Opentracing support

2018-01-10 17:48:04 +01:00 · 2018-01-10 17:48:04 +01:00 · 30ffba78e6
commit 30ffba78e6
parent 8394549857
272 changed files with 44352 additions and 63 deletions
--- a/middlewares/auth/authenticator.go
+++ b/middlewares/auth/authenticator.go
@ -8,6 +8,7 @@ import (

 	goauth "github.com/abbot/go-http-auth"
 	"github.com/containous/traefik/log"
+	"github.com/containous/traefik/middlewares/tracing"
 	"github.com/containous/traefik/types"
 	"github.com/urfave/negroni"
 )
@ -18,57 +19,85 @@ type Authenticator struct {
 	users   map[string]string
 }

+type tracingAuthenticator struct {
+	name           string
+	handler        negroni.Handler
+	clientSpanKind bool
+}
+
 // NewAuthenticator builds a new Authenticator given a config
-func NewAuthenticator(authConfig *types.Auth) (*Authenticator, error) {
+func NewAuthenticator(authConfig *types.Auth, tracingMiddleware *tracing.Tracing) (*Authenticator, error) {
 	if authConfig == nil {
-		return nil, fmt.Errorf("Error creating Authenticator: auth is nil")
+		return nil, fmt.Errorf("error creating Authenticator: auth is nil")
 	}
 	var err error
 	authenticator := Authenticator{}
+	tracingAuthenticator := tracingAuthenticator{}
 	if authConfig.Basic != nil {
 		authenticator.users, err = parserBasicUsers(authConfig.Basic)
 		if err != nil {
 			return nil, err
 		}
 		basicAuth := goauth.NewBasicAuthenticator("traefik", authenticator.secretBasic)
-		authenticator.handler = negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
-			if username := basicAuth.CheckAuth(r); username == "" {
-				log.Debug("Basic auth failed...")
-				basicAuth.RequireAuth(w, r)
-			} else {
-				log.Debug("Basic auth success...")
-				if authConfig.HeaderField != "" {
-					r.Header[authConfig.HeaderField] = []string{username}
-				}
-				next.ServeHTTP(w, r)
-			}
-		})
+		tracingAuthenticator.handler = createAuthBasicHandler(basicAuth, authConfig)
+		tracingAuthenticator.name = "Auth Basic"
+		tracingAuthenticator.clientSpanKind = false
 	} else if authConfig.Digest != nil {
 		authenticator.users, err = parserDigestUsers(authConfig.Digest)
 		if err != nil {
 			return nil, err
 		}
 		digestAuth := goauth.NewDigestAuthenticator("traefik", authenticator.secretDigest)
-		authenticator.handler = negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
-			if username, _ := digestAuth.CheckAuth(r); username == "" {
-				log.Debug("Digest auth failed...")
-				digestAuth.RequireAuth(w, r)
-			} else {
-				log.Debug("Digest auth success...")
-				if authConfig.HeaderField != "" {
-					r.Header[authConfig.HeaderField] = []string{username}
-				}
-				next.ServeHTTP(w, r)
-			}
-		})
+		tracingAuthenticator.handler = createAuthDigestHandler(digestAuth, authConfig)
+		tracingAuthenticator.name = "Auth Digest"
+		tracingAuthenticator.clientSpanKind = false
 	} else if authConfig.Forward != nil {
-		authenticator.handler = negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
-			Forward(authConfig.Forward, w, r, next)
-		})
+		tracingAuthenticator.handler = createAuthForwardHandler(authConfig)
+		tracingAuthenticator.name = "Auth Forward"
+		tracingAuthenticator.clientSpanKind = true
+	}
+	if tracingMiddleware != nil {
+		authenticator.handler = tracingMiddleware.NewNegroniHandlerWrapper(tracingAuthenticator.name, tracingAuthenticator.handler, tracingAuthenticator.clientSpanKind)
+	} else {
+		authenticator.handler = tracingAuthenticator.handler
 	}
 	return &authenticator, nil
 }

+func createAuthForwardHandler(authConfig *types.Auth) negroni.HandlerFunc {
+	return negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		Forward(authConfig.Forward, w, r, next)
+	})
+}
+func createAuthDigestHandler(digestAuth *goauth.DigestAuth, authConfig *types.Auth) negroni.HandlerFunc {
+	return negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		if username, _ := digestAuth.CheckAuth(r); username == "" {
+			log.Debugf("Digest auth failed")
+			digestAuth.RequireAuth(w, r)
+		} else {
+			log.Debugf("Digest auth succeeded")
+			if authConfig.HeaderField != "" {
+				r.Header[authConfig.HeaderField] = []string{username}
+			}
+			next.ServeHTTP(w, r)
+		}
+	})
+}
+func createAuthBasicHandler(basicAuth *goauth.BasicAuth, authConfig *types.Auth) negroni.HandlerFunc {
+	return negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		if username := basicAuth.CheckAuth(r); username == "" {
+			log.Debugf("Basic auth failed")
+			basicAuth.RequireAuth(w, r)
+		} else {
+			if authConfig.HeaderField != "" {
+				r.Header[authConfig.HeaderField] = []string{username}
+			}
+			log.Debugf("Basic auth succeeded")
+			next.ServeHTTP(w, r)
+		}
+	})
+}
+
 func getLinesFromFile(filename string) ([]string, error) {
 	dat, err := ioutil.ReadFile(filename)
 	if err != nil {
--- a/middlewares/auth/authenticator_test.go
+++ b/middlewares/auth/authenticator_test.go
@ -8,6 +8,7 @@ import (
 	"os"
 	"testing"

+	"github.com/containous/traefik/middlewares/tracing"
 	"github.com/containous/traefik/testhelpers"
 	"github.com/containous/traefik/types"
 	"github.com/stretchr/testify/assert"
@ -70,14 +71,14 @@ func TestBasicAuthFail(t *testing.T) {
 		Basic: &types.Basic{
 			Users: []string{"test"},
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.Contains(t, err.Error(), "Error parsing Authenticator user", "should contains")

 	authMiddleware, err := NewAuthenticator(&types.Auth{
 		Basic: &types.Basic{
 			Users: []string{"test:test"},
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -101,7 +102,7 @@ func TestBasicAuthSuccess(t *testing.T) {
 		Basic: &types.Basic{
 			Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"},
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -129,14 +130,14 @@ func TestDigestAuthFail(t *testing.T) {
 		Digest: &types.Digest{
 			Users: []string{"test"},
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.Contains(t, err.Error(), "Error parsing Authenticator user", "should contains")

 	authMiddleware, err := NewAuthenticator(&types.Auth{
 		Digest: &types.Digest{
 			Users: []string{"test:traefik:test"},
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")
 	assert.NotNil(t, authMiddleware, "this should not be nil")

@ -162,7 +163,7 @@ func TestBasicAuthUserHeader(t *testing.T) {
 			Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"},
 		},
 		HeaderField: "X-Webauth-User",
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
--- a/middlewares/auth/forward.go
+++ b/middlewares/auth/forward.go
@ -7,6 +7,7 @@ import (
 	"strings"

 	"github.com/containous/traefik/log"
+	"github.com/containous/traefik/middlewares/tracing"
 	"github.com/containous/traefik/types"
 	"github.com/vulcand/oxy/forward"
 	"github.com/vulcand/oxy/utils"
@ -18,18 +19,16 @@ const (

 // Forward the authentication to a external server
 func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
-
 	// Ensure our request client does not follow redirects
 	httpClient := http.Client{
 		CheckRedirect: func(r *http.Request, via []*http.Request) error {
 			return http.ErrUseLastResponse
 		},
 	}
-
 	if config.TLS != nil {
 		tlsConfig, err := config.TLS.CreateTLSConfig()
 		if err != nil {
-			log.Debugf("Impossible to configure TLS to call %s. Cause %s", config.Address, err)
+			tracing.SetErrorAndDebugLog(r, "Unable to configure TLS to call %s. Cause %s", config.Address, err)
 			w.WriteHeader(http.StatusInternalServerError)
 			return
 		}
@ -37,26 +36,28 @@ func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next
 			TLSClientConfig: tlsConfig,
 		}
 	}
-
 	forwardReq, err := http.NewRequest(http.MethodGet, config.Address, nil)
+	tracing.LogRequest(tracing.GetSpan(r), forwardReq)
 	if err != nil {
-		log.Debugf("Error calling %s. Cause %s", config.Address, err)
+		tracing.SetErrorAndDebugLog(r, "Error calling %s. Cause %s", config.Address, err)
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}

 	writeHeader(r, forwardReq, config.TrustForwardHeader)

+	tracing.InjectRequestHeaders(forwardReq)
+
 	forwardResponse, forwardErr := httpClient.Do(forwardReq)
 	if forwardErr != nil {
-		log.Debugf("Error calling %s. Cause: %s", config.Address, forwardErr)
+		tracing.SetErrorAndDebugLog(r, "Error calling %s. Cause: %s", config.Address, forwardErr)
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}

 	body, readError := ioutil.ReadAll(forwardResponse.Body)
 	if readError != nil {
-		log.Debugf("Error reading body %s. Cause: %s", config.Address, readError)
+		tracing.SetErrorAndDebugLog(r, "Error reading body %s. Cause: %s", config.Address, readError)
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}
@ -72,7 +73,7 @@ func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next

 		if err != nil {
 			if err != http.ErrNoLocation {
-				log.Debugf("Error reading response location header %s. Cause: %s", config.Address, err)
+				tracing.SetErrorAndDebugLog(r, "Error reading response location header %s. Cause: %s", config.Address, err)
 				w.WriteHeader(http.StatusInternalServerError)
 				return
 			}
@ -86,6 +87,7 @@ func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next
 			w.Header().Add("Set-Cookie", cookie.String())
 		}

+		tracing.LogResponseCode(tracing.GetSpan(r), forwardResponse.StatusCode)
 		w.WriteHeader(forwardResponse.StatusCode)
 		w.Write(body)
 		return
--- a/middlewares/auth/forward_test.go
+++ b/middlewares/auth/forward_test.go
@ -7,6 +7,7 @@ import (
 	"net/http/httptest"
 	"testing"

+	"github.com/containous/traefik/middlewares/tracing"
 	"github.com/containous/traefik/testhelpers"
 	"github.com/containous/traefik/types"
 	"github.com/stretchr/testify/assert"
@ -23,7 +24,7 @@ func TestForwardAuthFail(t *testing.T) {
 		Forward: &types.Forward{
 			Address: server.URL,
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -55,7 +56,7 @@ func TestForwardAuthSuccess(t *testing.T) {
 		Forward: &types.Forward{
 			Address: server.URL,
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -87,7 +88,7 @@ func TestForwardAuthRedirect(t *testing.T) {
 		Forward: &types.Forward{
 			Address: authTs.URL,
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -130,7 +131,7 @@ func TestForwardAuthCookie(t *testing.T) {
 		Forward: &types.Forward{
 			Address: authTs.URL,
 		},
-	})
+	}, &tracing.Tracing{})
 	assert.NoError(t, err, "there should be no error")

 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
--- a/middlewares/cbreaker.go
+++ b/middlewares/cbreaker.go
@ -3,6 +3,7 @@ package middlewares
 import (
 	"net/http"

+	"github.com/containous/traefik/middlewares/tracing"
 	"github.com/vulcand/oxy/cbreaker"
 )

@ -20,6 +21,16 @@ func NewCircuitBreaker(next http.Handler, expression string, options ...cbreaker
 	return &CircuitBreaker{circuitBreaker}, nil
 }

+// NewCircuitBreakerOptions returns a new CircuitBreakerOption
+func NewCircuitBreakerOptions(expression string) cbreaker.CircuitBreakerOption {
+	return cbreaker.Fallback(
+		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			tracing.LogEventf(r, "blocked by circuitbreaker (%q)", expression)
+			w.WriteHeader(http.StatusServiceUnavailable)
+			w.Write([]byte(http.StatusText(http.StatusServiceUnavailable)))
+		}))
+}
+
 func (cb *CircuitBreaker) ServeHTTP(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 	cb.circuitBreaker.ServeHTTP(rw, r)
 }
--- a/middlewares/ip_whitelister.go
+++ b/middlewares/ip_whitelister.go
@ -6,6 +6,7 @@ import (
 	"net/http"

 	"github.com/containous/traefik/log"
+	"github.com/containous/traefik/middlewares/tracing"
 	"github.com/containous/traefik/whitelist"
 	"github.com/pkg/errors"
 	"github.com/urfave/negroni"
@ -41,25 +42,25 @@ func NewIPWhitelister(whitelistStrings []string) (*IPWhiteLister, error) {
 func (wl *IPWhiteLister) handle(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 	ipAddress, _, err := net.SplitHostPort(r.RemoteAddr)
 	if err != nil {
-		log.Warnf("unable to parse remote-address from header: %s - rejecting", r.RemoteAddr)
+		tracing.SetErrorAndWarnLog(r, "unable to parse remote-address from header: %s - rejecting", r.RemoteAddr)
 		reject(w)
 		return
 	}

 	allowed, ip, err := wl.whiteLister.Contains(ipAddress)
 	if err != nil {
-		log.Debugf("source-IP %s matched none of the whitelists - rejecting", ipAddress)
+		tracing.SetErrorAndDebugLog(r, "source-IP %s matched none of the whitelists - rejecting", ipAddress)
 		reject(w)
 		return
 	}

 	if allowed {
-		log.Debugf("source-IP %s matched whitelist %s - passing", ipAddress, wl.whiteLister)
+		tracing.SetErrorAndDebugLog(r, "source-IP %s matched whitelist %s - passing", ipAddress, wl.whiteLister)
 		next.ServeHTTP(w, r)
 		return
 	}

-	log.Debugf("source-IP %s matched none of the whitelists - rejecting", ip)
+	tracing.SetErrorAndDebugLog(r, "source-IP %s matched none of the whitelists - rejecting", ip)
 	reject(w)
 }

