1
0
Fork 0

redirect to another entryPoint per frontend

This commit is contained in:
Manuel Zapf 2017-11-18 13:50:03 +01:00 committed by Traefiker
parent 66e489addb
commit 5d6384e101
19 changed files with 251 additions and 14 deletions

View file

@ -271,6 +271,7 @@ func (p *Provider) loadDockerConfig(containersInspected []dockerData) *types.Con
"getEntryPoints": p.getEntryPoints,
"getBasicAuth": p.getBasicAuth,
"getFrontendRule": p.getFrontendRule,
"getRedirect": p.getRedirect,
"hasCircuitBreakerLabel": p.hasCircuitBreakerLabel,
"getCircuitBreakerExpression": p.getCircuitBreakerExpression,
"hasLoadBalancerLabel": p.hasLoadBalancerLabel,
@ -293,6 +294,7 @@ func (p *Provider) loadDockerConfig(containersInspected []dockerData) *types.Con
"getServicePassHostHeader": p.getServicePassHostHeader,
"getServicePriority": p.getServicePriority,
"getServiceBackend": p.getServiceBackend,
"getServiceRedirect": p.getServiceRedirect,
"getWhitelistSourceRange": p.getWhitelistSourceRange,
"getRequestHeaders": p.getRequestHeaders,
"getResponseHeaders": p.getResponseHeaders,
@ -333,6 +335,7 @@ func (p *Provider) loadDockerConfig(containersInspected []dockerData) *types.Con
if err != nil {
log.Error(err)
}
return configuration
}
@ -470,6 +473,14 @@ func (p *Provider) getServiceProtocol(container dockerData, serviceName string)
return p.getProtocol(container)
}
// Extract protocol from labels for a given service and a given docker container
func (p *Provider) getServiceRedirect(container dockerData, serviceName string) string {
if value, ok := getContainerServiceLabel(container, serviceName, "frontend.redirect"); ok {
return value
}
return p.getRedirect(container)
}
func (p *Provider) hasLoadBalancerLabel(container dockerData) bool {
_, errMethod := getLabel(container, types.LabelBackendLoadbalancerMethod)
_, errSticky := getLabel(container, types.LabelBackendLoadbalancerSticky)
@ -831,6 +842,14 @@ func parseCustomHeaders(container dockerData, containerType string) map[string]s
}
return customHeaders
}
func (p *Provider) getRedirect(container dockerData) string {
if entryPointredirect, err := getLabel(container, types.LabelFrontendRedirect); err == nil {
return entryPointredirect
}
return ""
}
func isContainerEnabled(container dockerData, exposedByDefault bool) bool {
return exposedByDefault && container.Labels[types.LabelEnable] != "false" || container.Labels[types.LabelEnable] == "true"
}

View file

@ -902,6 +902,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{},
BasicAuth: []string{},
Redirect: "",
Routes: map[string]types.Route{
"route-frontend-Host-test-docker-localhost-0": {
Rule: "Host:test.docker.localhost",
@ -929,6 +930,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
types.LabelBackend: "foobar",
types.LabelFrontendEntryPoints: "http,https",
types.LabelFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
types.LabelFrontendRedirect: "https",
}),
ports(nat.PortMap{
"80/tcp": {},
@ -952,6 +954,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{"http", "https"},
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
Redirect: "https",
Routes: map[string]types.Route{
"route-frontend-Host-test1-docker-localhost-0": {
Rule: "Host:test1.docker.localhost",
@ -963,6 +966,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{},
BasicAuth: []string{},
Redirect: "",
Routes: map[string]types.Route{
"route-frontend-Host-test2-docker-localhost-1": {
Rule: "Host:test2.docker.localhost",
@ -1010,6 +1014,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{"http", "https"},
BasicAuth: []string{},
Redirect: "",
Routes: map[string]types.Route{
"route-frontend-Host-test1-docker-localhost-0": {
Rule: "Host:test1.docker.localhost",

