Merge remote-tracking branch 'upstream/v2.2' into mrg-current-v2.2
This commit is contained in:
jb doumenjou
commit
7affeae480
12 changed files with 136 additions and 55 deletions
|
|
@ -282,7 +282,7 @@ For example, `CF_API_EMAIL_FILE=/run/secrets/traefik_cf-api-email` could be used
|
|||
|-------------------------------------------------------------|----------------|---------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------|
|
||||
| [ACME DNS](https://github.com/joohoi/acme-dns) | `acme-dns` | `ACME_DNS_API_BASE`, `ACME_DNS_STORAGE_PATH` | [Additional configuration](https://go-acme.github.io/lego/dns/acme-dns) |
|
||||
| [Alibaba Cloud](https://www.alibabacloud.com) | `alidns` | `ALICLOUD_ACCESS_KEY`, `ALICLOUD_SECRET_KEY`, `ALICLOUD_REGION_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/alidns) |
|
||||
| [Auroradns](https://www.pcextreme.com/aurora/dns) | `auroradns` | `AURORA_USER_ID`, `AURORA_KEY`, `AURORA_ENDPOINT` | [Additional configuration](https://go-acme.github.io/lego/dns/auroradns) |
|
||||
| [Auroradns](https://www.pcextreme.com/dns-health-checks) | `auroradns` | `AURORA_USER_ID`, `AURORA_KEY`, `AURORA_ENDPOINT` | [Additional configuration](https://go-acme.github.io/lego/dns/auroradns) |
|
||||
| [Autodns](https://www.internetx.com/domains/autodns/) | `autodns` | `AUTODNS_API_USER`, `AUTODNS_API_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/autodns) |
|
||||
| [Azure](https://azure.microsoft.com/services/dns/) | `azure` | `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, `AZURE_SUBSCRIPTION_ID`, `AZURE_TENANT_ID`, `AZURE_RESOURCE_GROUP`, `[AZURE_METADATA_ENDPOINT]` | [Additional configuration](https://go-acme.github.io/lego/dns/azure) |
|
||||
| [Bindman](https://github.com/labbsr0x/bindman-dns-webhook) | `bindman` | `BINDMAN_MANAGER_ADDRESS` | [Additional configuration](https://go-acme.github.io/lego/dns/bindman) |
|
||||
|
|
|
|||
|
|
@ -311,7 +311,7 @@ This value can contains a list of allowed origins.
|
|||
More information including how to use the settings can be found on:
|
||||
|
||||
- [Mozilla.org](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)
|
||||
- [w3](https://www.w3.org/TR/cors/#access-control-allow-origin-response-header)
|
||||
- [w3](https://fetch.spec.whatwg.org/#http-access-control-allow-origin)
|
||||
- [IETF](https://tools.ietf.org/html/rfc6454#section-7.1)
|
||||
|
||||
Traefik no longer supports the null value, as it is [no longer recommended as a return value](https://w3c.github.io/webappsec-cors-for-developers/#avoid-returning-access-control-allow-origin-null).
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ Then any router can refer to an instance of the wanted middleware.
|
|||
|
||||
```yaml tab="Docker"
|
||||
labels:
|
||||
- "traefik.http.routers.router0.rule=Host(`example.com`) && PathPrefix(`/test`)"
|
||||
- "traefik.http.routers.router0.rule=Host(`test.localhost`) && PathPrefix(`/test`)"
|
||||
- "traefik.http.routers.router0.middlewares=auth"
|
||||
- "traefik.http.middlewares.auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
|
||||
```
|
||||
|
|
|
|||
|
|
@ -111,9 +111,9 @@ accessLog:
|
|||
--accesslog.filters.minduration=10ms
|
||||
```
|
||||
|
||||
### Limiting the Fields
|
||||
### Limiting the Fields/Including Headers
|
||||
|
||||
You can decide to limit the logged fields/headers to a given list with the `fields.names` and `fields.header` options
|
||||
You can decide to limit the logged fields/headers to a given list with the `fields.names` and `fields.headers` options.
|
||||
|
||||
Each field can be set to:
|
||||
|
||||
|
|
@ -121,7 +121,7 @@ Each field can be set to:
|
|||
- `drop` to drop the value
|
||||
- `redact` to replace the value with "redacted"
|
||||
|
||||
The `defaultMode` for `fields.header` is `drop`.
|
||||
The `defaultMode` for `fields.headers` is `drop`.
