Add TCP Servers Transports support
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
This commit is contained in:
parent
c2dac39da1
commit
3eeea2bb2b
101 changed files with 5956 additions and 1669 deletions
|
@ -1020,6 +1020,33 @@ Defines the allowed SPIFFE trust domain.
|
|||
`--spiffe.workloadapiaddr`:
|
||||
Defines the workload API address.
|
||||
|
||||
`--tcpserverstransport.dialkeepalive`:
|
||||
Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled (Default: ```15```)
|
||||
|
||||
`--tcpserverstransport.dialtimeout`:
|
||||
Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```)
|
||||
|
||||
`--tcpserverstransport.terminationdelay`:
|
||||
Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability. (Default: ```0```)
|
||||
|
||||
`--tcpserverstransport.tls`:
|
||||
Defines the TLS configuration. (Default: ```false```)
|
||||
|
||||
`--tcpserverstransport.tls.insecureskipverify`:
|
||||
Disables SSL certificate verification. (Default: ```false```)
|
||||
|
||||
`--tcpserverstransport.tls.rootcas`:
|
||||
Defines a list of CA secret used to validate self-signed certificate
|
||||
|
||||
`--tcpserverstransport.tls.spiffe`:
|
||||
Defines the SPIFFE TLS configuration. (Default: ```false```)
|
||||
|
||||
`--tcpserverstransport.tls.spiffe.ids`:
|
||||
Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain).
|
||||
|
||||
`--tcpserverstransport.tls.spiffe.trustdomain`:
|
||||
Defines the allowed SPIFFE trust domain.
|
||||
|
||||
`--tracing`:
|
||||
OpenTracing configuration. (Default: ```false```)
|
||||
|
||||
|
|
|
@ -1020,6 +1020,33 @@ Defines the allowed SPIFFE trust domain.
|
|||
`TRAEFIK_SPIFFE_WORKLOADAPIADDR`:
|
||||
Defines the workload API address.
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_DIALKEEPALIVE`:
|
||||
Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled (Default: ```15```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_DIALTIMEOUT`:
|
||||
Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TERMINATIONDELAY`:
|
||||
Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability. (Default: ```0```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS`:
|
||||
Defines the TLS configuration. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_INSECURESKIPVERIFY`:
|
||||
Disables SSL certificate verification. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_ROOTCAS`:
|
||||
Defines a list of CA secret used to validate self-signed certificate
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_SPIFFE`:
|
||||
Defines the SPIFFE TLS configuration. (Default: ```false```)
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_SPIFFE_IDS`:
|
||||
Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain).
|
||||
|
||||
`TRAEFIK_TCPSERVERSTRANSPORT_TLS_SPIFFE_TRUSTDOMAIN`:
|
||||
Defines the allowed SPIFFE trust domain.
|
||||
|
||||
`TRAEFIK_TRACING`:
|
||||
OpenTracing configuration. (Default: ```false```)
|
||||
|
||||
|
|
|
@ -6,10 +6,29 @@
|
|||
insecureSkipVerify = true
|
||||
rootCAs = ["foobar", "foobar"]
|
||||
maxIdleConnsPerHost = 42
|
||||
|
||||
[serversTransport.forwardingTimeouts]
|
||||
dialTimeout = "42s"
|
||||
responseHeaderTimeout = "42s"
|
||||
idleConnTimeout = "42s"
|
||||
readIdleTimeout = "42s"
|
||||
pingTimeout = "42s"
|
||||
|
||||
[serversTransport.spiffe]
|
||||
ids = ["foobar", "foobar"]
|
||||
trustDomain = "foobar"
|
||||
|
||||
[tcpServersTransport]
|
||||
dialTimeout = "42s"
|
||||
dialKeepAlive = "42s"
|
||||
|
||||
[tcpServersTransport.tls]
|
||||
insecureSkipVerify = true
|
||||
rootCAs = ["foobar", "foobar"]
|
||||
|
||||
[tcpServersTransport.tls.spiffe]
|
||||
ids = ["foobar", "foobar"]
|
||||
trustDomain = "foobar"
|
||||
|
||||
[entryPoints]
|
||||
[entryPoints.EntryPoint0]
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
global:
|
||||
checkNewVersion: true
|
||||
sendAnonymousUsage: true
|
||||
serversTransport:
|
||||
serversTransports:
|
||||
insecureSkipVerify: true
|
||||
rootCAs:
|
||||
- foobar
|
||||
|
@ -11,6 +11,26 @@ serversTransport:
|
|||
dialTimeout: 42s
|
||||
responseHeaderTimeout: 42s
|
||||
idleConnTimeout: 42s
|
||||
readIdleTimeout: 42s
|
||||
pingTimeout: 42s
|
||||
spiffe:
|
||||
ids:
|
||||
- foobar
|
||||
- foobar
|
||||
trustDomain: foobar
|
||||
tcpServersTransport:
|
||||
dialTimeout: 42s
|
||||
dialKeepAlive: 42s
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
rootCAs:
|
||||
- foobar
|
||||
- foobar
|
||||
spiffe:
|
||||
ids:
|
||||
- foobar
|
||||
- foobar
|
||||
trustDomain: foobar
|
||||
entryPoints:
|
||||
EntryPoint0:
|
||||
address: foobar
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue