homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

OpenTelemetry Logs and Access Logs

Browse source 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
This commit is contained in:
Romain 2024-12-06 14:50:04 +01:00 committed by GitHub
parent 33c1d700c0
commit 826a2b74aa
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
33 changed files with 2297 additions and 475 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/content/migration/v3.md
View file

@ -167,3 +167,9 @@ Please refer to the Forwarded headers [documentation](../routing/entrypoints.md#
In `v3.3`, the `acme.dnsChallenge.delaybeforecheck` and `acme.dnsChallenge.disablepropagationcheck` options of the ACME certificate resolver are deprecated,
please use respectively `acme.dnsChallenge.propagation.delayBeforeCheck` and `acme.dnsChallenge.propagation.disableAllChecks` options instead.
### Tracing Global Attributes
In `v3.3`, the `tracing.globalAttributes` option has been deprecated, please use the `tracing.resourceAttributes` option instead.
The `tracing.globalAttributes` option is misleading as its name does not reflect the operation of adding resource attributes to be sent to the collector,
and will be removed in the next major version.

399
docs/content/observability/access-logs.md
View file

@ -30,7 +30,7 @@ accessLog: {}
_Optional, Default="false"_
Enables accessLogs for internal resources (e.g.: `ping@internal`).
Enables access logs for internal resources (e.g.: `ping@internal`).
```yaml tab="File (YAML)"
accesslog:
@ -306,4 +306,401 @@ services:
- /var/run/docker.sock:/var/run/docker.sock
```
## OpenTelemetry
To enable the OpenTelemetry Logger for access logs:
```yaml tab="File (YAML)"
accesslog:
otlp: {}
```
```toml tab="File (TOML)"
[accesslog.otlp]
```
```bash tab="CLI"
--accesslog.otlp=true
```
!!! info "Default protocol"
The OpenTelemetry Logger exporter will export access logs to the collector using HTTPS by default to https://localhost:4318/v1/logs, see the [gRPC Section](#grpc-configuration) to use gRPC.
### HTTP configuration
_Optional_
This instructs the exporter to send access logs to the OpenTelemetry Collector using HTTP.
```yaml tab="File (YAML)"
accesslog:
otlp:
http: {}
```
```toml tab="File (TOML)"
[accesslog.otlp.http]
```
```bash tab="CLI"
--accesslog.otlp.http=true
```
#### `endpoint`
_Optional, Default="`https://localhost:4318/v1/logs`", Format="`<scheme>://<host>:<port><path>`"_
URL of the OpenTelemetry Collector to send access logs to.
!!! info "Insecure mode"
To disable TLS, use `http://` instead of `https://` in the `endpoint` configuration.
```yaml tab="File (YAML)"
accesslog:
otlp:
http:
endpoint: https://collector:4318/v1/logs
```
```toml tab="File (TOML)"
[accesslog.otlp.http]
endpoint = "https://collector:4318/v1/logs"
```
```bash tab="CLI"
--accesslog.otlp.http.endpoint=https://collector:4318/v1/logs
```
#### `headers`
_Optional, Default={}_
Additional headers sent with access logs by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
accesslog:
otlp:
http:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[accesslog.otlp.http.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--accesslog.otlp.http.headers.foo=bar --accesslog.otlp.http.headers.baz=buz
```
#### `tls`
_Optional_
Defines the Client TLS configuration used by the exporter to send access logs to the OpenTelemetry Collector.
##### `ca`
_Optional_
`ca` is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
it defaults to the system bundle.
```yaml tab="File (YAML)"
accesslog:
otlp:
http:
tls:
ca: path/to/ca.crt
```
```toml tab="File (TOML)"
[accesslog.otlp.http.tls]
ca = "path/to/ca.crt"
```
```bash tab="CLI"
--accesslog.otlp.http.tls.ca=path/to/ca.crt
```
##### `cert`
_Optional_
`cert` is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `key` option is required.
