Merge pull request #496 from containous/prepare-release-1.0.0

Prepare release 1.0.0

.travis.yml

@@ -4,6 +4,7 @@ env:
     - secure: btt4r13t09gQlHb6gYrvGC2yGCMMHfnp1Mz1RQedc4Mpf/FfT8aE6xmK2a2i9CCvskjrP0t/BFaS4yxIURjnFRn+ugQIEa0pLspB9UJArW/vgOSpIWM9/OQ/fg8z5XuMxN6Md4DL1/iLypMNSageA1x0TRdt89+D1N1dALpg5XRCXLFbC84TLi0gjlFuib9ibPKzEhLT+anCRJ6iZMzeupDSoaCVbAtJMoDvXw4+4AcRZ1+k4MybBLyCib5boaEOt4pTT88mz4Kk0YaMwPVJyg9Qv36VqyUcPS09Yd95LuyVQ4+tZt8Y1ccbIzULsK+sLM3hLCzxlmlpN3dQBlZJiiRtQde0mgGAKyC0P0A1XjuDTywcsa5edB+fTk1Dsewz9xZ9V0NmMz8t+UNZnaSsAPga9i86jULbXUUwMVSzVRc+Xgx02liB/8qI1xYC9FM6ilStt7rn7mF0k3KbiWhcptgeXjO6Lah9FjEKd5w4MXsdUSTi/86rQaLo+kj+XdaTrXCTulKHyRyQEUj+8V1w0oVz7pcGjePHd7y5oU9ByifVQy6sytuFBfRZvugM5bKHo+i0pcWvixrZS42DrzwxZJsspANOvqSe5ifVbvOkfUppQdCBIwptxV5N1b49XPKU3W/w34QJ8xGmKp3TFA7WwVCztriFHjPgiRpB3EG99Bg=
     - REPO: $TRAVIS_REPO_SLUG
     - VERSION: $TRAVIS_TAG
+    - CODENAME: reblochon
   matrix:
     - DOCKER_VERSION=1.9.1
     - DOCKER_VERSION=1.10.1

CHANGELOG.md

@@ -0,0 +1,107 @@
+# Change Log
+
+## [v1.0.0](https://github.com/containous/traefik/tree/v1.0.0) (2016-07-05)
+[Full Changelog](https://github.com/containous/traefik/compare/v1.0.0-rc3...v1.0.0)
+
+**Fixed bugs:**
+
+- Enable to define empty TLS option by flag for Let's Encrypt [\#488](https://github.com/containous/traefik/issues/488)
+- \[Docker\] No IP in backend in host networking mode [\#487](https://github.com/containous/traefik/issues/487)
+- Response is compressed when not requested [\#485](https://github.com/containous/traefik/issues/485)
+- loadConfig modifies configuration causing same config check to fail [\#480](https://github.com/containous/traefik/issues/480)
+
+**Closed issues:**
+
+- svg logo [\#482](https://github.com/containous/traefik/issues/482)
+- etcd tries to connect with TLS even with --etcd.tls=false [\#456](https://github.com/containous/traefik/issues/456)
+- Zookeeper - KV connection error: Failed to test KV store connection [\#455](https://github.com/containous/traefik/issues/455)
+- "Not Found" api response needed instead of 404  [\#454](https://github.com/containous/traefik/issues/454)
+- domain label doesn't work on docker [\#447](https://github.com/containous/traefik/issues/447)
+- Any chance of a windows release? [\#425](https://github.com/containous/traefik/issues/425)
+
+**Merged pull requests:**
+
+- Fix windows builds [\#495](https://github.com/containous/traefik/pull/495) ([emilevauge](https://github.com/emilevauge))
+- Fix host Docker network [\#494](https://github.com/containous/traefik/pull/494) ([emilevauge](https://github.com/emilevauge))
+- Fix empty tls flag [\#493](https://github.com/containous/traefik/pull/493) ([emilevauge](https://github.com/emilevauge))
+- Fix webui proxying [\#492](https://github.com/containous/traefik/pull/492) ([emilevauge](https://github.com/emilevauge))
+- Fix default weight in server.LoadConfig [\#491](https://github.com/containous/traefik/pull/491) ([emilevauge](https://github.com/emilevauge))
+- Fix retry headers, simplify ResponseRecorder [\#490](https://github.com/containous/traefik/pull/490) ([emilevauge](https://github.com/emilevauge))
+
+## [v1.0.0-rc3](https://github.com/containous/traefik/tree/v1.0.0-rc3) (2016-06-23)
+[Full Changelog](https://github.com/containous/traefik/compare/v1.0.0-rc2...v1.0.0-rc3)
+
+**Implemented enhancements:**
+
+- support more than one rule to Docker backend [\#419](https://github.com/containous/traefik/issues/419)
+
+**Fixed bugs:**
+
+- consulCatalog issue when serviceName contains a dot [\#475](https://github.com/containous/traefik/issues/475)
+- Issue with empty responses [\#463](https://github.com/containous/traefik/issues/463)
+- Severe memory leak in beta.470 and beyond crashes Traefik server  [\#462](https://github.com/containous/traefik/issues/462)
+- Marathon that starts with a space causes parsing errors. [\#459](https://github.com/containous/traefik/issues/459)
+- A frontend route without a rule \(or empty rule\) causes a crash when traefik starts [\#453](https://github.com/containous/traefik/issues/453)
+- container dropped out when connecting to Docker Swarm [\#442](https://github.com/containous/traefik/issues/442)
+- Traefik setting Accept-Encoding: gzip on requests \(Traefik may also be broken with chunked responses\) [\#421](https://github.com/containous/traefik/issues/421)
+
+**Closed issues:**
+
+- HTTP headers case gets modified [\#466](https://github.com/containous/traefik/issues/466)
+- File frontend \> Marathon Backend [\#465](https://github.com/containous/traefik/issues/465)
+- Websocket: Unable to hijack the connection [\#452](https://github.com/containous/traefik/issues/452)
+- kubernetes: Received event spamming? [\#449](https://github.com/containous/traefik/issues/449)
+- kubernetes: backends not updated when i scale replication controller? [\#448](https://github.com/containous/traefik/issues/448)
+- Add href link on frontend [\#436](https://github.com/containous/traefik/issues/436)
+- Multiple Domains Rule [\#430](https://github.com/containous/traefik/issues/430)
+
+**Merged pull requests:**
+
+- Disable constraints in doc until 1.1 [\#479](https://github.com/containous/traefik/pull/479) ([emilevauge](https://github.com/emilevauge))
+- Sort nodes before creating consul catalog config [\#478](https://github.com/containous/traefik/pull/478) ([keis](https://github.com/keis))
+- Fix spamming events in listenProviders [\#477](https://github.com/containous/traefik/pull/477) ([emilevauge](https://github.com/emilevauge))
+- Fix empty responses [\#476](https://github.com/containous/traefik/pull/476) ([emilevauge](https://github.com/emilevauge))
+- Fix acme renew [\#472](https://github.com/containous/traefik/pull/472) ([emilevauge](https://github.com/emilevauge))
+- Fix typo in error message. [\#471](https://github.com/containous/traefik/pull/471) ([KevinBusse](https://github.com/KevinBusse))
+- Fix errors load config [\#470](https://github.com/containous/traefik/pull/470) ([emilevauge](https://github.com/emilevauge))
+- Typo: Replace French words by English ones [\#469](https://github.com/containous/traefik/pull/469) ([kumy](https://github.com/kumy))
+- Fix marathon TLS/basic auth [\#468](https://github.com/containous/traefik/pull/468) ([emilevauge](https://github.com/emilevauge))
+- Fix memory leak in listenProviders [\#464](https://github.com/containous/traefik/pull/464) ([emilevauge](https://github.com/emilevauge))
+- Fix websocket connection Hijack [\#460](https://github.com/containous/traefik/pull/460) ([emilevauge](https://github.com/emilevauge))
+- Fix default KV configuration [\#450](https://github.com/containous/traefik/pull/450) ([emilevauge](https://github.com/emilevauge))
+- Fix panic if listContainers fails… [\#443](https://github.com/containous/traefik/pull/443) ([vdemeester](https://github.com/vdemeester))
+- mount acme folder instead of file [\#441](https://github.com/containous/traefik/pull/441) ([NicolasGeraud](https://github.com/NicolasGeraud))
+- feat\(constraints\): Supports constraints for docker backend [\#438](https://github.com/containous/traefik/pull/438) ([samber](https://github.com/samber))
+
+## [v1.0.0-rc2](https://github.com/containous/traefik/tree/v1.0.0-rc2) (2016-06-07)
+[Full Changelog](https://github.com/containous/traefik/compare/v1.0.0-rc1...v1.0.0-rc2)
+
+**Implemented enhancements:**
+
+- Add @samber to maintainers [\#440](https://github.com/containous/traefik/pull/440) ([emilevauge](https://github.com/emilevauge))
+
+**Fixed bugs:**
+
+- Panic on help [\#429](https://github.com/containous/traefik/issues/429)
+- Bad default values in configuration [\#427](https://github.com/containous/traefik/issues/427)
+
+**Closed issues:**
+
+- Traefik doesn't listen on IPv4 ports [\#434](https://github.com/containous/traefik/issues/434)
+- Not listening on port 80 [\#432](https://github.com/containous/traefik/issues/432)
+- docs need updating for new frontend rules format [\#423](https://github.com/containous/traefik/issues/423)
+- Does traefik supports for Mac? \(For devlelopment\)  [\#417](https://github.com/containous/traefik/issues/417)
+
+**Merged pull requests:**
+
+- Allow multiple rules [\#435](https://github.com/containous/traefik/pull/435) ([fclaeys](https://github.com/fclaeys))
+- Add routes priorities [\#433](https://github.com/containous/traefik/pull/433) ([emilevauge](https://github.com/emilevauge))
+- Fix default configuration [\#428](https://github.com/containous/traefik/pull/428) ([emilevauge](https://github.com/emilevauge))
+- Fix marathon groups subdomain [\#426](https://github.com/containous/traefik/pull/426) ([emilevauge](https://github.com/emilevauge))
+- Fix travis tag check [\#422](https://github.com/containous/traefik/pull/422) ([emilevauge](https://github.com/emilevauge))
+- log info about TOML configuration file using [\#420](https://github.com/containous/traefik/pull/420) ([cocap10](https://github.com/cocap10))
+- Doc about skipping some integration tests with '-check.f ConsulCatalogSuite' [\#418](https://github.com/containous/traefik/pull/418) ([samber](https://github.com/samber))
+
+
+
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

Makefile

@@ -5,7 +5,8 @@ TRAEFIK_ENVS := \
 	-e OS_PLATFORM_ARG \
 	-e TESTFLAGS \
 	-e VERBOSE \
-	-e VERSION
+	-e VERSION \
+	-e CODENAME
 
 SRCS = $(shell git ls-files '*.go' | grep -v '^external/')
 

README.md

@@ -59,7 +59,7 @@ Run it and forget it!
 - Websocket support
 - HTTP/2 support
 - Retry request if network error
-- [Let's Encrypt](https://letsencrypt.org) support (Automatic HTTPS)
+- [Let's Encrypt](https://letsencrypt.org) support (Automatic HTTPS with renewal)
 
 ## Demo
 
@@ -145,9 +145,12 @@ software products.
 Founded in 2014, Asteris creates next-generation infrastructure software for the modern datacenter. Asteris writes software that makes it easy for companies to implement continuous delivery and realtime data pipelines. We support the HashiCorp stack, along with Kubernetes, Apache Mesos, Spark and Kafka. We're core committers on mantl.io, consul-cli and mesos-consul.
 
