Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge current v3.0 into master #10750

Merged
merged 25 commits into from
May 22, 2024
Merged

Merge current v3.0 into master #10750

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
ee3e7cb
chore: patch migration/v2.md
stemar94 Apr 25, 2024
73e5dbb
Update Kubernetes version for v3 Helm chart
jnoordsij Apr 29, 2024
8d2a2ff
Native Kubernetes service load-balancing at the provider level
Prajithp Apr 29, 2024
d99d2f9
Prepare release v3.0.0
rtribotte Apr 29, 2024
b0d19bd
Bump tscert dependency to 28a91b69a046
kevinpollet Apr 30, 2024
aee515b
Regenerate v3.0.0 changelog
rtribotte May 2, 2024
a415040
Add link to the new http3 config in migration
yyewolf May 6, 2024
15973f5
Remove deadlines when handling PostgreSQL connections
rtribotte May 6, 2024
a4aad5c
fix: router documentation example
ldez May 13, 2024
d8cf90d
Improve mirroring example on Kubernetes
mloiseleur May 13, 2024
d8a778b
Fix log.compress value
mmatur May 13, 2024
c2c1c3e
Fix the rule syntax mechanism for TCP
lbenguigui May 14, 2024
5f2c00b
Fixed typo in PathRegexp explanation
BreadInvasion May 15, 2024
d65de8f
Fix rule syntax version for all internal routers
HalloTschuess May 15, 2024
f8e45a0
fix: doc consistency forwardauth
mmatur May 15, 2024
8b55864
fix: remove providers not more support in documentation
mmatur May 15, 2024
e68e647
Fix OTel documentation
nmengin May 16, 2024
4292059
Display of Content Security Policy values getting out of screen
brandonfl May 17, 2024
440cb11
Add support for IP White list
davidbaptista May 21, 2024
5e4dc78
Allow empty configuration for OpenTelemetry metrics and tracing
rtribotte May 21, 2024
d4d23dc
Fix UI unit tests
framebassman May 21, 2024
f02b223
Prepare release v2.11.3
kevinpollet May 21, 2024
cff71ee
Merge branch v2.11 into v3.0
kevinpollet May 21, 2024
736f37c
Prepare release v3.0.1
kevinpollet May 22, 2024
7fdb1ff
Merge branch v3.0 into master
kevinpollet May 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
212 changes: 212 additions & 0 deletions CHANGELOG.md
View file
Open in desktop

Large diffs are not rendered by default.

Binary file added docs/content/assets/img/middleware/ipwhitelist.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion docs/content/getting-started/install-traefik.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ Traefik can be installed in Kubernetes using the Helm chart from <https://github

Ensure that the following requirements are met:

* Kubernetes 1.16+
* Kubernetes 1.22+
* Helm version 3.9+ is [installed](https://helm.sh/docs/intro/install/)

Add Traefik Labs chart repository to Helm:
Expand Down
16 changes: 8 additions & 8 deletions docs/content/middlewares/http/forwardauth.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -300,7 +300,7 @@ labels:
```

```yaml tab="Kubernetes"
apiVersion: traefik.containo.us/v1alpha1
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: test-auth
Expand All @@ -316,13 +316,6 @@ spec:
- "traefik.http.middlewares.test-auth.forwardauth.addAuthCookiesToResponse=Session-Cookie,State-Cookie"
```

```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
addAuthCookiesToResponse = ["Session-Cookie", "State-Cookie"]
```

```yaml tab="File (YAML)"
http:
middlewares:
Expand All @@ -334,6 +327,13 @@ http:
- "State-Cookie"
```

