homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Support for Consul Connect

Browse source 
Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
This commit is contained in:
Mohammad Gufran 2021-07-15 17:32:11 +05:30 committed by GitHub
parent 3a180e2afc
commit 7e43e5615e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
36 changed files with 2118 additions and 644 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docs/content/routing/providers/consul-catalog.md
View file

@ -454,6 +454,16 @@ You can tell Traefik to consider (or not) the service by setting `traefik.enable
This option overrides the value of `exposedByDefault`.
#### `traefik.consulcatalog.connect`
```yaml
traefik.consulcatalog.connect=true
```
You can tell Traefik to consider (or not) the service as a Connect capable one by setting `traefik.consulcatalog.connect` to true or false.
This option overrides the value of `connectByDefault`.
#### Port Lookup
Traefik is capable of detecting the port to use, by following the default consul Catalog flow.

24
docs/content/routing/providers/kubernetes-crd.md
View file

@ -1648,19 +1648,21 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
dialTimeout: 42s # [7]
responseHeaderTimeout: 42s # [8]
idleConnTimeout: 42s # [9]
peerCertURI: foobar # [10]
```
| Ref | Attribute | Purpose |
|-----|-------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
| [1] | `serverName` | ServerName used to contact the server. |
| [2] | `insecureSkipVerify` | Disable SSL certificate verification. |
| [3] | `rootCAsSecrets` | Add cert file for self-signed certificate. The secret must contain a certificate under either a tls.ca or a ca.crt key. |
| [4] | `certificatesSecrets` | Certificates for mTLS. |
| [5] | `maxIdleConnsPerHost` | If non-zero, controls the maximum idle (keep-alive) to keep per-host. If zero, `defaultMaxIdleConnsPerHost` is used. |
| [6] | `forwardingTimeouts` | Timeouts for requests forwarded to the backend servers. |
| [7] | `dialTimeout` | The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. |
| [8] | `responseHeaderTimeout` | The amount of time to wait for a server's response headers after fully writing the request (including its body, if any). If zero, no timeout exists. |
| [9] | `idleConnTimeout` | The maximum period for which an idle HTTP keep-alive connection will remain open before closing itself. |
| Ref | Attribute | Purpose |
|------|-------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
| [1] | `serverName` | ServerName used to contact the server. |
| [2] | `insecureSkipVerify` | Disable SSL certificate verification. |
| [3] | `rootCAsSecrets` | Add cert file for self-signed certificate. The secret must contain a certificate under either a tls.ca or a ca.crt key. |
| [4] | `certificatesSecrets` | Certificates for mTLS. |
| [5] | `maxIdleConnsPerHost` | If non-zero, controls the maximum idle (keep-alive) to keep per-host. If zero, `defaultMaxIdleConnsPerHost` is used. |
| [6] | `forwardingTimeouts` | Timeouts for requests forwarded to the backend servers. |
| [7] | `dialTimeout` | The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. |
| [8] | `responseHeaderTimeout` | The amount of time to wait for a server's response headers after fully writing the request (including its body, if any). If zero, no timeout exists. |
| [9] | `idleConnTimeout` | The maximum period for which an idle HTTP keep-alive connection will remain open before closing itself. |
| [10] | `peerCertURI` | URI used to match with service certificate. |
!!! info "CA Secret"