 ## Maintainers
+
 - Emile Vauge [@emilevauge](https://github.com/emilevauge)
 - Vincent Demeester [@vdemeester](https://github.com/vdemeester)
 - Samuel Berthe [@samber](https://github.com/samber)
+- Russell Clare [@Russell-IO](https://github.com/Russell-IO)
+- Ed Robinson [@errm](https://github.com/errm)
 
 ## Credits
 

acme/acme.go

@@ -85,11 +85,11 @@ func (dc *DomainsCertificates) renewCertificates(acmeCert *Certificate, domain D
 
 	for _, domainsCertificate := range dc.Certs {
 		if reflect.DeepEqual(domain, domainsCertificate.Domains) {
-			domainsCertificate.Certificate = acmeCert
 			tlsCert, err := tls.X509KeyPair(acmeCert.Certificate, acmeCert.PrivateKey)
 			if err != nil {
 				return err
 			}
+			domainsCertificate.Certificate = acmeCert
 			domainsCertificate.tlsCert = &tlsCert
 			return nil
 		}
@@ -281,6 +281,9 @@ func (a *ACME) CreateConfig(tlsConfig *tls.Config, CheckOnDemandDomain func(doma
 
 	safe.Go(func() {
 		a.retrieveCertificates(client, account)
+		if err := a.renewCertificates(client, account); err != nil {
+			log.Errorf("Error renewing ACME certificate %+v: %s", account, err.Error())
+		}
 	})
 
 	tlsConfig.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
@@ -304,7 +307,6 @@ func (a *ACME) CreateConfig(tlsConfig *tls.Config, CheckOnDemandDomain func(doma
 		for {
 			select {
 			case <-ticker.C:
-
 				if err := a.renewCertificates(client, account); err != nil {
 					log.Errorf("Error renewing ACME certificate %+v: %s", account, err.Error())
 				}
@@ -343,6 +345,7 @@ func (a *ACME) retrieveCertificates(client *acme.Client, account *Account) {
 }
 
 func (a *ACME) renewCertificates(client *acme.Client, account *Account) error {
+	log.Debugf("Testing certificate renew...")
 	for _, certificateResource := range account.DomainsCertificate.Certs {
 		if certificateResource.needRenew() {
 			log.Debugf("Renewing certificate %+v", certificateResource.Domains)
@@ -352,9 +355,10 @@ func (a *ACME) renewCertificates(client *acme.Client, account *Account) error {
 				CertStableURL: certificateResource.Certificate.CertStableURL,
 				PrivateKey:    certificateResource.Certificate.PrivateKey,
 				Certificate:   certificateResource.Certificate.Certificate,
-			}, false)
+			}, true)
 			if err != nil {
-				return err
+				log.Errorf("Error renewing certificate: %v", err)
+				continue
 			}
 			log.Debugf("Renewed certificate %+v", certificateResource.Domains)
 			renewedACMECert := &Certificate{
@@ -366,10 +370,12 @@ func (a *ACME) renewCertificates(client *acme.Client, account *Account) error {
 			}
 			err = account.DomainsCertificate.renewCertificates(renewedACMECert, certificateResource.Domains)
 			if err != nil {
-				return err
+				log.Errorf("Error renewing certificate: %v", err)
+				continue
 			}
 			if err = a.saveAccount(account); err != nil {
-				return err
+				log.Errorf("Error saving ACME account: %v", err)
+				continue
 			}
 		}
 	}

acme/acme_test.go

@@ -2,6 +2,7 @@ package acme
 
 import (
 	"reflect"
+	"sync"
 	"testing"
 )
 
@@ -16,7 +17,7 @@ func TestDomainsSet(t *testing.T) {
 		ds := Domains{}
 		ds.Set(in)
 		if !reflect.DeepEqual(check, ds) {
-			t.Errorf("Expected %+v\nGo %+v", check, ds)
+			t.Errorf("Expected %+v\nGot %+v", check, ds)
 		}
 	}
 }
@@ -55,7 +56,203 @@ func TestDomainsSetAppend(t *testing.T) {
 	for i, in := range inSlice {
 		ds.Set(in)
 		if !reflect.DeepEqual(checkSlice[i], ds) {
-			t.Errorf("Expected  %s %+v\nGo %+v", in, checkSlice[i], ds)
+			t.Errorf("Expected  %s %+v\nGot %+v", in, checkSlice[i], ds)
 		}
 	}
 }
+
+func TestCertificatesRenew(t *testing.T) {
+	domainsCertificates := DomainsCertificates{
+		lock: &sync.RWMutex{},
+		Certs: []*DomainsCertificate{
+			{
+				Domains: Domain{
+					Main: "foo1.com",
+					SANs: []string{}},
+				Certificate: &Certificate{
+					Domain:        "foo1.com",
+					CertURL:       "url",
+					CertStableURL: "url",
+					PrivateKey: []byte(`
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA6OqHGdwGy20+3Jcz9IgfN4IR322X2Hhwk6n8Hss/Ws7FeTZo
+PvXW8uHeI1bmQJsy9C6xo3odzO64o7prgMZl5eDw5fk1mmUij3J3nM3gwtc/Cc+8
+ADXGldauASdHBFTRvWQge0Pv/Q5U0fyL2VCHoR9mGv4CQ7nRNKPus0vYJMbXoTbO
+8z4sIbNz3Ov9o/HGMRb8D0rNPTMdC62tHSbiO1UoxLXr9dcBOGt786AsiRTJ8bq9
+GCVQgzd0Wftb8z6ddW2YuWrmExlkHdfC4oG0D5SU1QB4ldPyl7fhVWlfHwC1NX+c
+RnDSEeYkAcdvvIekdM/yH+z62XhwToM0E9TCzwIDAQABAoIBACq3EC3S50AZeeTU
+qgeXizoP1Z1HKQjfFa5PB1jSZ30M3LRdIQMi7NfASo/qmPGSROb5RUS42YxC34PP
+ZXXJbNiaxzM13/m/wHXURVFxhF3XQc1X1p+nPRMvutulS2Xk9E4qdbaFgBbFsRKN
+oUwqc6U97+jVWq72/gIManNhXnNn1n1SRLBEkn+WStMPn6ZvWRlpRMjhy0c1mpwg
+u6em92HvMvfKPQ60naUhdKp+q0rsLp2YKWjiytos9ENSYI5gAGLIDhKeqiD8f92E
+4FGPmNRipwxCE2SSvZFlM26tRloWVcBPktRN79hUejE8iopiqVS0+4h/phZ2wG0D
+18cqVpECgYEA+qmagnhm0LLvwVkUN0B2nRARQEFinZDM4Hgiv823bQvc9I8dVTqJ
+aIQm5y4Y5UA3xmyDsRoO7GUdd0oVeh9GwTONzMRCOny/mOuOC51wXPhKHhI0O22u
+sfbOHszl+bxl6ZQMUJa2/I8YIWBLU5P+fTgrfNwBEgZ3YPwUV5tyHNcCgYEA7eAv
+pjQkbJNRq/fv/67sojN7N9QoH84egN5cZFh5d8PJomnsvy5JDV4WaG1G6mJpqjdD
+YRVdFw5oZ4L8yCVdCeK9op896Uy51jqvfSe3+uKmNqE0qDHgaLubQNI8yYc5sacW
+fYJBmDR6rNIeE7Q2240w3CdKfREuXdDnhyTTEskCgYBFeAnFTP8Zqe2+hSSQJ4J4
+BwLw7u4Yww+0yja/N5E1XItRD/TOMRnx6GYrvd/ScVjD2kEpLRKju2ZOMC8BmHdw
+hgwvitjcAsTK6cWFPI3uhjVsXhkxuzUmR0Naz+iQrQEFmi1LjGmMV1AVt+1IbYSj
+SZTr1sFJMJeXPmWY3hDjIwKBgQC4H9fCJoorIL0PB5NVreishHzT8fw84ibqSTPq
+2DDtazcf6C3AresN1c4ydqN1uUdg4fXdp9OujRBzTwirQ4CIrmFrBye89g7CrBo6
+Hgxivh06G/3OUw0JBG5f9lvnAiy+Pj9CVxi+36A1NU7ioZP0zY0MW71koW/qXlFY
+YkCfQQKBgBqwND/c3mPg7iY4RMQ9XjrKfV9o6FMzA51lAinjujHlNgsBmqiR951P
+NA3kWZQ73D3IxeLEMaGHpvS7andPN3Z2qPhe+FbJKcF6ZZNTrFQkh/Fpz3wmYPo1
+GIL4+09kNgMRWapaROqI+/3+qJQ+GVJZIPfYC0poJOO6vYqifWe8
+-----END RSA PRIVATE KEY-----
+`),
+					Certificate: []byte(`
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAeGgAwIBAgIJAK78ukR/Qu4rMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
+BAMMCGZvbzEuY29tMB4XDTE2MDYxOTIyMDMyM1oXDTI2MDYxNzIyMDMyM1owEzER
+MA8GA1UEAwwIZm9vMS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDo6ocZ3AbLbT7clzP0iB83ghHfbZfYeHCTqfweyz9azsV5Nmg+9dby4d4jVuZA
+mzL0LrGjeh3M7rijumuAxmXl4PDl+TWaZSKPcneczeDC1z8Jz7wANcaV1q4BJ0cE
+VNG9ZCB7Q+/9DlTR/IvZUIehH2Ya/gJDudE0o+6zS9gkxtehNs7zPiwhs3Pc6/2j
+8cYxFvwPSs09Mx0Lra0dJuI7VSjEtev11wE4a3vzoCyJFMnxur0YJVCDN3RZ+1vz
+Pp11bZi5auYTGWQd18LigbQPlJTVAHiV0/KXt+FVaV8fALU1f5xGcNIR5iQBx2+8
+h6R0z/If7PrZeHBOgzQT1MLPAgMBAAGjUDBOMB0GA1UdDgQWBBRFLH1wF6BT51uq
+yWNqBnCrPFIglzAfBgNVHSMEGDAWgBRFLH1wF6BT51uqyWNqBnCrPFIglzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAr7aH3Db6TeAZkg4Zd7SoF2q11
+erzv552PgQUyezMZcRBo2q1ekmUYyy2600CBiYg51G+8oUqjJKiKnBuaqbMX7pFa
+FsL7uToZCGA57cBaVejeB+p24P5bxoJGKCMeZcEBe5N93Tqu5WBxNEX7lQUo6TSs
+gSN2Olf3/grNKt5V4BduSIQZ+YHlPUWLTaz5B1MXKSUqjmabARP9lhjO14u9USvi
+dMBDFskJySQ6SUfz3fyoXELoDOVbRZETuSodpw+aFCbEtbcQCLT3A0FG+BEPayZH
+tt19zKUlr6e+YFpyjQPGZ7ZkY7iMgHEkhKrXx2DiZ1+cif3X1xfXWQr0S5+E
+-----END CERTIFICATE-----
+`),
+				},
+			},
+			{
+				Domains: Domain{
+					Main: "foo2.com",
+					SANs: []string{}},
+				Certificate: &Certificate{
+					Domain:        "foo2.com",
+					CertURL:       "url",
+					CertStableURL: "url",
+					PrivateKey: []byte(`
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEA7rIVuSrZ3FfYXhR3qaWwfVcgiqKS//yXFzNqkJS6mz9nRCNT
+lPawvrCFIRKdR7UO7xD7A5VTcbrGOAaTvrEaH7mB/4FGL+gN4AiTbVFpKXngAYEW
+A3//zeBZ7XUSWaQ+CNC+l796JeoDvQD++KwCke4rVD1pGN1hpVEeGhwzyKOYPKLo
+4+AGVe1LFWw4U/v8Iil1/gBBehZBILuhASpXy4W132LJPl76/EbGqh0nVz2UlFqU
+HRxO+2U2ba4YIpI+0/VOQ9Cq/TzHSUdTTLfBHE/Qb+aDBfptMWTRvAngLqUglOcZ
+Fi6SAljxEkJO6z6btmoVUWsoKBpbIHDC5++dZwIDAQABAoIBAAD8rYhRfAskNdnV
+vdTuwXcTOCg6md8DHWDULpmgc9EWhwfKGZthFcQEGNjVKd9VCVXFvTP7lxe+TPmI
+VW4Rb2k4LChxUWf7TqthfbKTBptMTLfU39Ft4xHn3pdTx5qlSjhhHJimCwxDFnbe
+nS9MDsqpsHYtttSKfc/gMP6spS4sNPZ/r9zseT3eWkBEhn+FQABxJiuPcQ7q7S+Q
+uOghmr7f3FeYvizQOhBtULsLrK/hsmQIIB4amS1QlpNWKbIoiUPNPjCA5PVQyAER
+waYjuc7imBbeD98L/z8bRTlEskSKjtPSEXGVHa9OYdBU+02Ci6TjKztUp6Ho7JE9
+tcHj+eECgYEA+9Ntv6RqIdpT/4/52JYiR+pOem3U8tweCOmUqm/p/AWyfAJTykqt
+cJ8RcK1MfM+uoa5Sjm8hIcA2XPVEqH2J50PC4w04Q3xtfsz3xs7KJWXQCoha8D0D
+ZIFNroEPnld0qOuJzpIIteXTrCLhSu17ZhN+Wk+5gJ7Ewu/QMM5OPjECgYEA8qbw
+zfwSjE6jkrqO70jzqSxgi2yjo0vMqv+BNBuhxhDTBXnKQI1KsHoiS0FkSLSJ9+DS
+CT3WEescD2Lumdm2s9HXvaMmnDSKBY58NqCGsNzZifSgmj1H/yS9FX8RXfSjXcxq
+RDvTbD52/HeaCiOxHZx8JjmJEb+ZKJC4MDvjtxcCgYBM516GvgEjYXdxfliAiijh
+6W4Z+Vyk5g/ODPc3rYG5U0wUjuljx7Z7xDghPusy2oGsIn5XvRxTIE35yXU0N1Jb
+69eiWzEpeuA9bv7kGdal4RfNf6K15wwYL1y3w/YvFuorg/LLwNEkK5Ge6e//X9Ll
+c2KM1fgCjXntRitAHGDMoQKBgDnkgodioLpA+N3FDN0iNqAiKlaZcOFA8G/LzfO0
+tAAhe3dO+2YzT6KTQSNbUqXWDSTKytHRowVbZrJ1FCA4xVJZunNQPaH/Fv8EY7ZU
+zk3cIzq61qZ2AHtrNIGwc2BLQb7bSm9FJsgojxLlJidNJLC/6Q7lo0JMyCnZfVhk
+sYu5AoGAZt/MfyFTKm674UddSNgGEt86PyVYbLMnRoAXOaNB38AE12kaYHPil1tL
+FnL8OQLpbX5Qo2JGgeZRlpMJ4Jxw2zzvUKr/n+6khaLxHmtX48hMu2QM7ZvnkZCs
+Kkgz6v+Wcqm94ugtl3HSm+u9xZzVQxN6gu/jZQv3VpQiAZHjPYc=
+-----END RSA PRIVATE KEY-----
+`),
+					Certificate: []byte(`
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAeGgAwIBAgIJAK25/Z9Jz6IBMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
+BAMMCGZvbzIuY29tMB4XDTE2MDYyMDA5MzUyNloXDTI2MDYxODA5MzUyNlowEzER
+MA8GA1UEAwwIZm9vMi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDushW5KtncV9heFHeppbB9VyCKopL//JcXM2qQlLqbP2dEI1OU9rC+sIUhEp1H
+tQ7vEPsDlVNxusY4BpO+sRofuYH/gUYv6A3gCJNtUWkpeeABgRYDf//N4FntdRJZ
+pD4I0L6Xv3ol6gO9AP74rAKR7itUPWkY3WGlUR4aHDPIo5g8oujj4AZV7UsVbDhT
++/wiKXX+AEF6FkEgu6EBKlfLhbXfYsk+Xvr8RsaqHSdXPZSUWpQdHE77ZTZtrhgi
+kj7T9U5D0Kr9PMdJR1NMt8EcT9Bv5oMF+m0xZNG8CeAupSCU5xkWLpICWPESQk7r
+Ppu2ahVRaygoGlsgcMLn751nAgMBAAGjUDBOMB0GA1UdDgQWBBQ6FZWqB9qI4NN+
+2jFY6xH8uoUTnTAfBgNVHSMEGDAWgBQ6FZWqB9qI4NN+2jFY6xH8uoUTnTAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCRhuf2dQhIEOmSOGgtRELF2wB6
+NWXt0lCty9x4u+zCvITXV8Z0C34VQGencO3H2bgyC3ZxNpPuwZfEc2Pxe8W6bDc/
+OyLckk9WLo00Tnr2t7rDOeTjEGuhXFZkhIbJbKdAH8cEXrxKR8UXWtZgTv/b8Hv/
+g6tbeH6TzBsdMoFtUCsyWxygYwnLU+quuYvE2s9FiCegf2mdYTCh/R5J5n/51gfB
+uC+NakKMfaCvNg3mOAFSYC/0r0YcKM/5ldKGTKTCVJAMhnmBnyRc/70rKkVRFy2g
+iIjUFs+9aAgfCiL0WlyyXYAtIev2gw4FHUVlcT/xKks+x8Kgj6e5LTIrRRwW
+-----END CERTIFICATE-----
+`),
+				},
+			},
+		},
+	}
+
+	newCertificate := &Certificate{
+		Domain:        "foo1.com",
+		CertURL:       "url",
+		CertStableURL: "url",
+		PrivateKey: []byte(`
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA1OdSuXK2zeSLf0UqgrI4pjkpaqhra++pnda4Li4jXo151svi
+Sn7DSynJOoq1jbfRJAoyDhxsBC4S4RuD54U5elJ4wLPZXmHRsvb+NwiHs9VmDqwu
+It21btuqeNMebkab5cnDnC6KKufMhXRcRAlluYXyCkQe/+N+LlUQd6Js34TixMpk
+eQOX4/OVrokSyVRnIq4u+o0Ufe7z5+41WVH63tcy7Hwi7244aLUzZCs+QQa2Dw6f
+qEwjbonr974fM68UxDjTZEQy9u24yDzajhDBp1OTAAklh7U+li3g9dSyNVBFXqEu
+nW2fyBvLqeJOSTihqfcrACB/YYhYOX94vMXELQIDAQABAoIBAFYK3t3fxI1VTiMz
+WsjTKh3TgC+AvVkz1ILbojfXoae22YS7hUrCDD82NgMYx+LsZPOBw1T8m5Lc4/hh
+3F8W8nHDHtYSWUjRk6QWOgsXwXAmUEahw0uH+qlA0ZZfDC9ZDexCLHHURTat03Qj
+4J4GhjwCLB2GBlk4IWisLCmNVR7HokrpfIw4oM1aB5E21Tl7zh/x7ikRijEkUsKw
+7YhaMeLJqBnMnAdV63hhF7FaDRjl8P2s/3octz/6pqDIABrDrUW3KAkNYCZIWdhF
+Kk0wRMbZ/WrYT9GIGoJe7coQC7ezTrlrEkAFEIPGHCLkgXB/0TyuSy0yY59e4zmi
+VvHoWUECgYEA/rOL2KJ/p+TZW7+YbsUzs0+F+M+G6UCr0nWfYN9MKmNtmns3eLDG
++pIpBMc5mjqeJR/sCCdkD8OqHC202Y8e4sr0pKSBeBofh2BmXtpyu3QQ50Pa63RS
+SK6mYUrFqPmFFDbNGpFI4sIeI+Vf6hm96FQPnyPtUTGqk39m0RbWM/UCgYEA1f04
+Nf3wbqwqIHZjYpPmymfjleyMn3hGUjpi7pmI6inXGMk3nkeG1cbOhnfPxL5BWD12
+3RqHI2B4Z4r0BMyjctDNb1TxhMIpm5+PKm5KeeKfoYA85IS0mEeq6VdMm3mL1x/O
+3LYvcUvAEVf6pWX/+ZFLMudqhF3jbTrdNOC6ZFkCgYBKpEeJdyW+CD0CvEVpwPUD
+yXxTjE3XMZKpHLtWYlop2fWW3iFFh1jouci3k8L3xdHuw0oioZibXhYOJ/7l+yFs
+CVpknakrj0xKGiAmEBKriLojbClN80rh7fzoakc+29D6OY0mCgm4GndGwcO4EU8s
+NOZXFupHbyy0CRQSloSzuQKBgQC1Z/MtIlefGuijmHlsakGuuR+gS2ZzEj1bHBAe
+gZ4mFM46PuqdjblqpR0TtaI3AarXqVOI4SJLBU9NR+jR4MF3Zjeh9/q/NvKa8Usn
+B1Svu0TkXphAiZenuKnVIqLY8tNvzZFKXlAd1b+/dDwR10SHR3rebnxINmfEg7Bf
+UVvyEQKBgAEjI5O6LSkLNpbVn1l2IO8u8D2RkFqs/Sbx78uFta3f9Gddzb4wMnt3
+jVzymghCLp4Qf1ump/zC5bcQ8L97qmnjJ+H8X9HwmkqetuI362JNnz+12YKVDIWi
+wI7SJ8BwDqYMrLw6/nE+degn39KedGDH8gz5cZcdlKTZLjbuBOfU
+-----END RSA PRIVATE KEY-----
+`),
+		Certificate: []byte(`
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAeGgAwIBAgIJAPQiOiQcwYaRMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
+BAMMCGZvbzEuY29tMB4XDTE2MDYxOTIyMTE1NFoXDTI2MDYxNzIyMTE1NFowEzER
+MA8GA1UEAwwIZm9vMS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDU51K5crbN5It/RSqCsjimOSlqqGtr76md1rguLiNejXnWy+JKfsNLKck6irWN
+t9EkCjIOHGwELhLhG4PnhTl6UnjAs9leYdGy9v43CIez1WYOrC4i3bVu26p40x5u
+RpvlycOcLooq58yFdFxECWW5hfIKRB7/434uVRB3omzfhOLEymR5A5fj85WuiRLJ
+VGciri76jRR97vPn7jVZUfre1zLsfCLvbjhotTNkKz5BBrYPDp+oTCNuiev3vh8z
+rxTEONNkRDL27bjIPNqOEMGnU5MACSWHtT6WLeD11LI1UEVeoS6dbZ/IG8up4k5J
+OKGp9ysAIH9hiFg5f3i8xcQtAgMBAAGjUDBOMB0GA1UdDgQWBBQPfkS5ehpstmSb
+8CGJE7GxSCxl2DAfBgNVHSMEGDAWgBQPfkS5ehpstmSb8CGJE7GxSCxl2DAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQA99A+itS9ImdGRGgHZ5fSusiEq
+wkK5XxGyagL1S0f3VM8e78VabSvC0o/xdD7DHVg6Az8FWxkkksH6Yd7IKfZZUzvs
+kXQhlOwWpxgmguSmAs4uZTymIoMFRVj3nG664BcXkKu4Yd9UXKNOWP59zgvrCJMM
+oIsmYiq5u0MFpM31BwfmmW3erqIcfBI9OJrmr1XDzlykPZNWtUSSfVuNQ8d4bim9
+XH8RfVLeFbqDydSTCHIFvYthH/ESbpRCiGJHoJ8QLfOkhD1k2fI0oJZn5RVtG2W8
+bZME3gHPYCk1QFZUptriMCJ5fMjCgxeOTR+FAkstb/lTRuCc4UyILJguIMar
+-----END CERTIFICATE-----
+`),
+	}
+
+	err := domainsCertificates.renewCertificates(
+		newCertificate,
+		Domain{
+			Main: "foo1.com",
+			SANs: []string{}})
+	if err != nil {
+		t.Errorf("Error in renewCertificates :%v", err)
+	}
+	if len(domainsCertificates.Certs) != 2 {
+		t.Errorf("Expected domainsCertificates length %d %+v\nGot %+v", 2, domainsCertificates.Certs, len(domainsCertificates.Certs))
+	}
+	if !reflect.DeepEqual(domainsCertificates.Certs[0].Certificate, newCertificate) {
+		t.Errorf("Expected new certificate %+v \nGot %+v", newCertificate, domainsCertificates.Certs[0].Certificate)
+	}
+}