```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
addAuthCookiesToResponse = ["Session-Cookie", "State-Cookie"]
```

### `tls`

_Optional_
Expand Down
40 changes: 0 additions & 40 deletions docs/content/middlewares/http/ipallowlist.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,18 +35,6 @@ spec:
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
```

```json tab="Marathon"
"labels": {
"traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange": "127.0.0.1/32,192.168.1.7"
}
```

```yaml tab="Rancher"
# Accepts request from defined IP
labels:
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
```

```yaml tab="File (YAML)"
# Accepts request from defined IP
http:
Expand Down Expand Up @@ -125,20 +113,6 @@ spec:
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.depth=2"
```

```json tab="Marathon"
"labels": {
"traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange": "127.0.0.1/32, 192.168.1.7",
"traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.depth": "2"
}
```

```yaml tab="Rancher"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
labels:
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.depth=2"
```

```yaml tab="File (YAML)"
# Allowlisting Based on `X-Forwarded-For` with `depth=2`
http:
Expand Down Expand Up @@ -207,20 +181,6 @@ spec:
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
```

```json tab="Marathon"
"labels": {
"traefik.http.middlewares.test-ipallowlist.ipallowlist.sourceRange=127.0.0.1/32, 192.168.1.0/24"
"traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips": "127.0.0.1/32, 192.168.1.7"
}
```

```yaml tab="Rancher"
# Exclude from `X-Forwarded-For`
labels:
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourceRange=127.0.0.1/32, 192.168.1.0/24"
- "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
```

```yaml tab="File (YAML)"
# Exclude from `X-Forwarded-For`
http:
Expand Down
1 change: 1 addition & 0 deletions docs/content/migration/v2-to-v3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,7 @@ It is now unsupported and would prevent Traefik to start.
##### Remediation

The `http3` option should be removed from the static configuration experimental section.
To configure `http3`, please checkout the [entrypoint configuration documentation](https://doc.traefik.io/traefik/v3.0/routing/entrypoints/#http3_1).

### Consul provider

Expand Down
2 changes: 1 addition & 1 deletion docs/content/migration/v2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -513,7 +513,7 @@ In `v2.10`, the Kubernetes CRDs API Group `traefik.containo.us` is deprecated, a
As the Kubernetes CRD provider still works with both API Versions (`traefik.io/v1alpha1` and `traefik.containo.us/v1alpha1`),
it means that for the same kind, namespace and name, the provider will only keep the `traefik.io/v1alpha1` resource.

In addition, the Kubernetes CRDs API Version `traefik.io/v1alpha1` will not be supported in Traefik v3 itself.
In addition, the Kubernetes CRDs API Version `traefik.containo.us/v1alpha1` will not be supported in Traefik v3 itself.

Please note that it is a requirement to update the CRDs and the RBAC in the cluster before upgrading Traefik.
To do so, please apply the required [CRDs](https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml) and [RBAC](https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml) manifests for v2.10:
Expand Down
6 changes: 3 additions & 3 deletions docs/content/observability/logs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,14 +169,14 @@ The default is not to perform compression.

```yaml tab="File (YAML)"
log:
compress: 3
compress: true
```

```toml tab="File (TOML)"
[log]
compress = 3
compress = true
```

```bash tab="CLI"
--log.compress=3
--log.compress=true
```
162 changes: 82 additions & 80 deletions docs/content/observability/metrics/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ description: "Traefik Proxy supports these metrics backend systems: Datadog, Inf

# Metrics

Traefik supports these metrics backends:
Traefik provides metrics in the [OpenTelemetry](./opentelemetry.md) format as well as the following vendor specific backends:

- [Datadog](./datadog.md)
- [InfluxDB2](./influxdb2.md)
Expand Down Expand Up @@ -46,6 +46,13 @@ addInternals = true
| Open connections | Gauge | `entrypoint`, `protocol` | The current count of open connections, by entrypoint and protocol. |
| TLS certificates not after | Gauge | | The expiration date of certificates. |

```opentelemetry tab="OpenTelemetry"
traefik_config_reloads_total
traefik_config_last_reload_success
traefik_open_connections
traefik_tls_certs_not_after
```

```prom tab="Prometheus"
traefik_config_reloads_total
traefik_config_last_reload_success
Expand Down Expand Up @@ -75,13 +82,6 @@ traefik.tls.certs.notAfterTimestamp
{prefix}.tls.certs.notAfterTimestamp
```

```opentelemetry tab="OpenTelemetry"
traefik_config_reloads_total
traefik_config_last_reload_success
traefik_open_connections
traefik_tls_certs_not_after
```

### Labels

Here is a comprehensive list of labels that are provided by the global metrics:
Expand All @@ -91,8 +91,56 @@ Here is a comprehensive list of labels that are provided by the global metrics:
| `entrypoint` | Entrypoint that handled the connection | "example_entrypoint" |
| `protocol` | Connection protocol | "TCP" |

## OpenTelemetry Semantic Conventions

Traefik Proxy follows [official OpenTelemetry semantic conventions v1.23.1](https://github.com/open-telemetry/semantic-conventions/blob/v1.23.1/docs/http/http-metrics.md).

### HTTP Server

| Metric | Type | [Labels](#labels) | Description |
|-------------------------------|-----------|------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| http.server.request.duration | Histogram | `error.type`, `http.request.method`, `http.response.status_code`, `network.protocol.name`, `server.address`, `server.port`, `url.scheme` | Duration of HTTP server requests |

#### Labels

Here is a comprehensive list of labels that are provided by the metrics:

| Label | Description | example |
|-----------------------------|--------------------------------------------------------------|---------------|
| `error.type` | Describes a class of error the operation ended with | "500" |
| `http.request.method` | HTTP request method | "GET" |
| `http.response.status_code` | HTTP response status code | "200" |
| `network.protocol.name` | OSI application layer or non-OSI equivalent | "http/1.1" |
| `network.protocol.version` | Version of the protocol specified in `network.protocol.name` | "1.1" |
| `server.address` | Name of the local HTTP server that received the request | "example.com" |
| `server.port` | Port of the local HTTP server that received the request | "80" |
| `url.scheme` | The URI scheme component identifying the used protocol | "http" |

### HTTP Client

| Metric | Type | [Labels](#labels) | Description |
|-------------------------------|-----------|------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| http.client.request.duration | Histogram | `error.type`, `http.request.method`, `http.response.status_code`, `network.protocol.name`, `server.address`, `server.port`, `url.scheme` | Duration of HTTP client requests |

#### Labels

Here is a comprehensive list of labels that are provided by the metrics:

| Label | Description | example |
|-----------------------------|--------------------------------------------------------------|---------------|
| `error.type` | Describes a class of error the operation ended with | "500" |
| `http.request.method` | HTTP request method | "GET" |
| `http.response.status_code` | HTTP response status code | "200" |
| `network.protocol.name` | OSI application layer or non-OSI equivalent | "http/1.1" |
| `network.protocol.version` | Version of the protocol specified in `network.protocol.name` | "1.1" |
| `server.address` | Name of the local HTTP server that received the request | "example.com" |
| `server.port` | Port of the local HTTP server that received the request | "80" |
| `url.scheme` | The URI scheme component identifying the used protocol | "http" |

## HTTP Metrics

On top of the official OpenTelemetry semantic conventions, Traefik provides its own metrics to monitor the incoming traffic.

### EntryPoint Metrics

| Metric | Type | [Labels](#labels) | Description |
Expand All @@ -103,6 +151,14 @@ Here is a comprehensive list of labels that are provided by the global metrics:
| Requests bytes total | Count | `code`, `method`, `protocol`, `entrypoint` | The total size of HTTP requests in bytes handled by an entrypoint. |
| Responses bytes total | Count | `code`, `method`, `protocol`, `entrypoint` | The total size of HTTP responses in bytes handled by an entrypoint. |

```opentelemetry tab="OpenTelemetry"
traefik_entrypoint_requests_total
traefik_entrypoint_requests_tls_total
traefik_entrypoint_request_duration_seconds
traefik_entrypoint_requests_bytes_total
traefik_entrypoint_responses_bytes_total
```

```prom tab="Prometheus"
traefik_entrypoint_requests_total
traefik_entrypoint_requests_tls_total
Expand Down Expand Up @@ -136,14 +192,6 @@ traefik.entrypoint.responses.bytes.total
{prefix}.entrypoint.responses.bytes.total
```

```opentelemetry tab="OpenTelemetry"
traefik_entrypoint_requests_total
traefik_entrypoint_requests_tls_total
traefik_entrypoint_request_duration_seconds
traefik_entrypoint_requests_bytes_total
traefik_entrypoint_responses_bytes_total
```

### Router Metrics

| Metric | Type | [Labels](#labels) | Description |
Expand All @@ -154,6 +202,14 @@ traefik_entrypoint_responses_bytes_total
| Requests bytes total | Count | `code`, `method`, `protocol`, `router`, `service` | The total size of HTTP requests in bytes handled by a router. |
| Responses bytes total | Count | `code`, `method`, `protocol`, `router`, `service` | The total size of HTTP responses in bytes handled by a router. |

```opentelemetry tab="OpenTelemetry"
traefik_router_requests_total
traefik_router_requests_tls_total
traefik_router_request_duration_seconds
traefik_router_requests_bytes_total
traefik_router_responses_bytes_total
```

```prom tab="Prometheus"
traefik_router_requests_total
traefik_router_requests_tls_total
Expand Down Expand Up @@ -187,14 +243,6 @@ traefik.router.responses.bytes.total
{prefix}.router.responses.bytes.total
```

```opentelemetry tab="OpenTelemetry"
traefik_router_requests_total
traefik_router_requests_tls_total
traefik_router_request_duration_seconds
traefik_router_requests_bytes_total
traefik_router_responses_bytes_total
```

### Service Metrics

| Metric | Type | Labels | Description |
Expand All @@ -207,6 +255,16 @@ traefik_router_responses_bytes_total
| Requests bytes total | Count | `code`, `method`, `protocol`, `service` | The total size of requests in bytes received by a service. |
| Responses bytes total | Count | `code`, `method`, `protocol`, `service` | The total size of responses in bytes returned by a service. |

