diff --git a/docs/content/migration/v1-to-v2.md b/docs/content/migration/v1-to-v2.md
index ba0742c0f..38f97cdbb 100644
--- a/docs/content/migration/v1-to-v2.md
+++ b/docs/content/migration/v1-to-v2.md
@@ -20,7 +20,7 @@ feature by feature, of how the configuration looked like in v1, and how it now l
## Frontends and Backends Are Dead... <br/>... Long Live Routers, Middlewares, and Services
During the transition from v1 to v2, a number of internal pieces and components of Traefik were rewritten and reorganized.
-As such, the combination of core notions such as frontends and backends has been replaced with the combination of routers, services, and middlewares.
+As such, the combination of core notions such as frontends and backends has been replaced with the combination of [routers](../routing/routers/index.md), [services](../routing/services/index.md), and [middlewares](../middlewares/overview.md).
Typically, a router replaces a frontend, and a service assumes the role of a backend, with each router referring to a service.
However, even though a backend was in charge of applying any desired modification on the fly to the incoming request,
@@ -30,7 +30,7 @@ Then any router can refer to an instance of the wanted middleware.
!!! example "One frontend with basic auth and one backend, become one router, one service, and one basic auth middleware."
- ### v1
+ !!! info "v1"
```yaml tab="Docker"
labels:
@@ -92,7 +92,7 @@ Then any router can refer to an instance of the wanted middleware.
method = "wrr"
```
- ### v2
+ !!! info "v2"
```yaml tab="Docker"
labels:
@@ -187,11 +187,11 @@ Then any router can refer to an instance of the wanted middleware.
TLS parameters used to be specified in the static configuration, as an entryPoint field.
With Traefik v2, a new dynamic TLS section at the root contains all the desired TLS configurations.
-Then, a router's TLS field can refer to one of the TLS configurations defined at the root, hence defining the TLS configuration for that router.
+Then, a [router's TLS field](../routing/routers/index.md#tls) can refer to one of the [TLS configurations](../https/tls.md) defined at the root, hence defining the [TLS configuration](../https/tls.md) for that router.
!!! example "TLS on web-secure entryPoint becomes TLS option on Router-1"
- ### v1
+ !!! info "v1"
```toml tab="File (TOML)"
# static configuration
@@ -214,7 +214,7 @@ Then, a router's TLS field can refer to one of the TLS configurations defined at
--entryPoints='Name:web-secure Address::443 TLS:path/to/my.cert,path/to/my.key TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384'
```
- ### v2
+ !!! info "v2"
```toml tab="File (TOML)"
# dynamic configuration
@@ -307,33 +307,523 @@ Then, a router's TLS field can refer to one of the TLS configurations defined at
- "traefik.http.routers.router0.tls.options=myTLSOptions@file"
```
-## HTTP -> HTTPS Redirection
+## HTTP to HTTPS Redirection is now configured on Routers
- TODO
+Previously on Traefik v1, the redirection was applied on an entry point or on a frontend.
+With Traefik v2 it is applied on a [Router](../routing/routers/index.md).
-## ACME (let's encrypt)
+To apply a redirection, one of the redirect middlewares, [RedirectRegex](../middlewares/redirectregex.md) or [RedirectScheme](../middlewares/redirectscheme.md), has to be configured and added to the router middlewares list.
- TODO
+!!! example "HTTP to HTTPS redirection"
+
+ !!! info "v1"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ defaultEntryPoints = ["http", "https"]
+
+ [entryPoints]
+ [entryPoints.http]
+ address = ":80"
+ [entryPoints.http.redirect]
+ entryPoint = "https"
+
+ [entryPoints.https]
+ address = ":443"
+ [entryPoints.https.tls]
+ [[entryPoints.https.tls.certificates]]
+ certFile = "examples/traefik.crt"
+ keyFile = "examples/traefik.key"
+ ```
+
+ ```bash tab="CLI"
+ --entrypoints=Name:web Address::80 Redirect.EntryPoint:web-secure
+ --entryPoints='Name:web-secure Address::443 TLS:path/to/my.cert,path/to/my.key'
+ ```
+
+ !!! info "v2"
+
+ ```yaml tab="Docker"
+ labels:
+ - traefik.http.routers.web.rule=Host(`foo.com`)
+ - traefik.http.routers.web.entrypoints=web
+ - traefik.http.routers.web.middlewares=redirect@file
+ - traefik.http.routers.web-secured.rule=Host(`foo.com`)
+ - traefik.http.routers.web-secured.entrypoints=web-secure
+ - traefik.http.routers.web-secured.tls=true
+ ```
+
+ ```yaml tab="K8s IngressRoute"
+ apiVersion: traefik.containo.us/v1alpha1
+ kind: IngressRoute
+ metadata:
+ name: http-redirect-ingressRoute
+
+ spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`foo.com`)
+ kind: Rule
+ services:
+ - name: whoami
+ port: 80
+ middlewares:
+ - name: redirect
+
+ ---
+ apiVersion: traefik.containo.us/v1alpha1
+ kind: IngressRoute
+ metadata:
+ name: https-ingressRoute
+
+ spec:
+ entryPoints:
+ - web-secure
+ routes:
+ - match: Host(`foo`)
+ kind: Rule
+ services:
+ - name: whoami
+ port: 80
+ tls: {}
+
+ ---
+ apiVersion: traefik.containo.us/v1alpha1
+ kind: Middleware
+ metadata:
+ name: redirect
+ spec:
+ redirectScheme:
+ scheme: https
+
+ ```
+
+ ```toml tab="File (TOML)"
+ ## static configuration
+ # traefik.toml
+
+ [entryPoints.web]
+ address = ":80"
+
+ [entryPoints.web-secure]
+ address = ":443"
+
+ ##---------------------##
+
+ ## dynamic configuration
+ # dymanic-conf.toml
+
+ [http.routers]
+ [http.routers.router0]
+ rule = "Host(`foo.com`)"
+ service = "my-service"
+ entrypoints = "web"
+ middlewares = ["redirect"]
+
+ [http.routers.router1]
+ rule = "Host(`foo.com`)"
+ service = "my-service"
+ entrypoints = "web-secure"
+ [http.routers.router1.tls]
+
+ [http.services]
+ [[http.services.my-service.loadBalancer.servers]]
+ url = "http://10.10.10.1:80"
+ [[http.services.my-service.loadBalancer.servers]]
+ url = "http://10.10.10.2:80"
+
+ [http.middlewares]
+ [http.middlewares.redirect.redirectScheme]
+ scheme = "https"
+
+ [[tls.certificates]]
+ certFile = "/path/to/domain.cert"
+ keyFile = "/path/to/domain.key"
+ ```
+
+ ```yaml tab="File (YAML)"
+ ## static configuration
+ # traefik.yml
+
+ entryPoints:
+ web:
+ address: ":80"
+
+ web-secure:
+ address: ":443"
+
+ ##---------------------##
+
+ ## dynamic configuration
+ # dymanic-conf.yml
+
+ http:
+ routers:
+ router0:
+ rule: "Host(`foo.com`)"
+ entryPoints:
+ - web
+ middlewares:
+ - redirect
+ service: my-service
+
+ router1:
+ rule: "Host(`foo.com`)"
+ entryPoints:
+ - web-secure
+ service: my-service
+ tls: {}
+
+ services:
+ my-service:
+ loadBalancer:
+ servers:
+ - url: http://10.10.10.1:80
+ - url: http://10.10.10.2:80
+
+ middlewares:
+ redirect:
+ redirectScheme:
+ scheme: https
+
+ tls:
+ certificates:
+ - certFile: /app/certs/server/server.pem
+ keyFile: /app/certs/server/server.pem
+ ```
+
+## ACME (LetsEncrypt)
+
+[ACME](../https/acme.md) is now a certificate resolver (under a certificatesResolvers section) but remains in the static configuration.