```yaml tab="File (YAML)"
accesslog:
otlp:
http:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[accesslog.otlp.http.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--accesslog.otlp.http.tls.cert=path/to/foo.cert
--accesslog.otlp.http.tls.key=path/to/foo.key
```
##### `key`
_Optional_
`key` is the path to the private key used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `cert` option is required.
```yaml tab="File (YAML)"
accesslog:
otlp:
http:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[accesslog.otlp.http.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--accesslog.otlp.http.tls.cert=path/to/foo.cert
--accesslog.otlp.http.tls.key=path/to/foo.key
```
##### `insecureSkipVerify`
_Optional, Default=false_
If `insecureSkipVerify` is `true`,
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
```yaml tab="File (YAML)"
accesslog:
otlp:
http:
tls:
insecureSkipVerify: true
```
```toml tab="File (TOML)"
[accesslog.otlp.http.tls]
insecureSkipVerify = true
```
```bash tab="CLI"
--accesslog.otlp.http.tls.insecureSkipVerify=true
```
### gRPC configuration
_Optional_
This instructs the exporter to send access logs to the OpenTelemetry Collector using gRPC.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc: {}
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc]
```
```bash tab="CLI"
--accesslog.otlp.grpc=true
```
#### `endpoint`
_Required, Default="localhost:4317", Format="`<host>:<port>`"_
Address of the OpenTelemetry Collector to send access logs to.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
endpoint: localhost:4317
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc]
endpoint = "localhost:4317"
```
```bash tab="CLI"
--accesslog.otlp.grpc.endpoint=localhost:4317
```
#### `insecure`
_Optional, Default=false_
Allows exporter to send access logs to the OpenTelemetry Collector without using a secured protocol.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
insecure: true
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc]
insecure = true
```
```bash tab="CLI"
--accesslog.otlp.grpc.insecure=true
```
#### `headers`
_Optional, Default={}_
Additional headers sent with access logs by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--accesslog.otlp.grpc.headers.foo=bar --accesslog.otlp.grpc.headers.baz=buz
```
#### `tls`
_Optional_
Defines the Client TLS configuration used by the exporter to send access logs to the OpenTelemetry Collector.
##### `ca`
_Optional_
`ca` is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
it defaults to the system bundle.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
tls:
ca: path/to/ca.crt
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc.tls]
ca = "path/to/ca.crt"
```
```bash tab="CLI"
--accesslog.otlp.grpc.tls.ca=path/to/ca.crt
```
##### `cert`
_Optional_
`cert` is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `key` option is required.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--accesslog.otlp.grpc.tls.cert=path/to/foo.cert
--accesslog.otlp.grpc.tls.key=path/to/foo.key
```
##### `key`
_Optional_
`key` is the path to the private key used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `cert` option is required.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--accesslog.otlp.grpc.tls.cert=path/to/foo.cert
--accesslog.otlp.grpc.tls.key=path/to/foo.key
```
##### `insecureSkipVerify`
_Optional, Default=false_
If `insecureSkipVerify` is `true`,
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
```yaml tab="File (YAML)"
accesslog:
otlp:
grpc:
tls:
insecureSkipVerify: true
```
```toml tab="File (TOML)"
[accesslog.otlp.grpc.tls]
insecureSkipVerify = true
```
```bash tab="CLI"
--accesslog.otlp.grpc.tls.insecureSkipVerify=true
```
{!traefik-for-business-applications.md!}

397
docs/content/observability/logs.md
View file

@ -181,4 +181,401 @@ log:
--log.compress=true
```
## OpenTelemetry
To enable the OpenTelemetry Logger for logs:
```yaml tab="File (YAML)"
log:
otlp: {}
```
```toml tab="File (TOML)"
[log.otlp]
```
```bash tab="CLI"
--log.otlp=true
```
!!! info "Default protocol"
The OpenTelemetry Logger exporter will export logs to the collector using HTTPS by default to https://localhost:4318/v1/logs, see the [gRPC Section](#grpc-configuration) to use gRPC.
### HTTP configuration
_Optional_
This instructs the exporter to send logs to the OpenTelemetry Collector using HTTP.
```yaml tab="File (YAML)"
log:
otlp:
http: {}
```
```toml tab="File (TOML)"
[log.otlp.http]
```
```bash tab="CLI"
--log.otlp.http=true
```
#### `endpoint`
_Optional, Default="`https://localhost:4318/v1/logs`", Format="`<scheme>://<host>:<port><path>`"_
URL of the OpenTelemetry Collector to send logs to.
!!! info "Insecure mode"
To disable TLS, use `http://` instead of `https://` in the `endpoint` configuration.
```yaml tab="File (YAML)"
log:
otlp:
http:
endpoint: https://collector:4318/v1/logs
```
```toml tab="File (TOML)"
[log.otlp.http]
endpoint = "https://collector:4318/v1/logs"
```
```bash tab="CLI"
--log.otlp.http.endpoint=https://collector:4318/v1/logs
```
#### `headers`
_Optional, Default={}_
Additional headers sent with logs by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
log:
otlp:
http:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[log.otlp.http.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--log.otlp.http.headers.foo=bar --log.otlp.http.headers.baz=buz
```
#### `tls`
_Optional_
Defines the Client TLS configuration used by the exporter to send logs to the OpenTelemetry Collector.
##### `ca`
_Optional_
`ca` is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
it defaults to the system bundle.
```yaml tab="File (YAML)"
log:
otlp:
http:
tls:
ca: path/to/ca.crt
```
```toml tab="File (TOML)"
[log.otlp.http.tls]
ca = "path/to/ca.crt"
```
```bash tab="CLI"
--log.otlp.http.tls.ca=path/to/ca.crt
```
##### `cert`
_Optional_
`cert` is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `key` option is required.
```yaml tab="File (YAML)"
log:
otlp:
http:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[log.otlp.http.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--log.otlp.http.tls.cert=path/to/foo.cert
--log.otlp.http.tls.key=path/to/foo.key
```
##### `key`
_Optional_
`key` is the path to the private key used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `cert` option is required.
```yaml tab="File (YAML)"
log:
otlp:
http:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[log.otlp.http.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--log.otlp.http.tls.cert=path/to/foo.cert
--log.otlp.http.tls.key=path/to/foo.key
```
##### `insecureSkipVerify`
_Optional, Default=false_
If `insecureSkipVerify` is `true`,
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
```yaml tab="File (YAML)"
log:
otlp:
http:
tls:
insecureSkipVerify: true
```
```toml tab="File (TOML)"
[log.otlp.http.tls]
insecureSkipVerify = true
```
```bash tab="CLI"
--log.otlp.http.tls.insecureSkipVerify=true
```
### gRPC configuration
_Optional_
This instructs the exporter to send logs to the OpenTelemetry Collector using gRPC.
```yaml tab="File (YAML)"
log:
otlp:
grpc: {}
```
```toml tab="File (TOML)"
[log.otlp.grpc]
```
```bash tab="CLI"
--log.otlp.grpc=true
```
#### `endpoint`
_Required, Default="localhost:4317", Format="`<host>:<port>`"_
Address of the OpenTelemetry Collector to send logs to.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
endpoint: localhost:4317
```
```toml tab="File (TOML)"
[log.otlp.grpc]
endpoint = "localhost:4317"
```
```bash tab="CLI"
--log.otlp.grpc.endpoint=localhost:4317
```
#### `insecure`
_Optional, Default=false_
Allows exporter to send logs to the OpenTelemetry Collector without using a secured protocol.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
insecure: true
```
```toml tab="File (TOML)"
[log.otlp.grpc]
insecure = true
```
```bash tab="CLI"
--log.otlp.grpc.insecure=true
```
#### `headers`
_Optional, Default={}_
Additional headers sent with logs by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[log.otlp.grpc.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--log.otlp.grpc.headers.foo=bar --log.otlp.grpc.headers.baz=buz
```
#### `tls`
_Optional_
Defines the Client TLS configuration used by the exporter to send logs to the OpenTelemetry Collector.
##### `ca`
_Optional_
`ca` is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
it defaults to the system bundle.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
tls:
ca: path/to/ca.crt
```
```toml tab="File (TOML)"
[log.otlp.grpc.tls]
ca = "path/to/ca.crt"
```
```bash tab="CLI"
--log.otlp.grpc.tls.ca=path/to/ca.crt
```
##### `cert`
_Optional_
`cert` is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `key` option is required.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[log.otlp.grpc.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--log.otlp.grpc.tls.cert=path/to/foo.cert
--log.otlp.grpc.tls.key=path/to/foo.key
```
##### `key`
_Optional_
`key` is the path to the private key used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `cert` option is required.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[log.otlp.grpc.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--log.otlp.grpc.tls.cert=path/to/foo.cert
--log.otlp.grpc.tls.key=path/to/foo.key
```
##### `insecureSkipVerify`
_Optional, Default=false_
If `insecureSkipVerify` is `true`,
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
```yaml tab="File (YAML)"
log:
otlp:
grpc:
tls:
insecureSkipVerify: true
```
```toml tab="File (TOML)"
[log.otlp.grpc.tls]
insecureSkipVerify = true
```
```bash tab="CLI"
--log.otlp.grpc.tls.insecureSkipVerify=true
```
{!traefik-for-business-applications.md!}

14
docs/content/observability/metrics/opentelemetry.md
View file

@ -23,7 +23,7 @@ metrics:
!!! info "Default protocol"
The OpenTelemetry exporter will export metrics to the collector using HTTP by default to https://localhost:4318/v1/metrics, see the [gRPC Section](#grpc-configuration) to use gRPC.
The OpenTelemetry exporter will export metrics to the collector using HTTPS by default to https://localhost:4318/v1/metrics, see the [gRPC Section](#grpc-configuration) to use gRPC.
#### `addEntryPointsLabels`
@ -184,25 +184,29 @@ metrics:
#### `endpoint`
_Required, Default="http://localhost:4318/v1/metrics", Format="`<scheme>://<host>:<port><path>`"_
_Optional, Default="https://localhost:4318/v1/metrics", Format="`<scheme>://<host>:<port><path>`"_
URL of the OpenTelemetry Collector to send metrics to.
!!! info "Insecure mode"
To disable TLS, use `http://` instead of `https://` in the `endpoint` configuration.
```yaml tab="File (YAML)"
metrics:
otlp:
http:
endpoint: http://localhost:4318/v1/metrics
endpoint: https://collector:4318/v1/metrics
```
```toml tab="File (TOML)"
[metrics]
[metrics.otlp.http]
endpoint = "http://localhost:4318/v1/metrics"
endpoint = "https://collector:4318/v1/metrics"
```
```bash tab="CLI"
--metrics.otlp.http.endpoint=http://localhost:4318/v1/metrics
--metrics.otlp.http.endpoint=https://collector:4318/v1/metrics
```
#### `headers`

14
docs/content/observability/tracing/opentelemetry.md
View file

@ -25,7 +25,7 @@ tracing:
!!! info "Default protocol"
The OpenTelemetry trace exporter will export traces to the collector using HTTP by default to https://localhost:4318/v1/traces, see the [gRPC Section](#grpc-configuration) to use gRPC.
The OpenTelemetry trace exporter will export traces to the collector using HTTPS by default to https://localhost:4318/v1/traces, see the [gRPC Section](#grpc-configuration) to use gRPC.
!!! info "Trace sampling"
@ -72,25 +72,29 @@ tracing:
#### `endpoint`
_Required, Default="http://localhost:4318/v1/traces", Format="`<scheme>://<host>:<port><path>`"_
_Optional, Default="https://localhost:4318/v1/traces", Format="`<scheme>://<host>:<port><path>`"_
URL of the OpenTelemetry Collector to send spans to.
!!! info "Insecure mode"
To disable TLS, use `http://` instead of `https://` in the `endpoint` configuration.
```yaml tab="File (YAML)"
tracing:
otlp:
http:
endpoint: http://localhost:4318/v1/traces
endpoint: https://collector:4318/v1/traces
```
```toml tab="File (TOML)"
[tracing]
[tracing.otlp.http]
endpoint = "http://localhost:4318/v1/traces"
endpoint = "https://collector:4318/v1/traces"
```
```bash tab="CLI"
--tracing.otlp.http.endpoint=http://localhost:4318/v1/traces
--tracing.otlp.http.endpoint=https://collector:4318/v1/traces
```
#### `headers`

12
docs/content/observability/tracing/overview.md
View file

@ -92,29 +92,29 @@ tracing:
--tracing.sampleRate=0.2
```
#### `globalAttributes`
#### `resourceAttributes`
_Optional, Default=empty_
Applies a list of shared key:value attributes on all spans.
Defines additional resource attributes to be sent to the collector.
```yaml tab="File (YAML)"
tracing:
globalAttributes:
resourceAttributes:
attr1: foo
attr2: bar
```
```toml tab="File (TOML)"
[tracing]
[tracing.globalAttributes]
[tracing.resourceAttributes]
attr1 = "foo"
attr2 = "bar"
```
```bash tab="CLI"
--tracing.globalAttributes.attr1=foo
--tracing.globalAttributes.attr2=bar
--tracing.resourceAttributes.attr1=foo
--tracing.resourceAttributes.attr2=bar
```
#### `capturedRequestHeaders`

117
docs/content/reference/static-configuration/cli-ref.md
View file

@ -39,6 +39,60 @@ Keep access logs with status codes in the specified range.
`--accesslog.format`:
Access log format: json | common (Default: ```common```)
`--accesslog.otlp`:
Settings for OpenTelemetry. (Default: ```false```)
`--accesslog.otlp.grpc`:
gRPC configuration for the OpenTelemetry collector. (Default: ```false```)
`--accesslog.otlp.grpc.endpoint`:
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`--accesslog.otlp.grpc.headers.<name>`:
Headers sent with payload.
`--accesslog.otlp.grpc.insecure`:
Disables client transport security for the exporter. (Default: ```false```)
`--accesslog.otlp.grpc.tls.ca`:
TLS CA
`--accesslog.otlp.grpc.tls.cert`:
TLS cert
`--accesslog.otlp.grpc.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```)
`--accesslog.otlp.grpc.tls.key`:
TLS key
`--accesslog.otlp.http`:
HTTP configuration for the OpenTelemetry collector. (Default: ```false```)
`--accesslog.otlp.http.endpoint`:
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`--accesslog.otlp.http.headers.<name>`:
Headers sent with payload.
`--accesslog.otlp.http.tls.ca`:
TLS CA
`--accesslog.otlp.http.tls.cert`:
TLS cert
`--accesslog.otlp.http.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```)
`--accesslog.otlp.http.tls.key`:
TLS key
`--accesslog.otlp.resourceattributes.<name>`:
Defines additional resource attributes (key:value).
`--accesslog.otlp.servicename`:
Set the name for this service. (Default: ```traefik```)
`--api`:
Enable api/dashboard. (Default: ```false```)
@ -333,6 +387,60 @@ Maximum size in megabytes of the log file before it gets rotated. (Default: ```0
`--log.nocolor`:
When using the 'common' format, disables the colorized output. (Default: ```false```)
`--log.otlp`:
Settings for OpenTelemetry. (Default: ```false```)
`--log.otlp.grpc`:
gRPC configuration for the OpenTelemetry collector. (Default: ```false```)
`--log.otlp.grpc.endpoint`:
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`--log.otlp.grpc.headers.<name>`:
Headers sent with payload.
`--log.otlp.grpc.insecure`:
Disables client transport security for the exporter. (Default: ```false```)
`--log.otlp.grpc.tls.ca`:
TLS CA
`--log.otlp.grpc.tls.cert`:
TLS cert
`--log.otlp.grpc.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```)
`--log.otlp.grpc.tls.key`:
TLS key
`--log.otlp.http`:
HTTP configuration for the OpenTelemetry collector. (Default: ```false```)
`--log.otlp.http.endpoint`:
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`--log.otlp.http.headers.<name>`:
Headers sent with payload.
`--log.otlp.http.tls.ca`:
TLS CA
`--log.otlp.http.tls.cert`:
TLS cert
`--log.otlp.http.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```)
`--log.otlp.http.tls.key`:
TLS key
`--log.otlp.resourceattributes.<name>`:
Defines additional resource attributes (key:value).
`--log.otlp.servicename`:
Set the name for this service. (Default: ```traefik```)
`--metrics.addinternals`:
Enables metrics for internal services (ping, dashboard, etc...). (Default: ```false```)
@ -1138,7 +1246,7 @@ Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain).
Defines the allowed SPIFFE trust domain.
`--tracing`:
OpenTracing configuration. (Default: ```false```)
Tracing configuration. (Default: ```false```)
`--tracing.addinternals`:
Enables tracing for internal services (ping, dashboard, etc...). (Default: ```false```)
@ -1150,7 +1258,7 @@ Request headers to add as attributes for server and client spans.
Response headers to add as attributes for server and client spans.
`--tracing.globalattributes.<name>`:
Defines additional attributes (key:value) on all spans.
(Deprecated) Defines additional resource attributes (key:value).
`--tracing.otlp`:
Settings for OpenTelemetry. (Default: ```false```)
@ -1200,6 +1308,9 @@ TLS insecure skip verify (Default: ```false```)
`--tracing.otlp.http.tls.key`:
TLS key
`--tracing.resourceattributes.<name>`:
Defines additional resource attributes (key:value).
`--tracing.safequeryparams`:
Query params to not redact.
@ -1207,4 +1318,4 @@ Query params to not redact.
Sets the rate between 0.0 and 1.0 of requests to trace. (Default: ```1.000000```)
`--tracing.servicename`:
Set the name for this service. (Default: ```traefik```)
Sets the name for this service. (Default: ```traefik```)

117
docs/content/reference/static-configuration/env-ref.md
View file

@ -39,6 +39,60 @@ Keep access logs with status codes in the specified range.
`TRAEFIK_ACCESSLOG_FORMAT`:
Access log format: json | common (Default: ```common```)
`TRAEFIK_ACCESSLOG_OTLP`:
Settings for OpenTelemetry. (Default: ```false```)
`TRAEFIK_ACCESSLOG_OTLP_GRPC`:
gRPC configuration for the OpenTelemetry collector. (Default: ```false```)
`TRAEFIK_ACCESSLOG_OTLP_GRPC_ENDPOINT`:
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`TRAEFIK_ACCESSLOG_OTLP_GRPC_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_ACCESSLOG_OTLP_GRPC_INSECURE`:
Disables client transport security for the exporter. (Default: ```false```)
`TRAEFIK_ACCESSLOG_OTLP_GRPC_TLS_CA`:
TLS CA
`TRAEFIK_ACCESSLOG_OTLP_GRPC_TLS_CERT`:
TLS cert
`TRAEFIK_ACCESSLOG_OTLP_GRPC_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```)
`TRAEFIK_ACCESSLOG_OTLP_GRPC_TLS_KEY`:
TLS key
`TRAEFIK_ACCESSLOG_OTLP_HTTP`:
HTTP configuration for the OpenTelemetry collector. (Default: ```false```)
`TRAEFIK_ACCESSLOG_OTLP_HTTP_ENDPOINT`:
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`TRAEFIK_ACCESSLOG_OTLP_HTTP_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_ACCESSLOG_OTLP_HTTP_TLS_CA`:
TLS CA
`TRAEFIK_ACCESSLOG_OTLP_HTTP_TLS_CERT`:
TLS cert
`TRAEFIK_ACCESSLOG_OTLP_HTTP_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```)
`TRAEFIK_ACCESSLOG_OTLP_HTTP_TLS_KEY`:
TLS key
`TRAEFIK_ACCESSLOG_OTLP_RESOURCEATTRIBUTES_<NAME>`:
Defines additional resource attributes (key:value).