acme/challengeProvider.go

@@ -29,7 +29,7 @@ func (c *wrapperChallengeProvider) getCertificate(domain string) (cert *tls.Cert
 }
 
 func (c *wrapperChallengeProvider) Present(domain, token, keyAuth string) error {
-	cert, err := acme.TLSSNI01ChallengeCert(keyAuth)
+	cert, _, err := acme.TLSSNI01ChallengeCert(keyAuth)
 	if err != nil {
 		return err
 	}

build.Dockerfile

@@ -22,4 +22,4 @@ COPY glide.yaml glide.yaml
 COPY glide.lock glide.lock
 RUN glide install
 
-COPY . /go/src/github.com/containous/traefik
+COPY . /go/src/github.com/containous/traefik

configuration.go

@@ -93,7 +93,7 @@ func (ep *EntryPoints) String() string {
 // Set's argument is a string to be parsed to set the flag.
 // It's a comma-separated list, so we split it.
 func (ep *EntryPoints) Set(value string) error {
-	regex := regexp.MustCompile("(?:Name:(?P<Name>\\S*))\\s*(?:Address:(?P<Address>\\S*))?\\s*(?:TLS:(?P<TLS>\\S*))?\\s*(?:Redirect.EntryPoint:(?P<RedirectEntryPoint>\\S*))?\\s*(?:Redirect.Regex:(?P<RedirectRegex>\\S*))?\\s*(?:Redirect.Replacement:(?P<RedirectReplacement>\\S*))?")
+	regex := regexp.MustCompile("(?:Name:(?P<Name>\\S*))\\s*(?:Address:(?P<Address>\\S*))?\\s*(?:TLS:(?P<TLS>\\S*))?\\s*((?P<TLSACME>TLS))?\\s*(?:Redirect.EntryPoint:(?P<RedirectEntryPoint>\\S*))?\\s*(?:Redirect.Regex:(?P<RedirectRegex>\\S*))?\\s*(?:Redirect.Replacement:(?P<RedirectReplacement>\\S*))?")
 	match := regex.FindAllStringSubmatch(value, -1)
 	if match == nil {
 		return errors.New("Bad EntryPoints format: " + value)
@@ -114,6 +114,10 @@ func (ep *EntryPoints) Set(value string) error {
 		tls = &TLS{
 			Certificates: certs,
 		}
+	} else if len(result["TLSACME"]) > 0 {
+		tls = &TLS{
+			Certificates: Certificates{},
+		}
 	}
 	var redirect *Redirect
 	if len(result["RedirectEntryPoint"]) > 0 || len(result["RedirectRegex"]) > 0 || len(result["RedirectReplacement"]) > 0 {
@@ -206,8 +210,7 @@ type Certificate struct {
 
 // Retry contains request retry config
 type Retry struct {
-	Attempts int   `description:"Number of attempts"`
-	MaxMem   int64 `description:"Maximum request body to be stored in memory in Mo"`
+	Attempts int `description:"Number of attempts"`
 }
 
 // NewTraefikDefaultPointersConfiguration creates a TraefikConfiguration with pointers default values
@@ -216,7 +219,6 @@ func NewTraefikDefaultPointersConfiguration() *TraefikConfiguration {
 	var defaultDocker provider.Docker
 	defaultDocker.Watch = true
 	defaultDocker.Endpoint = "unix:///var/run/docker.sock"
-	defaultDocker.TLS = &provider.DockerTLS{}
 
 	// default File
 	var defaultFile provider.File
@@ -238,8 +240,7 @@ func NewTraefikDefaultPointersConfiguration() *TraefikConfiguration {
 	var defaultConsul provider.Consul
 	defaultConsul.Watch = true
 	defaultConsul.Endpoint = "127.0.0.1:8500"
-	defaultConsul.Prefix = "/traefik"
-	defaultConsul.TLS = &provider.KvTLS{}
+	defaultConsul.Prefix = "traefik"
 	defaultConsul.Constraints = []types.Constraint{}
 
 	// default ConsulCatalog
@@ -252,7 +253,6 @@ func NewTraefikDefaultPointersConfiguration() *TraefikConfiguration {
 	defaultEtcd.Watch = true
 	defaultEtcd.Endpoint = "127.0.0.1:400"
 	defaultEtcd.Prefix = "/traefik"
-	defaultEtcd.TLS = &provider.KvTLS{}
 	defaultEtcd.Constraints = []types.Constraint{}
 
 	//default Zookeeper
@@ -272,7 +272,7 @@ func NewTraefikDefaultPointersConfiguration() *TraefikConfiguration {
 	//default Kubernetes
 	var defaultKubernetes provider.Kubernetes
 	defaultKubernetes.Watch = true
-	defaultKubernetes.Endpoint = "127.0.0.1:8080"
+	defaultKubernetes.Endpoint = "http://127.0.0.1:8080"
 	defaultKubernetes.Constraints = []types.Constraint{}
 
 	defaultConfiguration := GlobalConfiguration{
@@ -286,7 +286,7 @@ func NewTraefikDefaultPointersConfiguration() *TraefikConfiguration {
 		Zookeeper:     &defaultZookeeper,
 		Boltdb:        &defaultBoltDb,
 		Kubernetes:    &defaultKubernetes,
-		Retry:         &Retry{MaxMem: 2},
+		Retry:         &Retry{},
 	}
 	return &TraefikConfiguration{
 		GlobalConfiguration: defaultConfiguration,

docs/basics.md

@@ -50,8 +50,8 @@ Here is an example of entrypoints definition:
 ```
 
 - Two entrypoints are defined `http` and `https`.
-- `http` listens on port `80` et `https` on port `443`.
-- We enable SSL en `https` by giving a certificate and a key.
+- `http` listens on port `80` and `https` on port `443`.
+- We enable SSL on `https` by giving a certificate and a key.
 - We also redirect all the traffic from entrypoint `http` to `https`.
 
 ## Frontends
@@ -90,13 +90,52 @@ Here is an example of frontends definition:
     rule = "Host: localhost, {subdomain:[a-z]+}.localhost"
   [frontends.frontend3]
   backend = "backend2"
+    [frontends.frontend3.routes.test_1]
     rule = "Host: test3.localhost;Path:/test"
 ```
 
 - Three frontends are defined: `frontend1`, `frontend2` and `frontend3`
 - `frontend1` will forward the traffic to the `backend2` if the rule `Host: test.localhost, test2.localhost` is matched
 - `frontend2` will forward the traffic to the `backend1` if the rule `Host: localhost, {subdomain:[a-z]+}.localhost` is matched (forwarding client `Host` header to the backend)
-- `frontend3` will forward the traffic to the `backend2` if the rules `Host: test3.localhost` and `Path:/test` are matched
+- `frontend3` will forward the traffic to the `backend2` if the rules `Host: test3.localhost` **and** `Path:/test` are matched
+
+### Combining multiple rules
+
+As seen in the previous example, you can combine multiple rules.
+In TOML file, you can use multiple routes:
+
+```toml
+  [frontends.frontend3]
+  backend = "backend2"
+    [frontends.frontend3.routes.test_1]
+    rule = "Host: test3.localhost"
+    [frontends.frontend3.routes.test_2]
+    rule = "Host: Path:/test"
+```
+
+Here `frontend3` will forward the traffic to the `backend2` if the rules `Host: test3.localhost` **and** `Path:/test` are matched.
+You can also use the notation using a `;` separator:
+
+```toml
+  [frontends.frontend3]
+  backend = "backend2"
+    [frontends.frontend3.routes.test_1]
+    rule = "Host: test3.localhost;Path:/test"
+```
+
+Finally, you can create a rule to bind multiple domains or Path to a frontend, using the `,` separator:
+
+```toml
+ [frontends.frontend2]
+    [frontends.frontend2.routes.test_1]
+    rule = "Host: test1.localhost,Host: test2.localhost"
+  [frontends.frontend3]
+  backend = "backend2"
+    [frontends.frontend3.routes.test_1]
+    rule = "Path:/test1,/test2"
+```
+
+### Priorities
 
 By default, routes will be sorted using rules length (to avoid path overlap):
 `PathPrefix:/12345` will be matched before `PathPrefix:/1234` that will be matched before `PathPrefix:/1`.

docs/toml.md

@@ -110,13 +110,6 @@
 # Default: (number servers in backend) -1
 #
 # attempts = 3
-
-# Sets the maximum request body to be stored in memory in Mo
-#
-# Optional
-# Default: 2
-#
-# maxMem = 3
 ```
 
 ## ACME (Let's Encrypt) configuration
@@ -141,7 +134,13 @@
 email = "test@traefik.io"
 
 # File used for certificates storage.
-# WARNING, if you use Traefik in Docker, don't forget to mount this file as a volume.
+# WARNING, if you use Traefik in Docker, you have 2 options:
+#  - create a file on your host and mount it has a volume
+#      storageFile = "acme.json"
+#      $ docker run -v "/my/host/acme.json:acme.json" traefik
+#  - mount the folder containing the file has a volume
+#      storageFile = "/etc/traefik/acme/acme.json"
+#      $ docker run -v "/my/host/acme:/etc/traefik/acme" traefik
 #
 # Required
 #
@@ -195,51 +194,6 @@ entryPoint = "https"
    main = "local4.com"
 ```
 
-## Constraints
-
-In a micro-service architecture, with a central service discovery, setting constraints limits Træfɪk scope to a smaller number of routes.
-
-Træfɪk filters services according to service attributes/tags set in your configuration backends.
-
-Supported backends:
-
-- Consul Catalog
-
-Supported filters:
-
-- ```tag```
-
-```
-# Constraints definition
-
-#
-# Optional
-#
-
-# Simple matching constraint
-# constraints = ["tag==api"]
-
-# Simple mismatching constraint
-# constraints = ["tag!=api"]
-
-# Globbing
-# constraints = ["tag==us-*"]
-
-# Backend-specific constraint
-# [consulCatalog]
-#   endpoint = 127.0.0.1:8500
-#   constraints = ["tag==api"]
-
-# Multiple constraints
-#   - "tag==" must match with at least one tag
-#   - "tag!=" must match with none of tags
-# constraints = ["tag!=us-*", "tag!=asia-*"]
-# [consulCatalog]
-#   endpoint = 127.0.0.1:8500
-#   constraints = ["tag==api", "tag!=v*-beta"]
-```
-
-
 # Configuration backends
 
 ## File backend
@@ -587,7 +541,6 @@ Labels can be used on containers to override default behaviour:
 - `traefik.frontend.passHostHeader=true`: forward client `Host` header to the backend.
 - `traefik.frontend.priority=10`: override default frontend priority
 - `traefik.frontend.entryPoints=http,https`: assign this frontend to entry points `http` and `https`. Overrides `defaultEntryPoints`.
-- `traefik.domain=traefik.localhost`: override the default domain
 - `traefik.docker.network`: Set the docker network to use for connections to this container
 
 
@@ -622,7 +575,6 @@ endpoint = "http://127.0.0.1:8080"
 watch = true
 
 # Default domain used.
-# Can be overridden by setting the "traefik.domain" label on an application.
 #
 # Required
 #
@@ -664,6 +616,12 @@ domain = "marathon.localhost"
 #
 # [marathon.TLS]
 # InsecureSkipVerify = true
+
+# DCOSToken for DCOS environment, This will override the Authorization header
+#
+# Optional
+#
+# dcosToken = "xxxxxx"
 ```
 
 Labels can be used on containers to override default behaviour:
@@ -678,7 +636,6 @@ Labels can be used on containers to override default behaviour:
 - `traefik.frontend.passHostHeader=true`: forward client `Host` header to the backend.
 - `traefik.frontend.priority=10`: override default frontend priority
 - `traefik.frontend.entryPoints=http,https`: assign this frontend to entry points `http` and `https`. Overrides `defaultEntryPoints`.
-- `traefik.domain=traefik.localhost`: override the default domain
 
 
 ## Kubernetes Ingress backend
@@ -800,13 +757,6 @@ domain = "consul.localhost"
 # Optional
 #
 prefix = "traefik"
-
-# Constraint on Consul catalog tags
-#
-# Optional
-#
-constraints = ["tag==api", "tag==he*ld"]
-# Matching with containers having this tag: "traefik.tags=api,helloworld"
 ```
 
 This backend will create routes matching on hostname based on the service name

examples/compose-consul.yml

@@ -1,21 +1,25 @@
-consul:
-  image: progrium/consul
-  command: -server -bootstrap -advertise 12.0.0.254 -log-level debug -ui-dir /ui
-  ports:
-    - "8400:8400"
-    - "8500:8500"
-    - "8600:53/udp"
-  expose:
-    - "8300"
-    - "8301"
-    - "8301/udp"
-    - "8302"
-    - "8302/udp"
+version: '2'
+services:
+  consul:
+    image: progrium/consul
+    command: -server -bootstrap -advertise 12.0.0.254 -log-level debug -ui-dir /ui
+    ports:
+      - "8400:8400"
+      - "8500:8500"
+      - "8600:53/udp"
+    expose:
+      - "8300"
+      - "8301"
+      - "8301/udp"
+      - "8302"
+      - "8302/udp"
 
-registrator:
-  image: gliderlabs/registrator:master
-  command: -internal consulkv://consul:8500/traefik
-  volumes:
-    - /var/run/docker.sock:/tmp/docker.sock
-  links:
-    - consul
+  registrator:
+    depends_on:
+      - consul
+    image: gliderlabs/registrator:master
+    command: -internal consul://consul:8500
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock
+    links:
+      - consul

glide.lock

@@ -1,8 +1,8 @@
-hash: 5a6dbc30a69abd002736bd5113e0f783c448faee20a0791c724ec2c3c1cfb8bb
-updated: 2016-06-03T18:11:43.839017153+02:00
+hash: 22c20a7d7419e9624267d7f0041cd8ad87afc876d2738fa559527c74f9917c3a
+updated: 2016-07-05T14:48:30.023831407+02:00
 imports:
 - name: github.com/boltdb/bolt
-  version: dfb21201d9270c1082d5fb0f07f500311ff72f18
+  version: 3f7947a25d970e1e5f512276c14d5dcf731ccd5e
 - name: github.com/BurntSushi/toml
   version: f0aeabca5a127c4078abb8c8d64298b147264b55
 - name: github.com/BurntSushi/ty
@@ -10,26 +10,17 @@ imports:
   subpackages:
   - fun
 - name: github.com/cenkalti/backoff
-  version: a6030178a585d5972d4d33ce61f4a1fa40eaaed0
+  version: cdf48bbc1eb78d1349cbda326a4a037f7ba565c6
 - name: github.com/codahale/hdrhistogram
   version: 9208b142303c12d8899bae836fd524ac9338b4fd
 - name: github.com/codegangsta/cli
   version: bf4a526f48af7badd25d2cb02d587e1b01be3b50
 - name: github.com/codegangsta/negroni
-  version: feacfc52d357c844f524c794947493483ed881b3
+  version: dcaac9107a7a6ba4cf5143afc145e2b70a1c12c2
 - name: github.com/containous/flaeg
   version: b98687da5c323650f4513fda6b6203fcbdec9313
 - name: github.com/containous/mux
   version: a819b77bba13f0c0cbe36e437bc2e948411b3996
-- name: github.com/containous/oxy
-  version: 183212964e13e7b8afe01a08b193d04300554a68
-  subpackages:
-  - cbreaker
-  - connlimit
-  - forward
-  - roundrobin
-  - stream
-  - utils
 - name: github.com/containous/staert
   version: e2aa88e235a02dd52aa1d5d9de75f9d9139d1602
 - name: github.com/coreos/etcd
@@ -45,7 +36,7 @@ imports:
   subpackages:
   - spew
 - name: github.com/docker/distribution
-  version: feddf6cd4e439577ab270d8e3ba63a5d7c5c0d55
+  version: 4e17ab5d319ac5b70b2769442947567a83386fbc
   subpackages:
   - reference
   - digest
@@ -71,17 +62,17 @@ imports:
   - types/blkiodev
   - types/strslice
 - name: github.com/docker/go-connections
-  version: c7838b258fbfa3fe88eecfb2a0e08ea0dbd6a646
+  version: 990a1a1a70b0da4c4cb70e117971a4f0babfbf1a
   subpackages:
   - sockets
   - tlsconfig
   - nat
 - name: github.com/docker/go-units
-  version: 09dda9d4b0d748c57c14048906d3d094a58ec0c9
+  version: f2d77a61e3c169b43402a0a1e84f06daf29b8190
 - name: github.com/docker/libcompose
   version: 8ee7bcc364f7b8194581a3c6bd9fa019467c7873
 - name: github.com/docker/libkv
-  version: 7283ef27ed32fe267388510a91709b307bb9942c
+  version: 35d3e2084c650109e7bcc7282655b1bc8ba924ff
   subpackages:
   - store
   - store/boltdb
@@ -93,7 +84,7 @@ imports:
 - name: github.com/elazarl/go-bindata-assetfs
   version: 57eb5e1fc594ad4b0b1dbea7b286d299e0cb43c2
 - name: github.com/gambol99/go-marathon
-  version: ade11d1dc2884ee1f387078fc28509559b6235d1
+  version: a558128c87724cd7430060ef5aedf39f83937f55
 - name: github.com/go-check/check
   version: 4f90aeace3a26ad7021961c297b22c42160c7b25
 - name: github.com/google/go-querystring
@@ -103,13 +94,13 @@ imports:
 - name: github.com/gorilla/context
   version: aed02d124ae4a0e94fea4541c8effd05bf0c8296
 - name: github.com/hashicorp/consul
-  version: 802b29ab948dedb7f7b1b903f535bdf250388c50
+  version: 6e061b2d580d80347b7c5c4dfc8730de7403a145
   subpackages:
   - api
 - name: github.com/hashicorp/go-cleanhttp
   version: 875fb671b3ddc66f8e2f0acc33829c8cb989a38d
 - name: github.com/hashicorp/serf
-  version: e4ec8cc423bbe20d26584b96efbeb9102e16d05f
+  version: 6c4672d66fc6312ddde18399262943e21175d831
   subpackages:
   - coordinate
   - serf
@@ -117,30 +108,26 @@ imports:
   version: 3b5eb2973efff7af33cfb65141deaf4ed25c6d02
 - name: github.com/libkermit/docker-check
   version: bb75a86b169c6c5d22c0ee98278124036f272d7b
-- name: github.com/mailgun/log
-  version: 2f35a4607f1abf71f97f77f99b0de8493ef6f4ef
 - name: github.com/mailgun/manners
   version: fada45142db3f93097ca917da107aa3fad0ffcb5
-- name: github.com/mailgun/multibuf
-  version: 565402cd71fbd9c12aa7e295324ea357e970a61e
 - name: github.com/mailgun/timetools
   version: fd192d755b00c968d312d23f521eb0cdc6f66bd0
 - name: github.com/mattn/go-shellwords
   version: 525bedee691b5a8df547cb5cf9f86b7fb1883e24
 - name: github.com/Microsoft/go-winio
-  version: 4f1a71750d95a5a8a46c40a67ffbed8129c2f138
+  version: ce2922f643c8fd76b46cadc7f404a06282678b34
 - name: github.com/miekg/dns
-  version: 48ab6605c66ac797e07f615101c3e9e10e932b66
+  version: 5d001d020961ae1c184f9f8152fdc73810481677
 - name: github.com/moul/http2curl
   version: b1479103caacaa39319f75e7f57fc545287fca0d
 - name: github.com/ogier/pflag
   version: 45c278ab3607870051a2ea9040bb85fcb8557481
 - name: github.com/opencontainers/runc
-  version: 3211c9f721237f55a16da9c111e3d7e8777e53b5
+  version: 7221e387826c9918fa9fd6e7975baf4d30c8fa54
   subpackages:
   - libcontainer/user
 - name: github.com/parnurzeal/gorequest
-  version: f17fef20c518e688f4edb3eb2af148462ecab3ef
+  version: 6e8ad4ebdee4bec2934ed5afaaa1c7b877832a17
 - name: github.com/pmezard/go-difflib
   version: d8ed2627bdf02c080bf22230dbb337003b7aba2d
   subpackages:
@@ -148,7 +135,7 @@ imports:
 - name: github.com/ryanuber/go-glob
   version: 572520ed46dbddaed19ea3d9541bdd0494163693
 - name: github.com/samuel/go-zookeeper
-  version: 4b20de542e40ed2b89d65ae195fc20a330919b92
+  version: e64db453f3512cade908163702045e0f31137843
   subpackages:
   - zk
 - name: github.com/Sirupsen/logrus
@@ -158,7 +145,7 @@ imports:
 - name: github.com/stretchr/objx
   version: cbeaeb16a013161a98496fad62933b1d21786672
 - name: github.com/stretchr/testify
-  version: 8d64eb7173c7753d6419fd4a9caf057398611364
+  version: d77da356e56a7428ad25149ca77381849a6a5232
   subpackages:
   - mock
   - assert
@@ -171,26 +158,34 @@ imports:
 - name: github.com/vdemeester/shakers
   version: 24d7f1d6a71aa5d9cbe7390e4afb66b7eef9e1b3
 - name: github.com/vulcand/oxy
-  version: 11677428db34c4a05354d66d028174d0e3c6e905
+  version: 8d476862d38b9be356eaa83b5712cad561be08a1
+  repo: https://github.com/containous/oxy.git
+  vcs: git
   subpackages:
-  - memmetrics
+  - cbreaker
+  - connlimit
+  - forward
+  - roundrobin
+  - stream
   - utils
+  - memmetrics
 - name: github.com/vulcand/predicate
-  version: cb0bff91a7ab7cf7571e661ff883fc997bc554a3
+  version: 19b9dde14240d94c804ae5736ad0e1de10bf8fe6
 - name: github.com/vulcand/route
   version: cb89d787ddbb1c5849a7ac9f79004c1fd12a4a32
 - name: github.com/vulcand/vulcand
-  version: 475540bb016702d5b7cc4674e37f48ee3e144a69
+  version: 42492a3a85e294bdbdd1bcabb8c12769a81ea284
   subpackages:
   - plugin/rewrite
   - plugin
+  - conntracker
   - router
 - name: github.com/xenolf/lego
-  version: 30a7a8e8821de3532192d1240a45e53c6204f603
+  version: b2fad6198110326662e9e356a97199078a4a775c
   subpackages:
   - acme
 - name: golang.org/x/crypto
-  version: 5bcd134fee4dd1475da17714aac19c0aa0142e2f
+  version: 0c565bf13221fb55497d7ae2bb95694db1fd1bff
   subpackages:
   - ocsp
 - name: golang.org/x/net
@@ -205,9 +200,9 @@ imports:
   - unix
   - windows
 - name: gopkg.in/fsnotify.v1
-  version: 30411dbcefb7a1da7e84f75530ad3abe4011b4f8
+  version: a8a77c9133d2d6fd8334f3260d06f60e8d80a5fb
 - name: gopkg.in/mgo.v2
-  version: b6e2fa371e64216a45e61072a96d4e3859f169da
+  version: 29cc868a5ca65f401ff318143f9408d02f4799cc
   subpackages:
   - bson
 - name: gopkg.in/square/go-jose.v1