View file

@ -333,6 +333,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
"traefik.service.port": "2503",
"traefik.service.frontend.entryPoints": "http,https",
"traefik.service.frontend.auth.basic": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
"traefik.service.frontend.redirect": "https",
}),
ports(nat.PortMap{
"80/tcp": {},
@ -346,6 +347,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{"http", "https"},
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
Redirect: "https",
Routes: map[string]types.Route{
"service-service": {
Rule: "Host:foo.docker.localhost",
@ -379,6 +381,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
"traefik.service.frontend.priority": "5000",
"traefik.service.frontend.entryPoints": "http,https,ws",
"traefik.service.frontend.auth.basic": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
"traefik.service.frontend.redirect": "https",
}),
ports(nat.PortMap{
"80/tcp": {},
@ -405,6 +408,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
Priority: 5000,
EntryPoints: []string{"http", "https", "ws"},
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
Redirect: "https",
Routes: map[string]types.Route{
"service-service": {
Rule: "Path:/mypath",
@ -416,6 +420,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{},
BasicAuth: []string{},
Redirect: "",
Routes: map[string]types.Route{
"service-anotherservice": {
Rule: "Path:/anotherpath",

View file

@ -665,6 +665,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{},
BasicAuth: []string{},
Redirect: "",
Routes: map[string]types.Route{
"route-frontend-Host-test-docker-localhost-0": {
Rule: "Host:test.docker.localhost",
@ -699,6 +700,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
types.LabelBackend: "foobar",
types.LabelFrontendEntryPoints: "http,https",
types.LabelFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
types.LabelFrontendRedirect: "https",
}),
withEndpointSpec(modeVIP),
withEndpoint(virtualIP("1", "127.0.0.1/24")),
@ -719,6 +721,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{"http", "https"},
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
Redirect: "https",
Routes: map[string]types.Route{
"route-frontend-Host-test1-docker-localhost-0": {
Rule: "Host:test1.docker.localhost",
@ -730,6 +733,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
PassHostHeader: true,
EntryPoints: []string{},
BasicAuth: []string{},
Redirect: "",
Routes: map[string]types.Route{
"route-frontend-Host-test2-docker-localhost-1": {
Rule: "Host:test2.docker.localhost",

View file

@ -187,6 +187,8 @@ func (p *Provider) loadIngresses(k8sClient Client) (*types.Configuration, error)
whitelistSourceRangeAnnotation := i.Annotations[annotationKubernetesWhitelistSourceRange]
whitelistSourceRange := provider.SplitAndTrimString(whitelistSourceRangeAnnotation)
entryPointRedirect, _ := i.Annotations[types.LabelFrontendRedirect]
if _, exists := templateObjects.Frontends[r.Host+pa.Path]; !exists {
basicAuthCreds, err := handleBasicAuthConfig(i, k8sClient)
if err != nil {
@ -203,6 +205,7 @@ func (p *Provider) loadIngresses(k8sClient Client) (*types.Configuration, error)
Priority: priority,
BasicAuth: basicAuthCreds,
WhitelistSourceRange: whitelistSourceRange,
Redirect: entryPointRedirect,
}
}
if len(r.Host) > 0 {

View file

@ -1105,6 +1105,36 @@ func TestIngressAnnotations(t *testing.T) {
Paths: []v1beta1.HTTPIngressPath{
{
Path: "/auth-realm-customized",
Backend: v1beta1.IngressBackend{
ServiceName: "service1",
ServicePort: intstr.FromInt(80),
},
},
},
},
},
},
},
},
},
{
ObjectMeta: v1.ObjectMeta{
Namespace: "testing",
Annotations: map[string]string{
"kubernetes.io/ingress.class": "traefik",
types.LabelFrontendRedirect: "https",
},
},
Spec: v1beta1.IngressSpec{
Rules: []v1beta1.IngressRule{
{
Host: "redirect",
IngressRuleValue: v1beta1.IngressRuleValue{
HTTP: &v1beta1.HTTPIngressRuleValue{
Paths: []v1beta1.HTTPIngressPath{
{
Path: "/https",
Backend: v1beta1.IngressBackend{
ServiceName: "service1",
ServicePort: intstr.FromInt(80),
@ -1204,6 +1234,19 @@ func TestIngressAnnotations(t *testing.T) {
Method: "wrr",
},
},
"redirect/https": {
Servers: map[string]types.Server{
"http://example.com": {
URL: "http://example.com",
Weight: 1,
},
},
CircuitBreaker: nil,
LoadBalancer: &types.LoadBalancer{
Sticky: false,
Method: "wrr",
},
},
"test/whitelist-source-range": {
Servers: map[string]types.Server{
"http://example.com": {
@ -1241,6 +1284,7 @@ func TestIngressAnnotations(t *testing.T) {
Rule: "Host:foo",
},
},
Redirect: "",
},
"other/stuff": {
Backend: "other/stuff",
@ -1253,6 +1297,7 @@ func TestIngressAnnotations(t *testing.T) {
Rule: "Host:other",
},
},
Redirect: "",
},
"basic/auth": {
Backend: "basic/auth",
@ -1266,7 +1311,22 @@ func TestIngressAnnotations(t *testing.T) {
},
},
BasicAuth: []string{"myUser:myEncodedPW"},
Redirect: "",
},
"redirect/https": {
Backend: "redirect/https",
PassHostHeader: true,
Routes: map[string]types.Route{
"/https": {
Rule: "PathPrefix:/https",
},
"redirect": {
Rule: "Host:redirect",
},
},
Redirect: "https",
},
"test/whitelist-source-range": {
Backend: "test/whitelist-source-range",
PassHostHeader: true,
@ -1282,6 +1342,7 @@ func TestIngressAnnotations(t *testing.T) {
Rule: "Host:test",
},
},
Redirect: "",
},
"rewrite/api": {
Backend: "rewrite/api",
@ -1294,6 +1355,7 @@ func TestIngressAnnotations(t *testing.T) {
Rule: "Host:rewrite",
},
},
Redirect: "",
},
},
}

View file

@ -76,6 +76,13 @@ func (p *Provider) getBasicAuth(service rancherData) []string {
return []string{}
}
func (p *Provider) getRedirect(service rancherData) string {
if redirect, err := getServiceLabel(service, types.LabelFrontendRedirect); err == nil {
return redirect
}
return ""
}
func (p *Provider) getFrontendName(service rancherData) string {
// Replace '.' with '-' in quoted keys because of this issue https://github.com/BurntSushi/toml/issues/78
return provider.Normalize(p.getFrontendRule(service))
@ -239,6 +246,7 @@ func (p *Provider) loadRancherConfig(services []rancherData) *types.Configuratio
"getSticky": p.getSticky,
"hasStickinessLabel": p.hasStickinessLabel,
"getStickinessCookieName": p.getStickinessCookieName,
"getRedirect": p.getRedirect,
}
// filter services
@ -270,6 +278,7 @@ func (p *Provider) loadRancherConfig(services []rancherData) *types.Configuratio
if err != nil {
log.Error(err)
}
return configuration
}

View file

@ -489,6 +489,35 @@ func TestRancherGetPassHostHeader(t *testing.T) {
}
}
func TestRancherGetRedirect(t *testing.T) {
provider := &Provider{
Domain: "rancher.localhost",
}
testCases := []struct {
service rancherData
expected string
}{
{
service: rancherData{
Name: "test-service",
Labels: map[string]string{
types.LabelFrontendRedirect: "https",
},
},
expected: "https",
},
}
for _, test := range testCases {
actual := provider.getRedirect(test.service)
if actual != test.expected {
t.Fatalf("got %q, expected %q", actual, test.expected)
}
}
}
func TestRancherGetLabel(t *testing.T) {
services := []struct {
service rancherData
@ -544,6 +573,7 @@ func TestRancherLoadRancherConfig(t *testing.T) {
Labels: map[string]string{
types.LabelPort: "80",
types.LabelFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
types.LabelFrontendRedirect: "https",
},
Health: "healthy",
Containers: []string{"127.0.0.1"},
@ -556,6 +586,7 @@ func TestRancherLoadRancherConfig(t *testing.T) {
EntryPoints: []string{},
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
Priority: 0,
Redirect: "https",
Routes: map[string]types.Route{
"route-frontend-Host-test-service-rancher-localhost": {