Merge branch v2.1 into master

2020-02-10 16:03:39 +01:00 · 2020-02-10 16:03:39 +01:00 · aa21351d0d
commit aa21351d0d
parent 97109db82b 8bb625adb7
76 changed files with 392 additions and 395 deletions
--- a/docs/content/assets/img/quickstart-diagram.png
+++ b/docs/content/assets/img/quickstart-diagram.png
--- a/docs/content/contributing/submitting-pull-requests.md
+++ b/docs/content/contributing/submitting-pull-requests.md
@ -3,11 +3,11 @@
 A Quick Guide for Efficient Contributions
 {: .subtitle }

-So you've decide to improve Traefik? 
+So you've decided to improve Traefik? 
 Thank You! 
 Now the last step is to submit your Pull Request in a way that makes sure it gets the attention it deserves.

-Let's go though the classic pitfalls to make sure everything is right. 
+Let's go through the classic pitfalls to make sure everything is right. 

 ## Title

@ -36,7 +36,7 @@ Help the readers focus on what matters, and help them understand the structure o
 - Add tests.
 - Address review comments in terms of additional commits (and don't amend/squash existing ones unless the PR is trivial).

-!!! note "third-party dependencies"
+!!! note "Third-Party Dependencies"

    If a PR involves changes to third-party dependencies, the commits pertaining to the vendor folder and the manifest/lock file(s) should be committed separated.

--- a/docs/content/getting-started/install-traefik.md
+++ b/docs/content/getting-started/install-traefik.md
@ -23,7 +23,7 @@ For more details, go to the [Docker provider documentation](../providers/docker.
    * Prefer a fixed version than the latest that could be an unexpected version.
    ex: `traefik:v2.0.0`
    * Docker images are based from the [Alpine Linux Official image](https://hub.docker.com/_/alpine).
-    * All the orchestrator using docker images could fetch the official Traefik docker image.
+    * Any orchestrator using docker images can fetch the official Traefik docker image.

 ## Use the Helm Chart

--- a/docs/content/https/acme.md
+++ b/docs/content/https/acme.md
@ -56,7 +56,7 @@ Please check the [configuration examples below](#configuration-examples) for mor
      [entryPoints.web]
        address = ":80"
    
-      [entryPoints.web-secure]
+      [entryPoints.websecure]
        address = ":443"
    
    [certificatesResolvers.le.acme]
@ -72,7 +72,7 @@ Please check the [configuration examples below](#configuration-examples) for mor
      web:
        address: ":80"
    
-      web-secure:
+      websecure:
        address: ":443"
    
    certificatesResolvers:
@ -196,7 +196,7 @@ when using the `HTTP-01` challenge, `certificatesResolvers.le.acme.httpChallenge
      [entryPoints.web]
        address = ":80"
      
-      [entryPoints.web-secure]
+      [entryPoints.websecure]
        address = ":443"
    
    [certificatesResolvers.le.acme]
@ -210,7 +210,7 @@ when using the `HTTP-01` challenge, `certificatesResolvers.le.acme.httpChallenge
      web:
        address: ":80"
    
-      web-secure:
+      websecure:
        address: ":443"
    
    certificatesResolvers:
@ -379,7 +379,7 @@ certificatesResolvers:

 ```bash tab="CLI"
 # ...
--certificatesResolvers.le.acme.dnsChallenge.resolvers:=1.1.1.1:53,8.8.8.8:53
+--certificatesResolvers.le.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53
 ```

 #### Wildcard Domains
--- a/docs/content/https/include-acme-multiple-domains-example.md
+++ b/docs/content/https/include-acme-multiple-domains-example.md
@ -22,7 +22,6 @@ deploy:
 ```

 ```yaml tab="Kubernetes"
---
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
--- a/docs/content/https/include-acme-multiple-domains-from-rule-example.md
+++ b/docs/content/https/include-acme-multiple-domains-from-rule-example.md
@ -18,7 +18,6 @@ deploy:
 ```

 ```yaml tab="Kubernetes"
---
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
@ -32,7 +31,8 @@ spec:
    services:
    - name: blog
      port: 8080
-  tls: {}
+  tls:
+    certresolver: le
 ```

 ```json tab="Marathon"
@ -58,7 +58,7 @@ labels:
  [http.routers.blog]
    rule = "(Host(`company.com`) && Path(`/blog`)) || Host(`blog.company.org`)"
    [http.routers.blog.tls]
-      certResolver = "le" # From static configuration
+      certResolver = "le"
 ```

 ```yaml tab="File (YAML)"
--- a/docs/content/https/include-acme-single-domain-example.md
+++ b/docs/content/https/include-acme-single-domain-example.md
@ -18,7 +18,6 @@ deploy:
 ```

 ```yaml tab="Kubernetes"
---
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
@ -32,7 +31,8 @@ spec:
    services:
    - name: blog
      port: 8080
-  tls: {}
+  tls:
+    certresolver: le
 ```

 ```json tab="Marathon"
@ -55,10 +55,10 @@ labels:
 ```toml tab="Single Domain"
 ## Dynamic configuration
 [http.routers]
-    [http.routers.blog]
-    rule = "Host(`company.com`) && Path(`/blog`)"
-    [http.routers.blog.tls]
-        certResolver = "le" # From static configuration
+  [http.routers.blog]
+  rule = "Host(`company.com`) && Path(`/blog`)"
+  [http.routers.blog.tls]
+    certResolver = "le"
 ```

 ```yaml tab="File (YAML)"
--- a/docs/content/index.md
+++ b/docs/content/index.md
@ -20,4 +20,9 @@ Developing Traefik, our main goal is to make it simple to use, and we're sure yo

 !!! info

-    If you're a business running critical services behind Traefik, know that [Containous](https://containo.us), the company that sponsors Traefik's development, can provide [commercial support](https://info.containo.us/commercial-services) and develops an [Enterprise Edition](https://containo.us/traefikee/) of Traefik. 
+    Join our user friendly and active [Community Forum](https://community.containo.us) to discuss, learn, and connect with the traefik community.
+    
+    If you're a business running critical services behind Traefik,
+    know that [Containous](https://containo.us), the company that sponsors Traefik's development,
+    can provide [commercial support](https://info.containo.us/commercial-services)
+    and develops an [Enterprise Edition](https://containo.us/traefikee/) of Traefik.
--- a/docs/content/middlewares/overview.md
+++ b/docs/content/middlewares/overview.md
@ -5,9 +5,9 @@ Tweaking the Request

 ![Overview](../assets/img/middleware/overview.png)

-Attached to the routers, pieces of middleware are a mean of tweaking the requests before they are sent to your [service](../routing/services/index.md) (or before the answer from the services are sent to the clients).
+Attached to the routers, pieces of middleware are a means of tweaking the requests before they are sent to your [service](../routing/services/index.md) (or before the answer from the services are sent to the clients).

-There are many different available middlewares in Traefik, some can modify the request, the headers, some are in charge of redirections, some add authentication, and so on.
+There are several available middleware in Traefik, some can modify the request, the headers, some are in charge of redirections, some add authentication, and so on.

 Pieces of middleware can be combined in chains to fit every scenario.

@ -130,7 +130,7 @@ http:

 ## Provider Namespace

-When you declare a middleware, it lives in its provider namespace.
+When you declare a middleware, it lives in its provider's namespace.
 For example, if you declare a middleware using a Docker label, under the hoods, it will reside in the docker provider namespace.

 If you use multiple providers and wish to reference a middleware declared in another provider
--- a/docs/content/migration/v1-to-v2.md
+++ b/docs/content/migration/v1-to-v2.md
@ -190,17 +190,17 @@ TLS parameters used to be specified in the static configuration, as an entryPoin
 With Traefik v2, a new dynamic TLS section at the root contains all the desired TLS configurations.
 Then, a [router's TLS field](../routing/routers/index.md#tls) can refer to one of the [TLS configurations](../https/tls.md) defined at the root, hence defining the [TLS configuration](../https/tls.md) for that router.

-!!! example "TLS on web-secure entryPoint becomes TLS option on Router-1"
+!!! example "TLS on websecure entryPoint becomes TLS option on Router-1"

    !!! info "v1"
    
    ```toml tab="File (TOML)"
    # static configuration
    [entryPoints]
-      [entryPoints.web-secure]
+      [entryPoints.websecure]
        address = ":443"
    
-        [entryPoints.web-secure.tls]
+        [entryPoints.websecure.tls]
          minVersion = "VersionTLS12"
          cipherSuites = [
            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
@ -210,13 +210,13 @@ Then, a [router's TLS field](../routing/routers/index.md#tls) can refer to one o
            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
          ]
-          [[entryPoints.web-secure.tls.certificates]]
+          [[entryPoints.websecure.tls.certificates]]
            certFile = "path/to/my.cert"
            keyFile = "path/to/my.key"
    ```

    ```bash tab="CLI"
-    --entryPoints='Name:web-secure Address::443 TLS:path/to/my.cert,path/to/my.key TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'
+    --entryPoints='Name:websecure Address::443 TLS:path/to/my.cert,path/to/my.key TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'
    ```

    !!! info "v2"
@ -818,32 +818,32 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
    
    ```toml tab="File (TOML)"
    # static configuration
-    defaultEntryPoints = ["web-secure","web"]
+    defaultEntryPoints = ["websecure","web"]
    
    [entryPoints.web]
    address = ":80"
      [entryPoints.web.redirect]
      entryPoint = "webs"
-    [entryPoints.web-secure]
+    [entryPoints.websecure]
      address = ":443"
      [entryPoints.https.tls]
    
    [acme]
      email = "your-email-here@my-awesome-app.org"
      storage = "acme.json"
-      entryPoint = "web-secure"
+      entryPoint = "websecure"
      onHostRule = true
      [acme.httpChallenge]
        entryPoint = "web"
    ```

    ```bash tab="CLI"
-    --defaultentrypoints=web-secure,web
-    --entryPoints=Name:web Address::80 Redirect.EntryPoint:web-secure
-    --entryPoints=Name:web-secure Address::443 TLS
+    --defaultentrypoints=websecure,web
+    --entryPoints=Name:web Address::80 Redirect.EntryPoint:websecure
+    --entryPoints=Name:websecure Address::443 TLS
    --acme.email=your-email-here@my-awesome-app.org
    --acme.storage=acme.json
-    --acme.entryPoint=web-secure
+    --acme.entryPoint=websecure
    --acme.onHostRule=true
    --acme.httpchallenge.entrypoint=http
    ```
@ -856,7 +856,7 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
      [entryPoints.web]
        address = ":80"
    
-      [entryPoints.web-secure]
+      [entryPoints.websecure]
        address = ":443"
    
    [certificatesResolvers.sample.acme]
@ -872,7 +872,7 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
      web:
        address: ":80"
    
-      web-secure:
+      websecure:
        address: ":443"
    
    certificatesResolvers:
@ -1069,7 +1069,7 @@ Each root item has been moved to a related section or removed.
    providersThrottleDuration = "2s"
    AllowMinWeightZero = true
    debug = true
-    defaultEntryPoints = ["web", "web-secure"]
+    defaultEntryPoints = ["web", "websecure"]
    keepTrailingSlash = false
    ```

@ -1083,7 +1083,7 @@ Each root item has been moved to a related section or removed.
    --providersthrottleduration=2s
    --allowminweightzero=true
    --debug=true
-    --defaultentrypoints=web,web-secure
+    --defaultentrypoints=web,websecure
    --keeptrailingslash=true
    ```

@ -1156,21 +1156,21 @@ As the dashboard access is now secured by default you can either:
    ## static configuration
    # traefik.toml
    
-    [entryPoints.web-secure]
+    [entryPoints.websecure]
      address = ":443"
-      [entryPoints.web-secure.tls]
-      [entryPoints.web-secure.auth]
-        [entryPoints.web-secure.auth.basic]
+      [entryPoints.websecure.tls]
+      [entryPoints.websecure.auth]
+        [entryPoints.websecure.auth.basic]
          users = [
            "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
          ]
    
    [api]
-      entryPoint = "web-secure"
+      entryPoint = "websecure"
    ```

    ```bash tab="CLI"
-    --entryPoints='Name:web-secure Address::443 TLS Auth.Basic.Users:test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/'
+    --entryPoints='Name:websecure Address::443 TLS Auth.Basic.Users:test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/'
    --api
    ```

@ -1180,7 +1180,7 @@ As the dashboard access is now secured by default you can either:
    # dynamic configuration
    labels:
      - "traefik.http.routers.api.rule=Host(`traefik.docker.localhost`)"
-      - "traefik.http.routers.api.entrypoints=web-secured"
+      - "traefik.http.routers.api.entrypoints=websecured"
      - "traefik.http.routers.api.service=api@internal"
      - "traefik.http.routers.api.middlewares=myAuth"
      - "traefik.http.routers.api.tls"
@ -1191,7 +1191,7 @@ As the dashboard access is now secured by default you can either:
    ## static configuration
    # traefik.toml
    
-    [entryPoints.web-secure]
+    [entryPoints.websecure]
      address = ":443"
    
    [api]
@ -1206,7 +1206,7 @@ As the dashboard access is now secured by default you can either:
    
    [http.routers.api]
      rule = "Host(`traefik.docker.localhost`)"
-      entrypoints = ["web-secure"]
+      entrypoints = ["websecure"]
      service = "api@internal"
      middlewares = ["myAuth"]
      [http.routers.api.tls]
@ -1222,7 +1222,7 @@ As the dashboard access is now secured by default you can either:
    # traefik.yaml
    
    entryPoints:
-      web-secure:
+      websecure:
        address: ':443'
        
    api: {}
@ -1241,7 +1241,7 @@ As the dashboard access is now secured by default you can either:
        api:
          rule: Host(`traefik.docker.localhost`)
          entrypoints:
-            - web-secure
+            - websecure
          service: api@internal
          middlewares:
            - myAuth
--- a/docs/content/providers/kubernetes-crd.md
+++ b/docs/content/providers/kubernetes-crd.md
@ -60,7 +60,7 @@ If you require LetsEncrypt with HA in a kubernetes environment, we recommend usi
 If you are wanting to continue to run Traefik Community Edition, LetsEncrypt HA can be achieved by using a Certificate Controller such as [Cert-Manager](https://docs.cert-manager.io/en/latest/index.html).
 When using Cert-Manager to manage certificates, it will create secrets in your namespaces that can be referenced as TLS secrets in your [ingress objects](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls).
 When using the Traefik Kubernetes CRD Provider, unfortunately Cert-Manager cannot interface directly with the CRDs _yet_, but this is being worked on by our team.
-A workaround it to enable the [Kubernetes Ingress provider](./kubernetes-ingress.md) to allow Cert-Manager to create ingress objects to complete the challenges.
+A workaround is to enable the [Kubernetes Ingress provider](./kubernetes-ingress.md) to allow Cert-Manager to create ingress objects to complete the challenges.
 Please note that this still requires manual intervention to create the certificates through Cert-Manager, but once created, Cert-Manager will keep the certificate renewed.

 ## Provider Configuration
--- a/docs/content/reference/dynamic-configuration/kubernetes-crd-resource.yml
+++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-resource.yml
@ -78,7 +78,7 @@ metadata:
 spec:
  entryPoints:
    - web
-    - web-secure
+    - websecure
  routes:
    - match: Host(`foo.com`) && PathPrefix(`/bar`)
      kind: Rule
--- a/docs/content/reference/dynamic-configuration/kubernetes-crd.yml
+++ b/docs/content/reference/dynamic-configuration/kubernetes-crd.yml
@ -152,7 +152,7 @@ metadata:
 spec:
  entryPoints:
    - web
-    - web-secure
+    - websecure
  routes:
    - match: Host(`foo.com`) && PathPrefix(`/bar`)
      kind: Rule