```opentelemetry tab="OpenTelemetry"
traefik_service_requests_total
traefik_service_requests_tls_total
traefik_service_request_duration_seconds
traefik_service_retries_total
traefik_service_server_up
traefik_service_requests_bytes_total
traefik_service_responses_bytes_total
```

```prom tab="Prometheus"
traefik_service_requests_total
traefik_service_requests_tls_total
Expand Down Expand Up @@ -248,16 +306,6 @@ traefik.service.responses.bytes.total
{prefix}.service.responses.bytes.total
```

```opentelemetry tab="OpenTelemetry"
traefik_service_requests_total
traefik_service_requests_tls_total
traefik_service_request_duration_seconds
traefik_service_retries_total
traefik_service_server_up
traefik_service_requests_bytes_total
traefik_service_responses_bytes_total
```

### Labels

Here is a comprehensive list of labels that are provided by the metrics:
Expand All @@ -282,49 +330,3 @@ Here is a comprehensive list of labels that are provided by the metrics:
If the HTTP method verb on a request is not one defined in the set of common methods for [`HTTP/1.1`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods)
or the [`PRI`](https://datatracker.ietf.org/doc/html/rfc7540#section-11.6) verb (for `HTTP/2`),
then the value for the method label becomes `EXTENSION_METHOD`.

## Semantic Conventions for HTTP Metrics

Traefik Proxy follows [official OTLP semantic conventions v1.23.1](https://github.com/open-telemetry/semantic-conventions/blob/v1.23.1/docs/http/http-metrics.md).

### HTTP Server

| Metric | Type | [Labels](#labels) | Description |
|-------------------------------|-----------|------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| http.server.request.duration | Histogram | `error.type`, `http.request.method`, `http.response.status_code`, `network.protocol.name`, `server.address`, `server.port`, `url.scheme` | Duration of HTTP server requests |

#### Labels

Here is a comprehensive list of labels that are provided by the metrics:

| Label | Description | example |
|-----------------------------|--------------------------------------------------------------|---------------|
| `error.type` | Describes a class of error the operation ended with | "500" |
| `http.request.method` | HTTP request method | "GET" |
| `http.response.status_code` | HTTP response status code | "200" |
| `network.protocol.name` | OSI application layer or non-OSI equivalent | "http/1.1" |
| `network.protocol.version` | Version of the protocol specified in `network.protocol.name` | "1.1" |
| `server.address` | Name of the local HTTP server that received the request | "example.com" |
| `server.port` | Port of the local HTTP server that received the request | "80" |
| `url.scheme` | The URI scheme component identifying the used protocol | "http" |

### HTTP Client

| Metric | Type | [Labels](#labels) | Description |
|-------------------------------|-----------|------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| http.client.request.duration | Histogram | `error.type`, `http.request.method`, `http.response.status_code`, `network.protocol.name`, `server.address`, `server.port`, `url.scheme` | Duration of HTTP client requests |

#### Labels

Here is a comprehensive list of labels that are provided by the metrics:

| Label | Description | example |
|-----------------------------|--------------------------------------------------------------|---------------|
| `error.type` | Describes a class of error the operation ended with | "500" |
| `http.request.method` | HTTP request method | "GET" |
| `http.response.status_code` | HTTP response status code | "200" |
| `network.protocol.name` | OSI application layer or non-OSI equivalent | "http/1.1" |
| `network.protocol.version` | Version of the protocol specified in `network.protocol.name` | "1.1" |
| `server.address` | Name of the local HTTP server that received the request | "example.com" |
| `server.port` | Port of the local HTTP server that received the request | "80" |
| `url.scheme` | The URI scheme component identifying the used protocol | "http" |
4 changes: 2 additions & 2 deletions docs/content/observability/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,14 @@ Read the [Access Logs documentation](./access-logs.md) to learn how to configure
Traefik offers a metrics feature that provides valuable insights about the performance and usage.
These metrics include the number of requests received, the requests duration, and more.

Traefik supports these metrics systems: Prometheus, Datadog, InfluxDB 2.X, and StatsD.
On top of supporting metrics in the OpenTelemetry format, Traefik supports the following vendor specific metrics systems: Prometheus, Datadog, InfluxDB 2.X, and StatsD.

Read the [Metrics documentation](./metrics/overview.md) to learn how to configure it.

## Tracing

The Traefik tracing system allows developers to gain deep visibility into the flow of requests through their infrastructure.

Traefik supports these tracing with OpenTelemetry.
Traefik provides tracing information in the OpenTelemery format.

Read the [Tracing documentation](./tracing/overview.md) to learn how to configure it.
Loading
Loading