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
# Limiting the Logs to Specific Fields
|
||||
|
|
|
|||
|
|
@ -154,7 +154,7 @@ You can specify which Docker API Endpoint to use with the directive [`endpoint`]
|
|||
|
||||
- Authentication with Client Certificates as described in ["Protect the Docker daemon socket."](https://docs.docker.com/engine/security/https/)
|
||||
- Authorize and filter requests to restrict possible actions with [the TecnativaDocker Socket Proxy](https://github.com/Tecnativa/docker-socket-proxy).
|
||||
- Authorization with the [Docker Authorization Plugin Mechanism](https://docs.docker.com/engine/extend/plugins_authorization/)
|
||||
- Authorization with the [Docker Authorization Plugin Mechanism](https://web.archive.org/web/20190920092526/https://docs.docker.com/engine/extend/plugins_authorization/)
|
||||
- Accounting at networking level, by exposing the socket only inside a Docker private network, only available for Traefik.
|
||||
- Accounting at container level, by exposing the socket on a another container than Traefik's.
|
||||
With Swarm mode, it allows scheduling of Traefik on worker nodes, with only the "socket exposer" container on the manager nodes.
|
||||
|
|
|
|||
|
|
@ -291,7 +291,7 @@ you'd add the label `traefik.http.services.<name-of-your-choice>.loadbalancer.pa
|
|||
See [health check](../services/index.md#health-check) for more information.
|
||||
|
||||
```yaml
|
||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.interval=10"
|
||||
- "traefik.http.services.myservice.loadbalancer.healthcheck.interval=10s"
|
||||
```
|
||||
|
||||
??? info "`traefik.http.services.<service_name>.loadbalancer.healthcheck.path`"
|
||||
|
|
|
|||
|
|
@ -108,24 +108,24 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
|
|||
name: myingressroute
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
|
||||
routes:
|
||||
- match: Host(`foo`) && PathPrefix(`/bar`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: whoami
|
||||
port: 80
|
||||
routes:
|
||||
- match: Host(`foo`) && PathPrefix(`/bar`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: whoami
|
||||
port: 80
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: ingressroute.tcp
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: ingressroute.tcp
|
||||
namespace: default
|
||||
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- tcpep
|
||||
|
|
@ -135,22 +135,22 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
|
|||
services:
|
||||
- name: whoamitcp
|
||||
port: 8080
|
||||
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteUDP
|
||||
metadata:
|
||||
name: ingressroute.udp
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- fooudp
|
||||
routes:
|
||||
- kind: Rule
|
||||
services:
|
||||
- name: whoamiudp
|
||||
port: 8080
|
||||
kind: IngressRouteUDP
|
||||
metadata:
|
||||
name: ingressroute.udp
|
||||
namespace: default
|
||||
|
||||
spec:
|
||||
entryPoints:
|
||||
- fooudp
|
||||
routes:
|
||||
- kind: Rule
|
||||
services:
|
||||
- name: whoamiudp
|
||||
port: 8080
|
||||
```
|
||||
|
||||
```yaml tab="Whoami"
|
||||
|
|
|
|||
|
|
@ -202,7 +202,7 @@ which in turn will create the resulting routers, services, handlers, etc.
|
|||
See [middlewares](../routers/index.md#middlewares) and [middlewares overview](../../middlewares/overview.md) for more information.
|
||||
|
||||
```yaml
|
||||
traefik.ingress.kubernetes.io/router.middlewares: auth@file,prefix@kuberntescrd,cb@file
|
||||
traefik.ingress.kubernetes.io/router.middlewares: auth@file,prefix@kubernetescrd,cb@file
|
||||
```
|
||||
|
||||
??? info "`traefik.ingress.kubernetes.io/router.priority`"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue