alternative traefik image (saved as a .tar file with
|
# this is where you would place a alternative traefik image (saved as a .tar file with
|
||||||
# 'docker save'), if you want to use it, instead of the traefik:v3.0 image.
|
# 'docker save'), if you want to use it, instead of the traefik:v3.1 image.
|
||||||
- /somewhere/on/your/host/custom-image:/var/lib/rancher/k3s/agent/images
|
- /somewhere/on/your/host/custom-image:/var/lib/rancher/k3s/agent/images
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.0"
|
image: "traefik:v3.1"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -13,7 +13,7 @@ secrets:
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.0"
|
image: "traefik:v3.1"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.0"
|
image: "traefik:v3.1"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.0"
|
image: "traefik:v3.1"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -3,7 +3,7 @@ version: "3.3"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.0"
|
image: "traefik:v3.1"
|
||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
|
|
|
@ -31,7 +31,7 @@ Create a `docker-compose.yml` file with the following content:
|
||||||
services:
|
services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
image: "traefik:v3.0"
|
image: "traefik:v3.1"
|
||||||
...
|
...
|
||||||
networks:
|
networks:
|
||||||
- traefiknet
|
- traefiknet
|
||||||
|
|
41
go.mod
41
go.mod
|
@ -32,6 +32,7 @@ require (
|
||||||
github.com/http-wasm/http-wasm-host-go v0.6.0
|
github.com/http-wasm/http-wasm-host-go v0.6.0
|
||||||
github.com/influxdata/influxdb-client-go/v2 v2.7.0
|
github.com/influxdata/influxdb-client-go/v2 v2.7.0
|
||||||
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d
|
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d
|
||||||
|
github.com/juliens/wasm-goexport v0.0.6
|
||||||
github.com/klauspost/compress v1.17.2
|
github.com/klauspost/compress v1.17.2
|
||||||
github.com/kvtools/consul v1.0.2
|
github.com/kvtools/consul v1.0.2
|
||||||
github.com/kvtools/etcdv3 v1.0.2
|
github.com/kvtools/etcdv3 v1.0.2
|
||||||
|
@ -53,12 +54,14 @@ require (
|
||||||
github.com/rs/zerolog v1.29.0
|
github.com/rs/zerolog v1.29.0
|
||||||
github.com/sirupsen/logrus v1.9.3
|
github.com/sirupsen/logrus v1.9.3
|
||||||
github.com/spiffe/go-spiffe/v2 v2.1.1
|
github.com/spiffe/go-spiffe/v2 v2.1.1
|
||||||
|
github.com/stealthrocket/wasi-go v0.8.0
|
||||||
|
github.com/stealthrocket/wazergo v0.19.1
|
||||||
github.com/stretchr/testify v1.9.0
|
github.com/stretchr/testify v1.9.0
|
||||||
github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154
|
github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154
|
||||||
github.com/tailscale/tscert v0.0.0-20230806124524-28a91b69a046
|
github.com/tailscale/tscert v0.0.0-20230806124524-28a91b69a046
|
||||||
github.com/testcontainers/testcontainers-go v0.30.0
|
github.com/testcontainers/testcontainers-go v0.30.0
|
||||||
github.com/testcontainers/testcontainers-go/modules/k3s v0.30.0
|
github.com/testcontainers/testcontainers-go/modules/k3s v0.30.0
|
||||||
github.com/tetratelabs/wazero v1.5.0
|
github.com/tetratelabs/wazero v1.7.2
|
||||||
github.com/tidwall/gjson v1.17.0
|
github.com/tidwall/gjson v1.17.0
|
||||||
github.com/traefik/grpc-web v0.16.0
|
github.com/traefik/grpc-web v0.16.0
|
||||||
github.com/traefik/paerser v0.2.0
|
github.com/traefik/paerser v0.2.0
|
||||||
|
@ -67,18 +70,18 @@ require (
|
||||||
github.com/unrolled/secure v1.0.9
|
github.com/unrolled/secure v1.0.9
|
||||||
github.com/vulcand/oxy/v2 v2.0.0-20230427132221-be5cf38f3c1c
|
github.com/vulcand/oxy/v2 v2.0.0-20230427132221-be5cf38f3c1c
|
||||||
github.com/vulcand/predicate v1.2.0
|
github.com/vulcand/predicate v1.2.0
|
||||||
go.opentelemetry.io/collector/pdata v1.2.0
|
go.opentelemetry.io/collector/pdata v1.10.0
|
||||||
go.opentelemetry.io/contrib/propagators/autoprop v0.52.0
|
go.opentelemetry.io/contrib/propagators/autoprop v0.52.0
|
||||||
go.opentelemetry.io/otel v1.27.0
|
go.opentelemetry.io/otel v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.0
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/metric v1.27.0
|
go.opentelemetry.io/otel/metric v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/sdk v1.27.0
|
go.opentelemetry.io/otel/sdk v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/sdk/metric v1.27.0
|
go.opentelemetry.io/otel/sdk/metric v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
go.opentelemetry.io/otel/trace v1.27.0
|
go.opentelemetry.io/otel/trace v1.27.1-0.20240624175855-921eb701b175 // For security reason we need to follow semconv v1.26.0 and we can't wait for opentelemetry-go-sdk v1.28.0.
|
||||||
golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f
|
golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f
|
||||||
golang.org/x/mod v0.18.0
|
golang.org/x/mod v0.18.0
|
||||||
golang.org/x/net v0.26.0
|
golang.org/x/net v0.26.0
|
||||||
|
@ -96,6 +99,7 @@ require (
|
||||||
mvdan.cc/xurls/v2 v2.5.0
|
mvdan.cc/xurls/v2 v2.5.0
|
||||||
sigs.k8s.io/controller-runtime v0.18.0
|
sigs.k8s.io/controller-runtime v0.18.0
|
||||||
sigs.k8s.io/gateway-api v1.1.0
|
sigs.k8s.io/gateway-api v1.1.0
|
||||||
|
sigs.k8s.io/yaml v1.4.0
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
|
@ -176,7 +180,7 @@ require (
|
||||||
github.com/go-errors/errors v1.0.1 // indirect
|
github.com/go-errors/errors v1.0.1 // indirect
|
||||||
github.com/go-jose/go-jose/v4 v4.0.2 // indirect
|
github.com/go-jose/go-jose/v4 v4.0.2 // indirect
|
||||||
github.com/go-logfmt/logfmt v0.5.1 // indirect
|
github.com/go-logfmt/logfmt v0.5.1 // indirect
|
||||||
github.com/go-logr/logr v1.4.1 // indirect
|
github.com/go-logr/logr v1.4.2 // indirect
|
||||||
github.com/go-logr/stdr v1.2.2 // indirect
|
github.com/go-logr/stdr v1.2.2 // indirect
|
||||||
github.com/go-logr/zapr v1.3.0 // indirect
|
github.com/go-logr/zapr v1.3.0 // indirect
|
||||||
github.com/go-ole/go-ole v1.2.6 // indirect
|
github.com/go-ole/go-ole v1.2.6 // indirect
|
||||||
|
@ -325,7 +329,7 @@ require (
|
||||||
go.opentelemetry.io/contrib/propagators/b3 v1.27.0 // indirect
|
go.opentelemetry.io/contrib/propagators/b3 v1.27.0 // indirect
|
||||||
go.opentelemetry.io/contrib/propagators/jaeger v1.27.0 // indirect
|
go.opentelemetry.io/contrib/propagators/jaeger v1.27.0 // indirect
|
||||||
go.opentelemetry.io/contrib/propagators/ot v1.27.0 // indirect
|
go.opentelemetry.io/contrib/propagators/ot v1.27.0 // indirect
|
||||||
go.opentelemetry.io/proto/otlp v1.2.0 // indirect
|
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
|
||||||
go.uber.org/atomic v1.11.0 // indirect
|
go.uber.org/atomic v1.11.0 // indirect
|
||||||
go.uber.org/mock v0.4.0 // indirect
|
go.uber.org/mock v0.4.0 // indirect
|
||||||
go.uber.org/multierr v1.11.0 // indirect
|
go.uber.org/multierr v1.11.0 // indirect
|
||||||
|
@ -338,9 +342,9 @@ require (
|
||||||
golang.org/x/term v0.21.0 // indirect
|
golang.org/x/term v0.21.0 // indirect
|
||||||
google.golang.org/api v0.172.0 // indirect
|
google.golang.org/api v0.172.0 // indirect
|
||||||
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
|
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 // indirect
|
google.golang.org/genproto/googleapis/api v0.0.0-20240624140628-dc46fd24d27d // indirect
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20240624140628-dc46fd24d27d // indirect
|
||||||
google.golang.org/protobuf v1.34.1 // indirect
|
google.golang.org/protobuf v1.34.2 // indirect
|
||||||
gopkg.in/h2non/gock.v1 v1.0.16 // indirect
|
gopkg.in/h2non/gock.v1 v1.0.16 // indirect
|
||||||
gopkg.in/inf.v0 v0.9.1 // indirect
|
gopkg.in/inf.v0 v0.9.1 // indirect
|
||||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||||
|
@ -352,7 +356,6 @@ require (
|
||||||
nhooyr.io/websocket v1.8.7 // indirect
|
nhooyr.io/websocket v1.8.7 // indirect
|
||||||
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
|
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
|
||||||
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
|
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
|
||||||
sigs.k8s.io/yaml v1.4.0 // indirect
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Containous forks
|
// Containous forks
|
||||||
|
@ -371,3 +374,5 @@ exclude github.com/tencentcloud/tencentcloud-sdk-go v3.0.83+incompatible
|
||||||
|
|
||||||
// https://github.com/docker/compose/blob/v2.19.0/go.mod#L12
|
// https://github.com/docker/compose/blob/v2.19.0/go.mod#L12
|
||||||
replace github.com/cucumber/godog => github.com/cucumber/godog v0.13.0
|
replace github.com/cucumber/godog => github.com/cucumber/godog v0.13.0
|
||||||
|
|
||||||
|
replace github.com/http-wasm/http-wasm-host-go => github.com/traefik/http-wasm-host-go v0.0.0-20240618100324-3c53dcaa1a70
|
||||||
|
|
78
go.sum
78
go.sum
|
@ -348,8 +348,8 @@ github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG
|
||||||
github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
|
github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
|
||||||
github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
|
github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
|
||||||
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||||
github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
|
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
|
||||||
github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||||
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
||||||
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
||||||
github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
|
github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
|
||||||
|
@ -592,8 +592,6 @@ github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/J
|
||||||
github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY=
|
github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY=
|
||||||
github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4=
|
github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4=
|
||||||
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
||||||
github.com/http-wasm/http-wasm-host-go v0.6.0 h1:Vd4XvcFB3NMgWp2VLCQaiqYgLneN2lChbyN9NGoNDro=
|
|
||||||
github.com/http-wasm/http-wasm-host-go v0.6.0/go.mod h1:zQB3w+df4hryDEqBorGyA1DwPJ86LfKIASNLFuj6CuI=
|
|
||||||
github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
||||||
github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU=
|
github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU=
|
||||||
github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
||||||
|
@ -635,6 +633,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
|
||||||
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
||||||
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
|
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
|
||||||
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
||||||
|
github.com/juliens/wasm-goexport v0.0.6 h1:YU0c+j0dF/HNy32vgYTA+K/6wnsZXgGc+ihl/UDw8iA=
|
||||||
|
github.com/juliens/wasm-goexport v0.0.6/go.mod h1:VTTpJVY3tIBet0Gv8r5TxdsNg0vDkkqXYm0Hp5hR42A=
|
||||||
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
|
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
|
||||||
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
|
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
|
||||||
github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 h1:qGQQKEcAR99REcMpsXCp3lJ03zYT1PkRd3kQGPn9GVg=
|
github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 h1:qGQQKEcAR99REcMpsXCp3lJ03zYT1PkRd3kQGPn9GVg=
|
||||||
|
@ -1051,6 +1051,10 @@ github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5q
|
||||||
github.com/spf13/viper v1.7.1/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg=
|
github.com/spf13/viper v1.7.1/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg=
|
||||||
github.com/spiffe/go-spiffe/v2 v2.1.1 h1:RT9kM8MZLZIsPTH+HKQEP5yaAk3yd/VBzlINaRjXs8k=
|
github.com/spiffe/go-spiffe/v2 v2.1.1 h1:RT9kM8MZLZIsPTH+HKQEP5yaAk3yd/VBzlINaRjXs8k=
|
||||||
github.com/spiffe/go-spiffe/v2 v2.1.1/go.mod h1:5qg6rpqlwIub0JAiF1UK9IMD6BpPTmvG6yfSgDBs5lg=
|
github.com/spiffe/go-spiffe/v2 v2.1.1/go.mod h1:5qg6rpqlwIub0JAiF1UK9IMD6BpPTmvG6yfSgDBs5lg=
|
||||||
|
github.com/stealthrocket/wasi-go v0.8.0 h1:Hwnv3CUoMhhRyero9vt1vfwaYa9tu/Z5kmCW4WeAmVI=
|
||||||
|
github.com/stealthrocket/wasi-go v0.8.0/go.mod h1:PJ5oVs2E1ciOJnsTnav4nvTtEcJ4D1jUZAewS9pzuZg=
|
||||||
|
github.com/stealthrocket/wazergo v0.19.1 h1:BPrITETPgSFwiytwmToO0MbUC/+RGC39JScz1JmmG6c=
|
||||||
|
github.com/stealthrocket/wazergo v0.19.1/go.mod h1:riI0hxw4ndZA5e6z7PesHg2BtTftcZaMxRcoiGGipTs=
|
||||||
github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
||||||
github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
||||||
github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
|
github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
|
||||||
|
@ -1086,8 +1090,8 @@ github.com/testcontainers/testcontainers-go v0.30.0 h1:jmn/XS22q4YRrcMwWg0pAwlCl
|
||||||
github.com/testcontainers/testcontainers-go v0.30.0/go.mod h1:K+kHNGiM5zjklKjgTtcrEetF3uhWbMUyqAQoyoh8Pf0=
|
github.com/testcontainers/testcontainers-go v0.30.0/go.mod h1:K+kHNGiM5zjklKjgTtcrEetF3uhWbMUyqAQoyoh8Pf0=
|
||||||
github.com/testcontainers/testcontainers-go/modules/k3s v0.30.0 h1:Mk47J0WcLoY2ig72lPl+/w8GTPYbRCdHoWcPjV2mVr8=
|
github.com/testcontainers/testcontainers-go/modules/k3s v0.30.0 h1:Mk47J0WcLoY2ig72lPl+/w8GTPYbRCdHoWcPjV2mVr8=
|
||||||
github.com/testcontainers/testcontainers-go/modules/k3s v0.30.0/go.mod h1:CNnA3717kbp5wRxz+gU/cAwX6+4+OOispIsjHmKsEWQ=
|
github.com/testcontainers/testcontainers-go/modules/k3s v0.30.0/go.mod h1:CNnA3717kbp5wRxz+gU/cAwX6+4+OOispIsjHmKsEWQ=
|
||||||
github.com/tetratelabs/wazero v1.5.0 h1:Yz3fZHivfDiZFUXnWMPUoiW7s8tC1sjdBtlJn08qYa0=
|
github.com/tetratelabs/wazero v1.7.2 h1:1+z5nXJNwMLPAWaTePFi49SSTL0IMx/i3Fg8Yc25GDc=
|
||||||
github.com/tetratelabs/wazero v1.5.0/go.mod h1:0U0G41+ochRKoPKCJlh0jMg1CHkyfK8kDqiirMmKY8A=
|
github.com/tetratelabs/wazero v1.7.2/go.mod h1:ytl6Zuh20R/eROuyDaGPkp82O9C/DJfXAwJfQ3X6/7Y=
|
||||||
github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
|
github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
|
||||||
github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
|
github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
|
||||||
github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
|
github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
|
||||||
|
@ -1103,6 +1107,8 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1
|
||||||
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
||||||
github.com/traefik/grpc-web v0.16.0 h1:eeUWZaFg6ZU0I9dWOYE2D5qkNzRBmXzzuRlxdltascY=
|
github.com/traefik/grpc-web v0.16.0 h1:eeUWZaFg6ZU0I9dWOYE2D5qkNzRBmXzzuRlxdltascY=
|
||||||
github.com/traefik/grpc-web v0.16.0/go.mod h1:2ttniSv7pTgBWIU2HZLokxRfFX3SA60c/DTmQQgVml4=
|
github.com/traefik/grpc-web v0.16.0/go.mod h1:2ttniSv7pTgBWIU2HZLokxRfFX3SA60c/DTmQQgVml4=
|
||||||
|
github.com/traefik/http-wasm-host-go v0.0.0-20240618100324-3c53dcaa1a70 h1:I+oBnV0orhmasb87yaX54tOAfqrV9+yKoQ1Cum5mq8w=
|
||||||
|
github.com/traefik/http-wasm-host-go v0.0.0-20240618100324-3c53dcaa1a70/go.mod h1:zQB3w+df4hryDEqBorGyA1DwPJ86LfKIASNLFuj6CuI=
|
||||||
github.com/traefik/paerser v0.2.0 h1:zqCLGSXoNlcBd+mzqSCLjon/I6phqIjeJL2xFB2ysgQ=
|
github.com/traefik/paerser v0.2.0 h1:zqCLGSXoNlcBd+mzqSCLjon/I6phqIjeJL2xFB2ysgQ=
|
||||||
github.com/traefik/paerser v0.2.0/go.mod h1:afzaVcgF8A+MpTnPG4wBr4whjanCSYA6vK5RwaYVtRc=
|
github.com/traefik/paerser v0.2.0/go.mod h1:afzaVcgF8A+MpTnPG4wBr4whjanCSYA6vK5RwaYVtRc=
|
||||||
github.com/traefik/yaegi v0.16.1 h1:f1De3DVJqIDKmnasUF6MwmWv1dSEEat0wcpXhD2On3E=
|
github.com/traefik/yaegi v0.16.1 h1:f1De3DVJqIDKmnasUF6MwmWv1dSEEat0wcpXhD2On3E=
|
||||||
|
@ -1176,8 +1182,8 @@ go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
||||||
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
|
go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
|
||||||
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
|
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
|
||||||
go.opentelemetry.io/collector/pdata v1.2.0 h1:N6VdyEFYJyoHIKqHd0F372eNVD5b+AbH0ZQf7Z2jJ9I=
|
go.opentelemetry.io/collector/pdata v1.10.0 h1:oLyPLGvPTQrcRT64ZVruwvmH/u3SHTfNo01pteS4WOE=
|
||||||
go.opentelemetry.io/collector/pdata v1.2.0/go.mod h1:mKXb6527Syb8PT4P9CZOJNbkuHOHjjGTZNNwSKESJhc=
|
go.opentelemetry.io/collector/pdata v1.10.0/go.mod h1:IHxHsp+Jq/xfjORQMDJjSH6jvedOSTOyu3nbxqhWSYE=
|
||||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
|
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
|
||||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
|
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
|
||||||
go.opentelemetry.io/contrib/propagators/autoprop v0.52.0 h1:xyRih6jMB0vroMSRdBE+uyKx20BclB/bybJt/LaCxmY=
|
go.opentelemetry.io/contrib/propagators/autoprop v0.52.0 h1:xyRih6jMB0vroMSRdBE+uyKx20BclB/bybJt/LaCxmY=
|
||||||
|
@ -1190,29 +1196,29 @@ go.opentelemetry.io/contrib/propagators/jaeger v1.27.0 h1:tJPpZAEsihJgRTnXrPjY3r
|
||||||
go.opentelemetry.io/contrib/propagators/jaeger v1.27.0/go.mod h1:5uPAMHJnlTktQbCCdWSX5PfK8CocD25mycIsZV/iFiU=
|
go.opentelemetry.io/contrib/propagators/jaeger v1.27.0/go.mod h1:5uPAMHJnlTktQbCCdWSX5PfK8CocD25mycIsZV/iFiU=
|
||||||
go.opentelemetry.io/contrib/propagators/ot v1.27.0 h1:xFPqk7ntRR87dqvl6RfeHiq9UlE8mPSuL6Dtr/zysL8=
|
go.opentelemetry.io/contrib/propagators/ot v1.27.0 h1:xFPqk7ntRR87dqvl6RfeHiq9UlE8mPSuL6Dtr/zysL8=
|
||||||
go.opentelemetry.io/contrib/propagators/ot v1.27.0/go.mod h1:nVLTPrDlSZPoVdeWRmpWBwxA73TYL6XLkC4bj72jvmg=
|
go.opentelemetry.io/contrib/propagators/ot v1.27.0/go.mod h1:nVLTPrDlSZPoVdeWRmpWBwxA73TYL6XLkC4bj72jvmg=
|
||||||
go.opentelemetry.io/otel v1.27.0 h1:9BZoF3yMK/O1AafMiQTVu0YDj5Ea4hPhxCs7sGva+cg=
|
go.opentelemetry.io/otel v1.27.1-0.20240624175855-921eb701b175 h1:2aQYN3ZllvztGtSIFNT2xGMrwsbPkGXj0O+KgPVsq5A=
|
||||||
go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ=
|
go.opentelemetry.io/otel v1.27.1-0.20240624175855-921eb701b175/go.mod h1:sAYY1kDqq6Qgmu9OdUrtIhBJAVKevM27kmSzEkEyyBg=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0 h1:bFgvUr3/O4PHj3VQcFEuYKvRZJX1SJDQ+11JXuSB3/w=
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.1-0.20240624175855-921eb701b175 h1:awu+mcY8Zh17gkaxch+AY59ZEeZHsct61kce/JUa/Ho=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0/go.mod h1:xJntEd2KL6Qdg5lwp97HMLQDVeAhrYxmzFseAMDPQ8I=
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.1-0.20240624175855-921eb701b175/go.mod h1:wwHMT54YgLNroOkp4+XK7PRqCez5DtQayTBR9Wf1CEA=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 h1:CIHWikMsN3wO+wq1Tp5VGdVRTcON+DmOJSfDjXypKOc=
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.1-0.20240624175855-921eb701b175 h1:nNu+y3xs12BTRqNVciOBdq1bwUpqHJFs26lhXXnO8/0=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0/go.mod h1:TNupZ6cxqyFEpLXAZW7On+mLFL0/g0TE3unIYL91xWc=
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.1-0.20240624175855-921eb701b175/go.mod h1:/TESptXGTu8vZX8i19t1TSU4PGo9+gT9pGK/UNAea9I=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0 h1:R9DE4kQ4k+YtfLI2ULwX82VtNQ2J8yZmA7ZIF/D+7Mc=
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.1-0.20240624175855-921eb701b175 h1:ihrS8VlMvzPDy1QJ9yIsrKpcso6XnADVrj33wWxRG6k=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0/go.mod h1:OQFyQVrDlbe+R7xrEyDr/2Wr67Ol0hRUgsfA+V5A95s=
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.1-0.20240624175855-921eb701b175/go.mod h1:O6p37S657iklDAWQZrzkHeyOooL0TRG7ADP6jZ1RpF8=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 h1:qFffATk0X+HD+f1Z8lswGiOQYKHRlzfmdJm0wEaVrFA=
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.1-0.20240624175855-921eb701b175 h1:qk6WZWPTf1MDvgLRCECyzbUzugNp2Ybc11fnrj6L/t4=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0/go.mod h1:MOiCmryaYtc+V0Ei+Tx9o5S1ZjA7kzLucuVuyzBZloQ=
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.1-0.20240624175855-921eb701b175/go.mod h1:A5CvQA6TBgKbMXLU3YrV9WB2m5xQYB50/PLkW1nJA8k=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.0 h1:QY7/0NeRPKlzusf40ZE4t1VlMKbqSNT7cJRYzWuja0s=
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.1-0.20240624175855-921eb701b175 h1:l47wCNFvbEdVi0U3Ojf5yD6QhrNjuK2N46N9tiCzpNE=
|
||||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.0/go.mod h1:HVkSiDhTM9BoUJU8qE6j2eSWLLXvi1USXjyd2BXT8PY=
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.1-0.20240624175855-921eb701b175/go.mod h1:vS4rxlVsjAdnvN34PmMKVPKZdQrKVxRw6Tz6qQ+NsY8=
|
||||||
go.opentelemetry.io/otel/metric v1.27.0 h1:hvj3vdEKyeCi4YaYfNjv2NUje8FqKqUY8IlF0FxV/ik=
|
go.opentelemetry.io/otel/metric v1.27.1-0.20240624175855-921eb701b175 h1:YGLAewt2Wr/DFRQI6OjqqZ31B+CO3W1bcDWhsIL7r98=
|
||||||
go.opentelemetry.io/otel/metric v1.27.0/go.mod h1:mVFgmRlhljgBiuk/MP/oKylr4hs85GZAylncepAX/ak=
|
go.opentelemetry.io/otel/metric v1.27.1-0.20240624175855-921eb701b175/go.mod h1:YHVa4iPQFl9x0kF/Pxk1MYAbroRbl7zK+vT34w7VsCA=
|
||||||
go.opentelemetry.io/otel/sdk v1.27.0 h1:mlk+/Y1gLPLn84U4tI8d3GNJmGT/eXe3ZuOXN9kTWmI=
|
go.opentelemetry.io/otel/sdk v1.27.1-0.20240624175855-921eb701b175 h1:QdXgh+39hJwRYYQ3OgcI4SMawt/rPBgmQdtZYGxzdq8=
|
||||||
go.opentelemetry.io/otel/sdk v1.27.0/go.mod h1:Ha9vbLwJE6W86YstIywK2xFfPjbWlCuwPtMkKdz/Y4A=
|
go.opentelemetry.io/otel/sdk v1.27.1-0.20240624175855-921eb701b175/go.mod h1:Ru3JMbgJMftQARx7nhi0IJotnL2n8bv61IOrAgFpd+s=
|
||||||
go.opentelemetry.io/otel/sdk/metric v1.27.0 h1:5uGNOlpXi+Hbo/DRoI31BSb1v+OGcpv2NemcCrOL8gI=
|
go.opentelemetry.io/otel/sdk/metric v1.27.1-0.20240624175855-921eb701b175 h1:GYxFdqdupCe5BEORUuWvNMRKeZliRLK8INKCgGzYLRA=
|
||||||
go.opentelemetry.io/otel/sdk/metric v1.27.0/go.mod h1:we7jJVrYN2kh3mVBlswtPU22K0SA+769l93J6bsyvqw=
|
go.opentelemetry.io/otel/sdk/metric v1.27.1-0.20240624175855-921eb701b175/go.mod h1:SRwqsyIihvNIPKOVe1CqC4owsJX2vv63U5op9Axd4fI=
|
||||||
go.opentelemetry.io/otel/trace v1.27.0 h1:IqYb813p7cmbHk0a5y6pD5JPakbVfftRXABGt5/Rscw=
|
go.opentelemetry.io/otel/trace v1.27.1-0.20240624175855-921eb701b175 h1:1y2KlY7+gTBn4GZa2yMKqgcb4H2KIOrBSSrG4esCC3g=
|
||||||
go.opentelemetry.io/otel/trace v1.27.0/go.mod h1:6RiD1hkAprV4/q+yd2ln1HG9GoPx39SuvvstaLBl+l4=
|
go.opentelemetry.io/otel/trace v1.27.1-0.20240624175855-921eb701b175/go.mod h1:6RiD1hkAprV4/q+yd2ln1HG9GoPx39SuvvstaLBl+l4=
|
||||||
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
|
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
|
||||||
go.opentelemetry.io/proto/otlp v1.2.0 h1:pVeZGk7nXDC9O2hncA6nHldxEjm6LByfA2aN8IOkz94=
|
go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0=
|
||||||
go.opentelemetry.io/proto/otlp v1.2.0/go.mod h1:gGpR8txAl5M03pDhMC79G6SdqNV26naRm/KDsgaHD8A=
|
go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8=
|
||||||
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
||||||
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
||||||
go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
|
go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
|
||||||
|
@ -1541,10 +1547,10 @@ google.golang.org/genproto v0.0.0-20200806141610-86f49bd18e98/go.mod h1:FWY/as6D
|
||||||
google.golang.org/genproto v0.0.0-20211021150943-2b146023228c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
|
google.golang.org/genproto v0.0.0-20211021150943-2b146023228c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
|
||||||
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY=
|
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY=
|
||||||
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo=
|
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo=
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 h1:P8OJ/WCl/Xo4E4zoe4/bifHpSmmKwARqyqE4nW6J2GQ=
|
google.golang.org/genproto/googleapis/api v0.0.0-20240624140628-dc46fd24d27d h1:Aqf0fiIdUQEj0Gn9mKFFXoQfTTEaNopWpfVyYADxiSg=
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5/go.mod h1:RGnPtTG7r4i8sPlNyDeikXF99hMM+hN6QMm4ooG9g2g=
|
google.golang.org/genproto/googleapis/api v0.0.0-20240624140628-dc46fd24d27d/go.mod h1:Od4k8V1LQSizPRUK4OzZ7TBE/20k+jPczUDAEyvn69Y=
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 h1:AgADTJarZTBqgjiUzRgfaBchgYB3/WFTC80GPwsMcRI=
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20240624140628-dc46fd24d27d h1:k3zyW3BYYR30e8v3x0bTDdE9vpYFjZHK+HcyqkrppWk=
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0=
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20240624140628-dc46fd24d27d/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY=
|
||||||
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
|
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
|
||||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||||
google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
|
google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
|
||||||
|
@ -1582,8 +1588,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
|
||||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||||
google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||||
google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||||
google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
|
google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
|
||||||
google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
|
google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
|
||||||
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
|
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
|
||||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -63,12 +63,12 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: |-
|
description: |-
|
||||||
Middlewares defines the list of references to Middleware resources.
|
Middlewares defines the list of references to Middleware resources.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
items:
|
items:
|
||||||
description: MiddlewareRef is a reference to a Middleware
|
description: MiddlewareRef is a reference to a Middleware
|
||||||
resource.
|
resource.
|
||||||
|
@ -88,7 +88,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -229,7 +229,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -277,7 +277,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- kind
|
- kind
|
||||||
|
@ -287,18 +287,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration.
|
TLS defines the TLS configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -317,17 +317,17 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSOption.
|
Name defines the name of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSOption.
|
Namespace defines the namespace of the referenced TLSOption.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -344,12 +344,12 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: |-
|
description: |-
|
||||||
Name defines the name of the referenced TLSStore.
|
Name defines the name of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: |-
|
description: |-
|
||||||
Namespace defines the namespace of the referenced TLSStore.
|
Namespace defines the namespace of the referenced TLSStore.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -409,7 +409,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -422,7 +422,7 @@ spec:
|
||||||
match:
|
match:
|
||||||
description: |-
|
description: |-
|
||||||
Match defines the router's rule.
|
Match defines the router's rule.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
||||||
type: string
|
type: string
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares defines the list of references to MiddlewareTCP
|
description: Middlewares defines the list of references to MiddlewareTCP
|
||||||
|
@ -446,7 +446,7 @@ spec:
|
||||||
priority:
|
priority:
|
||||||
description: |-
|
description: |-
|
||||||
Priority defines the router's priority.
|
Priority defines the router's priority.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
||||||
type: integer
|
type: integer
|
||||||
services:
|
services:
|
||||||
description: Services defines the list of TCP services.
|
description: Services defines the list of TCP services.
|
||||||
|
@ -487,7 +487,7 @@ spec:
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
description: |-
|
description: |-
|
||||||
ProxyProtocol defines the PROXY protocol configuration.
|
ProxyProtocol defines the PROXY protocol configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
||||||
properties:
|
properties:
|
||||||
version:
|
version:
|
||||||
description: Version defines the PROXY Protocol version
|
description: Version defines the PROXY Protocol version
|
||||||
|
@ -525,7 +525,7 @@ spec:
|
||||||
syntax:
|
syntax:
|
||||||
description: |-
|
description: |-
|
||||||
Syntax defines the router's rule syntax.
|
Syntax defines the router's rule syntax.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- match
|
- match
|
||||||
|
@ -534,18 +534,18 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
description: |-
|
description: |-
|
||||||
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
||||||
properties:
|
properties:
|
||||||
certResolver:
|
certResolver:
|
||||||
description: |-
|
description: |-
|
||||||
CertResolver defines the name of the certificate resolver to use.
|
CertResolver defines the name of the certificate resolver to use.
|
||||||
Cert resolvers have to be configured in the static configuration.
|
Cert resolvers have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
type: string
|
type: string
|
||||||
domains:
|
domains:
|
||||||
description: |-
|
description: |-
|
||||||
Domains defines the list of domains that will be used to issue certificates.
|
Domains defines the list of domains that will be used to issue certificates.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
items:
|
items:
|
||||||
description: Domain holds a domain name with SANs.
|
description: Domain holds a domain name with SANs.
|
||||||
properties:
|
properties:
|
||||||
|
@ -564,7 +564,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
If not defined, the `default` TLSOption is used.
|
If not defined, the `default` TLSOption is used.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: Name defines the name of the referenced Traefik
|
description: Name defines the name of the referenced Traefik
|
||||||
|
@ -656,7 +656,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
EntryPoints defines the list of entry point names to bind to.
|
EntryPoints defines the list of entry point names to bind to.
|
||||||
Entry points have to be configured in the static configuration.
|
Entry points have to be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
Default: all.
|
Default: all.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
@ -743,7 +743,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
Middleware is the CRD implementation of a Traefik Middleware.
|
Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -769,7 +769,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
AddPrefix holds the add prefix middleware configuration.
|
AddPrefix holds the add prefix middleware configuration.
|
||||||
This middleware updates the path of a request before forwarding it.
|
This middleware updates the path of a request before forwarding it.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
||||||
properties:
|
properties:
|
||||||
prefix:
|
prefix:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -781,12 +781,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
BasicAuth holds the basic auth middleware configuration.
|
BasicAuth holds the basic auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -807,7 +807,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Buffering holds the buffering middleware configuration.
|
Buffering holds the buffering middleware configuration.
|
||||||
This middleware retries or limits the size of requests that can be forwarded to backends.
|
This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
properties:
|
properties:
|
||||||
maxRequestBodyBytes:
|
maxRequestBodyBytes:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -839,14 +839,14 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RetryExpression defines the retry conditions.
|
RetryExpression defines the retry conditions.
|
||||||
It is a logical combination of functions with operators AND (&&) and OR (||).
|
It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
chain:
|
chain:
|
||||||
description: |-
|
description: |-
|
||||||
Chain holds the configuration of the chain middleware.
|
Chain holds the configuration of the chain middleware.
|
||||||
This middleware enables to define reusable combinations of other pieces of middleware.
|
This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
||||||
properties:
|
properties:
|
||||||
middlewares:
|
middlewares:
|
||||||
description: Middlewares is the list of MiddlewareRef which composes
|
description: Middlewares is the list of MiddlewareRef which composes
|
||||||
|
@ -905,7 +905,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Compress holds the compress middleware configuration.
|
Compress holds the compress middleware configuration.
|
||||||
This middleware compresses responses before sending them to the client, using gzip compression.
|
This middleware compresses responses before sending them to the client, using gzip compression.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
||||||
properties:
|
properties:
|
||||||
defaultEncoding:
|
defaultEncoding:
|
||||||
description: DefaultEncoding specifies the default encoding if
|
description: DefaultEncoding specifies the default encoding if
|
||||||
|
@ -948,12 +948,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
DigestAuth holds the digest auth middleware configuration.
|
DigestAuth holds the digest auth middleware configuration.
|
||||||
This middleware restricts access to your services to known users.
|
This middleware restricts access to your services to known users.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
||||||
properties:
|
properties:
|
||||||
headerField:
|
headerField:
|
||||||
description: |-
|
description: |-
|
||||||
HeaderField defines a header field to store the authenticated user.
|
HeaderField defines a header field to store the authenticated user.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
type: string
|
type: string
|
||||||
realm:
|
realm:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -973,7 +973,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ErrorPage holds the custom error middleware configuration.
|
ErrorPage holds the custom error middleware configuration.
|
||||||
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
||||||
properties:
|
properties:
|
||||||
query:
|
query:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -983,7 +983,7 @@ spec:
|
||||||
service:
|
service:
|
||||||
description: |-
|
description: |-
|
||||||
Service defines the reference to a Kubernetes Service that will serve the error page.
|
Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
||||||
properties:
|
properties:
|
||||||
healthCheck:
|
healthCheck:
|
||||||
description: Healthcheck defines health checks for ExternalName
|
description: Healthcheck defines health checks for ExternalName
|
||||||
|
@ -1116,7 +1116,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -1174,7 +1174,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ForwardAuth holds the forward auth middleware configuration.
|
ForwardAuth holds the forward auth middleware configuration.
|
||||||
This middleware delegates the request authentication to a Service.
|
This middleware delegates the request authentication to a Service.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
||||||
properties:
|
properties:
|
||||||
addAuthCookiesToResponse:
|
addAuthCookiesToResponse:
|
||||||
description: AddAuthCookiesToResponse defines the list of cookies
|
description: AddAuthCookiesToResponse defines the list of cookies
|
||||||
|
@ -1202,7 +1202,7 @@ spec:
|
||||||
authResponseHeadersRegex:
|
authResponseHeadersRegex:
|
||||||
description: |-
|
description: |-
|
||||||
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
type: string
|
type: string
|
||||||
tls:
|
tls:
|
||||||
description: TLS defines the configuration used to secure the
|
description: TLS defines the configuration used to secure the
|
||||||
|
@ -1249,7 +1249,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
Headers holds the headers middleware configuration.
|
Headers holds the headers middleware configuration.
|
||||||
This middleware manages the requests and responses headers.
|
This middleware manages the requests and responses headers.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
||||||
properties:
|
properties:
|
||||||
accessControlAllowCredentials:
|
accessControlAllowCredentials:
|
||||||
description: AccessControlAllowCredentials defines whether the
|
description: AccessControlAllowCredentials defines whether the
|
||||||
|
@ -1420,7 +1420,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
InFlightReq holds the in-flight request middleware configuration.
|
InFlightReq holds the in-flight request middleware configuration.
|
||||||
This middleware limits the number of requests being processed and served concurrently.
|
This middleware limits the number of requests being processed and served concurrently.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
||||||
properties:
|
properties:
|
||||||
amount:
|
amount:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1433,12 +1433,12 @@ spec:
|
||||||
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
If several strategies are defined at the same time, an error will be raised.
|
If several strategies are defined at the same time, an error will be raised.
|
||||||
If none are set, the default is to use the requestHost.
|
If none are set, the default is to use the requestHost.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1467,12 +1467,12 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList holds the IP allowlist middleware configuration.
|
IPAllowList holds the IP allowlist middleware configuration.
|
||||||
This middleware limits allowed requests based on the client IP.
|
This middleware limits allowed requests based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1504,7 +1504,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1529,7 +1529,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
This middleware adds the selected data from the passed client TLS certificate to a header.
|
This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
||||||
properties:
|
properties:
|
||||||
info:
|
info:
|
||||||
description: Info selects the specific client certificate details
|
description: Info selects the specific client certificate details
|
||||||
|
@ -1638,7 +1638,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RateLimit holds the rate limit configuration.
|
RateLimit holds the rate limit configuration.
|
||||||
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
||||||
properties:
|
properties:
|
||||||
average:
|
average:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1671,7 +1671,7 @@ spec:
|
||||||
ipStrategy:
|
ipStrategy:
|
||||||
description: |-
|
description: |-
|
||||||
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
properties:
|
properties:
|
||||||
depth:
|
depth:
|
||||||
description: Depth tells Traefik to use the X-Forwarded-For
|
description: Depth tells Traefik to use the X-Forwarded-For
|
||||||
|
@ -1700,7 +1700,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectRegex holds the redirect regex middleware configuration.
|
RedirectRegex holds the redirect regex middleware configuration.
|
||||||
This middleware redirects a request using regex matching and replacement.
|
This middleware redirects a request using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1719,7 +1719,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
RedirectScheme holds the redirect scheme middleware configuration.
|
RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
This middleware redirects requests from a scheme/port to another.
|
This middleware redirects requests from a scheme/port to another.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
||||||
properties:
|
properties:
|
||||||
permanent:
|
permanent:
|
||||||
description: Permanent defines whether the redirection is permanent
|
description: Permanent defines whether the redirection is permanent
|
||||||
|
@ -1736,7 +1736,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePath holds the replace path middleware configuration.
|
ReplacePath holds the replace path middleware configuration.
|
||||||
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
||||||
properties:
|
properties:
|
||||||
path:
|
path:
|
||||||
description: Path defines the path to use as replacement in the
|
description: Path defines the path to use as replacement in the
|
||||||
|
@ -1747,7 +1747,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
ReplacePathRegex holds the replace path regex middleware configuration.
|
ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
This middleware replaces the path of a URL using regex matching and replacement.
|
This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression used to match
|
description: Regex defines the regular expression used to match
|
||||||
|
@ -1763,7 +1763,7 @@ spec:
|
||||||
Retry holds the retry middleware configuration.
|
Retry holds the retry middleware configuration.
|
||||||
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
||||||
properties:
|
properties:
|
||||||
attempts:
|
attempts:
|
||||||
description: Attempts defines how many times the request should
|
description: Attempts defines how many times the request should
|
||||||
|
@ -1785,7 +1785,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefix holds the strip prefix middleware configuration.
|
StripPrefix holds the strip prefix middleware configuration.
|
||||||
This middleware removes the specified prefixes from the URL path.
|
This middleware removes the specified prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
||||||
properties:
|
properties:
|
||||||
forceSlash:
|
forceSlash:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1804,7 +1804,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
This middleware removes the matching prefixes from the URL path.
|
This middleware removes the matching prefixes from the URL path.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
||||||
properties:
|
properties:
|
||||||
regex:
|
regex:
|
||||||
description: Regex defines the regular expression to match the
|
description: Regex defines the regular expression to match the
|
||||||
|
@ -1841,7 +1841,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -1877,7 +1877,7 @@ spec:
|
||||||
description: |-
|
description: |-
|
||||||
IPAllowList defines the IPAllowList middleware configuration.
|
IPAllowList defines the IPAllowList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1891,7 +1891,7 @@ spec:
|
||||||
IPWhiteList defines the IPWhiteList middleware configuration.
|
IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
This middleware accepts/refuses connections based on the client IP.
|
This middleware accepts/refuses connections based on the client IP.
|
||||||
Deprecated: please use IPAllowList instead.
|
Deprecated: please use IPAllowList instead.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/
|
More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
||||||
properties:
|
properties:
|
||||||
sourceRange:
|
sourceRange:
|
||||||
description: SourceRange defines the allowed IPs (or ranges of
|
description: SourceRange defines the allowed IPs (or ranges of
|
||||||
|
@ -1930,7 +1930,7 @@ spec:
|
||||||
ServersTransport is the CRD implementation of a ServersTransport.
|
ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
If no serversTransport is specified, the default@internal will be used.
|
If no serversTransport is specified, the default@internal will be used.
|
||||||
The default@internal serversTransport is created from the static configuration.
|
The default@internal serversTransport is created from the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2069,7 +2069,7 @@ spec:
|
||||||
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
The default@internal tcpServersTransport can be configured in the static configuration.
|
The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2187,7 +2187,7 @@ spec:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: |-
|
description: |-
|
||||||
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2212,14 +2212,14 @@ spec:
|
||||||
alpnProtocols:
|
alpnProtocols:
|
||||||
description: |-
|
description: |-
|
||||||
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
cipherSuites:
|
cipherSuites:
|
||||||
description: |-
|
description: |-
|
||||||
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2247,7 +2247,7 @@ spec:
|
||||||
curvePreferences:
|
curvePreferences:
|
||||||
description: |-
|
description: |-
|
||||||
CurvePreferences defines the preferred elliptic curves in a specific order.
|
CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
@ -2303,7 +2303,7 @@ spec:
|
||||||
TLSStore is the CRD implementation of a Traefik TLS Store.
|
TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
For the time being, only the TLSStore named default is supported.
|
For the time being, only the TLSStore named default is supported.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores
|
More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2401,7 +2401,7 @@ spec:
|
||||||
TraefikService object allows to:
|
TraefikService object allows to:
|
||||||
- Apply weight to Services on load-balancing
|
- Apply weight to Services on load-balancing
|
||||||
- Mirror traffic on services
|
- Mirror traffic on services
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: |-
|
description: |-
|
||||||
|
@ -2642,7 +2642,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2749,7 +2749,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2932,7 +2932,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines the sticky sessions configuration.
|
Sticky defines the sticky sessions configuration.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
@ -2979,7 +2979,7 @@ spec:
|
||||||
sticky:
|
sticky:
|
||||||
description: |-
|
description: |-
|
||||||
Sticky defines whether sticky sessions are enabled.
|
Sticky defines whether sticky sessions are enabled.
|
||||||
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
properties:
|
properties:
|
||||||
cookie:
|
cookie:
|
||||||
description: Cookie defines the sticky cookie configuration.
|
description: Cookie defines the sticky cookie configuration.
|
||||||
|
|
|
@ -18,7 +18,6 @@ import (
|
||||||
"github.com/testcontainers/testcontainers-go/network"
|
"github.com/testcontainers/testcontainers-go/network"
|
||||||
"github.com/traefik/traefik/v3/integration/try"
|
"github.com/traefik/traefik/v3/integration/try"
|
||||||
"github.com/traefik/traefik/v3/pkg/version"
|
"github.com/traefik/traefik/v3/pkg/version"
|
||||||
"gopkg.in/yaml.v3"
|
|
||||||
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
|
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/sets"
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
kclientset "k8s.io/client-go/kubernetes"
|
kclientset "k8s.io/client-go/kubernetes"
|
||||||
|
@ -35,6 +34,7 @@ import (
|
||||||
"sigs.k8s.io/gateway-api/conformance/utils/config"
|
"sigs.k8s.io/gateway-api/conformance/utils/config"
|
||||||
ksuite "sigs.k8s.io/gateway-api/conformance/utils/suite"
|
ksuite "sigs.k8s.io/gateway-api/conformance/utils/suite"
|
||||||
"sigs.k8s.io/gateway-api/pkg/features"
|
"sigs.k8s.io/gateway-api/pkg/features"
|
||||||
|
"sigs.k8s.io/yaml"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -230,7 +230,7 @@ func (s *K8sConformanceSuite) TestK8sGatewayAPIConformance() {
|
||||||
s.T().Logf("Conformance report:\n%s", string(rawReport))
|
s.T().Logf("Conformance report:\n%s", string(rawReport))
|
||||||
|
|
||||||
require.NoError(s.T(), os.MkdirAll("./conformance-reports", 0o755))
|
require.NoError(s.T(), os.MkdirAll("./conformance-reports", 0o755))
|
||||||
outFile := filepath.Join("conformance-reports", fmt.Sprintf("traefik-traefik-%d.yaml", time.Now().UnixNano()))
|
outFile := filepath.Join("conformance-reports", fmt.Sprintf("%s-%s-%s-report.yaml", report.GatewayAPIChannel, report.Version, report.Mode))
|
||||||
require.NoError(s.T(), os.WriteFile(outFile, rawReport, 0o600))
|
require.NoError(s.T(), os.WriteFile(outFile, rawReport, 0o600))
|
||||||
s.T().Logf("Report written to: %s", outFile)
|
s.T().Logf("Report written to: %s", outFile)
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,7 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- ./fixtures/tracing/tempo.yaml:/etc/tempo.yaml
|
- ./fixtures/tracing/tempo.yaml:/etc/tempo.yaml
|
||||||
otel-collector:
|
otel-collector:
|
||||||
image: otel/opentelemetry-collector-contrib:0.89.0
|
image: otel/opentelemetry-collector-contrib:0.103.0
|
||||||
volumes:
|
volumes:
|
||||||
- ./fixtures/tracing/otel-collector-config.yaml:/etc/otelcol-contrib/config.yaml
|
- ./fixtures/tracing/otel-collector-config.yaml:/etc/otelcol-contrib/config.yaml
|
||||||
whoami:
|
whoami:
|
||||||
|
|
|
@ -2,7 +2,9 @@ package integration
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
|
@ -96,27 +98,46 @@ func (s *TracingSuite) TestOpentelemetryBasic_HTTP() {
|
||||||
{
|
{
|
||||||
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.0.name": "EntryPoint",
|
"batches.0.scopeSpans.0.spans.0.name": "ReverseProxy",
|
||||||
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_SERVER",
|
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_CLIENT",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.protocol.version\").value.stringValue": "1.1",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.path\").value.stringValue": "/basic",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://%s/basic", net.JoinHostPort(s.whoamiIP, "80")),
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.port\").value.intValue": "80",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.port\").value.intValue": "80",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.1.name": "Router",
|
"batches.0.scopeSpans.0.spans.1.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.router.name\").value.stringValue": "router0@file",
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
||||||
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.3.name": "ReverseProxy",
|
"batches.0.scopeSpans.0.spans.3.name": "Router",
|
||||||
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_CLIENT",
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"url.scheme\").value.stringValue": "http",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.router.name\").value.stringValue": "router0@file",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"http.route\").value.stringValue": "Path(`/basic`)",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.4.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.5.name": "EntryPoint",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_SERVER",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"url.path\").value.stringValue": "/basic",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"url.query\").value.stringValue": "",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"server.address\").value.stringValue": "127.0.0.1:8000",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"network.peer.address\").value.stringValue": "127.0.0.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -145,27 +166,35 @@ func (s *TracingSuite) TestOpentelemetryBasic_gRPC() {
|
||||||
{
|
{
|
||||||
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.0.name": "EntryPoint",
|
"batches.0.scopeSpans.0.spans.0.name": "ReverseProxy",
|
||||||
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_SERVER",
|
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_CLIENT",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.protocol.version\").value.stringValue": "1.1",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.path\").value.stringValue": "/basic",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://%s/basic", net.JoinHostPort(s.whoamiIP, "80")),
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.port\").value.intValue": "80",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.port\").value.intValue": "80",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.1.name": "Router",
|
"batches.0.scopeSpans.0.spans.1.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.router.name\").value.stringValue": "router0@file",
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
||||||
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.3.name": "ReverseProxy",
|
"batches.0.scopeSpans.0.spans.3.name": "Router",
|
||||||
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_CLIENT",
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"url.scheme\").value.stringValue": "http",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.service.name\").value.stringValue": "service0@file",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.router.name\").value.stringValue": "router0@file",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"http.route\").value.stringValue": "Path(`/basic`)",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.4.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -215,54 +244,75 @@ func (s *TracingSuite) TestOpentelemetryRateLimit() {
|
||||||
{
|
{
|
||||||
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.0.name": "EntryPoint",
|
"batches.0.scopeSpans.0.spans.0.name": "RateLimiter",
|
||||||
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_SERVER",
|
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "ratelimit-1@file",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.path\").value.stringValue": "/ratelimit",
|
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.1.name": "Router",
|
"batches.0.scopeSpans.0.spans.1.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.router.name\").value.stringValue": "router1@file",
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.service.name\").value.stringValue": "service1@file",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.2.name": "Retry",
|
"batches.0.scopeSpans.0.spans.2.name": "RateLimiter",
|
||||||
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "ratelimit-1@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.3.name": "RateLimiter",
|
"batches.0.scopeSpans.0.spans.3.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "ratelimit-1@file",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"http.request.resend_count\").value.intValue": "1",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.4.name": "Service",
|
"batches.0.scopeSpans.0.spans.4.name": "RateLimiter",
|
||||||
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.service.name\").value.stringValue": "service1@file",
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "ratelimit-1@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.5.name": "ReverseProxy",
|
"batches.0.scopeSpans.0.spans.5.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_CLIENT",
|
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"url.scheme\").value.stringValue": "http",
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.request.resend_count\").value.intValue": "2",
|
||||||
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
|
||||||
|
"batches.0.scopeSpans.0.spans.6.name": "Router",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.service.name\").value.stringValue": "service1@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.router.name\").value.stringValue": "router1@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"http.route\").value.stringValue": "Path(`/ratelimit`)",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.7.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.8.name": "EntryPoint",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.kind": "SPAN_KIND_SERVER",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"url.path\").value.stringValue": "/ratelimit",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"url.query\").value.stringValue": "",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"server.address\").value.stringValue": "127.0.0.1:8000",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"network.peer.address\").value.stringValue": "127.0.0.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.response.status_code\").value.intValue": "429",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.0.name": "EntryPoint",
|
"batches.0.scopeSpans.0.spans.0.name": "ReverseProxy",
|
||||||
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_SERVER",
|
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_CLIENT",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.protocol.version\").value.stringValue": "1.1",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.path\").value.stringValue": "/ratelimit",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://%s/ratelimit", net.JoinHostPort(s.whoamiIP, "80")),
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "429",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.port\").value.intValue": "80",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.port\").value.intValue": "80",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.1.name": "Router",
|
"batches.0.scopeSpans.0.spans.1.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.router.name\").value.stringValue": "router1@file",
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.service.name\").value.stringValue": "service1@file",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.2.name": "Retry",
|
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
||||||
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service1@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.3.name": "RateLimiter",
|
"batches.0.scopeSpans.0.spans.3.name": "RateLimiter",
|
||||||
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
@ -271,20 +321,27 @@ func (s *TracingSuite) TestOpentelemetryRateLimit() {
|
||||||
"batches.0.scopeSpans.0.spans.4.name": "Retry",
|
"batches.0.scopeSpans.0.spans.4.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"http.resend_count\").value.intValue": "1",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.5.name": "RateLimiter",
|
"batches.0.scopeSpans.0.spans.5.name": "Router",
|
||||||
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "ratelimit-1@file",
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.service.name\").value.stringValue": "service1@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.router.name\").value.stringValue": "router1@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.route\").value.stringValue": "Path(`/ratelimit`)",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.6.name": "Retry",
|
"batches.0.scopeSpans.0.spans.6.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"http.resend_count\").value.intValue": "2",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.7.name": "RateLimiter",
|
"batches.0.scopeSpans.0.spans.7.name": "EntryPoint",
|
||||||
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_SERVER",
|
||||||
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "ratelimit-1@file",
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"url.path\").value.stringValue": "/ratelimit",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"url.query\").value.stringValue": "",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"server.address\").value.stringValue": "127.0.0.1:8000",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"network.peer.address\").value.stringValue": "127.0.0.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -312,60 +369,102 @@ func (s *TracingSuite) TestOpentelemetryRetry() {
|
||||||
{
|
{
|
||||||
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.0.name": "EntryPoint",
|
"batches.0.scopeSpans.0.spans.0.name": "ReverseProxy",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_CLIENT",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.path\").value.stringValue": "/retry",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.protocol.version\").value.stringValue": "1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://%s/retry", net.JoinHostPort(s.whoamiIP, "81")),
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.port\").value.intValue": "81",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.port\").value.intValue": "81",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
||||||
"batches.0.scopeSpans.0.spans.0.status.code": "STATUS_CODE_ERROR",
|
"batches.0.scopeSpans.0.spans.0.status.code": "STATUS_CODE_ERROR",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.1.name": "Router",
|
"batches.0.scopeSpans.0.spans.1.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.router.name\").value.stringValue": "router2@file",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.2.name": "Retry",
|
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
||||||
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.3.name": "Service",
|
"batches.0.scopeSpans.0.spans.3.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.4.name": "ReverseProxy",
|
"batches.0.scopeSpans.0.spans.4.name": "ReverseProxy",
|
||||||
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_CLIENT",
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_CLIENT",
|
||||||
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"url.scheme\").value.stringValue": "http",
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"network.protocol.version\").value.stringValue": "1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://%s/retry", net.JoinHostPort(s.whoamiIP, "81")),
|
||||||
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"network.peer.port\").value.intValue": "81",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"server.port\").value.intValue": "81",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.status.code": "STATUS_CODE_ERROR",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.5.name": "Retry",
|
"batches.0.scopeSpans.0.spans.5.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.resend_count\").value.intValue": "1",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.6.name": "Service",
|
"batches.0.scopeSpans.0.spans.6.name": "Service",
|
||||||
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.7.name": "ReverseProxy",
|
"batches.0.scopeSpans.0.spans.7.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_CLIENT",
|
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"url.scheme\").value.stringValue": "http",
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"http.request.resend_count\").value.intValue": "1",
|
||||||
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.8.name": "Retry",
|
"batches.0.scopeSpans.0.spans.8.name": "ReverseProxy",
|
||||||
"batches.0.scopeSpans.0.spans.8.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.8.kind": "SPAN_KIND_CLIENT",
|
||||||
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.resend_count\").value.intValue": "2",
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"network.protocol.version\").value.stringValue": "1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://%s/retry", net.JoinHostPort(s.whoamiIP, "81")),
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"network.peer.port\").value.intValue": "81",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"server.port\").value.intValue": "81",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.status.code": "STATUS_CODE_ERROR",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.9.name": "Service",
|
"batches.0.scopeSpans.0.spans.9.name": "Metrics",
|
||||||
"batches.0.scopeSpans.0.spans.9.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.9.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.9.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
"batches.0.scopeSpans.0.spans.9.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.10.name": "ReverseProxy",
|
"batches.0.scopeSpans.0.spans.10.name": "Service",
|
||||||
"batches.0.scopeSpans.0.spans.10.kind": "SPAN_KIND_CLIENT",
|
"batches.0.scopeSpans.0.spans.10.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.10.attributes.#(key=\"url.scheme\").value.stringValue": "http",
|
"batches.0.scopeSpans.0.spans.10.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
||||||
"batches.0.scopeSpans.0.spans.10.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
|
||||||
"batches.0.scopeSpans.0.spans.10.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
"batches.0.scopeSpans.0.spans.11.name": "Retry",
|
||||||
|
"batches.0.scopeSpans.0.spans.11.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.11.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.11.attributes.#(key=\"http.request.resend_count\").value.intValue": "2",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.12.name": "Router",
|
||||||
|
"batches.0.scopeSpans.0.spans.12.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.12.attributes.#(key=\"traefik.service.name\").value.stringValue": "service2@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.12.attributes.#(key=\"traefik.router.name\").value.stringValue": "router2@file",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.13.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.13.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.13.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.14.name": "EntryPoint",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.kind": "SPAN_KIND_SERVER",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"url.path\").value.stringValue": "/retry",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"url.query\").value.stringValue": "",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"server.address\").value.stringValue": "127.0.0.1:8000",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"network.peer.address\").value.stringValue": "127.0.0.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.14.attributes.#(key=\"http.response.status_code\").value.intValue": "502",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -393,21 +492,131 @@ func (s *TracingSuite) TestOpentelemetryAuth() {
|
||||||
{
|
{
|
||||||
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.0.name": "EntryPoint",
|
"batches.0.scopeSpans.0.spans.0.name": "BasicAuth",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
"batches.0.scopeSpans.0.spans.0.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.path\").value.stringValue": "/auth",
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "basic-auth@file",
|
||||||
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "401",
|
"batches.0.scopeSpans.0.spans.0.status.message": "Authentication failed",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.status.code": "STATUS_CODE_ERROR",
|
||||||
|
|
||||||
"batches.0.scopeSpans.0.spans.1.name": "Router",
|
"batches.0.scopeSpans.0.spans.1.name": "Retry",
|
||||||
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.router.name\").value.stringValue": "router3@file",
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.service.name\").value.stringValue": "service3@file",
|
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.2.name": "BasicAuth",
|
||||||
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "basic-auth@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.2.status.message": "Authentication failed",
|
||||||
|
"batches.0.scopeSpans.0.spans.2.status.code": "STATUS_CODE_ERROR",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.3.name": "Retry",
|
||||||
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"http.request.resend_count\").value.intValue": "1",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.4.name": "BasicAuth",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "basic-auth@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.status.message": "Authentication failed",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.status.code": "STATUS_CODE_ERROR",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.5.name": "Retry",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.request.resend_count\").value.intValue": "2",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.6.name": "Router",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.service.name\").value.stringValue": "service3@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.router.name\").value.stringValue": "router3@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"http.route\").value.stringValue": "Path(`/auth`)",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.7.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.8.name": "EntryPoint",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.kind": "SPAN_KIND_SERVER",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"url.path\").value.stringValue": "/auth",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"url.query\").value.stringValue": "",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"server.address\").value.stringValue": "127.0.0.1:8000",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"network.peer.address\").value.stringValue": "127.0.0.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.8.attributes.#(key=\"http.response.status_code\").value.intValue": "401",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
s.checkTraceContent(contains)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *TracingSuite) TestOpentelemetrySafeURL() {
|
||||||
|
file := s.adaptFile("fixtures/tracing/simple-opentelemetry.toml", TracingTemplate{
|
||||||
|
WhoamiIP: s.whoamiIP,
|
||||||
|
WhoamiPort: s.whoamiPort,
|
||||||
|
IP: s.otelCollectorIP,
|
||||||
|
})
|
||||||
|
defer os.Remove(file)
|
||||||
|
|
||||||
|
s.traefikCmd(withConfigFile(file))
|
||||||
|
|
||||||
|
// wait for traefik
|
||||||
|
err := try.GetRequest("http://127.0.0.1:8080/api/rawdata", time.Second, try.BodyContains("basic-auth"))
|
||||||
|
require.NoError(s.T(), err)
|
||||||
|
|
||||||
|
err = try.GetRequest("http://test:test@127.0.0.1:8000/auth?api_key=powpow", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
|
||||||
|
require.NoError(s.T(), err)
|
||||||
|
|
||||||
|
contains := []map[string]string{
|
||||||
|
{
|
||||||
|
"batches.0.scopeSpans.0.scope.name": "github.com/traefik/traefik",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.0.name": "ReverseProxy",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"url.full\").value.stringValue": fmt.Sprintf("http://REDACTED:REDACTED@%s/auth?api_key=REDACTED", net.JoinHostPort(s.whoamiIP, "80")),
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"network.peer.port\").value.intValue": "80",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.address\").value.stringValue": s.whoamiIP,
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"server.port\").value.intValue": "80",
|
||||||
|
"batches.0.scopeSpans.0.spans.0.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.1.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.1.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.1.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-service",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.2.name": "Service",
|
||||||
|
"batches.0.scopeSpans.0.spans.2.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.2.attributes.#(key=\"traefik.service.name\").value.stringValue": "service3@file",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.3.name": "BasicAuth",
|
||||||
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
"batches.0.scopeSpans.0.spans.3.kind": "SPAN_KIND_INTERNAL",
|
||||||
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "basic-auth@file",
|
"batches.0.scopeSpans.0.spans.3.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "basic-auth@file",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.4.name": "Retry",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.4.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "retry@file",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.5.name": "Router",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.service.name\").value.stringValue": "service3@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"traefik.router.name\").value.stringValue": "router3@file",
|
||||||
|
"batches.0.scopeSpans.0.spans.5.attributes.#(key=\"http.route\").value.stringValue": "Path(`/auth`)",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.6.name": "Metrics",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.kind": "SPAN_KIND_INTERNAL",
|
||||||
|
"batches.0.scopeSpans.0.spans.6.attributes.#(key=\"traefik.middleware.name\").value.stringValue": "metrics-entrypoint",
|
||||||
|
|
||||||
|
"batches.0.scopeSpans.0.spans.7.name": "EntryPoint",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.kind": "SPAN_KIND_SERVER",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"entry_point\").value.stringValue": "web",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"http.request.method\").value.stringValue": "GET",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"url.path\").value.stringValue": "/auth",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"url.query\").value.stringValue": "api_key=REDACTED",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"user_agent.original\").value.stringValue": "Go-http-client/1.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"server.address\").value.stringValue": "127.0.0.1:8000",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"network.peer.address\").value.stringValue": "127.0.0.1",
|
||||||
|
"batches.0.scopeSpans.0.spans.7.attributes.#(key=\"http.response.status_code\").value.intValue": "200",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -517,12 +726,22 @@ func (s *TracingSuite) checkTraceContent(expectedJSON []map[string]string) {
|
||||||
contents = append(contents, string(content))
|
contents = append(contents, string(content))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var missingElements []string
|
||||||
for _, expected := range expectedJSON {
|
for _, expected := range expectedJSON {
|
||||||
containsAll(expected, contents)
|
missingElements = append(missingElements, contains(expected, contents)...)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Printf("Contents: [%s]\n", strings.Join(contents, ","))
|
||||||
|
for _, element := range missingElements {
|
||||||
|
log.Printf("Missing elements:\n%s\n", element)
|
||||||
|
}
|
||||||
|
|
||||||
|
require.Empty(s.T(), missingElements)
|
||||||
}
|
}
|
||||||
|
|
||||||
func containsAll(expectedJSON map[string]string, contents []string) {
|
func contains(expectedJSON map[string]string, contents []string) []string {
|
||||||
|
var missingElements []string
|
||||||
|
|
||||||
for k, v := range expectedJSON {
|
for k, v := range expectedJSON {
|
||||||
found := false
|
found := false
|
||||||
for _, content := range contents {
|
for _, content := range contents {
|
||||||
|
@ -531,12 +750,12 @@ func containsAll(expectedJSON map[string]string, contents []string) {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if !found {
|
if !found {
|
||||||
log.Info().Msgf("[" + strings.Join(contents, ",") + "]")
|
missingElements = append(missingElements, "Key: "+k+", Value: "+v)
|
||||||
log.Error().Msgf("missing element: \nKey: %q\nValue: %q ", k, v)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return missingElements
|
||||||
}
|
}
|
||||||
|
|
||||||
// TraceResponse contains a list of traces.
|
// TraceResponse contains a list of traces.
|
||||||
|
|
|
@ -194,7 +194,7 @@ func (c *configuration) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if c.Pilot != nil {
|
if c.Pilot != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Pilot configuration has been removed in v3, please remove all Pilot-related static configuration for Traefik to start." +
|
logger.Error().Msg("Pilot configuration has been removed in v3, please remove all Pilot-related static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#pilot")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#pilot")
|
||||||
}
|
}
|
||||||
|
|
||||||
incompatibleExperimental := c.Experimental.deprecationNotice(logger)
|
incompatibleExperimental := c.Experimental.deprecationNotice(logger)
|
||||||
|
@ -226,13 +226,13 @@ func (p *providers) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if p.Marathon != nil {
|
if p.Marathon != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Marathon provider has been removed in v3, please remove all Marathon-related static configuration for Traefik to start." +
|
logger.Error().Msg("Marathon provider has been removed in v3, please remove all Marathon-related static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#marathon-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#marathon-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if p.Rancher != nil {
|
if p.Rancher != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Rancher provider has been removed in v3, please remove all Rancher-related static configuration for Traefik to start." +
|
logger.Error().Msg("Rancher provider has been removed in v3, please remove all Rancher-related static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#rancher-v1-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#rancher-v1-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
dockerIncompatible := p.Docker.deprecationNotice(logger)
|
dockerIncompatible := p.Docker.deprecationNotice(logger)
|
||||||
|
@ -273,14 +273,14 @@ func (d *docker) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if d.SwarmMode != nil {
|
if d.SwarmMode != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Docker provider `swarmMode` option has been removed in v3, please use the Swarm Provider instead." +
|
logger.Error().Msg("Docker provider `swarmMode` option has been removed in v3, please use the Swarm Provider instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#docker-docker-swarm")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#docker-docker-swarm")
|
||||||
}
|
}
|
||||||
|
|
||||||
if d.TLS != nil && d.TLS.CAOptional != nil {
|
if d.TLS != nil && d.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Docker provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Docker provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tlscaoptional")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -321,7 +321,7 @@ func (e *etcd) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("ETCD provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("ETCD provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tlscaoptional_3")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_3")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -342,7 +342,7 @@ func (r *redis) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Redis provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Redis provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tlscaoptional_4")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_4")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -363,14 +363,14 @@ func (c *consul) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if c.Namespace != nil {
|
if c.Namespace != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Consul provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
logger.Error().Msg("Consul provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#consul-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#consul-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.TLS != nil && c.TLS.CAOptional != nil {
|
if c.TLS != nil && c.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Consul provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Consul provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tlscaoptional_1")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_1")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -395,14 +395,14 @@ func (c *consulCatalog) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if c.Namespace != nil {
|
if c.Namespace != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("ConsulCatalog provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
logger.Error().Msg("ConsulCatalog provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#consulcatalog-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#consulcatalog-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.Endpoint != nil && c.Endpoint.TLS != nil && c.Endpoint.TLS.CAOptional != nil {
|
if c.Endpoint != nil && c.Endpoint.TLS != nil && c.Endpoint.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("ConsulCatalog provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("ConsulCatalog provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#endpointtlscaoptional")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#endpointtlscaoptional")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -423,14 +423,14 @@ func (n *nomad) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if n.Namespace != nil {
|
if n.Namespace != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Nomad provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
logger.Error().Msg("Nomad provider `namespace` option has been removed, please use the `namespaces` option instead." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#nomad-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#nomad-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
if n.Endpoint != nil && n.Endpoint.TLS != nil && n.Endpoint.TLS.CAOptional != nil {
|
if n.Endpoint != nil && n.Endpoint.TLS != nil && n.Endpoint.TLS.CAOptional != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Nomad provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("Nomad provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#endpointtlscaoptional_1")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#endpointtlscaoptional_1")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -451,7 +451,7 @@ func (h *http) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("HTTP provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
logger.Error().Msg("HTTP provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
|
||||||
"Please remove all occurrences from the static configuration for Traefik to start." +
|
"Please remove all occurrences from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tlscaoptional_2")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tlscaoptional_2")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
@ -470,7 +470,7 @@ func (e *experimental) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if e.HTTP3 != nil {
|
if e.HTTP3 != nil {
|
||||||
logger.Error().Msg("HTTP3 is not an experimental feature in v3 and the associated enablement has been removed." +
|
logger.Error().Msg("HTTP3 is not an experimental feature in v3 and the associated enablement has been removed." +
|
||||||
"Please remove its usage from the static configuration for Traefik to start." +
|
"Please remove its usage from the static configuration for Traefik to start." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3-details/#http3")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3-details/#http3")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
@ -478,7 +478,7 @@ func (e *experimental) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if e.KubernetesGateway != nil {
|
if e.KubernetesGateway != nil {
|
||||||
logger.Error().Msg("KubernetesGateway provider is not an experimental feature starting with v3.1." +
|
logger.Error().Msg("KubernetesGateway provider is not an experimental feature starting with v3.1." +
|
||||||
"Please remove its usage from the static configuration." +
|
"Please remove its usage from the static configuration." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v3/#gateway-api-kubernetesgateway-provider")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v3/#gateway-api-kubernetesgateway-provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
return false
|
return false
|
||||||
|
@ -502,49 +502,49 @@ func (t *tracing) deprecationNotice(logger zerolog.Logger) bool {
|
||||||
if t.SpanNameLimit != nil {
|
if t.SpanNameLimit != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("SpanNameLimit option for Tracing has been removed in v3, as Span names are now of a fixed length." +
|
logger.Error().Msg("SpanNameLimit option for Tracing has been removed in v3, as Span names are now of a fixed length." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Jaeger != nil {
|
if t.Jaeger != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Jaeger Tracing backend has been removed in v3, please remove all Jaeger-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Jaeger Tracing backend has been removed in v3, please remove all Jaeger-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Zipkin != nil {
|
if t.Zipkin != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Zipkin Tracing backend has been removed in v3, please remove all Zipkin-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Zipkin Tracing backend has been removed in v3, please remove all Zipkin-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Datadog != nil {
|
if t.Datadog != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Datadog Tracing backend has been removed in v3, please remove all Datadog-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Datadog Tracing backend has been removed in v3, please remove all Datadog-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Instana != nil {
|
if t.Instana != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Instana Tracing backend has been removed in v3, please remove all Instana-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Instana Tracing backend has been removed in v3, please remove all Instana-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Haystack != nil {
|
if t.Haystack != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Haystack Tracing backend has been removed in v3, please remove all Haystack-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Haystack Tracing backend has been removed in v3, please remove all Haystack-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
if t.Elastic != nil {
|
if t.Elastic != nil {
|
||||||
incompatible = true
|
incompatible = true
|
||||||
logger.Error().Msg("Elastic Tracing backend has been removed in v3, please remove all Elastic-related Tracing static configuration for Traefik to start." +
|
logger.Error().Msg("Elastic Tracing backend has been removed in v3, please remove all Elastic-related Tracing static configuration for Traefik to start." +
|
||||||
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
|
||||||
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#tracing")
|
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.1/migration/v2-to-v3/#tracing")
|
||||||
}
|
}
|
||||||
|
|
||||||
return incompatible
|
return incompatible
|
||||||
|
|
|
@ -71,7 +71,7 @@ type ContentType struct {
|
||||||
|
|
||||||
// AddPrefix holds the add prefix middleware configuration.
|
// AddPrefix holds the add prefix middleware configuration.
|
||||||
// This middleware updates the path of a request before forwarding it.
|
// This middleware updates the path of a request before forwarding it.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/
|
||||||
type AddPrefix struct {
|
type AddPrefix struct {
|
||||||
// Prefix is the string to add before the current path in the requested URL.
|
// Prefix is the string to add before the current path in the requested URL.
|
||||||
// It should include a leading slash (/).
|
// It should include a leading slash (/).
|
||||||
|
@ -82,7 +82,7 @@ type AddPrefix struct {
|
||||||
|
|
||||||
// BasicAuth holds the basic auth middleware configuration.
|
// BasicAuth holds the basic auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
||||||
type BasicAuth struct {
|
type BasicAuth struct {
|
||||||
// Users is an array of authorized users.
|
// Users is an array of authorized users.
|
||||||
// Each user must be declared using the name:hashed-password format.
|
// Each user must be declared using the name:hashed-password format.
|
||||||
|
@ -97,7 +97,7 @@ type BasicAuth struct {
|
||||||
// Default: false.
|
// Default: false.
|
||||||
RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"`
|
RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -105,7 +105,7 @@ type BasicAuth struct {
|
||||||
|
|
||||||
// Buffering holds the buffering middleware configuration.
|
// Buffering holds the buffering middleware configuration.
|
||||||
// This middleware retries or limits the size of requests that can be forwarded to backends.
|
// This middleware retries or limits the size of requests that can be forwarded to backends.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes
|
||||||
type Buffering struct {
|
type Buffering struct {
|
||||||
// MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
|
// MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
|
||||||
// If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
|
// If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
|
||||||
|
@ -123,7 +123,7 @@ type Buffering struct {
|
||||||
MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"`
|
MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"`
|
||||||
// RetryExpression defines the retry conditions.
|
// RetryExpression defines the retry conditions.
|
||||||
// It is a logical combination of functions with operators AND (&&) and OR (||).
|
// It is a logical combination of functions with operators AND (&&) and OR (||).
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
|
||||||
RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"`
|
RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -140,7 +140,7 @@ type Chain struct {
|
||||||
|
|
||||||
// CircuitBreaker holds the circuit breaker middleware configuration.
|
// CircuitBreaker holds the circuit breaker middleware configuration.
|
||||||
// This middleware protects the system from stacking requests to unhealthy services, resulting in cascading failures.
|
// This middleware protects the system from stacking requests to unhealthy services, resulting in cascading failures.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/circuitbreaker/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/circuitbreaker/
|
||||||
type CircuitBreaker struct {
|
type CircuitBreaker struct {
|
||||||
// Expression defines the expression that, once matched, opens the circuit breaker and applies the fallback mechanism instead of calling the services.
|
// Expression defines the expression that, once matched, opens the circuit breaker and applies the fallback mechanism instead of calling the services.
|
||||||
Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"`
|
Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"`
|
||||||
|
@ -166,7 +166,7 @@ func (c *CircuitBreaker) SetDefaults() {
|
||||||
|
|
||||||
// Compress holds the compress middleware configuration.
|
// Compress holds the compress middleware configuration.
|
||||||
// This middleware compresses responses before sending them to the client, using gzip compression.
|
// This middleware compresses responses before sending them to the client, using gzip compression.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/
|
||||||
type Compress struct {
|
type Compress struct {
|
||||||
// ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
|
// ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
|
||||||
// `application/grpc` is always excluded.
|
// `application/grpc` is always excluded.
|
||||||
|
@ -184,7 +184,7 @@ type Compress struct {
|
||||||
|
|
||||||
// DigestAuth holds the digest auth middleware configuration.
|
// DigestAuth holds the digest auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
||||||
type DigestAuth struct {
|
type DigestAuth struct {
|
||||||
// Users defines the authorized users.
|
// Users defines the authorized users.
|
||||||
// Each user should be declared using the name:realm:encoded-password format.
|
// Each user should be declared using the name:realm:encoded-password format.
|
||||||
|
@ -197,7 +197,7 @@ type DigestAuth struct {
|
||||||
// Default: traefik.
|
// Default: traefik.
|
||||||
Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"`
|
Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -223,7 +223,7 @@ type ErrorPage struct {
|
||||||
|
|
||||||
// ForwardAuth holds the forward auth middleware configuration.
|
// ForwardAuth holds the forward auth middleware configuration.
|
||||||
// This middleware delegates the request authentication to a Service.
|
// This middleware delegates the request authentication to a Service.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
||||||
type ForwardAuth struct {
|
type ForwardAuth struct {
|
||||||
// Address defines the authentication server address.
|
// Address defines the authentication server address.
|
||||||
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
|
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
|
||||||
|
@ -234,7 +234,7 @@ type ForwardAuth struct {
|
||||||
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
||||||
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"`
|
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"`
|
||||||
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"`
|
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"`
|
||||||
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
||||||
// If not set or empty then all request headers are passed.
|
// If not set or empty then all request headers are passed.
|
||||||
|
@ -261,7 +261,7 @@ type ClientTLS struct {
|
||||||
|
|
||||||
// Headers holds the headers middleware configuration.
|
// Headers holds the headers middleware configuration.
|
||||||
// This middleware manages the requests and responses headers.
|
// This middleware manages the requests and responses headers.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders
|
||||||
type Headers struct {
|
type Headers struct {
|
||||||
// CustomRequestHeaders defines the header names and values to apply to the request.
|
// CustomRequestHeaders defines the header names and values to apply to the request.
|
||||||
CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"`
|
CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"`
|
||||||
|
@ -390,7 +390,7 @@ func (h *Headers) HasSecureHeadersDefined() bool {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy
|
||||||
type IPStrategy struct {
|
type IPStrategy struct {
|
||||||
// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
|
// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
|
||||||
Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"`
|
Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"`
|
||||||
|
@ -431,7 +431,7 @@ func (s *IPStrategy) Get() (ip.Strategy, error) {
|
||||||
|
|
||||||
// IPWhiteList holds the IP whitelist middleware configuration.
|
// IPWhiteList holds the IP whitelist middleware configuration.
|
||||||
// This middleware limits allowed requests based on the client IP.
|
// This middleware limits allowed requests based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipwhitelist/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipwhitelist/
|
||||||
// Deprecated: please use IPAllowList instead.
|
// Deprecated: please use IPAllowList instead.
|
||||||
type IPWhiteList struct {
|
type IPWhiteList struct {
|
||||||
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
|
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
|
||||||
|
@ -443,7 +443,7 @@ type IPWhiteList struct {
|
||||||
|
|
||||||
// IPAllowList holds the IP allowlist middleware configuration.
|
// IPAllowList holds the IP allowlist middleware configuration.
|
||||||
// This middleware limits allowed requests based on the client IP.
|
// This middleware limits allowed requests based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/
|
||||||
type IPAllowList struct {
|
type IPAllowList struct {
|
||||||
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
||||||
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
||||||
|
@ -457,7 +457,7 @@ type IPAllowList struct {
|
||||||
|
|
||||||
// InFlightReq holds the in-flight request middleware configuration.
|
// InFlightReq holds the in-flight request middleware configuration.
|
||||||
// This middleware limits the number of requests being processed and served concurrently.
|
// This middleware limits the number of requests being processed and served concurrently.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/
|
||||||
type InFlightReq struct {
|
type InFlightReq struct {
|
||||||
// Amount defines the maximum amount of allowed simultaneous in-flight request.
|
// Amount defines the maximum amount of allowed simultaneous in-flight request.
|
||||||
// The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
|
// The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
|
||||||
|
@ -465,7 +465,7 @@ type InFlightReq struct {
|
||||||
// SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
// SourceCriterion defines what criterion is used to group requests as originating from a common source.
|
||||||
// If several strategies are defined at the same time, an error will be raised.
|
// If several strategies are defined at the same time, an error will be raised.
|
||||||
// If none are set, the default is to use the requestHost.
|
// If none are set, the default is to use the requestHost.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion
|
||||||
SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"`
|
SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -473,7 +473,7 @@ type InFlightReq struct {
|
||||||
|
|
||||||
// PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
// PassTLSClientCert holds the pass TLS client cert middleware configuration.
|
||||||
// This middleware adds the selected data from the passed client TLS certificate to a header.
|
// This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/
|
||||||
type PassTLSClientCert struct {
|
type PassTLSClientCert struct {
|
||||||
// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
|
// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
|
||||||
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
|
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
|
||||||
|
@ -529,7 +529,7 @@ func (r *RateLimit) SetDefaults() {
|
||||||
|
|
||||||
// RedirectRegex holds the redirect regex middleware configuration.
|
// RedirectRegex holds the redirect regex middleware configuration.
|
||||||
// This middleware redirects a request using regex matching and replacement.
|
// This middleware redirects a request using regex matching and replacement.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex
|
||||||
type RedirectRegex struct {
|
type RedirectRegex struct {
|
||||||
// Regex defines the regex used to match and capture elements from the request URL.
|
// Regex defines the regex used to match and capture elements from the request URL.
|
||||||
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"`
|
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"`
|
||||||
|
@ -543,7 +543,7 @@ type RedirectRegex struct {
|
||||||
|
|
||||||
// RedirectScheme holds the redirect scheme middleware configuration.
|
// RedirectScheme holds the redirect scheme middleware configuration.
|
||||||
// This middleware redirects requests from a scheme/port to another.
|
// This middleware redirects requests from a scheme/port to another.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/
|
||||||
type RedirectScheme struct {
|
type RedirectScheme struct {
|
||||||
// Scheme defines the scheme of the new URL.
|
// Scheme defines the scheme of the new URL.
|
||||||
Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"`
|
Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"`
|
||||||
|
@ -557,7 +557,7 @@ type RedirectScheme struct {
|
||||||
|
|
||||||
// ReplacePath holds the replace path middleware configuration.
|
// ReplacePath holds the replace path middleware configuration.
|
||||||
// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/
|
||||||
type ReplacePath struct {
|
type ReplacePath struct {
|
||||||
// Path defines the path to use as replacement in the request URL.
|
// Path defines the path to use as replacement in the request URL.
|
||||||
Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"`
|
Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"`
|
||||||
|
@ -567,7 +567,7 @@ type ReplacePath struct {
|
||||||
|
|
||||||
// ReplacePathRegex holds the replace path regex middleware configuration.
|
// ReplacePathRegex holds the replace path regex middleware configuration.
|
||||||
// This middleware replaces the path of a URL using regex matching and replacement.
|
// This middleware replaces the path of a URL using regex matching and replacement.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/
|
||||||
type ReplacePathRegex struct {
|
type ReplacePathRegex struct {
|
||||||
// Regex defines the regular expression used to match and capture the path from the request URL.
|
// Regex defines the regular expression used to match and capture the path from the request URL.
|
||||||
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
||||||
|
@ -580,7 +580,7 @@ type ReplacePathRegex struct {
|
||||||
// Retry holds the retry middleware configuration.
|
// Retry holds the retry middleware configuration.
|
||||||
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
||||||
type Retry struct {
|
type Retry struct {
|
||||||
// Attempts defines how many times the request should be retried.
|
// Attempts defines how many times the request should be retried.
|
||||||
Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"`
|
Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"`
|
||||||
|
@ -596,7 +596,7 @@ type Retry struct {
|
||||||
|
|
||||||
// StripPrefix holds the strip prefix middleware configuration.
|
// StripPrefix holds the strip prefix middleware configuration.
|
||||||
// This middleware removes the specified prefixes from the URL path.
|
// This middleware removes the specified prefixes from the URL path.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/
|
||||||
type StripPrefix struct {
|
type StripPrefix struct {
|
||||||
// Prefixes defines the prefixes to strip from the request URL.
|
// Prefixes defines the prefixes to strip from the request URL.
|
||||||
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
|
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
|
||||||
|
@ -611,7 +611,7 @@ type StripPrefix struct {
|
||||||
|
|
||||||
// StripPrefixRegex holds the strip prefix regex middleware configuration.
|
// StripPrefixRegex holds the strip prefix regex middleware configuration.
|
||||||
// This middleware removes the matching prefixes from the URL path.
|
// This middleware removes the matching prefixes from the URL path.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/
|
||||||
type StripPrefixRegex struct {
|
type StripPrefixRegex struct {
|
||||||
// Regex defines the regular expression to match the path prefix from the request URL.
|
// Regex defines the regular expression to match the path prefix from the request URL.
|
||||||
Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
|
||||||
|
|
|
@ -125,7 +125,7 @@ type TCPServer struct {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// ProxyProtocol holds the PROXY Protocol configuration.
|
// ProxyProtocol holds the PROXY Protocol configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
||||||
type ProxyProtocol struct {
|
type ProxyProtocol struct {
|
||||||
// Version defines the PROXY Protocol version to use.
|
// Version defines the PROXY Protocol version to use.
|
||||||
Version int `json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"`
|
Version int `json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"`
|
||||||
|
|
|
@ -15,7 +15,7 @@ type TCPMiddleware struct {
|
||||||
// TCPInFlightConn holds the TCP InFlightConn middleware configuration.
|
// TCPInFlightConn holds the TCP InFlightConn middleware configuration.
|
||||||
// This middleware prevents services from being overwhelmed with high load,
|
// This middleware prevents services from being overwhelmed with high load,
|
||||||
// by limiting the number of allowed simultaneous connections for one IP.
|
// by limiting the number of allowed simultaneous connections for one IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/inflightconn/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/inflightconn/
|
||||||
type TCPInFlightConn struct {
|
type TCPInFlightConn struct {
|
||||||
// Amount defines the maximum amount of allowed simultaneous connections.
|
// Amount defines the maximum amount of allowed simultaneous connections.
|
||||||
// The middleware closes the connection if there are already amount connections opened.
|
// The middleware closes the connection if there are already amount connections opened.
|
||||||
|
@ -35,7 +35,7 @@ type TCPIPWhiteList struct {
|
||||||
|
|
||||||
// TCPIPAllowList holds the TCP IPAllowList middleware configuration.
|
// TCPIPAllowList holds the TCP IPAllowList middleware configuration.
|
||||||
// This middleware limits allowed requests based on the client IP.
|
// This middleware limits allowed requests based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
||||||
type TCPIPAllowList struct {
|
type TCPIPAllowList struct {
|
||||||
// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).
|
||||||
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
|
||||||
|
|
|
@ -201,6 +201,7 @@ type Tracing struct {
|
||||||
GlobalAttributes map[string]string `description:"Defines additional attributes (key:value) on all spans." json:"globalAttributes,omitempty" toml:"globalAttributes,omitempty" yaml:"globalAttributes,omitempty" export:"true"`
|
GlobalAttributes map[string]string `description:"Defines additional attributes (key:value) on all spans." json:"globalAttributes,omitempty" toml:"globalAttributes,omitempty" yaml:"globalAttributes,omitempty" export:"true"`
|
||||||
CapturedRequestHeaders []string `description:"Request headers to add as attributes for server and client spans." json:"capturedRequestHeaders,omitempty" toml:"capturedRequestHeaders,omitempty" yaml:"capturedRequestHeaders,omitempty" export:"true"`
|
CapturedRequestHeaders []string `description:"Request headers to add as attributes for server and client spans." json:"capturedRequestHeaders,omitempty" toml:"capturedRequestHeaders,omitempty" yaml:"capturedRequestHeaders,omitempty" export:"true"`
|
||||||
CapturedResponseHeaders []string `description:"Response headers to add as attributes for server and client spans." json:"capturedResponseHeaders,omitempty" toml:"capturedResponseHeaders,omitempty" yaml:"capturedResponseHeaders,omitempty" export:"true"`
|
CapturedResponseHeaders []string `description:"Response headers to add as attributes for server and client spans." json:"capturedResponseHeaders,omitempty" toml:"capturedResponseHeaders,omitempty" yaml:"capturedResponseHeaders,omitempty" export:"true"`
|
||||||
|
SafeQueryParams []string `description:"Query params to not redact." json:"safeQueryParams,omitempty" toml:"safeQueryParams,omitempty" yaml:"safeQueryParams,omitempty" export:"true"`
|
||||||
SampleRate float64 `description:"Sets the rate between 0.0 and 1.0 of requests to trace." json:"sampleRate,omitempty" toml:"sampleRate,omitempty" yaml:"sampleRate,omitempty" export:"true"`
|
SampleRate float64 `description:"Sets the rate between 0.0 and 1.0 of requests to trace." json:"sampleRate,omitempty" toml:"sampleRate,omitempty" yaml:"sampleRate,omitempty" export:"true"`
|
||||||
AddInternals bool `description:"Enables tracing for internal services (ping, dashboard, etc...)." json:"addInternals,omitempty" toml:"addInternals,omitempty" yaml:"addInternals,omitempty" export:"true"`
|
AddInternals bool `description:"Enables tracing for internal services (ping, dashboard, etc...)." json:"addInternals,omitempty" toml:"addInternals,omitempty" yaml:"addInternals,omitempty" export:"true"`
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ import (
|
||||||
"go.opentelemetry.io/otel/metric"
|
"go.opentelemetry.io/otel/metric"
|
||||||
sdkmetric "go.opentelemetry.io/otel/sdk/metric"
|
sdkmetric "go.opentelemetry.io/otel/sdk/metric"
|
||||||
"go.opentelemetry.io/otel/sdk/resource"
|
"go.opentelemetry.io/otel/sdk/resource"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"google.golang.org/grpc/credentials"
|
"google.golang.org/grpc/credentials"
|
||||||
"google.golang.org/grpc/encoding/gzip"
|
"google.golang.org/grpc/encoding/gzip"
|
||||||
)
|
)
|
||||||
|
@ -58,16 +58,16 @@ func NewSemConvMetricRegistry(ctx context.Context, config *types.OTLP) (*SemConv
|
||||||
meter := otel.Meter("github.com/traefik/traefik",
|
meter := otel.Meter("github.com/traefik/traefik",
|
||||||
metric.WithInstrumentationVersion(version.Version))
|
metric.WithInstrumentationVersion(version.Version))
|
||||||
|
|
||||||
httpServerRequestDuration, err := meter.Float64Histogram("http.server.request.duration",
|
httpServerRequestDuration, err := meter.Float64Histogram(semconv.HTTPServerRequestDurationName,
|
||||||
metric.WithDescription("Duration of HTTP server requests."),
|
metric.WithDescription(semconv.HTTPServerRequestDurationDescription),
|
||||||
metric.WithUnit("s"),
|
metric.WithUnit("s"),
|
||||||
metric.WithExplicitBucketBoundaries(config.ExplicitBoundaries...))
|
metric.WithExplicitBucketBoundaries(config.ExplicitBoundaries...))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("can't build httpServerRequestDuration histogram: %w", err)
|
return nil, fmt.Errorf("can't build httpServerRequestDuration histogram: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
httpClientRequestDuration, err := meter.Float64Histogram("http.client.request.duration",
|
httpClientRequestDuration, err := meter.Float64Histogram(semconv.HTTPClientRequestDurationName,
|
||||||
metric.WithDescription("Duration of HTTP client requests."),
|
metric.WithDescription(semconv.HTTPClientRequestDurationDescription),
|
||||||
metric.WithUnit("s"),
|
metric.WithUnit("s"),
|
||||||
metric.WithExplicitBucketBoundaries(config.ExplicitBoundaries...))
|
metric.WithExplicitBucketBoundaries(config.ExplicitBoundaries...))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -513,7 +513,7 @@ func TestForwardAuthTracing(t *testing.T) {
|
||||||
attribute.String("url.scheme", "http"),
|
attribute.String("url.scheme", "http"),
|
||||||
attribute.String("user_agent.original", ""),
|
attribute.String("user_agent.original", ""),
|
||||||
attribute.String("network.peer.address", "127.0.0.1"),
|
attribute.String("network.peer.address", "127.0.0.1"),
|
||||||
attribute.String("network.peer.port", serverPort),
|
attribute.Int64("network.peer.port", int64(serverPortInt)),
|
||||||
attribute.String("server.address", "127.0.0.1"),
|
attribute.String("server.address", "127.0.0.1"),
|
||||||
attribute.Int64("server.port", int64(serverPortInt)),
|
attribute.Int64("server.port", int64(serverPortInt)),
|
||||||
attribute.StringSlice("http.request.header.x-foo", []string{"foo", "bar"}),
|
attribute.StringSlice("http.request.header.x-foo", []string{"foo", "bar"}),
|
||||||
|
@ -546,7 +546,7 @@ func TestForwardAuthTracing(t *testing.T) {
|
||||||
otel.SetTextMapPropagator(autoprop.NewTextMapPropagator())
|
otel.SetTextMapPropagator(autoprop.NewTextMapPropagator())
|
||||||
|
|
||||||
mockTracer := &mockTracer{}
|
mockTracer := &mockTracer{}
|
||||||
tracer := tracing.NewTracer(mockTracer, []string{"X-Foo"}, []string{"X-Bar"})
|
tracer := tracing.NewTracer(mockTracer, []string{"X-Foo"}, []string{"X-Bar"}, []string{"q"})
|
||||||
initialCtx, initialSpan := tracer.Start(req.Context(), "initial")
|
initialCtx, initialSpan := tracer.Start(req.Context(), "initial")
|
||||||
defer initialSpan.End()
|
defer initialSpan.End()
|
||||||
req = req.WithContext(initialCtx)
|
req = req.WithContext(initialCtx)
|
||||||
|
|
|
@ -14,7 +14,7 @@ import (
|
||||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||||
"go.opentelemetry.io/otel/attribute"
|
"go.opentelemetry.io/otel/attribute"
|
||||||
"go.opentelemetry.io/otel/metric"
|
"go.opentelemetry.io/otel/metric"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"go.opentelemetry.io/otel/trace"
|
"go.opentelemetry.io/otel/trace"
|
||||||
"go.opentelemetry.io/otel/trace/noop"
|
"go.opentelemetry.io/otel/trace/noop"
|
||||||
)
|
)
|
||||||
|
@ -35,7 +35,7 @@ type entryPointTracing struct {
|
||||||
func WrapEntryPointHandler(ctx context.Context, tracer *tracing.Tracer, semConvMetricRegistry *metrics.SemConvMetricsRegistry, entryPointName string) alice.Constructor {
|
func WrapEntryPointHandler(ctx context.Context, tracer *tracing.Tracer, semConvMetricRegistry *metrics.SemConvMetricsRegistry, entryPointName string) alice.Constructor {
|
||||||
return func(next http.Handler) (http.Handler, error) {
|
return func(next http.Handler) (http.Handler, error) {
|
||||||
if tracer == nil {
|
if tracer == nil {
|
||||||
tracer = tracing.NewTracer(noop.Tracer{}, nil, nil)
|
tracer = tracing.NewTracer(noop.Tracer{}, nil, nil, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
return newEntryPoint(ctx, tracer, semConvMetricRegistry, entryPointName, next), nil
|
return newEntryPoint(ctx, tracer, semConvMetricRegistry, entryPointName, next), nil
|
||||||
|
@ -47,7 +47,7 @@ func newEntryPoint(ctx context.Context, tracer *tracing.Tracer, semConvMetricReg
|
||||||
middlewares.GetLogger(ctx, "tracing", entryPointTypeName).Debug().Msg("Creating middleware")
|
middlewares.GetLogger(ctx, "tracing", entryPointTypeName).Debug().Msg("Creating middleware")
|
||||||
|
|
||||||
if tracer == nil {
|
if tracer == nil {
|
||||||
tracer = tracing.NewTracer(noop.Tracer{}, nil, nil)
|
tracer = tracing.NewTracer(noop.Tracer{}, nil, nil, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
return &entryPointTracing{
|
return &entryPointTracing{
|
||||||
|
|
|
@ -42,15 +42,14 @@ func TestEntryPointMiddleware_tracing(t *testing.T) {
|
||||||
attribute.String("network.protocol.version", "1.1"),
|
attribute.String("network.protocol.version", "1.1"),
|
||||||
attribute.Int64("http.request.body.size", int64(0)),
|
attribute.Int64("http.request.body.size", int64(0)),
|
||||||
attribute.String("url.path", "/search"),
|
attribute.String("url.path", "/search"),
|
||||||
attribute.String("url.query", "q=Opentelemetry"),
|
attribute.String("url.query", "q=Opentelemetry&token=REDACTED"),
|
||||||
attribute.String("url.scheme", "http"),
|
attribute.String("url.scheme", "http"),
|
||||||
attribute.String("user_agent.original", "entrypoint-test"),
|
attribute.String("user_agent.original", "entrypoint-test"),
|
||||||
attribute.String("server.address", "www.test.com"),
|
attribute.String("server.address", "www.test.com"),
|
||||||
attribute.String("network.peer.address", "10.0.0.1"),
|
attribute.String("network.peer.address", "10.0.0.1"),
|
||||||
attribute.String("network.peer.port", "1234"),
|
|
||||||
attribute.String("client.address", "10.0.0.1"),
|
attribute.String("client.address", "10.0.0.1"),
|
||||||
attribute.Int64("client.port", int64(1234)),
|
attribute.Int64("client.port", int64(1234)),
|
||||||
attribute.String("client.socket.address", ""),
|
attribute.Int64("network.peer.port", int64(1234)),
|
||||||
attribute.StringSlice("http.request.header.x-foo", []string{"foo", "bar"}),
|
attribute.StringSlice("http.request.header.x-foo", []string{"foo", "bar"}),
|
||||||
attribute.Int64("http.response.status_code", int64(404)),
|
attribute.Int64("http.response.status_code", int64(404)),
|
||||||
attribute.StringSlice("http.response.header.x-bar", []string{"foo", "bar"}),
|
attribute.StringSlice("http.response.header.x-bar", []string{"foo", "bar"}),
|
||||||
|
@ -61,7 +60,7 @@ func TestEntryPointMiddleware_tracing(t *testing.T) {
|
||||||
|
|
||||||
for _, test := range testCases {
|
for _, test := range testCases {
|
||||||
t.Run(test.desc, func(t *testing.T) {
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
req := httptest.NewRequest(http.MethodGet, "http://www.test.com/search?q=Opentelemetry", nil)
|
req := httptest.NewRequest(http.MethodGet, "http://www.test.com/search?q=Opentelemetry&token=123", nil)
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
req.RemoteAddr = "10.0.0.1:1234"
|
req.RemoteAddr = "10.0.0.1:1234"
|
||||||
req.Header.Set("User-Agent", "entrypoint-test")
|
req.Header.Set("User-Agent", "entrypoint-test")
|
||||||
|
@ -77,7 +76,7 @@ func TestEntryPointMiddleware_tracing(t *testing.T) {
|
||||||
|
|
||||||
tracer := &mockTracer{}
|
tracer := &mockTracer{}
|
||||||
|
|
||||||
handler := newEntryPoint(context.Background(), tracing.NewTracer(tracer, []string{"X-Foo"}, []string{"X-Bar"}), nil, test.entryPoint, next)
|
handler := newEntryPoint(context.Background(), tracing.NewTracer(tracer, []string{"X-Foo"}, []string{"X-Bar"}, []string{"q"}), nil, test.entryPoint, next)
|
||||||
handler.ServeHTTP(rw, req)
|
handler.ServeHTTP(rw, req)
|
||||||
|
|
||||||
for _, span := range tracer.spans {
|
for _, span := range tracer.spans {
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
"github.com/traefik/traefik/v3/pkg/middlewares"
|
"github.com/traefik/traefik/v3/pkg/middlewares"
|
||||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||||
"go.opentelemetry.io/otel/attribute"
|
"go.opentelemetry.io/otel/attribute"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"go.opentelemetry.io/otel/trace"
|
"go.opentelemetry.io/otel/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -16,7 +16,7 @@ import (
|
||||||
"github.com/traefik/traefik/v3/pkg/middlewares"
|
"github.com/traefik/traefik/v3/pkg/middlewares"
|
||||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||||
"go.opentelemetry.io/otel/attribute"
|
"go.opentelemetry.io/otel/attribute"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"go.opentelemetry.io/otel/trace"
|
"go.opentelemetry.io/otel/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -95,7 +95,7 @@ func (r *retry) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
|
||||||
currentSpan.SetAttributes(attribute.String("traefik.middleware.name", r.name))
|
currentSpan.SetAttributes(attribute.String("traefik.middleware.name", r.name))
|
||||||
// Only add the attribute "http.resend_count" defined by semantic conventions starting from second attempt.
|
// Only add the attribute "http.resend_count" defined by semantic conventions starting from second attempt.
|
||||||
if attempts > 1 {
|
if attempts > 1 {
|
||||||
currentSpan.SetAttributes(semconv.HTTPResendCount(attempts - 1))
|
currentSpan.SetAttributes(semconv.HTTPRequestResendCount(attempts - 1))
|
||||||
}
|
}
|
||||||
|
|
||||||
req = req.WithContext(tracingCtx)
|
req = req.WithContext(tracingCtx)
|
||||||
|
|
|
@ -52,7 +52,7 @@ func NewBuilder(client *Client, plugins map[string]Descriptor, localPlugins map[
|
||||||
|
|
||||||
switch manifest.Type {
|
switch manifest.Type {
|
||||||
case typeMiddleware:
|
case typeMiddleware:
|
||||||
middleware, err := newMiddlewareBuilder(logCtx, client.GoPath(), manifest, desc.ModuleName)
|
middleware, err := newMiddlewareBuilder(logCtx, client.GoPath(), manifest, desc.ModuleName, desc.Settings)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -87,7 +87,7 @@ func NewBuilder(client *Client, plugins map[string]Descriptor, localPlugins map[
|
||||||
|
|
||||||
switch manifest.Type {
|
switch manifest.Type {
|
||||||
case typeMiddleware:
|
case typeMiddleware:
|
||||||
middleware, err := newMiddlewareBuilder(logCtx, localGoPath, manifest, desc.ModuleName)
|
middleware, err := newMiddlewareBuilder(logCtx, localGoPath, manifest, desc.ModuleName, desc.Settings)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -128,7 +128,7 @@ func (b Builder) Build(pName string, config map[string]interface{}, middlewareNa
|
||||||
return nil, fmt.Errorf("unknown plugin type: %s", pName)
|
return nil, fmt.Errorf("unknown plugin type: %s", pName)
|
||||||
}
|
}
|
||||||
|
|
||||||
func newMiddlewareBuilder(ctx context.Context, goPath string, manifest *Manifest, moduleName string) (middlewareBuilder, error) {
|
func newMiddlewareBuilder(ctx context.Context, goPath string, manifest *Manifest, moduleName string, settings Settings) (middlewareBuilder, error) {
|
||||||
switch manifest.Runtime {
|
switch manifest.Runtime {
|
||||||
case runtimeWasm:
|
case runtimeWasm:
|
||||||
wasmPath, err := getWasmPath(manifest)
|
wasmPath, err := getWasmPath(manifest)
|
||||||
|
@ -136,7 +136,7 @@ func newMiddlewareBuilder(ctx context.Context, goPath string, manifest *Manifest
|
||||||
return nil, fmt.Errorf("wasm path: %w", err)
|
return nil, fmt.Errorf("wasm path: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return newWasmMiddlewareBuilder(goPath, moduleName, wasmPath), nil
|
return newWasmMiddlewareBuilder(goPath, moduleName, wasmPath, settings)
|
||||||
|
|
||||||
case runtimeYaegi, "":
|
case runtimeYaegi, "":
|
||||||
i, err := newInterpreter(ctx, goPath, manifest.Import)
|
i, err := newInterpreter(ctx, goPath, manifest.Import)
|
||||||
|
|
|
@ -8,9 +8,11 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"reflect"
|
"reflect"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/http-wasm/http-wasm-host-go/handler"
|
"github.com/http-wasm/http-wasm-host-go/handler"
|
||||||
wasm "github.com/http-wasm/http-wasm-host-go/handler/nethttp"
|
wasm "github.com/http-wasm/http-wasm-host-go/handler/nethttp"
|
||||||
|
"github.com/juliens/wasm-goexport/host"
|
||||||
"github.com/tetratelabs/wazero"
|
"github.com/tetratelabs/wazero"
|
||||||
"github.com/traefik/traefik/v3/pkg/logs"
|
"github.com/traefik/traefik/v3/pkg/logs"
|
||||||
"github.com/traefik/traefik/v3/pkg/middlewares"
|
"github.com/traefik/traefik/v3/pkg/middlewares"
|
||||||
|
@ -18,10 +20,26 @@ import (
|
||||||
|
|
||||||
type wasmMiddlewareBuilder struct {
|
type wasmMiddlewareBuilder struct {
|
||||||
path string
|
path string
|
||||||
|
cache wazero.CompilationCache
|
||||||
|
settings Settings
|
||||||
}
|
}
|
||||||
|
|
||||||
func newWasmMiddlewareBuilder(goPath string, moduleName, wasmPath string) *wasmMiddlewareBuilder {
|
func newWasmMiddlewareBuilder(goPath, moduleName, wasmPath string, settings Settings) (*wasmMiddlewareBuilder, error) {
|
||||||
return &wasmMiddlewareBuilder{path: filepath.Join(goPath, "src", moduleName, wasmPath)}
|
ctx := context.Background()
|
||||||
|
path := filepath.Join(goPath, "src", moduleName, wasmPath)
|
||||||
|
cache := wazero.NewCompilationCache()
|
||||||
|
|
||||||
|
code, err := os.ReadFile(path)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("loading Wasm binary: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
rt := wazero.NewRuntimeWithConfig(ctx, wazero.NewRuntimeConfig().WithCompilationCache(cache))
|
||||||
|
if _, err = rt.CompileModule(ctx, code); err != nil {
|
||||||
|
return nil, fmt.Errorf("compiling guest module: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return &wasmMiddlewareBuilder{path: path, cache: cache, settings: settings}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b wasmMiddlewareBuilder) newMiddleware(config map[string]interface{}, middlewareName string) (pluginMiddleware, error) {
|
func (b wasmMiddlewareBuilder) newMiddleware(config map[string]interface{}, middlewareName string) (pluginMiddleware, error) {
|
||||||
|
@ -33,15 +51,64 @@ func (b wasmMiddlewareBuilder) newMiddleware(config map[string]interface{}, midd
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b wasmMiddlewareBuilder) newHandler(ctx context.Context, next http.Handler, cfg reflect.Value, middlewareName string) (http.Handler, error) {
|
func (b wasmMiddlewareBuilder) newHandler(ctx context.Context, next http.Handler, cfg reflect.Value, middlewareName string) (http.Handler, error) {
|
||||||
|
h, applyCtx, err := b.buildMiddleware(ctx, next, cfg, middlewareName)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("building Wasm middleware: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||||
|
h.ServeHTTP(rw, req.WithContext(applyCtx(req.Context())))
|
||||||
|
}), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (b *wasmMiddlewareBuilder) buildMiddleware(ctx context.Context, next http.Handler, cfg reflect.Value, middlewareName string) (http.Handler, func(ctx context.Context) context.Context, error) {
|
||||||
code, err := os.ReadFile(b.path)
|
code, err := os.ReadFile(b.path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("loading Wasm binary: %w", err)
|
return nil, nil, fmt.Errorf("loading binary: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
rt := host.NewRuntime(wazero.NewRuntimeWithConfig(ctx, wazero.NewRuntimeConfig().WithCompilationCache(b.cache)))
|
||||||
|
|
||||||
|
guestModule, err := rt.CompileModule(ctx, code)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, fmt.Errorf("compiling guest module: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
applyCtx, err := InstantiateHost(ctx, rt, guestModule, b.settings)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, fmt.Errorf("instantiating host module: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
logger := middlewares.GetLogger(ctx, middlewareName, "wasm")
|
logger := middlewares.GetLogger(ctx, middlewareName, "wasm")
|
||||||
|
|
||||||
|
config := wazero.NewModuleConfig().WithSysWalltime()
|
||||||
|
for _, env := range b.settings.Envs {
|
||||||
|
config.WithEnv(env, os.Getenv(env))
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(b.settings.Mounts) > 0 {
|
||||||
|
fsConfig := wazero.NewFSConfig()
|
||||||
|
for _, mount := range b.settings.Mounts {
|
||||||
|
withDir := fsConfig.WithDirMount
|
||||||
|
prefix, readOnly := strings.CutSuffix(mount, ":ro")
|
||||||
|
if readOnly {
|
||||||
|
withDir = fsConfig.WithReadOnlyDirMount
|
||||||
|
}
|
||||||
|
parts := strings.Split(prefix, ":")
|
||||||
|
switch {
|
||||||
|
case len(parts) == 1:
|
||||||
|
withDir(parts[0], parts[0])
|
||||||
|
case len(parts) == 2:
|
||||||
|
withDir(parts[0], parts[1])
|
||||||
|
default:
|
||||||
|
return nil, nil, fmt.Errorf("invalid directory %q", mount)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
config.WithFSConfig(fsConfig)
|
||||||
|
}
|
||||||
|
|
||||||
opts := []handler.Option{
|
opts := []handler.Option{
|
||||||
handler.ModuleConfig(wazero.NewModuleConfig().WithSysWalltime()),
|
handler.ModuleConfig(config),
|
||||||
handler.Logger(logs.NewWasmLogger(logger)),
|
handler.Logger(logs.NewWasmLogger(logger)),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -49,23 +116,27 @@ func (b wasmMiddlewareBuilder) newHandler(ctx context.Context, next http.Handler
|
||||||
if i != nil {
|
if i != nil {
|
||||||
config, ok := i.(map[string]interface{})
|
config, ok := i.(map[string]interface{})
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("could not type assert config: %T", i)
|
return nil, nil, fmt.Errorf("could not type assert config: %T", i)
|
||||||
}
|
}
|
||||||
|
|
||||||
data, err := json.Marshal(config)
|
data, err := json.Marshal(config)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("marshaling config: %w", err)
|
return nil, nil, fmt.Errorf("marshaling config: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
opts = append(opts, handler.GuestConfig(data))
|
opts = append(opts, handler.GuestConfig(data))
|
||||||
}
|
}
|
||||||
|
|
||||||
mw, err := wasm.NewMiddleware(context.Background(), code, opts...)
|
opts = append(opts, handler.Runtime(func(ctx context.Context) (wazero.Runtime, error) {
|
||||||
|
return rt, nil
|
||||||
|
}))
|
||||||
|
|
||||||
|
mw, err := wasm.NewMiddleware(applyCtx(ctx), code, opts...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, nil, fmt.Errorf("creating middleware: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return mw.NewHandler(ctx, next), nil
|
return mw.NewHandler(ctx, next), applyCtx, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// WasmMiddleware is an HTTP handler plugin wrapper.
|
// WasmMiddleware is an HTTP handler plugin wrapper.
|
||||||
|
|
|
@ -10,6 +10,11 @@ const (
|
||||||
typeProvider = "provider"
|
typeProvider = "provider"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type Settings struct {
|
||||||
|
Envs []string `description:"Environment variables to forward to the wasm guest." json:"envs,omitempty" toml:"envs,omitempty" yaml:"envs,omitempty"`
|
||||||
|
Mounts []string `description:"Directory to mount to the wasm guest." json:"mounts,omitempty" toml:"mounts,omitempty" yaml:"mounts,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
// Descriptor The static part of a plugin configuration.
|
// Descriptor The static part of a plugin configuration.
|
||||||
type Descriptor struct {
|
type Descriptor struct {
|
||||||
// ModuleName (required)
|
// ModuleName (required)
|
||||||
|
@ -17,12 +22,18 @@ type Descriptor struct {
|
||||||
|
|
||||||
// Version (required)
|
// Version (required)
|
||||||
Version string `description:"plugin's version." json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"`
|
Version string `description:"plugin's version." json:"version,omitempty" toml:"version,omitempty" yaml:"version,omitempty" export:"true"`
|
||||||
|
|
||||||
|
// Settings (optional)
|
||||||
|
Settings Settings `description:"Plugin's settings (works only for wasm plugins)." json:"settings,omitempty" toml:"settings,omitempty" yaml:"settings,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// LocalDescriptor The static part of a local plugin configuration.
|
// LocalDescriptor The static part of a local plugin configuration.
|
||||||
type LocalDescriptor struct {
|
type LocalDescriptor struct {
|
||||||
// ModuleName (required)
|
// ModuleName (required)
|
||||||
ModuleName string `description:"plugin's module name." json:"moduleName,omitempty" toml:"moduleName,omitempty" yaml:"moduleName,omitempty" export:"true"`
|
ModuleName string `description:"Plugin's module name." json:"moduleName,omitempty" toml:"moduleName,omitempty" yaml:"moduleName,omitempty" export:"true"`
|
||||||
|
|
||||||
|
// Settings (optional)
|
||||||
|
Settings Settings `description:"Plugin's settings (works only for wasm plugins)." json:"settings,omitempty" toml:"settings,omitempty" yaml:"settings,omitempty" export:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Manifest The plugin manifest.
|
// Manifest The plugin manifest.
|
||||||
|
|
59
pkg/plugins/wasip.go
Normal file
59
pkg/plugins/wasip.go
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
//go:build !windows
|
||||||
|
|
||||||
|
package plugins
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
|
||||||
|
"github.com/stealthrocket/wasi-go/imports"
|
||||||
|
wazergo_wasip1 "github.com/stealthrocket/wasi-go/imports/wasi_snapshot_preview1"
|
||||||
|
"github.com/stealthrocket/wazergo"
|
||||||
|
"github.com/tetratelabs/wazero"
|
||||||
|
wazero_wasip1 "github.com/tetratelabs/wazero/imports/wasi_snapshot_preview1"
|
||||||
|
)
|
||||||
|
|
||||||
|
type ContextApplier func(ctx context.Context) context.Context
|
||||||
|
|
||||||
|
// InstantiateHost instantiates the Host module according to the guest requirements (for now only SocketExtensions).
|
||||||
|
func InstantiateHost(ctx context.Context, runtime wazero.Runtime, mod wazero.CompiledModule, settings Settings) (ContextApplier, error) {
|
||||||
|
if extension := imports.DetectSocketsExtension(mod); extension != nil {
|
||||||
|
envs := []string{}
|
||||||
|
for _, env := range settings.Envs {
|
||||||
|
envs = append(envs, fmt.Sprintf("%s=%s", env, os.Getenv(env)))
|
||||||
|
}
|
||||||
|
|
||||||
|
builder := imports.NewBuilder().WithSocketsExtension("auto", mod)
|
||||||
|
if len(envs) > 0 {
|
||||||
|
builder.WithEnv(envs...)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(settings.Mounts) > 0 {
|
||||||
|
builder.WithDirs(settings.Mounts...)
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx, sys, err := builder.Instantiate(ctx, runtime)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
inst, err := wazergo.Instantiate(ctx, runtime, wazergo_wasip1.NewHostModule(*extension), wazergo_wasip1.WithWASI(sys))
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("wazergo instantiation: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(ctx context.Context) context.Context {
|
||||||
|
return wazergo.WithModuleInstance(ctx, inst)
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err := wazero_wasip1.Instantiate(ctx, runtime)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("wazero instantiation: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(ctx context.Context) context.Context {
|
||||||
|
return ctx
|
||||||
|
}, nil
|
||||||
|
}
|
18
pkg/plugins/wasip_windows.go
Normal file
18
pkg/plugins/wasip_windows.go
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
//go:build windows
|
||||||
|
|
||||||
|
package plugins
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"github.com/tetratelabs/wazero"
|
||||||
|
)
|
||||||
|
|
||||||
|
type ContextApplier func(ctx context.Context) context.Context
|
||||||
|
|
||||||
|
// InstantiateHost instantiates the Host module.
|
||||||
|
func InstantiateHost(ctx context.Context, runtime wazero.Runtime, mod wazero.CompiledModule, settings Settings) (ContextApplier, error) {
|
||||||
|
return func(ctx context.Context) context.Context {
|
||||||
|
return ctx
|
||||||
|
}, nil
|
||||||
|
}
|
|
@ -13,75 +13,75 @@ type IngressRouteSpec struct {
|
||||||
Routes []Route `json:"routes"`
|
Routes []Route `json:"routes"`
|
||||||
// EntryPoints defines the list of entry point names to bind to.
|
// EntryPoints defines the list of entry point names to bind to.
|
||||||
// Entry points have to be configured in the static configuration.
|
// Entry points have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
// Default: all.
|
// Default: all.
|
||||||
EntryPoints []string `json:"entryPoints,omitempty"`
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
||||||
// TLS defines the TLS configuration.
|
// TLS defines the TLS configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
||||||
TLS *TLS `json:"tls,omitempty"`
|
TLS *TLS `json:"tls,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Route holds the HTTP route configuration.
|
// Route holds the HTTP route configuration.
|
||||||
type Route struct {
|
type Route struct {
|
||||||
// Match defines the router's rule.
|
// Match defines the router's rule.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
|
||||||
Match string `json:"match"`
|
Match string `json:"match"`
|
||||||
// Kind defines the kind of the route.
|
// Kind defines the kind of the route.
|
||||||
// Rule is the only supported kind.
|
// Rule is the only supported kind.
|
||||||
// +kubebuilder:validation:Enum=Rule
|
// +kubebuilder:validation:Enum=Rule
|
||||||
Kind string `json:"kind"`
|
Kind string `json:"kind"`
|
||||||
// Priority defines the router's priority.
|
// Priority defines the router's priority.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
|
||||||
Priority int `json:"priority,omitempty"`
|
Priority int `json:"priority,omitempty"`
|
||||||
// Syntax defines the router's rule syntax.
|
// Syntax defines the router's rule syntax.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
|
||||||
Syntax string `json:"syntax,omitempty"`
|
Syntax string `json:"syntax,omitempty"`
|
||||||
// Services defines the list of Service.
|
// Services defines the list of Service.
|
||||||
// It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
|
// It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
|
||||||
Services []Service `json:"services,omitempty"`
|
Services []Service `json:"services,omitempty"`
|
||||||
// Middlewares defines the list of references to Middleware resources.
|
// Middlewares defines the list of references to Middleware resources.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware
|
||||||
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLS holds the TLS configuration.
|
// TLS holds the TLS configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls
|
||||||
type TLS struct {
|
type TLS struct {
|
||||||
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
||||||
SecretName string `json:"secretName,omitempty"`
|
SecretName string `json:"secretName,omitempty"`
|
||||||
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
// If not defined, the `default` TLSOption is used.
|
// If not defined, the `default` TLSOption is used.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
Options *TLSOptionRef `json:"options,omitempty"`
|
Options *TLSOptionRef `json:"options,omitempty"`
|
||||||
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
||||||
// Please note that only `default` TLSStore can be used.
|
// Please note that only `default` TLSStore can be used.
|
||||||
Store *TLSStoreRef `json:"store,omitempty"`
|
Store *TLSStoreRef `json:"store,omitempty"`
|
||||||
// CertResolver defines the name of the certificate resolver to use.
|
// CertResolver defines the name of the certificate resolver to use.
|
||||||
// Cert resolvers have to be configured in the static configuration.
|
// Cert resolvers have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
// More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
CertResolver string `json:"certResolver,omitempty"`
|
CertResolver string `json:"certResolver,omitempty"`
|
||||||
// Domains defines the list of domains that will be used to issue certificates.
|
// Domains defines the list of domains that will be used to issue certificates.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
Domains []types.Domain `json:"domains,omitempty"`
|
Domains []types.Domain `json:"domains,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSOptionRef is a reference to a TLSOption resource.
|
// TLSOptionRef is a reference to a TLSOption resource.
|
||||||
type TLSOptionRef struct {
|
type TLSOptionRef struct {
|
||||||
// Name defines the name of the referenced TLSOption.
|
// Name defines the name of the referenced TLSOption.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
// Namespace defines the namespace of the referenced TLSOption.
|
// Namespace defines the namespace of the referenced TLSOption.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
|
||||||
Namespace string `json:"namespace,omitempty"`
|
Namespace string `json:"namespace,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSStoreRef is a reference to a TLSStore resource.
|
// TLSStoreRef is a reference to a TLSStore resource.
|
||||||
type TLSStoreRef struct {
|
type TLSStoreRef struct {
|
||||||
// Name defines the name of the referenced TLSStore.
|
// Name defines the name of the referenced TLSStore.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
// Namespace defines the namespace of the referenced TLSStore.
|
// Namespace defines the namespace of the referenced TLSStore.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
|
||||||
Namespace string `json:"namespace,omitempty"`
|
Namespace string `json:"namespace,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -98,7 +98,7 @@ type LoadBalancerSpec struct {
|
||||||
// Namespace defines the namespace of the referenced Kubernetes Service or TraefikService.
|
// Namespace defines the namespace of the referenced Kubernetes Service or TraefikService.
|
||||||
Namespace string `json:"namespace,omitempty"`
|
Namespace string `json:"namespace,omitempty"`
|
||||||
// Sticky defines the sticky sessions configuration.
|
// Sticky defines the sticky sessions configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions
|
||||||
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
||||||
// Port defines the port of a Kubernetes Service.
|
// Port defines the port of a Kubernetes Service.
|
||||||
// This can be a reference to a named port.
|
// This can be a reference to a named port.
|
||||||
|
|
|
@ -13,24 +13,24 @@ type IngressRouteTCPSpec struct {
|
||||||
Routes []RouteTCP `json:"routes"`
|
Routes []RouteTCP `json:"routes"`
|
||||||
// EntryPoints defines the list of entry point names to bind to.
|
// EntryPoints defines the list of entry point names to bind to.
|
||||||
// Entry points have to be configured in the static configuration.
|
// Entry points have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
// Default: all.
|
// Default: all.
|
||||||
EntryPoints []string `json:"entryPoints,omitempty"`
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
||||||
// TLS defines the TLS configuration on a layer 4 / TCP Route.
|
// TLS defines the TLS configuration on a layer 4 / TCP Route.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
||||||
TLS *TLSTCP `json:"tls,omitempty"`
|
TLS *TLSTCP `json:"tls,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// RouteTCP holds the TCP route configuration.
|
// RouteTCP holds the TCP route configuration.
|
||||||
type RouteTCP struct {
|
type RouteTCP struct {
|
||||||
// Match defines the router's rule.
|
// Match defines the router's rule.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
|
||||||
Match string `json:"match"`
|
Match string `json:"match"`
|
||||||
// Priority defines the router's priority.
|
// Priority defines the router's priority.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
|
||||||
Priority int `json:"priority,omitempty"`
|
Priority int `json:"priority,omitempty"`
|
||||||
// Syntax defines the router's rule syntax.
|
// Syntax defines the router's rule syntax.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
|
||||||
Syntax string `json:"syntax,omitempty"`
|
Syntax string `json:"syntax,omitempty"`
|
||||||
// Services defines the list of TCP services.
|
// Services defines the list of TCP services.
|
||||||
Services []ServiceTCP `json:"services,omitempty"`
|
Services []ServiceTCP `json:"services,omitempty"`
|
||||||
|
@ -39,7 +39,7 @@ type RouteTCP struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSTCP holds the TLS configuration for an IngressRouteTCP.
|
// TLSTCP holds the TLS configuration for an IngressRouteTCP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1
|
||||||
type TLSTCP struct {
|
type TLSTCP struct {
|
||||||
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
||||||
SecretName string `json:"secretName,omitempty"`
|
SecretName string `json:"secretName,omitempty"`
|
||||||
|
@ -47,17 +47,17 @@ type TLSTCP struct {
|
||||||
Passthrough bool `json:"passthrough,omitempty"`
|
Passthrough bool `json:"passthrough,omitempty"`
|
||||||
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
||||||
// If not defined, the `default` TLSOption is used.
|
// If not defined, the `default` TLSOption is used.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
Options *ObjectReference `json:"options,omitempty"`
|
Options *ObjectReference `json:"options,omitempty"`
|
||||||
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
||||||
// Please note that only `default` TLSStore can be used.
|
// Please note that only `default` TLSStore can be used.
|
||||||
Store *ObjectReference `json:"store,omitempty"`
|
Store *ObjectReference `json:"store,omitempty"`
|
||||||
// CertResolver defines the name of the certificate resolver to use.
|
// CertResolver defines the name of the certificate resolver to use.
|
||||||
// Cert resolvers have to be configured in the static configuration.
|
// Cert resolvers have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
|
// More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
|
||||||
CertResolver string `json:"certResolver,omitempty"`
|
CertResolver string `json:"certResolver,omitempty"`
|
||||||
// Domains defines the list of domains that will be used to issue certificates.
|
// Domains defines the list of domains that will be used to issue certificates.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains
|
||||||
Domains []types.Domain `json:"domains,omitempty"`
|
Domains []types.Domain `json:"domains,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -80,7 +80,7 @@ type ServiceTCP struct {
|
||||||
// Deprecated: TerminationDelay is not supported APIVersion traefik.io/v1, please use ServersTransport to configure the TerminationDelay instead.
|
// Deprecated: TerminationDelay is not supported APIVersion traefik.io/v1, please use ServersTransport to configure the TerminationDelay instead.
|
||||||
TerminationDelay *int `json:"terminationDelay,omitempty"`
|
TerminationDelay *int `json:"terminationDelay,omitempty"`
|
||||||
// ProxyProtocol defines the PROXY protocol configuration.
|
// ProxyProtocol defines the PROXY protocol configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol
|
||||||
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
|
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
|
||||||
// ServersTransport defines the name of ServersTransportTCP resource to use.
|
// ServersTransport defines the name of ServersTransportTCP resource to use.
|
||||||
// It allows to configure the transport between Traefik and your servers.
|
// It allows to configure the transport between Traefik and your servers.
|
||||||
|
|
|
@ -11,7 +11,7 @@ type IngressRouteUDPSpec struct {
|
||||||
Routes []RouteUDP `json:"routes"`
|
Routes []RouteUDP `json:"routes"`
|
||||||
// EntryPoints defines the list of entry point names to bind to.
|
// EntryPoints defines the list of entry point names to bind to.
|
||||||
// Entry points have to be configured in the static configuration.
|
// Entry points have to be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/
|
||||||
// Default: all.
|
// Default: all.
|
||||||
EntryPoints []string `json:"entryPoints,omitempty"`
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
// +kubebuilder:storageversion
|
// +kubebuilder:storageversion
|
||||||
|
|
||||||
// Middleware is the CRD implementation of a Traefik Middleware.
|
// Middleware is the CRD implementation of a Traefik Middleware.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
|
||||||
type Middleware struct {
|
type Middleware struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -60,7 +60,7 @@ type MiddlewareSpec struct {
|
||||||
|
|
||||||
// ErrorPage holds the custom error middleware configuration.
|
// ErrorPage holds the custom error middleware configuration.
|
||||||
// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/
|
||||||
type ErrorPage struct {
|
type ErrorPage struct {
|
||||||
// Status defines which status or range of statuses should result in an error page.
|
// Status defines which status or range of statuses should result in an error page.
|
||||||
// It can be either a status code as a number (500),
|
// It can be either a status code as a number (500),
|
||||||
|
@ -69,7 +69,7 @@ type ErrorPage struct {
|
||||||
// or a combination of the two (404,418,500-599).
|
// or a combination of the two (404,418,500-599).
|
||||||
Status []string `json:"status,omitempty"`
|
Status []string `json:"status,omitempty"`
|
||||||
// Service defines the reference to a Kubernetes Service that will serve the error page.
|
// Service defines the reference to a Kubernetes Service that will serve the error page.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service
|
||||||
Service Service `json:"service,omitempty"`
|
Service Service `json:"service,omitempty"`
|
||||||
// Query defines the URL for the error page (hosted by service).
|
// Query defines the URL for the error page (hosted by service).
|
||||||
// The {status} variable can be used in order to insert the status code in the URL.
|
// The {status} variable can be used in order to insert the status code in the URL.
|
||||||
|
@ -96,7 +96,7 @@ type CircuitBreaker struct {
|
||||||
|
|
||||||
// Chain holds the configuration of the chain middleware.
|
// Chain holds the configuration of the chain middleware.
|
||||||
// This middleware enables to define reusable combinations of other pieces of middleware.
|
// This middleware enables to define reusable combinations of other pieces of middleware.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/
|
||||||
type Chain struct {
|
type Chain struct {
|
||||||
// Middlewares is the list of MiddlewareRef which composes the chain.
|
// Middlewares is the list of MiddlewareRef which composes the chain.
|
||||||
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
|
||||||
|
@ -106,7 +106,7 @@ type Chain struct {
|
||||||
|
|
||||||
// BasicAuth holds the basic auth middleware configuration.
|
// BasicAuth holds the basic auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/
|
||||||
type BasicAuth struct {
|
type BasicAuth struct {
|
||||||
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
||||||
Secret string `json:"secret,omitempty"`
|
Secret string `json:"secret,omitempty"`
|
||||||
|
@ -117,7 +117,7 @@ type BasicAuth struct {
|
||||||
// Default: false.
|
// Default: false.
|
||||||
RemoveHeader bool `json:"removeHeader,omitempty"`
|
RemoveHeader bool `json:"removeHeader,omitempty"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty"`
|
HeaderField string `json:"headerField,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -125,7 +125,7 @@ type BasicAuth struct {
|
||||||
|
|
||||||
// DigestAuth holds the digest auth middleware configuration.
|
// DigestAuth holds the digest auth middleware configuration.
|
||||||
// This middleware restricts access to your services to known users.
|
// This middleware restricts access to your services to known users.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/
|
||||||
type DigestAuth struct {
|
type DigestAuth struct {
|
||||||
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
|
||||||
Secret string `json:"secret,omitempty"`
|
Secret string `json:"secret,omitempty"`
|
||||||
|
@ -135,7 +135,7 @@ type DigestAuth struct {
|
||||||
// Default: traefik.
|
// Default: traefik.
|
||||||
Realm string `json:"realm,omitempty"`
|
Realm string `json:"realm,omitempty"`
|
||||||
// HeaderField defines a header field to store the authenticated user.
|
// HeaderField defines a header field to store the authenticated user.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
|
||||||
HeaderField string `json:"headerField,omitempty"`
|
HeaderField string `json:"headerField,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -143,7 +143,7 @@ type DigestAuth struct {
|
||||||
|
|
||||||
// ForwardAuth holds the forward auth middleware configuration.
|
// ForwardAuth holds the forward auth middleware configuration.
|
||||||
// This middleware delegates the request authentication to a Service.
|
// This middleware delegates the request authentication to a Service.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/
|
||||||
type ForwardAuth struct {
|
type ForwardAuth struct {
|
||||||
// Address defines the authentication server address.
|
// Address defines the authentication server address.
|
||||||
Address string `json:"address,omitempty"`
|
Address string `json:"address,omitempty"`
|
||||||
|
@ -152,7 +152,7 @@ type ForwardAuth struct {
|
||||||
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
|
||||||
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"`
|
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"`
|
||||||
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
|
||||||
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"`
|
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"`
|
||||||
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
|
||||||
// If not set or empty then all request headers are passed.
|
// If not set or empty then all request headers are passed.
|
||||||
|
@ -182,7 +182,7 @@ type ClientTLS struct {
|
||||||
|
|
||||||
// RateLimit holds the rate limit configuration.
|
// RateLimit holds the rate limit configuration.
|
||||||
// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/
|
||||||
type RateLimit struct {
|
type RateLimit struct {
|
||||||
// Average is the maximum rate, by default in requests/s, allowed for the given source.
|
// Average is the maximum rate, by default in requests/s, allowed for the given source.
|
||||||
// It defaults to 0, which means no rate limiting.
|
// It defaults to 0, which means no rate limiting.
|
||||||
|
@ -206,7 +206,7 @@ type RateLimit struct {
|
||||||
// Retry holds the retry middleware configuration.
|
// Retry holds the retry middleware configuration.
|
||||||
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
|
||||||
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/
|
||||||
type Retry struct {
|
type Retry struct {
|
||||||
// Attempts defines how many times the request should be retried.
|
// Attempts defines how many times the request should be retried.
|
||||||
Attempts int `json:"attempts,omitempty"`
|
Attempts int `json:"attempts,omitempty"`
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
|
||||||
// MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
// MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
|
||||||
type MiddlewareTCP struct {
|
type MiddlewareTCP struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -28,11 +28,11 @@ type MiddlewareTCPSpec struct {
|
||||||
// IPWhiteList defines the IPWhiteList middleware configuration.
|
// IPWhiteList defines the IPWhiteList middleware configuration.
|
||||||
// This middleware accepts/refuses connections based on the client IP.
|
// This middleware accepts/refuses connections based on the client IP.
|
||||||
// Deprecated: please use IPAllowList instead.
|
// Deprecated: please use IPAllowList instead.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/
|
||||||
IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"`
|
IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"`
|
||||||
// IPAllowList defines the IPAllowList middleware configuration.
|
// IPAllowList defines the IPAllowList middleware configuration.
|
||||||
// This middleware accepts/refuses connections based on the client IP.
|
// This middleware accepts/refuses connections based on the client IP.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
|
// More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/
|
||||||
IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"`
|
IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// ServersTransport is the CRD implementation of a ServersTransport.
|
// ServersTransport is the CRD implementation of a ServersTransport.
|
||||||
// If no serversTransport is specified, the default@internal will be used.
|
// If no serversTransport is specified, the default@internal will be used.
|
||||||
// The default@internal serversTransport is created from the static configuration.
|
// The default@internal serversTransport is created from the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
|
||||||
type ServersTransport struct {
|
type ServersTransport struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
// ServersTransportTCP is the CRD implementation of a TCPServersTransport.
|
||||||
// If no tcpServersTransport is specified, a default one named default@internal will be used.
|
// If no tcpServersTransport is specified, a default one named default@internal will be used.
|
||||||
// The default@internal tcpServersTransport can be configured in the static configuration.
|
// The default@internal tcpServersTransport can be configured in the static configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
|
||||||
type ServersTransportTCP struct {
|
type ServersTransportTCP struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// TraefikService object allows to:
|
// TraefikService object allows to:
|
||||||
// - Apply weight to Services on load-balancing
|
// - Apply weight to Services on load-balancing
|
||||||
// - Mirror traffic on services
|
// - Mirror traffic on services
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
|
||||||
type TraefikService struct {
|
type TraefikService struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -49,7 +49,7 @@ type TraefikServiceSpec struct {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// Mirroring holds the mirroring service configuration.
|
// Mirroring holds the mirroring service configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#mirroring-service
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#mirroring-service
|
||||||
type Mirroring struct {
|
type Mirroring struct {
|
||||||
LoadBalancerSpec `json:",inline"`
|
LoadBalancerSpec `json:",inline"`
|
||||||
|
|
||||||
|
@ -75,11 +75,11 @@ type MirrorService struct {
|
||||||
// +k8s:deepcopy-gen=true
|
// +k8s:deepcopy-gen=true
|
||||||
|
|
||||||
// WeightedRoundRobin holds the weighted round-robin configuration.
|
// WeightedRoundRobin holds the weighted round-robin configuration.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/services/#weighted-round-robin-service
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/services/#weighted-round-robin-service
|
||||||
type WeightedRoundRobin struct {
|
type WeightedRoundRobin struct {
|
||||||
// Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight.
|
// Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight.
|
||||||
Services []Service `json:"services,omitempty"`
|
Services []Service `json:"services,omitempty"`
|
||||||
// Sticky defines whether sticky sessions are enabled.
|
// Sticky defines whether sticky sessions are enabled.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
// More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
||||||
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
// +kubebuilder:storageversion
|
// +kubebuilder:storageversion
|
||||||
|
|
||||||
// TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
// TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
|
||||||
type TLSOption struct {
|
type TLSOption struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
@ -32,17 +32,17 @@ type TLSOptionSpec struct {
|
||||||
// Default: None.
|
// Default: None.
|
||||||
MaxVersion string `json:"maxVersion,omitempty"`
|
MaxVersion string `json:"maxVersion,omitempty"`
|
||||||
// CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
// CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
|
||||||
CipherSuites []string `json:"cipherSuites,omitempty"`
|
CipherSuites []string `json:"cipherSuites,omitempty"`
|
||||||
// CurvePreferences defines the preferred elliptic curves in a specific order.
|
// CurvePreferences defines the preferred elliptic curves in a specific order.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
|
||||||
CurvePreferences []string `json:"curvePreferences,omitempty"`
|
CurvePreferences []string `json:"curvePreferences,omitempty"`
|
||||||
// ClientAuth defines the server's policy for TLS Client Authentication.
|
// ClientAuth defines the server's policy for TLS Client Authentication.
|
||||||
ClientAuth ClientAuth `json:"clientAuth,omitempty"`
|
ClientAuth ClientAuth `json:"clientAuth,omitempty"`
|
||||||
// SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
|
// SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
|
||||||
SniStrict bool `json:"sniStrict,omitempty"`
|
SniStrict bool `json:"sniStrict,omitempty"`
|
||||||
// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
|
||||||
ALPNProtocols []string `json:"alpnProtocols,omitempty"`
|
ALPNProtocols []string `json:"alpnProtocols,omitempty"`
|
||||||
|
|
||||||
// PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
|
// PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
// TLSStore is the CRD implementation of a Traefik TLS Store.
|
// TLSStore is the CRD implementation of a Traefik TLS Store.
|
||||||
// For the time being, only the TLSStore named default is supported.
|
// For the time being, only the TLSStore named default is supported.
|
||||||
// This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
// This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
// More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores
|
// More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
|
||||||
type TLSStore struct {
|
type TLSStore struct {
|
||||||
metav1.TypeMeta `json:",inline"`
|
metav1.TypeMeta `json:",inline"`
|
||||||
// Standard object's metadata.
|
// Standard object's metadata.
|
||||||
|
|
|
@ -907,18 +907,34 @@ func TestDo_staticConfiguration(t *testing.T) {
|
||||||
"Descriptor0": {
|
"Descriptor0": {
|
||||||
ModuleName: "foobar",
|
ModuleName: "foobar",
|
||||||
Version: "foobar",
|
Version: "foobar",
|
||||||
|
Settings: plugins.Settings{
|
||||||
|
Envs: []string{"a", "b"},
|
||||||
|
Mounts: []string{"a", "b"},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
"Descriptor1": {
|
"Descriptor1": {
|
||||||
ModuleName: "foobar",
|
ModuleName: "foobar",
|
||||||
Version: "foobar",
|
Version: "foobar",
|
||||||
|
Settings: plugins.Settings{
|
||||||
|
Envs: []string{"a", "b"},
|
||||||
|
Mounts: []string{"a", "b"},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
LocalPlugins: map[string]plugins.LocalDescriptor{
|
LocalPlugins: map[string]plugins.LocalDescriptor{
|
||||||
"Descriptor0": {
|
"Descriptor0": {
|
||||||
ModuleName: "foobar",
|
ModuleName: "foobar",
|
||||||
|
Settings: plugins.Settings{
|
||||||
|
Envs: []string{"a", "b"},
|
||||||
|
Mounts: []string{"a", "b"},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
"Descriptor1": {
|
"Descriptor1": {
|
||||||
ModuleName: "foobar",
|
ModuleName: "foobar",
|
||||||
|
Settings: plugins.Settings{
|
||||||
|
Envs: []string{"a", "b"},
|
||||||
|
Mounts: []string{"a", "b"},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -388,19 +388,59 @@
|
||||||
"plugins": {
|
"plugins": {
|
||||||
"Descriptor0": {
|
"Descriptor0": {
|
||||||
"moduleName": "foobar",
|
"moduleName": "foobar",
|
||||||
"version": "foobar"
|
"version": "foobar",
|
||||||
|
"settings": {
|
||||||
|
"envs": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
],
|
||||||
|
"mounts": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
]
|
||||||
|
}
|
||||||
},
|
},
|
||||||
"Descriptor1": {
|
"Descriptor1": {
|
||||||
"moduleName": "foobar",
|
"moduleName": "foobar",
|
||||||
"version": "foobar"
|
"version": "foobar",
|
||||||
|
"settings": {
|
||||||
|
"envs": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
],
|
||||||
|
"mounts": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"localPlugins": {
|
"localPlugins": {
|
||||||
"Descriptor0": {
|
"Descriptor0": {
|
||||||
"moduleName": "foobar"
|
"moduleName": "foobar",
|
||||||
|
"settings": {
|
||||||
|
"envs": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
],
|
||||||
|
"mounts": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
]
|
||||||
|
}
|
||||||
},
|
},
|
||||||
"Descriptor1": {
|
"Descriptor1": {
|
||||||
"moduleName": "foobar"
|
"moduleName": "foobar",
|
||||||
|
"settings": {
|
||||||
|
"envs": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
],
|
||||||
|
"mounts": [
|
||||||
|
"xxxx",
|
||||||
|
"xxxx"
|
||||||
|
]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -48,8 +48,15 @@ const (
|
||||||
var (
|
var (
|
||||||
clientConnectionStates = map[string]*connState{}
|
clientConnectionStates = map[string]*connState{}
|
||||||
clientConnectionStatesMu = sync.RWMutex{}
|
clientConnectionStatesMu = sync.RWMutex{}
|
||||||
|
|
||||||
|
socketActivationListeners map[string]net.Listener
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// Populates pre-defined socketActivationListeners by socket activation.
|
||||||
|
populateSocketActivationListeners()
|
||||||
|
}
|
||||||
|
|
||||||
type connState struct {
|
type connState struct {
|
||||||
State string
|
State string
|
||||||
KeepAliveState string
|
KeepAliveState string
|
||||||
|
@ -96,6 +103,7 @@ func NewTCPEntryPoints(entryPointsConfig static.EntryPoints, hostResolverConfig
|
||||||
return clientConnectionStates
|
return clientConnectionStates
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
serverEntryPointsTCP := make(TCPEntryPoints)
|
serverEntryPointsTCP := make(TCPEntryPoints)
|
||||||
for entryPointName, config := range entryPointsConfig {
|
for entryPointName, config := range entryPointsConfig {
|
||||||
protocol, err := config.GetProtocol()
|
protocol, err := config.GetProtocol()
|
||||||
|
@ -113,7 +121,7 @@ func NewTCPEntryPoints(entryPointsConfig static.EntryPoints, hostResolverConfig
|
||||||
OpenConnectionsGauge().
|
OpenConnectionsGauge().
|
||||||
With("entrypoint", entryPointName, "protocol", "TCP")
|
With("entrypoint", entryPointName, "protocol", "TCP")
|
||||||
|
|
||||||
serverEntryPointsTCP[entryPointName], err = NewTCPEntryPoint(ctx, config, hostResolverConfig, openConnectionsGauge)
|
serverEntryPointsTCP[entryPointName], err = NewTCPEntryPoint(ctx, entryPointName, config, hostResolverConfig, openConnectionsGauge)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error while building entryPoint %s: %w", entryPointName, err)
|
return nil, fmt.Errorf("error while building entryPoint %s: %w", entryPointName, err)
|
||||||
}
|
}
|
||||||
|
@ -169,10 +177,10 @@ type TCPEntryPoint struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewTCPEntryPoint creates a new TCPEntryPoint.
|
// NewTCPEntryPoint creates a new TCPEntryPoint.
|
||||||
func NewTCPEntryPoint(ctx context.Context, configuration *static.EntryPoint, hostResolverConfig *types.HostResolverConfig, openConnectionsGauge gokitmetrics.Gauge) (*TCPEntryPoint, error) {
|
func NewTCPEntryPoint(ctx context.Context, name string, config *static.EntryPoint, hostResolverConfig *types.HostResolverConfig, openConnectionsGauge gokitmetrics.Gauge) (*TCPEntryPoint, error) {
|
||||||
tracker := newConnectionTracker(openConnectionsGauge)
|
tracker := newConnectionTracker(openConnectionsGauge)
|
||||||
|
|
||||||
listener, err := buildListener(ctx, configuration)
|
listener, err := buildListener(ctx, name, config)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error preparing server: %w", err)
|
return nil, fmt.Errorf("error preparing server: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -181,19 +189,19 @@ func NewTCPEntryPoint(ctx context.Context, configuration *static.EntryPoint, hos
|
||||||
|
|
||||||
reqDecorator := requestdecorator.New(hostResolverConfig)
|
reqDecorator := requestdecorator.New(hostResolverConfig)
|
||||||
|
|
||||||
httpServer, err := createHTTPServer(ctx, listener, configuration, true, reqDecorator)
|
httpServer, err := createHTTPServer(ctx, listener, config, true, reqDecorator)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error preparing http server: %w", err)
|
return nil, fmt.Errorf("error preparing http server: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
rt.SetHTTPForwarder(httpServer.Forwarder)
|
rt.SetHTTPForwarder(httpServer.Forwarder)
|
||||||
|
|
||||||
httpsServer, err := createHTTPServer(ctx, listener, configuration, false, reqDecorator)
|
httpsServer, err := createHTTPServer(ctx, listener, config, false, reqDecorator)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error preparing https server: %w", err)
|
return nil, fmt.Errorf("error preparing https server: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
h3Server, err := newHTTP3Server(ctx, configuration, httpsServer)
|
h3Server, err := newHTTP3Server(ctx, config, httpsServer)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error preparing http3 server: %w", err)
|
return nil, fmt.Errorf("error preparing http3 server: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -206,7 +214,7 @@ func NewTCPEntryPoint(ctx context.Context, configuration *static.EntryPoint, hos
|
||||||
return &TCPEntryPoint{
|
return &TCPEntryPoint{
|
||||||
listener: listener,
|
listener: listener,
|
||||||
switcher: tcpSwitcher,
|
switcher: tcpSwitcher,
|
||||||
transportConfiguration: configuration.Transport,
|
transportConfiguration: config.Transport,
|
||||||
tracker: tracker,
|
tracker: tracker,
|
||||||
httpServer: httpServer,
|
httpServer: httpServer,
|
||||||
httpsServer: httpsServer,
|
httpsServer: httpsServer,
|
||||||
|
@ -460,17 +468,29 @@ func buildProxyProtocolListener(ctx context.Context, entryPoint *static.EntryPoi
|
||||||
return proxyListener, nil
|
return proxyListener, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func buildListener(ctx context.Context, entryPoint *static.EntryPoint) (net.Listener, error) {
|
func buildListener(ctx context.Context, name string, config *static.EntryPoint) (net.Listener, error) {
|
||||||
listenConfig := newListenConfig(entryPoint)
|
var listener net.Listener
|
||||||
listener, err := listenConfig.Listen(ctx, "tcp", entryPoint.GetAddress())
|
var err error
|
||||||
|
|
||||||
|
// if we have predefined listener from socket activation
|
||||||
|
if ln, ok := socketActivationListeners[name]; ok {
|
||||||
|
listener = ln
|
||||||
|
} else {
|
||||||
|
if len(socketActivationListeners) > 0 {
|
||||||
|
log.Warn().Str("name", name).Msg("Unable to find socket activation listener for entryPoint")
|
||||||
|
}
|
||||||
|
|
||||||
|
listenConfig := newListenConfig(config)
|
||||||
|
listener, err = listenConfig.Listen(ctx, "tcp", config.GetAddress())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error opening listener: %w", err)
|
return nil, fmt.Errorf("error opening listener: %w", err)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
listener = tcpKeepAliveListener{listener.(*net.TCPListener)}
|
listener = tcpKeepAliveListener{listener.(*net.TCPListener)}
|
||||||
|
|
||||||
if entryPoint.ProxyProtocol != nil {
|
if config.ProxyProtocol != nil {
|
||||||
listener, err = buildProxyProtocolListener(ctx, entryPoint, listener)
|
listener, err = buildProxyProtocolListener(ctx, config, listener)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error creating proxy protocol listener: %w", err)
|
return nil, fmt.Errorf("error creating proxy protocol listener: %w", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -85,7 +85,7 @@ func TestHTTP3AdvertisedPort(t *testing.T) {
|
||||||
epConfig := &static.EntryPointsTransport{}
|
epConfig := &static.EntryPointsTransport{}
|
||||||
epConfig.SetDefaults()
|
epConfig.SetDefaults()
|
||||||
|
|
||||||
entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{
|
entryPoint, err := NewTCPEntryPoint(context.Background(), "", &static.EntryPoint{
|
||||||
Address: "127.0.0.1:8090",
|
Address: "127.0.0.1:8090",
|
||||||
Transport: epConfig,
|
Transport: epConfig,
|
||||||
ForwardedHeaders: &static.ForwardedHeaders{},
|
ForwardedHeaders: &static.ForwardedHeaders{},
|
||||||
|
|
|
@ -72,7 +72,7 @@ func testShutdown(t *testing.T, router *tcprouter.Router) {
|
||||||
epConfig.RespondingTimeouts.ReadTimeout = ptypes.Duration(5 * time.Second)
|
epConfig.RespondingTimeouts.ReadTimeout = ptypes.Duration(5 * time.Second)
|
||||||
epConfig.RespondingTimeouts.WriteTimeout = ptypes.Duration(5 * time.Second)
|
epConfig.RespondingTimeouts.WriteTimeout = ptypes.Duration(5 * time.Second)
|
||||||
|
|
||||||
entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{
|
entryPoint, err := NewTCPEntryPoint(context.Background(), "", &static.EntryPoint{
|
||||||
// We explicitly use an IPV4 address because on Alpine, with an IPV6 address
|
// We explicitly use an IPV4 address because on Alpine, with an IPV6 address
|
||||||
// there seems to be shenanigans related to properly cleaning up file descriptors
|
// there seems to be shenanigans related to properly cleaning up file descriptors
|
||||||
Address: "127.0.0.1:0",
|
Address: "127.0.0.1:0",
|
||||||
|
@ -159,7 +159,7 @@ func TestReadTimeoutWithoutFirstByte(t *testing.T) {
|
||||||
epConfig.SetDefaults()
|
epConfig.SetDefaults()
|
||||||
epConfig.RespondingTimeouts.ReadTimeout = ptypes.Duration(2 * time.Second)
|
epConfig.RespondingTimeouts.ReadTimeout = ptypes.Duration(2 * time.Second)
|
||||||
|
|
||||||
entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{
|
entryPoint, err := NewTCPEntryPoint(context.Background(), "", &static.EntryPoint{
|
||||||
Address: ":0",
|
Address: ":0",
|
||||||
Transport: epConfig,
|
Transport: epConfig,
|
||||||
ForwardedHeaders: &static.ForwardedHeaders{},
|
ForwardedHeaders: &static.ForwardedHeaders{},
|
||||||
|
@ -196,7 +196,7 @@ func TestReadTimeoutWithFirstByte(t *testing.T) {
|
||||||
epConfig.SetDefaults()
|
epConfig.SetDefaults()
|
||||||
epConfig.RespondingTimeouts.ReadTimeout = ptypes.Duration(2 * time.Second)
|
epConfig.RespondingTimeouts.ReadTimeout = ptypes.Duration(2 * time.Second)
|
||||||
|
|
||||||
entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{
|
entryPoint, err := NewTCPEntryPoint(context.Background(), "", &static.EntryPoint{
|
||||||
Address: ":0",
|
Address: ":0",
|
||||||
Transport: epConfig,
|
Transport: epConfig,
|
||||||
ForwardedHeaders: &static.ForwardedHeaders{},
|
ForwardedHeaders: &static.ForwardedHeaders{},
|
||||||
|
@ -236,7 +236,7 @@ func TestKeepAliveMaxRequests(t *testing.T) {
|
||||||
epConfig.SetDefaults()
|
epConfig.SetDefaults()
|
||||||
epConfig.KeepAliveMaxRequests = 3
|
epConfig.KeepAliveMaxRequests = 3
|
||||||
|
|
||||||
entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{
|
entryPoint, err := NewTCPEntryPoint(context.Background(), "", &static.EntryPoint{
|
||||||
Address: ":0",
|
Address: ":0",
|
||||||
Transport: epConfig,
|
Transport: epConfig,
|
||||||
ForwardedHeaders: &static.ForwardedHeaders{},
|
ForwardedHeaders: &static.ForwardedHeaders{},
|
||||||
|
@ -282,7 +282,7 @@ func TestKeepAliveMaxTime(t *testing.T) {
|
||||||
epConfig.SetDefaults()
|
epConfig.SetDefaults()
|
||||||
epConfig.KeepAliveMaxTime = ptypes.Duration(time.Millisecond)
|
epConfig.KeepAliveMaxTime = ptypes.Duration(time.Millisecond)
|
||||||
|
|
||||||
entryPoint, err := NewTCPEntryPoint(context.Background(), &static.EntryPoint{
|
entryPoint, err := NewTCPEntryPoint(context.Background(), "", &static.EntryPoint{
|
||||||
Address: ":0",
|
Address: ":0",
|
||||||
Transport: epConfig,
|
Transport: epConfig,
|
||||||
ForwardedHeaders: &static.ForwardedHeaders{},
|
ForwardedHeaders: &static.ForwardedHeaders{},
|
||||||
|
|
|
@ -14,7 +14,7 @@ import (
|
||||||
"github.com/traefik/traefik/v3/pkg/tracing"
|
"github.com/traefik/traefik/v3/pkg/tracing"
|
||||||
"go.opentelemetry.io/otel/attribute"
|
"go.opentelemetry.io/otel/attribute"
|
||||||
"go.opentelemetry.io/otel/metric"
|
"go.opentelemetry.io/otel/metric"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"go.opentelemetry.io/otel/trace"
|
"go.opentelemetry.io/otel/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
24
pkg/server/socket_activation_unix.go
Normal file
24
pkg/server/socket_activation_unix.go
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
//go:build !windows
|
||||||
|
|
||||||
|
package server
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net"
|
||||||
|
|
||||||
|
"github.com/coreos/go-systemd/activation"
|
||||||
|
"github.com/rs/zerolog/log"
|
||||||
|
)
|
||||||
|
|
||||||
|
func populateSocketActivationListeners() {
|
||||||
|
listenersWithName, _ := activation.ListenersWithNames()
|
||||||
|
|
||||||
|
socketActivationListeners = make(map[string]net.Listener)
|
||||||
|
for name, lns := range listenersWithName {
|
||||||
|
if len(lns) != 1 {
|
||||||
|
log.Error().Str("listenersName", name).Msg("Socket activation listeners must have one and only one listener per name")
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
socketActivationListeners[name] = lns[0]
|
||||||
|
}
|
||||||
|
}
|
5
pkg/server/socket_activation_windows.go
Normal file
5
pkg/server/socket_activation_windows.go
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
//go:build windows
|
||||||
|
|
||||||
|
package server
|
||||||
|
|
||||||
|
func populateSocketActivationListeners() {}
|
|
@ -18,7 +18,7 @@ import (
|
||||||
"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp"
|
"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp"
|
||||||
"go.opentelemetry.io/otel/sdk/resource"
|
"go.opentelemetry.io/otel/sdk/resource"
|
||||||
sdktrace "go.opentelemetry.io/otel/sdk/trace"
|
sdktrace "go.opentelemetry.io/otel/sdk/trace"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"go.opentelemetry.io/otel/trace"
|
"go.opentelemetry.io/otel/trace"
|
||||||
"google.golang.org/grpc/credentials"
|
"google.golang.org/grpc/credentials"
|
||||||
"google.golang.org/grpc/encoding/gzip"
|
"google.golang.org/grpc/encoding/gzip"
|
||||||
|
|
|
@ -6,6 +6,8 @@ import (
|
||||||
"io"
|
"io"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
"slices"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
@ -17,7 +19,7 @@ import (
|
||||||
"go.opentelemetry.io/otel/attribute"
|
"go.opentelemetry.io/otel/attribute"
|
||||||
"go.opentelemetry.io/otel/codes"
|
"go.opentelemetry.io/otel/codes"
|
||||||
"go.opentelemetry.io/otel/propagation"
|
"go.opentelemetry.io/otel/propagation"
|
||||||
semconv "go.opentelemetry.io/otel/semconv/v1.21.0"
|
semconv "go.opentelemetry.io/otel/semconv/v1.26.0"
|
||||||
"go.opentelemetry.io/otel/trace"
|
"go.opentelemetry.io/otel/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -47,7 +49,7 @@ func NewTracing(conf *static.Tracing) (*Tracer, io.Closer, error) {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return NewTracer(tr, conf.CapturedRequestHeaders, conf.CapturedResponseHeaders), closer, nil
|
return NewTracer(tr, conf.CapturedRequestHeaders, conf.CapturedResponseHeaders, conf.SafeQueryParams), closer, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// TracerFromContext extracts the trace.Tracer from the given context.
|
// TracerFromContext extracts the trace.Tracer from the given context.
|
||||||
|
@ -122,14 +124,16 @@ func (t TracerProvider) Tracer(name string, options ...trace.TracerOption) trace
|
||||||
type Tracer struct {
|
type Tracer struct {
|
||||||
trace.Tracer
|
trace.Tracer
|
||||||
|
|
||||||
|
safeQueryParams []string
|
||||||
capturedRequestHeaders []string
|
capturedRequestHeaders []string
|
||||||
capturedResponseHeaders []string
|
capturedResponseHeaders []string
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewTracer builds and configures a new Tracer.
|
// NewTracer builds and configures a new Tracer.
|
||||||
func NewTracer(tracer trace.Tracer, capturedRequestHeaders, capturedResponseHeaders []string) *Tracer {
|
func NewTracer(tracer trace.Tracer, capturedRequestHeaders, capturedResponseHeaders, safeQueryParams []string) *Tracer {
|
||||||
return &Tracer{
|
return &Tracer{
|
||||||
Tracer: tracer,
|
Tracer: tracer,
|
||||||
|
safeQueryParams: safeQueryParams,
|
||||||
capturedRequestHeaders: capturedRequestHeaders,
|
capturedRequestHeaders: capturedRequestHeaders,
|
||||||
capturedResponseHeaders: capturedResponseHeaders,
|
capturedResponseHeaders: capturedResponseHeaders,
|
||||||
}
|
}
|
||||||
|
@ -153,37 +157,37 @@ func (t *Tracer) Start(ctx context.Context, spanName string, opts ...trace.SpanS
|
||||||
}
|
}
|
||||||
|
|
||||||
// CaptureClientRequest used to add span attributes from the request as a Client.
|
// CaptureClientRequest used to add span attributes from the request as a Client.
|
||||||
// TODO: need to update the semconv package as it does not implement fully Semantic Convention v1.23.0.
|
|
||||||
func (t *Tracer) CaptureClientRequest(span trace.Span, r *http.Request) {
|
func (t *Tracer) CaptureClientRequest(span trace.Span, r *http.Request) {
|
||||||
if t == nil || span == nil || r == nil {
|
if t == nil || span == nil || r == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Common attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.23.0/docs/http/http-spans.md#common-attributes
|
// Common attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.26.0/docs/http/http-spans.md#common-attributes
|
||||||
span.SetAttributes(semconv.HTTPRequestMethodKey.String(r.Method))
|
span.SetAttributes(semconv.HTTPRequestMethodKey.String(r.Method))
|
||||||
span.SetAttributes(semconv.NetworkProtocolVersion(proto(r.Proto)))
|
span.SetAttributes(semconv.NetworkProtocolVersion(proto(r.Proto)))
|
||||||
|
|
||||||
// Client attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.23.0/docs/http/http-spans.md#http-client
|
// Client attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.26.0/docs/http/http-spans.md#http-client
|
||||||
span.SetAttributes(semconv.URLFull(r.URL.String()))
|
sURL := t.safeURL(r.URL)
|
||||||
span.SetAttributes(semconv.URLScheme(r.URL.Scheme))
|
span.SetAttributes(semconv.URLFull(sURL.String()))
|
||||||
|
span.SetAttributes(semconv.URLScheme(sURL.Scheme))
|
||||||
span.SetAttributes(semconv.UserAgentOriginal(r.UserAgent()))
|
span.SetAttributes(semconv.UserAgentOriginal(r.UserAgent()))
|
||||||
|
|
||||||
host, port, err := net.SplitHostPort(r.URL.Host)
|
host, port, err := net.SplitHostPort(sURL.Host)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
span.SetAttributes(attribute.String("network.peer.address", host))
|
span.SetAttributes(semconv.NetworkPeerAddress(host))
|
||||||
span.SetAttributes(semconv.ServerAddress(r.URL.Host))
|
span.SetAttributes(semconv.ServerAddress(sURL.Host))
|
||||||
switch r.URL.Scheme {
|
switch sURL.Scheme {
|
||||||
case "http":
|
case "http":
|
||||||
span.SetAttributes(attribute.String("network.peer.port", "80"))
|
span.SetAttributes(semconv.NetworkPeerPort(80))
|
||||||
span.SetAttributes(semconv.ServerPort(80))
|
span.SetAttributes(semconv.ServerPort(80))
|
||||||
case "https":
|
case "https":
|
||||||
span.SetAttributes(attribute.String("network.peer.port", "443"))
|
span.SetAttributes(semconv.NetworkPeerPort(443))
|
||||||
span.SetAttributes(semconv.ServerPort(443))
|
span.SetAttributes(semconv.ServerPort(443))
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
span.SetAttributes(attribute.String("network.peer.address", host))
|
span.SetAttributes(semconv.NetworkPeerAddress(host))
|
||||||
span.SetAttributes(attribute.String("network.peer.port", port))
|
|
||||||
intPort, _ := strconv.Atoi(port)
|
intPort, _ := strconv.Atoi(port)
|
||||||
|
span.SetAttributes(semconv.NetworkPeerPort(intPort))
|
||||||
span.SetAttributes(semconv.ServerAddress(host))
|
span.SetAttributes(semconv.ServerAddress(host))
|
||||||
span.SetAttributes(semconv.ServerPort(intPort))
|
span.SetAttributes(semconv.ServerPort(intPort))
|
||||||
}
|
}
|
||||||
|
@ -201,20 +205,20 @@ func (t *Tracer) CaptureClientRequest(span trace.Span, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// CaptureServerRequest used to add span attributes from the request as a Server.
|
// CaptureServerRequest used to add span attributes from the request as a Server.
|
||||||
// TODO: need to update the semconv package as it does not implement fully Semantic Convention v1.23.0.
|
|
||||||
func (t *Tracer) CaptureServerRequest(span trace.Span, r *http.Request) {
|
func (t *Tracer) CaptureServerRequest(span trace.Span, r *http.Request) {
|
||||||
if t == nil || span == nil || r == nil {
|
if t == nil || span == nil || r == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Common attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.23.0/docs/http/http-spans.md#common-attributes
|
// Common attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.26.0/docs/http/http-spans.md#common-attributes
|
||||||
span.SetAttributes(semconv.HTTPRequestMethodKey.String(r.Method))
|
span.SetAttributes(semconv.HTTPRequestMethodKey.String(r.Method))
|
||||||
span.SetAttributes(semconv.NetworkProtocolVersion(proto(r.Proto)))
|
span.SetAttributes(semconv.NetworkProtocolVersion(proto(r.Proto)))
|
||||||
|
|
||||||
// Server attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.23.0/docs/http/http-spans.md#http-server-semantic-conventions
|
sURL := t.safeURL(r.URL)
|
||||||
|
// Server attributes https://github.com/open-telemetry/semantic-conventions/blob/v1.26.0/docs/http/http-spans.md#http-server-semantic-conventions
|
||||||
span.SetAttributes(semconv.HTTPRequestBodySize(int(r.ContentLength)))
|
span.SetAttributes(semconv.HTTPRequestBodySize(int(r.ContentLength)))
|
||||||
span.SetAttributes(semconv.URLPath(r.URL.Path))
|
span.SetAttributes(semconv.URLPath(sURL.Path))
|
||||||
span.SetAttributes(semconv.URLQuery(r.URL.RawQuery))
|
span.SetAttributes(semconv.URLQuery(sURL.RawQuery))
|
||||||
span.SetAttributes(semconv.URLScheme(r.Header.Get("X-Forwarded-Proto")))
|
span.SetAttributes(semconv.URLScheme(r.Header.Get("X-Forwarded-Proto")))
|
||||||
span.SetAttributes(semconv.UserAgentOriginal(r.UserAgent()))
|
span.SetAttributes(semconv.UserAgentOriginal(r.UserAgent()))
|
||||||
span.SetAttributes(semconv.ServerAddress(r.Host))
|
span.SetAttributes(semconv.ServerAddress(r.Host))
|
||||||
|
@ -222,17 +226,15 @@ func (t *Tracer) CaptureServerRequest(span trace.Span, r *http.Request) {
|
||||||
host, port, err := net.SplitHostPort(r.RemoteAddr)
|
host, port, err := net.SplitHostPort(r.RemoteAddr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
span.SetAttributes(semconv.ClientAddress(r.RemoteAddr))
|
span.SetAttributes(semconv.ClientAddress(r.RemoteAddr))
|
||||||
span.SetAttributes(attribute.String("network.peer.address", r.RemoteAddr))
|
span.SetAttributes(semconv.NetworkPeerAddress(r.Host))
|
||||||
} else {
|
} else {
|
||||||
span.SetAttributes(attribute.String("network.peer.address", host))
|
span.SetAttributes(semconv.NetworkPeerAddress(host))
|
||||||
span.SetAttributes(attribute.String("network.peer.port", port))
|
|
||||||
span.SetAttributes(semconv.ClientAddress(host))
|
span.SetAttributes(semconv.ClientAddress(host))
|
||||||
intPort, _ := strconv.Atoi(port)
|
intPort, _ := strconv.Atoi(port)
|
||||||
span.SetAttributes(semconv.ClientPort(intPort))
|
span.SetAttributes(semconv.ClientPort(intPort))
|
||||||
|
span.SetAttributes(semconv.NetworkPeerPort(intPort))
|
||||||
}
|
}
|
||||||
|
|
||||||
span.SetAttributes(semconv.ClientSocketAddress(r.Header.Get("X-Forwarded-For")))
|
|
||||||
|
|
||||||
for _, header := range t.capturedRequestHeaders {
|
for _, header := range t.capturedRequestHeaders {
|
||||||
// User-agent is already part of the semantic convention as a recommended attribute.
|
// User-agent is already part of the semantic convention as a recommended attribute.
|
||||||
if strings.EqualFold(header, "User-Agent") {
|
if strings.EqualFold(header, "User-Agent") {
|
||||||
|
@ -273,6 +275,32 @@ func (t *Tracer) CaptureResponse(span trace.Span, responseHeaders http.Header, c
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (t *Tracer) safeURL(originalURL *url.URL) *url.URL {
|
||||||
|
if originalURL == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
redactedURL := *originalURL
|
||||||
|
|
||||||
|
// Redact password if exists.
|
||||||
|
if redactedURL.User != nil {
|
||||||
|
redactedURL.User = url.UserPassword("REDACTED", "REDACTED")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Redact query parameters.
|
||||||
|
query := redactedURL.Query()
|
||||||
|
for k := range query {
|
||||||
|
if slices.Contains(t.safeQueryParams, k) {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
query.Set(k, "REDACTED")
|
||||||
|
}
|
||||||
|
redactedURL.RawQuery = query.Encode()
|
||||||
|
|
||||||
|
return &redactedURL
|
||||||
|
}
|
||||||
|
|
||||||
func proto(proto string) string {
|
func proto(proto string) string {
|
||||||
switch proto {
|
switch proto {
|
||||||
case "HTTP/1.0":
|
case "HTTP/1.0":
|
||||||
|
|
57
pkg/tracing/tracing_test.go
Normal file
57
pkg/tracing/tracing_test.go
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
package tracing
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/url"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_safeFullURL(t *testing.T) {
|
||||||
|
testCases := []struct {
|
||||||
|
desc string
|
||||||
|
safeQueryParams []string
|
||||||
|
originalURL *url.URL
|
||||||
|
expectedURL *url.URL
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
desc: "Nil URL",
|
||||||
|
originalURL: nil,
|
||||||
|
expectedURL: nil,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "No query parameters",
|
||||||
|
originalURL: &url.URL{Scheme: "https", Host: "example.com"},
|
||||||
|
expectedURL: &url.URL{Scheme: "https", Host: "example.com"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "All query parameters redacted",
|
||||||
|
originalURL: &url.URL{Scheme: "https", Host: "example.com", RawQuery: "foo=bar&baz=qux"},
|
||||||
|
expectedURL: &url.URL{Scheme: "https", Host: "example.com", RawQuery: "baz=REDACTED&foo=REDACTED"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "Some query parameters unredacted",
|
||||||
|
safeQueryParams: []string{"foo"},
|
||||||
|
originalURL: &url.URL{Scheme: "https", Host: "example.com", RawQuery: "foo=bar&baz=qux"},
|
||||||
|
expectedURL: &url.URL{Scheme: "https", Host: "example.com", RawQuery: "baz=REDACTED&foo=bar"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "User info and some query parameters redacted",
|
||||||
|
safeQueryParams: []string{"foo"},
|
||||||
|
originalURL: &url.URL{Scheme: "https", Host: "example.com", User: url.UserPassword("username", "password"), RawQuery: "foo=bar&baz=qux"},
|
||||||
|
expectedURL: &url.URL{Scheme: "https", Host: "example.com", User: url.UserPassword("REDACTED", "REDACTED"), RawQuery: "baz=REDACTED&foo=bar"},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, test := range testCases {
|
||||||
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
tr := NewTracer(nil, nil, nil, test.safeQueryParams)
|
||||||
|
|
||||||
|
gotURL := tr.safeURL(test.originalURL)
|
||||||
|
|
||||||
|
assert.Equal(t, test.expectedURL, gotURL)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
|
@ -4,14 +4,14 @@ RepositoryName = "traefik"
|
||||||
OutputType = "file"
|
OutputType = "file"
|
||||||
FileName = "traefik_changelog.md"
|
FileName = "traefik_changelog.md"
|
||||||
|
|
||||||
# example RC1 of v3.0.0-beta1
|
# example RC1 of v3.1.0-rc1
|
||||||
CurrentRef = "master"
|
CurrentRef = "master"
|
||||||
PreviousRef = "v2.11.0-rc1"
|
PreviousRef = "v3.0.0-beta3"
|
||||||
BaseBranch = "master"
|
BaseBranch = "master"
|
||||||
FutureCurrentRefName = "v3.0.0-beta1"
|
FutureCurrentRefName = "v3.1.0-rc1"
|
||||||
|
|
||||||
ThresholdPreviousRef = 10
|
ThresholdPreviousRef = 10000
|
||||||
ThresholdCurrentRef = 10
|
ThresholdCurrentRef = 10000
|
||||||
|
|
||||||
Debug = true
|
Debug = true
|
||||||
DisplayLabel = true
|
DisplayLabel = true
|
||||||
|
|
Loading…
Reference in a new issue