glide.yaml

@@ -9,7 +9,10 @@ import:
 - package: github.com/codegangsta/negroni
 - package: github.com/containous/flaeg
   version: b98687da5c323650f4513fda6b6203fcbdec9313
-- package: github.com/containous/oxy
+- package: github.com/vulcand/oxy
+  version: 8d476862d38b9be356eaa83b5712cad561be08a1
+  repo: https://github.com/containous/oxy.git
+  vcs: git
   subpackages:
   - cbreaker
   - connlimit
@@ -39,7 +42,7 @@ import:
   - store/zookeeper
 - package: github.com/elazarl/go-bindata-assetfs
 - package: github.com/gambol99/go-marathon
-  version: ade11d1dc2884ee1f387078fc28509559b6235d1
+  version: a558128c87724cd7430060ef5aedf39f83937f55
 - package: github.com/containous/mux
 - package: github.com/hashicorp/consul
   subpackages:
@@ -53,10 +56,12 @@ import:
 - package: github.com/thoas/stats
 - package: github.com/unrolled/render
 - package: github.com/vdemeester/docker-events
+  version: 20e6d2db238723e68197a9e3c6c34c99a9893a9c
 - package: github.com/vulcand/vulcand
   subpackages:
   - plugin/rewrite
 - package: github.com/xenolf/lego
+  version: b2fad6198110326662e9e356a97199078a4a775c
   subpackages:
   - acme
 - package: golang.org/x/net

middlewares/cbreaker.go

@@ -3,7 +3,7 @@ package middlewares
 import (
 	"net/http"
 
-	"github.com/containous/oxy/cbreaker"
+	"github.com/vulcand/oxy/cbreaker"
 )
 
 // CircuitBreaker holds the oxy circuit breaker.
@@ -12,9 +12,12 @@ type CircuitBreaker struct {
 }
 
 // NewCircuitBreaker returns a new CircuitBreaker.
-func NewCircuitBreaker(next http.Handler, expression string, options ...cbreaker.CircuitBreakerOption) *CircuitBreaker {
-	circuitBreaker, _ := cbreaker.New(next, expression, options...)
-	return &CircuitBreaker{circuitBreaker}
+func NewCircuitBreaker(next http.Handler, expression string, options ...cbreaker.CircuitBreakerOption) (*CircuitBreaker, error) {
+	circuitBreaker, err := cbreaker.New(next, expression, options...)
+	if err != nil {
+		return nil, err
+	}
+	return &CircuitBreaker{circuitBreaker}, nil
 }
 
 func (cb *CircuitBreaker) ServeHTTP(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc) {

middlewares/retry.go

@@ -0,0 +1,92 @@
+package middlewares
+
+import (
+	"bufio"
+	"bytes"
+	log "github.com/Sirupsen/logrus"
+	"github.com/vulcand/oxy/utils"
+	"net"
+	"net/http"
+)
+
+// Retry is a middleware that retries requests
+type Retry struct {
+	attempts int
+	next     http.Handler
+}
+
+// NewRetry returns a new Retry instance
+func NewRetry(attempts int, next http.Handler) *Retry {
+	return &Retry{
+		attempts: attempts,
+		next:     next,
+	}
+}
+
+func (retry *Retry) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	attempts := 1
+	for {
+		recorder := NewRecorder()
+		recorder.responseWriter = rw
+		retry.next.ServeHTTP(recorder, r)
+		if !isNetworkError(recorder.Code) || attempts >= retry.attempts {
+			utils.CopyHeaders(rw.Header(), recorder.Header())
+			rw.WriteHeader(recorder.Code)
+			rw.Write(recorder.Body.Bytes())
+			break
+		}
+		attempts++
+		log.Debugf("New attempt %d for request: %v", attempts, r.URL)
+	}
+}
+
+func isNetworkError(status int) bool {
+	return status == http.StatusBadGateway || status == http.StatusGatewayTimeout
+}
+
+// ResponseRecorder is an implementation of http.ResponseWriter that
+// records its mutations for later inspection in tests.
+type ResponseRecorder struct {
+	Code      int           // the HTTP response code from WriteHeader
+	HeaderMap http.Header   // the HTTP response headers
+	Body      *bytes.Buffer // if non-nil, the bytes.Buffer to append written data to
+
+	responseWriter http.ResponseWriter
+}
+
+// NewRecorder returns an initialized ResponseRecorder.
+func NewRecorder() *ResponseRecorder {
+	return &ResponseRecorder{
+		HeaderMap: make(http.Header),
+		Body:      new(bytes.Buffer),
+		Code:      200,
+	}
+}
+
+// Header returns the response headers.
+func (rw *ResponseRecorder) Header() http.Header {
+	m := rw.HeaderMap
+	if m == nil {
+		m = make(http.Header)
+		rw.HeaderMap = m
+	}
+	return m
+}
+
+// Write always succeeds and writes to rw.Body, if not nil.
+func (rw *ResponseRecorder) Write(buf []byte) (int, error) {
+	if rw.Body != nil {
+		return rw.Body.Write(buf)
+	}
+	return 0, nil
+}
+
+// WriteHeader sets rw.Code.
+func (rw *ResponseRecorder) WriteHeader(code int) {
+	rw.Code = code
+}
+
+// Hijack hijacks the connection
+func (rw *ResponseRecorder) Hijack() (net.Conn, *bufio.ReadWriter, error) {
+	return rw.responseWriter.(http.Hijacker).Hijack()
+}

mocks/Marathon.go

@@ -169,13 +169,13 @@ func (_m *Marathon) DeleteApplication(name string) (*marathon.DeploymentID, erro
 	return r0, r1
 }
 
-// UpdateApplication provides a mock function with given fields: application
-func (_m *Marathon) UpdateApplication(application *marathon.Application) (*marathon.DeploymentID, error) {
-	ret := _m.Called(application)
+// UpdateApplication provides a mock function with given fields: application, force
+func (_m *Marathon) UpdateApplication(application *marathon.Application, force bool) (*marathon.DeploymentID, error) {
+	ret := _m.Called(application, force)
 
 	var r0 *marathon.DeploymentID
-	if rf, ok := ret.Get(0).(func(*marathon.Application) *marathon.DeploymentID); ok {
-		r0 = rf(application)
+	if rf, ok := ret.Get(0).(func(*marathon.Application, bool) *marathon.DeploymentID); ok {
+		r0 = rf(application, force)
 	} else {
 		if ret.Get(0) != nil {
 			r0 = ret.Get(0).(*marathon.DeploymentID)
@@ -183,8 +183,8 @@ func (_m *Marathon) UpdateApplication(application *marathon.Application) (*marat
 	}
 
 	var r1 error
-	if rf, ok := ret.Get(1).(func(*marathon.Application) error); ok {
-		r1 = rf(application)
+	if rf, ok := ret.Get(1).(func(*marathon.Application, bool) error); ok {
+		r1 = rf(application, force)
 	} else {
 		r1 = ret.Error(1)
 	}
@@ -307,6 +307,29 @@ func (_m *Marathon) Application(name string) (*marathon.Application, error) {
 	return r0, r1
 }
 
+// ApplicationByVersion provides a mock function with given fields: name, version
+func (_m *Marathon) ApplicationByVersion(name string, version string) (*marathon.Application, error) {
+	ret := _m.Called(name, version)
+
+	var r0 *marathon.Application
+	if rf, ok := ret.Get(0).(func(string, string) *marathon.Application); ok {
+		r0 = rf(name, version)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Application)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, string) error); ok {
+		r1 = rf(name, version)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
 // WaitOnApplication provides a mock function with given fields: name, timeout
 func (_m *Marathon) WaitOnApplication(name string, timeout time.Duration) error {
 	ret := _m.Called(name, timeout)

provider/consul_catalog.go

@@ -2,6 +2,7 @@ package provider
 
 import (
 	"errors"
+	"sort"
 	"strconv"
 	"strings"
 	"text/template"
@@ -41,6 +42,35 @@ type catalogUpdate struct {
 	Nodes   []*api.ServiceEntry
 }
 
+type nodeSorter []*api.ServiceEntry
+
+func (a nodeSorter) Len() int {
+	return len(a)
+}
+
+func (a nodeSorter) Swap(i int, j int) {
+	a[i], a[j] = a[j], a[i]
+}
+
+func (a nodeSorter) Less(i int, j int) bool {
+	lentr := a[i]
+	rentr := a[j]
+
+	ls := strings.ToLower(lentr.Service.Service)
+	lr := strings.ToLower(rentr.Service.Service)
+
+	if ls != lr {
+		return ls < lr
+	}
+	if lentr.Service.Address != rentr.Service.Address {
+		return lentr.Service.Address < rentr.Service.Address
+	}
+	if lentr.Node.Address != rentr.Node.Address {
+		return lentr.Node.Address < rentr.Node.Address
+	}
+	return lentr.Service.Port < rentr.Service.Port
+}
+
 func (provider *ConsulCatalog) watchServices(stopCh <-chan struct{}) <-chan map[string][]string {
 	watchCh := make(chan map[string][]string)
 
@@ -139,7 +169,7 @@ func (provider *ConsulCatalog) getBackendAddress(node *api.ServiceEntry) string
 }
 
 func (provider *ConsulCatalog) getBackendName(node *api.ServiceEntry, index int) string {
-	serviceName := node.Service.Service + "--" + node.Service.Address + "--" + strconv.Itoa(node.Service.Port)
+	serviceName := strings.ToLower(node.Service.Service) + "--" + node.Service.Address + "--" + strconv.Itoa(node.Service.Port)
 
 	for _, tag := range node.Service.Tags {
 		serviceName += "--" + normalize(tag)
@@ -200,6 +230,8 @@ func (provider *ConsulCatalog) buildConfig(catalog []catalogUpdate) *types.Confi
 
 		}
 	}
+	// Ensure a stable ordering of nodes so that identical configurations may be detected
+	sort.Sort(nodeSorter(allNodes))
 
 	templateObjects := struct {
 		Services []*serviceUpdate

provider/consul_catalog_test.go

@@ -2,6 +2,7 @@ package provider
 
 import (
 	"reflect"
+	"sort"
 	"testing"
 
 	"github.com/containous/traefik/types"
@@ -274,3 +275,195 @@ func TestConsulCatalogBuildConfig(t *testing.T) {
 		}
 	}
 }
+
+func TestConsulCatalogNodeSorter(t *testing.T) {
+	cases := []struct {
+		nodes    []*api.ServiceEntry
+		expected []*api.ServiceEntry
+	}{
+		{
+			nodes:    []*api.ServiceEntry{},
+			expected: []*api.ServiceEntry{},
+		},
+		{
+			nodes: []*api.ServiceEntry{
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "127.0.0.1",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.1",
+					},
+				},
+			},
+			expected: []*api.ServiceEntry{
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "127.0.0.1",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.1",
+					},
+				},
+			},
+		},
+		{
+			nodes: []*api.ServiceEntry{
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "127.0.0.2",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "bar",
+						Address: "127.0.0.2",
+						Port:    81,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "127.0.0.1",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.1",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "bar",
+						Address: "127.0.0.2",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+			},
+			expected: []*api.ServiceEntry{
+				{
+					Service: &api.AgentService{
+						Service: "bar",
+						Address: "127.0.0.2",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "bar",
+						Address: "127.0.0.2",
+						Port:    81,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "127.0.0.1",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.1",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "127.0.0.2",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+			},
+		},
+		{
+			nodes: []*api.ServiceEntry{
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.1",
+					},
+				},
+			},
+			expected: []*api.ServiceEntry{
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.1",
+					},
+				},
+				{
+					Service: &api.AgentService{
+						Service: "foo",
+						Address: "",
+						Port:    80,
+					},
+					Node: &api.Node{
+						Node:    "localhost",
+						Address: "127.0.0.2",
+					},
+				},
+			},
+		},
+	}
+
+	for _, c := range cases {
+		sort.Sort(nodeSorter(c.nodes))
+		actual := c.nodes
+		if !reflect.DeepEqual(actual, c.expected) {
+			t.Fatalf("expected %q, got %q", c.expected, actual)
+		}
+	}
+}

provider/docker.go

@@ -91,9 +91,11 @@ func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage, po
 				log.Errorf("Failed to create a client for docker, error: %s", err)
 				return err
 			}
-			version, err := dockerClient.ServerVersion(context.Background())
+
+			ctx := context.Background()
+			version, err := dockerClient.ServerVersion(ctx)
 			log.Debugf("Docker connection established with docker %s (API %s)", version.Version, version.APIVersion)
-			containers, err := listContainers(dockerClient)
+			containers, err := listContainers(ctx, dockerClient)
 			if err != nil {
 				log.Errorf("Failed to list containers for docker, error %s", err)
 				return err
@@ -104,7 +106,16 @@ func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage, po
 				Configuration: configuration,
 			}
 			if provider.Watch {
-				ctx, cancel := context.WithCancel(context.Background())
+				ctx, cancel := context.WithCancel(ctx)
+				pool.Go(func(stop chan bool) {
+					for {
+						select {
+						case <-stop:
+							cancel()
+							return
+						}
+					}
+				})
 				f := filters.NewArgs()
 				f.Add("type", "container")
 				options := dockertypes.EventsOptions{
@@ -113,11 +124,12 @@ func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage, po
 				eventHandler := events.NewHandler(events.ByAction)
 				startStopHandle := func(m eventtypes.Message) {
 					log.Debugf("Docker event received %+v", m)
-					containers, err := listContainers(dockerClient)
+					containers, err := listContainers(ctx, dockerClient)
 					if err != nil {
 						log.Errorf("Failed to list containers for docker, error %s", err)
 						// Call cancel to get out of the monitor
 						cancel()
+						return
 					}
 					configuration := provider.loadDockerConfig(containers)
 					if configuration != nil {
@@ -131,15 +143,6 @@ func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage, po
 				eventHandler.Handle("die", startStopHandle)
 
 				errChan := events.MonitorWithHandler(ctx, dockerClient, options, eventHandler)
-				pool.Go(func(stop chan bool) {
-					for {
-						select {
-						case <-stop:
-							cancel()
-							return
-						}
-					}
-				})
 				if err := <-errChan; err != nil {
 					return err
 				}
@@ -174,11 +177,12 @@ func (provider *Docker) loadDockerConfig(containersInspected []dockertypes.Conta
 	}
 
 	// filter containers
-	filteredContainers := fun.Filter(containerFilter, containersInspected).([]dockertypes.ContainerJSON)
+	filteredContainers := fun.Filter(provider.ContainerFilter, containersInspected).([]dockertypes.ContainerJSON)
 
 	frontends := map[string][]dockertypes.ContainerJSON{}
 	for _, container := range filteredContainers {
-		frontends[provider.getFrontendName(container)] = append(frontends[provider.getFrontendName(container)], container)
+		frontendName := provider.getFrontendName(container)
+		frontends[frontendName] = append(frontends[frontendName], container)
 	}
 
 	templateObjects := struct {
@@ -198,7 +202,8 @@ func (provider *Docker) loadDockerConfig(containersInspected []dockertypes.Conta
 	return configuration
 }
 
-func containerFilter(container dockertypes.ContainerJSON) bool {
+// ContainerFilter checks if container have to be exposed
+func (provider *Docker) ContainerFilter(container dockertypes.ContainerJSON) bool {
 	_, err := strconv.Atoi(container.Config.Labels["traefik.port"])
 	if len(container.NetworkSettings.Ports) == 0 && err != nil {
 		log.Debugf("Filtering container without port and no traefik.port label %s", container.Name)
@@ -214,6 +219,14 @@ func containerFilter(container dockertypes.ContainerJSON) bool {
 		return false
 	}
 
+	constraintTags := strings.Split(container.Config.Labels["traefik.tags"], ",")
+	if ok, failingConstraint := provider.MatchConstraints(constraintTags); !ok {
+		if failingConstraint != nil {
+			log.Debugf("Container %v pruned by '%v' constraint", container.Name, failingConstraint.String())
+		}
+		return false
+	}
+
 	return true
 }
 
@@ -257,6 +270,13 @@ func (provider *Docker) getIPAddress(container dockertypes.ContainerJSON) string
 			}
 		}
 	}
+
+	// If net==host, quick n' dirty, we return 127.0.0.1
+	// This will work locally, but will fail with swarm.
+	if container.HostConfig != nil && "host" == container.HostConfig.NetworkMode {
+		return "127.0.0.1"
+	}
+
 	for _, network := range container.NetworkSettings.Networks {
 		return network.IPAddress
 	}
@@ -340,8 +360,8 @@ func getLabels(container dockertypes.ContainerJSON, labels []string) (map[string
 	return foundLabels, globalErr
 }
 
-func listContainers(dockerClient client.APIClient) ([]dockertypes.ContainerJSON, error) {
-	containerList, err := dockerClient.ContainerList(context.Background(), dockertypes.ContainerListOptions{})
+func listContainers(ctx context.Context, dockerClient client.APIClient) ([]dockertypes.ContainerJSON, error) {
+	containerList, err := dockerClient.ContainerList(ctx, dockertypes.ContainerListOptions{})
 	if err != nil {
 		return []dockertypes.ContainerJSON{}, err
 	}
@@ -349,11 +369,12 @@ func listContainers(dockerClient client.APIClient) ([]dockertypes.ContainerJSON,
 
 	// get inspect containers
 	for _, container := range containerList {
-		containerInspected, err := dockerClient.ContainerInspect(context.Background(), container.ID)
+		containerInspected, err := dockerClient.ContainerInspect(ctx, container.ID)
 		if err != nil {
-			log.Warnf("Failed to inpsect container %s, error: %s", container.ID, err)
+			log.Warnf("Failed to inspect container %s, error: %s", container.ID, err)
+		} else {
+			containersInspected = append(containersInspected, containerInspected)
 		}
-		containersInspected = append(containersInspected, containerInspected)
 	}
 	return containersInspected, nil
 }

provider/docker_test.go

@@ -269,6 +269,30 @@ func TestDockerGetIPAddress(t *testing.T) { // TODO
 			},
 			expected: "10.11.12.14",
 		},
+		{
+			container: docker.ContainerJSON{
+				ContainerJSONBase: &docker.ContainerJSONBase{
+					Name: "bar",
+					HostConfig: &container.HostConfig{
+						NetworkMode: "host",
+					},
+				},
+				Config: &container.Config{
+					Labels: map[string]string{},
+				},
+				NetworkSettings: &docker.NetworkSettings{
+					Networks: map[string]*network.EndpointSettings{
+						"testnet1": {
+							IPAddress: "10.11.12.13",
+						},
+						"testnet2": {
+							IPAddress: "10.11.12.14",
+						},
+					},
+				},
+			},
+			expected: "127.0.0.1",
+		},
 	}
 
 	for _, e := range containers {
@@ -621,6 +645,7 @@ func TestDockerGetLabels(t *testing.T) {
 }
 
 func TestDockerTraefikFilter(t *testing.T) {
+	provider := Docker{}
 	containers := []struct {
 		container docker.ContainerJSON
 		expected  bool
@@ -792,7 +817,7 @@ func TestDockerTraefikFilter(t *testing.T) {
 	}
 
 	for _, e := range containers {
-		actual := containerFilter(e.container)
+		actual := provider.ContainerFilter(e.container)
 		if actual != e.expected {
 			t.Fatalf("expected %v for %+v, got %+v", e.expected, e, actual)
 		}