`TRAEFIK_ACCESSLOG_OTLP_SERVICENAME`:
Set the name for this service. (Default: ```traefik```)
`TRAEFIK_API`:
Enable api/dashboard. (Default: ```false```)
@ -333,6 +387,60 @@ Maximum size in megabytes of the log file before it gets rotated. (Default: ```0
`TRAEFIK_LOG_NOCOLOR`:
When using the 'common' format, disables the colorized output. (Default: ```false```)
`TRAEFIK_LOG_OTLP`:
Settings for OpenTelemetry. (Default: ```false```)
`TRAEFIK_LOG_OTLP_GRPC`:
gRPC configuration for the OpenTelemetry collector. (Default: ```false```)
`TRAEFIK_LOG_OTLP_GRPC_ENDPOINT`:
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`TRAEFIK_LOG_OTLP_GRPC_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_LOG_OTLP_GRPC_INSECURE`:
Disables client transport security for the exporter. (Default: ```false```)
`TRAEFIK_LOG_OTLP_GRPC_TLS_CA`:
TLS CA
`TRAEFIK_LOG_OTLP_GRPC_TLS_CERT`:
TLS cert
`TRAEFIK_LOG_OTLP_GRPC_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```)
`TRAEFIK_LOG_OTLP_GRPC_TLS_KEY`:
TLS key
`TRAEFIK_LOG_OTLP_HTTP`:
HTTP configuration for the OpenTelemetry collector. (Default: ```false```)
`TRAEFIK_LOG_OTLP_HTTP_ENDPOINT`:
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`TRAEFIK_LOG_OTLP_HTTP_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_LOG_OTLP_HTTP_TLS_CA`:
TLS CA
`TRAEFIK_LOG_OTLP_HTTP_TLS_CERT`:
TLS cert
`TRAEFIK_LOG_OTLP_HTTP_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```)
`TRAEFIK_LOG_OTLP_HTTP_TLS_KEY`:
TLS key
`TRAEFIK_LOG_OTLP_RESOURCEATTRIBUTES_<NAME>`:
Defines additional resource attributes (key:value).
`TRAEFIK_LOG_OTLP_SERVICENAME`:
Set the name for this service. (Default: ```traefik```)
`TRAEFIK_METRICS_ADDINTERNALS`:
Enables metrics for internal services (ping, dashboard, etc...). (Default: ```false```)
@ -1138,7 +1246,7 @@ Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain).
Defines the allowed SPIFFE trust domain.
`TRAEFIK_TRACING`:
OpenTracing configuration. (Default: ```false```)
Tracing configuration. (Default: ```false```)
`TRAEFIK_TRACING_ADDINTERNALS`:
Enables tracing for internal services (ping, dashboard, etc...). (Default: ```false```)
@ -1150,7 +1258,7 @@ Request headers to add as attributes for server and client spans.
Response headers to add as attributes for server and client spans.
`TRAEFIK_TRACING_GLOBALATTRIBUTES_<NAME>`:
Defines additional attributes (key:value) on all spans.
(Deprecated) Defines additional resource attributes (key:value).