--- a/middlewares/tracing/entrypoint.go
+++ b/middlewares/tracing/entrypoint.go
@ -0,0 +1,42 @@
+package tracing
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/containous/traefik/log"
+	"github.com/opentracing/opentracing-go"
+	"github.com/opentracing/opentracing-go/ext"
+	"github.com/urfave/negroni"
+)
+
+type entryPointMiddleware struct {
+	entryPoint string
+	*Tracing
+}
+
+// NewEntryPoint creates a new middleware that the incoming request
+func (t *Tracing) NewEntryPoint(name string) negroni.Handler {
+	log.Debug("Added entrypoint tracing middleware")
+	return &entryPointMiddleware{Tracing: t, entryPoint: name}
+}
+
+func (e *entryPointMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+	opNameFunc := func(r *http.Request) string {
+		return fmt.Sprintf("Entrypoint %s %s", e.entryPoint, r.Host)
+	}
+
+	ctx, _ := e.Extract(opentracing.HTTPHeaders, opentracing.HTTPHeadersCarrier(r.Header))
+	span := e.StartSpan(opNameFunc(r), ext.RPCServerOption(ctx))
+	ext.Component.Set(span, e.ServiceName)
+	LogRequest(span, r)
+	ext.SpanKindRPCServer.Set(span)
+
+	w = &statusCodeTracker{w, 200}
+	r = r.WithContext(opentracing.ContextWithSpan(r.Context(), span))
+
+	next(w, r)
+
+	LogResponseCode(span, w.(*statusCodeTracker).status)
+	span.Finish()
+}
--- a/middlewares/tracing/forwarder.go
+++ b/middlewares/tracing/forwarder.go
@ -0,0 +1,46 @@
+package tracing
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/containous/traefik/log"
+	"github.com/opentracing/opentracing-go/ext"
+	"github.com/urfave/negroni"
+)
+
+type forwarderMiddleware struct {
+	frontend string
+	backend  string
+	opName   string
+	*Tracing
+}
+
+// NewForwarderMiddleware creates a new forwarder middleware that traces the outgoing request
+func (t *Tracing) NewForwarderMiddleware(frontend, backend string) negroni.Handler {
+	log.Debugf("Added outgoing tracing middleware %s", frontend)
+	return &forwarderMiddleware{
+		Tracing:  t,
+		frontend: frontend,
+		backend:  backend,
+		opName:   fmt.Sprintf("forward %s/%s", frontend, backend),
+	}
+}
+
+func (f *forwarderMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+	span, r, finish := StartSpan(r, f.opName, true)
+	defer finish()
+	span.SetTag("frontend.name", f.frontend)
+	span.SetTag("backend.name", f.backend)
+	ext.HTTPMethod.Set(span, r.Method)
+	ext.HTTPUrl.Set(span, r.URL.String())
+	span.SetTag("http.host", r.Host)
+
+	InjectRequestHeaders(r)
+
+	w = &statusCodeTracker{w, 200}
+
+	next(w, r)
+
+	LogResponseCode(span, w.(*statusCodeTracker).status)
+}
--- a/middlewares/tracing/jaeger/jaeger.go
+++ b/middlewares/tracing/jaeger/jaeger.go
@ -0,0 +1,52 @@
+package jaeger
+
+import (
+	"io"
+
+	"github.com/containous/traefik/log"
+	"github.com/opentracing/opentracing-go"
+	jaegercfg "github.com/uber/jaeger-client-go/config"
+	jaegerlog "github.com/uber/jaeger-client-go/log"
+	jaegermet "github.com/uber/jaeger-lib/metrics"
+)
+
+// Name sets the name of this tracer
+const Name = "jaeger"
+
+// Config provides configuration settings for a jaeger tracer
+type Config struct {
+	SamplingServerURL string  `description:"set the sampling server url." export:"false"`
+	SamplingType      string  `description:"set the sampling type." export:"true"`
+	SamplingParam     float64 `description:"set the sampling parameter." export:"true"`
+}
+
+// Setup sets up the tracer
+func (c *Config) Setup(componentName string) (opentracing.Tracer, io.Closer, error) {
+	jcfg := jaegercfg.Configuration{
+		Sampler: &jaegercfg.SamplerConfig{
+			SamplingServerURL: c.SamplingServerURL,
+			Type:              c.SamplingType,
+			Param:             c.SamplingParam,
+		},
+		Reporter: &jaegercfg.ReporterConfig{
+			LogSpans: true,
+		},
+	}
+
+	jLogger := jaegerlog.StdLogger
+	jMetricsFactory := jaegermet.NullFactory
+
+	// Initialize tracer with a logger and a metrics factory
+	closer, err := jcfg.InitGlobalTracer(
+		componentName,
+		jaegercfg.Logger(jLogger),
+		jaegercfg.Metrics(jMetricsFactory),
+	)
+	if err != nil {
+		log.Warnf("Could not initialize jaeger tracer: %s", err.Error())
+		return nil, nil, err
+	}
+	log.Debugf("jaeger tracer configured", err)
+
+	return opentracing.GlobalTracer(), closer, nil
+}
--- a/middlewares/tracing/tracing.go
+++ b/middlewares/tracing/tracing.go
@ -0,0 +1,150 @@
+package tracing
+
+import (
+	"fmt"
+	"io"
+	"net/http"
+
+	"github.com/containous/traefik/log"
+	"github.com/containous/traefik/middlewares/tracing/jaeger"
+	"github.com/containous/traefik/middlewares/tracing/zipkin"
+	"github.com/opentracing/opentracing-go"
+	"github.com/opentracing/opentracing-go/ext"
+)
+
+// Tracing middleware
+type Tracing struct {
+	Backend     string         `description:"Selects the tracking backend ('jaeger','zipkin')." export:"true"`
+	ServiceName string         `description:"Set the name for this service" export:"true"`
+	Jaeger      *jaeger.Config `description:"Settings for jaeger"`
+	Zipkin      *zipkin.Config `description:"Settings for zipkin"`
+
+	opentracing.Tracer
+	closer io.Closer
+}
+
+// Backend describes things we can use to setup tracing
+type Backend interface {
+	Setup(serviceName string) (opentracing.Tracer, io.Closer, error)
+}
+
+type statusCodeTracker struct {
+	http.ResponseWriter
+	status int
+}
+
+func (s *statusCodeTracker) WriteHeader(status int) {
+	s.status = status
+	s.ResponseWriter.WriteHeader(status)
+}
+
+// Setup Tracing middleware
+func (t *Tracing) Setup() {
+	var err error
+
+	switch t.Backend {
+	case jaeger.Name:
+		t.Tracer, t.closer, err = t.Jaeger.Setup(t.ServiceName)
+	case zipkin.Name:
+		t.Tracer, t.closer, err = t.Zipkin.Setup(t.ServiceName)
+	default:
+		log.Warnf("Unknown tracer %q", t.Backend)
+		return
+	}
+
+	if err != nil {
+		log.Warnf("Could not initialize %s tracing: %v", t.Backend, err)
+		return
+	}
+
+	return
+}
+
+// IsEnabled determines if tracing was successfully activated
+func (t *Tracing) IsEnabled() bool {
+	if t == nil || t.Tracer == nil {
+		return false
+	}
+	return true
+}
+
+// Close tracer
+func (t *Tracing) Close() {
+	if t.closer != nil {
+		t.closer.Close()
+	}
+}
+
+// LogRequest used to create span tags from the request
+func LogRequest(span opentracing.Span, r *http.Request) {
+	if span != nil && r != nil {
+		ext.HTTPMethod.Set(span, r.Method)
+		ext.HTTPUrl.Set(span, r.URL.String())
+		span.SetTag("http.host", r.Host)
+	}
+}
+
+// LogResponseCode used to log response code in span
+func LogResponseCode(span opentracing.Span, code int) {
+	if span != nil {
+		ext.HTTPStatusCode.Set(span, uint16(code))
+		if code >= 400 {
+			ext.Error.Set(span, true)
+		}
+	}
+}
+
+// GetSpan used to retrieve span from request context
+func GetSpan(r *http.Request) opentracing.Span {
+	return opentracing.SpanFromContext(r.Context())
+}
+
+// InjectRequestHeaders used to inject OpenTracing headers into the request
+func InjectRequestHeaders(r *http.Request) {
+	if span := GetSpan(r); span != nil {
+		opentracing.GlobalTracer().Inject(
+			span.Context(),
+			opentracing.HTTPHeaders,
+			opentracing.HTTPHeadersCarrier(r.Header))
+	}
+}
+
+// LogEventf logs an event to the span in the request context.
+func LogEventf(r *http.Request, format string, args ...interface{}) {
+	if span := GetSpan(r); span != nil {
+		span.LogKV("event", fmt.Sprintf(format, args...))
+	}
+}
+
+// StartSpan starts a new span from the one in the request context
+func StartSpan(r *http.Request, operationName string, spanKinClient bool, opts ...opentracing.StartSpanOption) (opentracing.Span, *http.Request, func()) {
+	span, ctx := opentracing.StartSpanFromContext(r.Context(), operationName, opts...)
+	if spanKinClient {
+		ext.SpanKindRPCClient.Set(span)
+	}
+	r = r.WithContext(ctx)
+	return span, r, func() {
+		span.Finish()
+	}
+}
+
+// SetError flags the span associated with this request as in error
+func SetError(r *http.Request) {
+	if span := GetSpan(r); span != nil {
+		ext.Error.Set(span, true)
+	}
+}
+
+// SetErrorAndDebugLog flags the span associated with this request as in error and create a debug log
+func SetErrorAndDebugLog(r *http.Request, format string, args ...interface{}) {
+	SetError(r)
+	log.Debugf(format, args...)
+	LogEventf(r, format, args...)
+}
+
+// SetErrorAndWarnLog flags the span associated with this request as in error and create a debug log
+func SetErrorAndWarnLog(r *http.Request, format string, args ...interface{}) {
+	SetError(r)
+	log.Warnf(format, args...)
+	LogEventf(r, format, args...)
+}
--- a/middlewares/tracing/wrapper.go
+++ b/middlewares/tracing/wrapper.go
@ -0,0 +1,66 @@
+package tracing
+
+import (
+	"net/http"
+
+	"github.com/urfave/negroni"
+)
+
+// NegroniHandlerWrapper is used to wrap negroni handler middleware
+type NegroniHandlerWrapper struct {
+	name           string
+	next           negroni.Handler
+	clientSpanKind bool
+}
+
+// HTTPHandlerWrapper is used to wrap http handler middleware
+type HTTPHandlerWrapper struct {
+	name           string
+	handler        http.Handler
+	clientSpanKind bool
+}
+
+// NewNegroniHandlerWrapper return a negroni.Handler struct
+func (t *Tracing) NewNegroniHandlerWrapper(name string, handler negroni.Handler, clientSpanKind bool) negroni.Handler {
+	if t.IsEnabled() && handler != nil {
+		return &NegroniHandlerWrapper{
+			name:           name,
+			next:           handler,
+			clientSpanKind: clientSpanKind,
+		}
+	}
+	return handler
+}
+
+// NewHTTPHandlerWrapper return a http.Handler struct
+func (t *Tracing) NewHTTPHandlerWrapper(name string, handler http.Handler, clientSpanKind bool) http.Handler {
+	if t.IsEnabled() && handler != nil {
+		return &HTTPHandlerWrapper{
+			name:           name,
+			handler:        handler,
+			clientSpanKind: clientSpanKind,
+		}
+	}
+	return handler
+}
+
+func (t *NegroniHandlerWrapper) ServeHTTP(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+	var finish func()
+	_, r, finish = StartSpan(r, t.name, t.clientSpanKind)
+	defer finish()
+
+	if t.next != nil {
+		t.next.ServeHTTP(rw, r, next)
+	}
+}
+
+func (t *HTTPHandlerWrapper) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	var finish func()
+	_, r, finish = StartSpan(r, t.name, t.clientSpanKind)
+	defer finish()
+
+	if t.handler != nil {
+		t.handler.ServeHTTP(rw, r)
+	}
+
+}
--- a/middlewares/tracing/zipkin/zipkin.go
+++ b/middlewares/tracing/zipkin/zipkin.go
@ -0,0 +1,40 @@
+package zipkin
+
+import (
+	"io"
+
+	opentracing "github.com/opentracing/opentracing-go"
+	zipkin "github.com/openzipkin/zipkin-go-opentracing"
+)
+
+// Name sets the name of this tracer
+const Name = "zipkin"
+
+// Config provides configuration settings for a zipkin tracer
+type Config struct {
+	HTTPEndpoint string `description:"HTTP Endpoint to report traces to." export:"false"`
+	SameSpan     bool   `description:"Use ZipKin SameSpan RPC style traces." export:"true"`
+	ID128Bit     bool   `description:"Use ZipKin 128 bit root span IDs." export:"true"`
+	Debug        bool   `description:"Enable Zipkin debug." export:"true"`
+}
+
+// Setup sets up the tracer
+func (c *Config) Setup(serviceName string) (opentracing.Tracer, io.Closer, error) {
+	collector, err := zipkin.NewHTTPCollector(c.HTTPEndpoint)
+	recorder := zipkin.NewRecorder(collector, c.Debug, "0.0.0.0:0", serviceName)
+	tracer, err := zipkin.NewTracer(
+		recorder,
+		zipkin.ClientServerSameSpan(c.SameSpan),
+		zipkin.TraceID128Bit(c.ID128Bit),
+		zipkin.DebugMode(c.Debug),
+	)
+
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// Without this, child spans are getting the NOOP tracer
+	opentracing.SetGlobalTracer(tracer)
+
+	return tracer, collector, nil
+}