mirror of
				https://github.com/containous/traefik.git
				synced 2025-10-26 07:33:18 +03:00 
			
		
		
		
	Merge current v2.4 into v2.5
This commit is contained in:
		| @@ -36,16 +36,17 @@ const ( | ||||
|  | ||||
| // Provider holds configurations of the provider. | ||||
| type Provider struct { | ||||
| 	Endpoint           string           `description:"Kubernetes server endpoint (required for external cluster client)." json:"endpoint,omitempty" toml:"endpoint,omitempty" yaml:"endpoint,omitempty"` | ||||
| 	Token              string           `description:"Kubernetes bearer token (not needed for in-cluster client)." json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty"` | ||||
| 	CertAuthFilePath   string           `description:"Kubernetes certificate authority file path (not needed for in-cluster client)." json:"certAuthFilePath,omitempty" toml:"certAuthFilePath,omitempty" yaml:"certAuthFilePath,omitempty"` | ||||
| 	Namespaces         []string         `description:"Kubernetes namespaces." json:"namespaces,omitempty" toml:"namespaces,omitempty" yaml:"namespaces,omitempty" export:"true"` | ||||
| 	LabelSelector      string           `description:"Kubernetes Ingress label selector to use." json:"labelSelector,omitempty" toml:"labelSelector,omitempty" yaml:"labelSelector,omitempty" export:"true"` | ||||
| 	IngressClass       string           `description:"Value of kubernetes.io/ingress.class annotation or IngressClass name to watch for." json:"ingressClass,omitempty" toml:"ingressClass,omitempty" yaml:"ingressClass,omitempty" export:"true"` | ||||
| 	IngressEndpoint    *EndpointIngress `description:"Kubernetes Ingress Endpoint." json:"ingressEndpoint,omitempty" toml:"ingressEndpoint,omitempty" yaml:"ingressEndpoint,omitempty" export:"true"` | ||||
| 	ThrottleDuration   ptypes.Duration  `description:"Ingress refresh throttle duration" json:"throttleDuration,omitempty" toml:"throttleDuration,omitempty" yaml:"throttleDuration,omitempty" export:"true"` | ||||
| 	AllowEmptyServices bool             `description:"Allow creation of services without endpoints." json:"allowEmptyServices,omitempty" toml:"allowEmptyServices,omitempty" yaml:"allowEmptyServices,omitempty" export:"true"` | ||||
| 	lastConfiguration  safe.Safe | ||||
| 	Endpoint                  string           `description:"Kubernetes server endpoint (required for external cluster client)." json:"endpoint,omitempty" toml:"endpoint,omitempty" yaml:"endpoint,omitempty"` | ||||
| 	Token                     string           `description:"Kubernetes bearer token (not needed for in-cluster client)." json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty"` | ||||
| 	CertAuthFilePath          string           `description:"Kubernetes certificate authority file path (not needed for in-cluster client)." json:"certAuthFilePath,omitempty" toml:"certAuthFilePath,omitempty" yaml:"certAuthFilePath,omitempty"` | ||||
| 	Namespaces                []string         `description:"Kubernetes namespaces." json:"namespaces,omitempty" toml:"namespaces,omitempty" yaml:"namespaces,omitempty" export:"true"` | ||||
| 	LabelSelector             string           `description:"Kubernetes Ingress label selector to use." json:"labelSelector,omitempty" toml:"labelSelector,omitempty" yaml:"labelSelector,omitempty" export:"true"` | ||||
| 	IngressClass              string           `description:"Value of kubernetes.io/ingress.class annotation or IngressClass name to watch for." json:"ingressClass,omitempty" toml:"ingressClass,omitempty" yaml:"ingressClass,omitempty" export:"true"` | ||||
| 	IngressEndpoint           *EndpointIngress `description:"Kubernetes Ingress Endpoint." json:"ingressEndpoint,omitempty" toml:"ingressEndpoint,omitempty" yaml:"ingressEndpoint,omitempty" export:"true"` | ||||
| 	ThrottleDuration          ptypes.Duration  `description:"Ingress refresh throttle duration" json:"throttleDuration,omitempty" toml:"throttleDuration,omitempty" yaml:"throttleDuration,omitempty" export:"true"` | ||||
| 	AllowEmptyServices        bool             `description:"Allow creation of services without endpoints." json:"allowEmptyServices,omitempty" toml:"allowEmptyServices,omitempty" yaml:"allowEmptyServices,omitempty" export:"true"` | ||||
| 	AllowExternalNameServices bool             `description:"Allow ExternalName services." json:"allowExternalNameServices,omitempty" toml:"allowExternalNameServices,omitempty" yaml:"allowExternalNameServices,omitempty" export:"true"` | ||||
| 	lastConfiguration         safe.Safe | ||||
| } | ||||
|  | ||||
| // EndpointIngress holds the endpoint information for the Kubernetes provider. | ||||
| @@ -107,6 +108,10 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe. | ||||
| 		return err | ||||
| 	} | ||||
|  | ||||
| 	if p.AllowExternalNameServices { | ||||
| 		logger.Warn("ExternalName service loading is enabled, please ensure that this is expected (see AllowExternalNameServices option)") | ||||
| 	} | ||||
|  | ||||
| 	pool.GoCtx(func(ctxPool context.Context) { | ||||
| 		operation := func() error { | ||||
| 			eventsChan, err := k8sClient.WatchAll(p.Namespaces, ctxPool.Done()) | ||||
| @@ -232,7 +237,7 @@ func (p *Provider) loadConfigurationFromIngresses(ctx context.Context, client Cl | ||||
| 				continue | ||||
| 			} | ||||
|  | ||||
| 			service, err := loadService(client, ingress.Namespace, *ingress.Spec.DefaultBackend) | ||||
| 			service, err := p.loadService(client, ingress.Namespace, *ingress.Spec.DefaultBackend) | ||||
| 			if err != nil { | ||||
| 				log.FromContext(ctx). | ||||
| 					WithField("serviceName", ingress.Spec.DefaultBackend.Service.Name). | ||||
| @@ -277,7 +282,7 @@ func (p *Provider) loadConfigurationFromIngresses(ctx context.Context, client Cl | ||||
| 			} | ||||
|  | ||||
| 			for _, pa := range rule.HTTP.Paths { | ||||
| 				service, err := loadService(client, ingress.Namespace, pa.Backend) | ||||
| 				service, err := p.loadService(client, ingress.Namespace, pa.Backend) | ||||
| 				if err != nil { | ||||
| 					log.FromContext(ctx). | ||||
| 						WithField("serviceName", pa.Backend.Service.Name). | ||||
| @@ -486,7 +491,7 @@ func getTLSConfig(tlsConfigs map[string]*tls.CertAndStores) []*tls.CertAndStores | ||||
| 	return configs | ||||
| } | ||||
|  | ||||
| func loadService(client Client, namespace string, backend networkingv1.IngressBackend) (*dynamic.Service, error) { | ||||
| func (p *Provider) loadService(client Client, namespace string, backend networkingv1.IngressBackend) (*dynamic.Service, error) { | ||||
| 	service, exists, err := client.GetService(namespace, backend.Service.Name) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| @@ -496,6 +501,10 @@ func loadService(client Client, namespace string, backend networkingv1.IngressBa | ||||
| 		return nil, errors.New("service not found") | ||||
| 	} | ||||
|  | ||||
| 	if !p.AllowExternalNameServices && service.Spec.Type == corev1.ServiceTypeExternalName { | ||||
| 		return nil, fmt.Errorf("externalName services not allowed: %s/%s", namespace, backend.Service.Name) | ||||
| 	} | ||||
|  | ||||
| 	var portName string | ||||
| 	var portSpec corev1.ServicePort | ||||
| 	var match bool | ||||
|   | ||||
		Reference in New Issue
	
	Block a user