`TRAEFIK_TRACING_OTLP`:
Settings for OpenTelemetry. (Default: ```false```)
@ -1200,6 +1308,9 @@ TLS insecure skip verify (Default: ```false```)
`TRAEFIK_TRACING_OTLP_HTTP_TLS_KEY`:
TLS key
`TRAEFIK_TRACING_RESOURCEATTRIBUTES_<NAME>`:
Defines additional resource attributes (key:value).
`TRAEFIK_TRACING_SAFEQUERYPARAMS`:
Query params to not redact.
@ -1207,4 +1318,4 @@ Query params to not redact.
Sets the rate between 0.0 and 1.0 of requests to trace. (Default: ```1.000000```)
`TRAEFIK_TRACING_SERVICENAME`:
Set the name for this service. (Default: ```traefik```)
Sets the name for this service. (Default: ```traefik```)

57
docs/content/reference/static-configuration/file.toml
View file

@ -381,6 +381,32 @@
maxAge = 42
maxBackups = 42
compress = true
[log.otlp]
serviceName = "foobar"
[log.otlp.resourceAttributes]
name0 = "foobar"
name1 = "foobar"
[log.otlp.grpc]
endpoint = "foobar"
insecure = true
[log.otlp.grpc.tls]
ca = "foobar"
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
[log.otlp.grpc.headers]
name0 = "foobar"
name1 = "foobar"
[log.otlp.http]
endpoint = "foobar"
[log.otlp.http.tls]
ca = "foobar"
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
[log.otlp.http.headers]
name0 = "foobar"
name1 = "foobar"
[accessLog]
filePath = "foobar"
@ -401,6 +427,32 @@
[accessLog.fields.headers.names]
name0 = "foobar"
name1 = "foobar"
[accessLog.otlp]
serviceName = "foobar"
[accessLog.otlp.resourceAttributes]
name0 = "foobar"
name1 = "foobar"
[accessLog.otlp.grpc]
endpoint = "foobar"
insecure = true
[accessLog.otlp.grpc.tls]
ca = "foobar"
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
[accessLog.otlp.grpc.headers]
name0 = "foobar"
name1 = "foobar"
[accessLog.otlp.http]
endpoint = "foobar"
[accessLog.otlp.http.tls]
ca = "foobar"
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
[accessLog.otlp.http.headers]
name0 = "foobar"
name1 = "foobar"
[tracing]
serviceName = "foobar"
@ -409,7 +461,7 @@
safeQueryParams = ["foobar", "foobar"]
sampleRate = 42.0
addInternals = true
[tracing.globalAttributes]
[tracing.resourceAttributes]
name0 = "foobar"
name1 = "foobar"
[tracing.otlp]
@ -434,6 +486,9 @@
[tracing.otlp.http.headers]
name0 = "foobar"
name1 = "foobar"
[tracing.globalAttributes]
name0 = "foobar"
name1 = "foobar"
[hostResolver]
cnameFlattening = true

57
docs/content/reference/static-configuration/file.yaml
View file

@ -418,6 +418,32 @@ log:
maxAge: 42
maxBackups: 42
compress: true
otlp:
serviceName: foobar
resourceAttributes:
name0: foobar
name1: foobar
grpc:
endpoint: foobar
insecure: true
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
http:
endpoint: foobar
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
accessLog:
filePath: foobar
format: foobar
@ -439,9 +465,35 @@ accessLog:
name1: foobar
bufferingSize: 42
addInternals: true
otlp:
serviceName: foobar
resourceAttributes:
name0: foobar
name1: foobar
grpc:
endpoint: foobar
insecure: true
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
http:
endpoint: foobar
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
tracing:
serviceName: foobar
globalAttributes:
resourceAttributes:
name0: foobar
name1: foobar
capturedRequestHeaders:
@ -477,6 +529,9 @@ tracing:
headers:
name0: foobar
name1: foobar
globalAttributes:
name0: foobar
name1: foobar
hostResolver:
cnameFlattening: true
resolvConfig: foobar