+
+!!! example "ACME from provider to a specific Certificate Resolver"
+
+ !!! info "v1"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ defaultEntryPoints = ["web-secure","web"]
+
+ [entryPoints.web]
+ address = ":80"
+ [entryPoints.web.redirect]
+ entryPoint = "webs"
+ [entryPoints.web-secure]
+ address = ":443"
+ [entryPoints.https.tls]
+
+ [acme]
+ email = "your-email-here@my-awesome-app.org"
+ storage = "acme.json"
+ entryPoint = "web-secure"
+ onHostRule = true
+ [acme.httpChallenge]
+ entryPoint = "web"
+ ```
+
+ ```bash tab="CLI"
+ --defaultentrypoints=web-secure,web
+ --entryPoints=Name:web Address::80 Redirect.EntryPoint:web-secure
+ --entryPoints=Name:web-secure Address::443 TLS
+ --acme.email=your-email-here@my-awesome-app.org
+ --acme.storage=acme.json
+ --acme.entryPoint=web-secure
+ --acme.onHostRule=true
+ --acme.httpchallenge.entrypoint=http
+ ```
+
+ !!! info "v2"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [entryPoints]
+ [entryPoints.web]
+ address = ":80"
+
+ [entryPoints.web-secure]
+ address = ":443"
+
+ [certificatesResolvers.sample.acme]
+ email = "your-email@your-domain.org"
+ storage = "acme.json"
+ [acme.httpChallenge]
+ # used during the challenge
+ entryPoint = "web"
+ ```
+
+ ```yaml tab="File (YAML)"
+ entryPoints:
+ web:
+ address: ":80"
+
+ web-secure:
+ address: ":443"
+
+ certificatesResolvers:
+ sample:
+ acme:
+ email: your-email@your-domain.org
+ storage: acme.json
+ httpChallenge:
+ # used during the challenge
+ entryPoint: web
+ ```
+
+ ```bash tab="CLI"
+ --entryPoints.web.address=":80"
+ --entryPoints.websecure.address=":443"
+ --certificatesResolvers.sample.acme.email: your-email@your-domain.org
+ --certificatesResolvers.sample.acme.storage: acme.json
+ --certificatesResolvers.sample.acme.httpChallenge.entryPoint: web
+ ```
## Traefik Logs
- TODO
+In the v2, all the [log configuration](../observability/logs.md) remains in the static part but are unified under a `log` section.
+There is no more log configuration at the root level.
+
+!!! example "Simple log configuration"
+
+ !!! info "v1"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ logLevel = "DEBUG"
+
+ [traefikLog]
+ filePath = "/path/to/traefik.log"
+ format = "json"
+ ```
+
+ ```bash tab="CLI"
+ --logLevel="DEBUG"
+ --traefikLog.filePath="/path/to/traefik.log"
+ --traefikLog.format="json"
+ ```
+
+ !!! info "v2"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [log]
+ level = "DEBUG"
+ filePath = "/path/to/log-file.log"
+ format = "json"
+ ```
+
+ ```yaml tab="File (YAML)"
+ # static configuration
+ log:
+ level: DEBUG
+ filePath: /path/to/log-file.log
+ format: json
+ ```
+
+ ```bash tab="CLI"
+ --log.level="DEBUG"
+ --log.filePath="/path/to/traefik.log"
+ --log.format="json"
+ ```
## Tracing
- TODO
+Traefik v2 retains OpenTracing support. The `backend` root option from the v1 is gone, you just have to set your [tracing configuration](../observability/tracing/overview.md).
+
+!!! example "Simple Jaeger tracing configuration"
+
+ !!! info "v1"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [tracing]
+ backend = "jaeger"
+ servicename = "tracing"
+ [tracing.jaeger]
+ samplingParam = 1.0
+ samplingServerURL = "http://12.0.0.1:5778/sampling"
+ samplingType = "const"
+ localAgentHostPort = "12.0.0.1:6831"
+ ```
+
+ ```bash tab="CLI"
+ --tracing.backend="jaeger"
+ --tracing.servicename="tracing"
+ --tracing.jaeger.localagenthostport="12.0.0.1:6831"
+ --tracing.jaeger.samplingparam="1.0"
+ --tracing.jaeger.samplingserverurl="http://12.0.0.1:5778/sampling"
+ --tracing.jaeger.samplingtype="const"
+ ```
+
+ !!! info "v2"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [tracing]
+ servicename = "tracing"
+ [tracing.jaeger]
+ samplingParam = 1.0
+ samplingServerURL = "http://12.0.0.1:5778/sampling"
+ samplingType = "const"
+ localAgentHostPort = "12.0.0.1:6831"
+ ```
+
+ ```yaml tab="File (YAML)"
+ # static configuration
+ tracing:
+ servicename: tracing
+ jaeger:
+ samplingParam: 1
+ samplingServerURL: 'http://12.0.0.1:5778/sampling'
+ samplingType: const
+ localAgentHostPort: '12.0.0.1:6831'
+ ```
+
+ ```bash tab="CLI"
+ --tracing.servicename="tracing"
+ --tracing.jaeger.localagenthostport="12.0.0.1:6831"
+ --tracing.jaeger.samplingparam="1.0"
+ --tracing.jaeger.samplingserverurl="http://12.0.0.1:5778/sampling"
+ --tracing.jaeger.samplingtype="const"
+ ```
## Metrics
- TODO
+The v2 retains metrics tools and allows metrics to be configured for the entrypoints and/or services.
+For a basic configuration, the [metrics configuration](../observability/metrics/overview.md) remains the same.
+
+!!! example "Simple Prometheus metrics configuration"
+
+ !!! info "v1"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [metrics.prometheus]
+ buckets = [0.1,0.3,1.2,5.0]
+ entryPoint = "traefik"
+ ```
+
+ ```bash tab="CLI"
+ --metrics.prometheus.buckets=[0.1,0.3,1.2,5.0]
+ --metrics.prometheus.entrypoint="traefik"
+ ```
+
+ !!! info "v2"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [metrics.prometheus]
+ buckets = [0.1,0.3,1.2,5.0]
+ entryPoint = "metrics"
+ ```
+
+ ```yaml tab="File (YAML)"
+ # static configuration
+ metrics:
+ prometheus:
+ buckets:
+ - 0.1
+ - 0.3
+ - 1.2
+ - 5
+ entryPoint: metrics
+ ```
+
+ ```bash tab="CLI"
+ --metrics.prometheus.buckets=[0.1,0.3,1.2,5.0]
+ --metrics.prometheus.entrypoint="metrics"
+ ```
## No more root level key/values
- TODO
+To avoid any source of confusion, there are no more configuration at the root level.
+Each root item has been moved to a related section or removed.
+
+!!! example "From root to dedicated section"
+
+ !!! info "v1"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ checkNewVersion = false
+ sendAnonymousUsage = true
+ logLevel = "DEBUG"
+ insecureSkipVerify = true
+ rootCAs = [ "/mycert.cert" ]
+ maxIdleConnsPerHost = 200
+ providersThrottleDuration = "2s"
+ AllowMinWeightZero = true
+ debug = true
+ defaultEntryPoints = ["web", "web-secure"]
+ keepTrailingSlash = false
+ ```
+
+ ```bash tab="CLI"
+ --checknewversion=false
+ --sendanonymoususage=true
+ --loglevel="DEBUG"
+ --insecureskipverify=true
+ --rootcas="/mycert.cert"
+ --maxidleconnsperhost=200
+ --providersthrottleduration="2s"
+ --allowminweightzero=true
+ --debug=true
+ --defaultentrypoints="web","web-secure"
+ --keeptrailingslash=true
+ ```
+
+ !!! info "v2"
+
+ ```toml tab="File (TOML)"
+ # static configuration
+ [global]
+ checkNewVersion = true
+ sendAnonymousUsage = true
+
+ [log]
+ level = "DEBUG"
+
+ [serversTransport]
+ insecureSkipVerify = true
+ rootCAs = [ "/mycert.cert" ]
+ maxIdleConnsPerHost = 42
+
+ [providers]
+ providersThrottleDuration = 42
+ ```
+
+ ```yaml tab="File (YAML)"
+ # static configuration
+ global:
+ checkNewVersion: true
+ sendAnonymousUsage: true
+
+ log:
+ level: DEBUG
+
+ serversTransport:
+ insecureSkipVerify: true
+ rootCAs:
+ - /mycert.cert
+ maxIdleConnsPerHost: 42
+
+ providers:
+ providersThrottleDuration: 42
+ ```
+
+ ```bash tab="CLI"
+ --global.checknewversion=true
+ --global.sendanonymoususage=true
+ --log.level="DEBUG"
+ --serverstransport.insecureskipverify=true
+ --serverstransport.rootcas="/mycert.cert"
+ --serverstransport.maxidleconnsperhost=42
+ --providers.providersthrottleduration=42
+ ```
## Providers
-Supported providers, for now:
+Supported [providers](../providers/overview.md), for now:
- [ ] Azure Service Fabric
- [ ] BoltDB
@@ -349,5 +839,6 @@ Supported providers, for now:
- [x] Kubernetes IngressRoute
- [x] Marathon
- [ ] Mesos
+- [x] Rancher
- [x] Rest
- [ ] Zookeeper