provider/kubernetes.go

@@ -10,6 +10,7 @@ import (
 	"io"
 	"io/ioutil"
 	"os"
+	"reflect"
 	"strconv"
 	"strings"
 	"text/template"
@@ -53,6 +54,7 @@ type Kubernetes struct {
 	Endpoint               string     `description:"Kubernetes server endpoint"`
 	DisablePassHostHeaders bool       `description:"Kubernetes disable PassHost Headers"`
 	Namespaces             Namespaces `description:"Kubernetes namespaces"`
+	lastConfiguration      safe.Safe
 }
 
 func (provider *Kubernetes) createClient() (k8s.Client, error) {
@@ -124,9 +126,14 @@ func (provider *Kubernetes) Provide(configurationChan chan<- types.ConfigMessage
 						if err != nil {
 							return err
 						}
-						configurationChan <- types.ConfigMessage{
-							ProviderName:  "kubernetes",
-							Configuration: provider.loadConfig(*templateObjects),
+						if reflect.DeepEqual(provider.lastConfiguration.Get(), templateObjects) {
+							log.Debugf("Skipping event from kubernetes %+v", event)
+						} else {
+							provider.lastConfiguration.Set(templateObjects)
+							configurationChan <- types.ConfigMessage{
+								ProviderName:  "kubernetes",
+								Configuration: provider.loadConfig(*templateObjects),
+							}
 						}
 					}
 				}
@@ -146,9 +153,14 @@ func (provider *Kubernetes) Provide(configurationChan chan<- types.ConfigMessage
 	if err != nil {
 		return err
 	}
-	configurationChan <- types.ConfigMessage{
-		ProviderName:  "kubernetes",
-		Configuration: provider.loadConfig(*templateObjects),
+	if reflect.DeepEqual(provider.lastConfiguration.Get(), templateObjects) {
+		log.Debugf("Skipping configuration from kubernetes %+v", templateObjects)
+	} else {
+		provider.lastConfiguration.Set(templateObjects)
+		configurationChan <- types.ConfigMessage{
+			ProviderName:  "kubernetes",
+			Configuration: provider.loadConfig(*templateObjects),
+		}
 	}
 
 	return nil

provider/kv.go

@@ -95,7 +95,7 @@ func (provider *Kv) provide(configurationChan chan<- types.ConfigMessage, pool *
 		cert, err := tls.LoadX509KeyPair(provider.TLS.Cert, provider.TLS.Key)
 
 		if err != nil {
-			return fmt.Errorf("Failed to load keypair. %s", err)
+			return fmt.Errorf("Failed to load TLS keypair: %v", err)
 		}
 
 		storeConfig.TLS = &tls.Config{

provider/marathon.go

@@ -26,6 +26,7 @@ type Marathon struct {
 	Domain             string `description:"Default domain used"`
 	ExposedByDefault   bool   `description:"Expose Marathon apps by default"`
 	GroupsAsSubDomains bool   `description:"Convert Marathon groups to subdomains"`
+	DCOSToken          string `description:"DCOSToken for DCOS environment, This will override the Authorization header"`
 	Basic              *MarathonBasic
 	TLS                *tls.Config
 	marathonClient     marathon.Marathon
@@ -54,6 +55,9 @@ func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage,
 			config.HTTPBasicAuthUser = provider.Basic.HTTPBasicAuthUser
 			config.HTTPBasicPassword = provider.Basic.HTTPBasicPassword
 		}
+		if len(provider.DCOSToken) > 0 {
+			config.DCOSToken = provider.DCOSToken
+		}
 		config.HTTPClient = &http.Client{
 			Transport: &http.Transport{
 				TLSClientConfig: provider.TLS,
@@ -67,7 +71,7 @@ func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage,
 		provider.marathonClient = client
 		update := make(marathon.EventsChannel, 5)
 		if provider.Watch {
-			if err := client.AddEventsListener(update, marathon.EVENTS_APPLICATIONS); err != nil {
+			if err := client.AddEventsListener(update, marathon.EventIDApplications); err != nil {
 				log.Errorf("Failed to register for events, %s", err)
 				return err
 			}
@@ -179,8 +183,8 @@ func taskFilter(task marathon.Task, applications *marathon.Applications, exposed
 	}
 
 	//filter indeterminable task port
-	portIndexLabel := application.Labels["traefik.portIndex"]
-	portValueLabel := application.Labels["traefik.port"]
+	portIndexLabel := (*application.Labels)["traefik.portIndex"]
+	portValueLabel := (*application.Labels)["traefik.port"]
 	if portIndexLabel != "" && portValueLabel != "" {
 		log.Debugf("Filtering marathon task %s specifying both traefik.portIndex and traefik.port labels", task.AppID)
 		return false
@@ -190,14 +194,14 @@ func taskFilter(task marathon.Task, applications *marathon.Applications, exposed
 		return false
 	}
 	if portIndexLabel != "" {
-		index, err := strconv.Atoi(application.Labels["traefik.portIndex"])
+		index, err := strconv.Atoi((*application.Labels)["traefik.portIndex"])
 		if err != nil || index < 0 || index > len(application.Ports)-1 {
 			log.Debugf("Filtering marathon task %s with unexpected value for traefik.portIndex label", task.AppID)
 			return false
 		}
 	}
 	if portValueLabel != "" {
-		port, err := strconv.Atoi(application.Labels["traefik.port"])
+		port, err := strconv.Atoi((*application.Labels)["traefik.port"])
 		if err != nil {
 			log.Debugf("Filtering marathon task %s with unexpected value for traefik.port label", task.AppID)
 			return false
@@ -251,11 +255,11 @@ func getApplication(task marathon.Task, apps []marathon.Application) (marathon.A
 }
 
 func isApplicationEnabled(application marathon.Application, exposedByDefault bool) bool {
-	return exposedByDefault && application.Labels["traefik.enable"] != "false" || application.Labels["traefik.enable"] == "true"
+	return exposedByDefault && (*application.Labels)["traefik.enable"] != "false" || (*application.Labels)["traefik.enable"] == "true"
 }
 
 func (provider *Marathon) getLabel(application marathon.Application, label string) (string, error) {
-	for key, value := range application.Labels {
+	for key, value := range *application.Labels {
 		if key == label {
 			return value, nil
 		}

provider/marathon_test.go

@@ -19,13 +19,17 @@ func newFakeClient(applicationsError bool, applications *marathon.Applications,
 	// create an instance of our test object
 	fakeClient := new(fakeClient)
 	if applicationsError {
-		fakeClient.On("Applications", mock.AnythingOfType("url.Values")).Return(nil, errors.New("error"))
+		fakeClient.On("Applications", mock.Anything).Return(nil, errors.New("error"))
+	} else {
+		fakeClient.On("Applications", mock.Anything).Return(applications, nil)
 	}
-	fakeClient.On("Applications", mock.AnythingOfType("url.Values")).Return(applications, nil)
-	if tasksError {
-		fakeClient.On("AllTasks", mock.AnythingOfType("*marathon.AllTasksOpts")).Return(nil, errors.New("error"))
+	if !applicationsError {
+		if tasksError {
+			fakeClient.On("AllTasks", mock.Anything).Return(nil, errors.New("error"))
+		} else {
+			fakeClient.On("AllTasks", mock.Anything).Return(tasks, nil)
+		}
 	}
-	fakeClient.On("AllTasks", mock.AnythingOfType("*marathon.AllTasksOpts")).Return(tasks, nil)
 	return fakeClient
 }
 
@@ -65,8 +69,9 @@ func TestMarathonLoadConfig(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "/test",
-						Ports: []int{80},
+						ID:     "/test",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
 					},
 				},
 			},
@@ -115,6 +120,7 @@ func TestMarathonLoadConfig(t *testing.T) {
 			marathonClient:   fakeClient,
 		}
 		actualConfig := provider.loadMarathonConfig()
+		fakeClient.AssertExpectations(t)
 		if c.expectedNil {
 			if actualConfig != nil {
 				t.Fatalf("Should have been nil, got %v", actualConfig)
@@ -161,7 +167,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID: "foo",
+						ID:     "foo",
+						Labels: &map[string]string{},
 					},
 				},
 			},
@@ -176,8 +183,9 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "foo",
-						Ports: []int{80, 443},
+						ID:     "foo",
+						Ports:  []int{80, 443},
+						Labels: &map[string]string{},
 					},
 				},
 			},
@@ -194,7 +202,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "foo",
 						Ports: []int{80},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.enable": "false",
 						},
 					},
@@ -213,7 +221,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "specify-port-number",
 						Ports: []int{80, 443},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.port": "80",
 						},
 					},
@@ -232,7 +240,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "specify-unknown-port-number",
 						Ports: []int{80, 443},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.port": "8080",
 						},
 					},
@@ -251,7 +259,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "specify-port-index",
 						Ports: []int{80, 443},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.portIndex": "0",
 						},
 					},
@@ -270,7 +278,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "specify-out-of-range-port-index",
 						Ports: []int{80, 443},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.portIndex": "2",
 						},
 					},
@@ -289,7 +297,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "specify-both-port-index-and-number",
 						Ports: []int{80, 443},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.port":      "443",
 							"traefik.portIndex": "1",
 						},
@@ -307,10 +315,11 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "foo",
-						Ports: []int{80},
-						HealthChecks: []*marathon.HealthCheck{
-							marathon.NewDefaultHealthCheck(),
+						ID:     "foo",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
+						HealthChecks: &[]marathon.HealthCheck{
+							*marathon.NewDefaultHealthCheck(),
 						},
 					},
 				},
@@ -331,10 +340,11 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "foo",
-						Ports: []int{80},
-						HealthChecks: []*marathon.HealthCheck{
-							marathon.NewDefaultHealthCheck(),
+						ID:     "foo",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
+						HealthChecks: &[]marathon.HealthCheck{
+							*marathon.NewDefaultHealthCheck(),
 						},
 					},
 				},
@@ -358,10 +368,11 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "foo",
-						Ports: []int{80},
-						HealthChecks: []*marathon.HealthCheck{
-							marathon.NewDefaultHealthCheck(),
+						ID:     "foo",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
+						HealthChecks: &[]marathon.HealthCheck{
+							*marathon.NewDefaultHealthCheck(),
 						},
 					},
 				},
@@ -377,8 +388,9 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "foo",
-						Ports: []int{80},
+						ID:     "foo",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
 					},
 				},
 			},
@@ -398,10 +410,11 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "foo",
-						Ports: []int{80},
-						HealthChecks: []*marathon.HealthCheck{
-							marathon.NewDefaultHealthCheck(),
+						ID:     "foo",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
+						HealthChecks: &[]marathon.HealthCheck{
+							*marathon.NewDefaultHealthCheck(),
 						},
 					},
 				},
@@ -417,8 +430,9 @@ func TestMarathonTaskFilter(t *testing.T) {
 			applications: &marathon.Applications{
 				Apps: []marathon.Application{
 					{
-						ID:    "disable-default-expose",
-						Ports: []int{80},
+						ID:     "disable-default-expose",
+						Ports:  []int{80},
+						Labels: &map[string]string{},
 					},
 				},
 			},
@@ -435,7 +449,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "disable-default-expose-disable-in-label",
 						Ports: []int{80},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.enable": "false",
 						},
 					},
@@ -454,7 +468,7 @@ func TestMarathonTaskFilter(t *testing.T) {
 					{
 						ID:    "disable-default-expose-enable-in-label",
 						Ports: []int{80},
-						Labels: map[string]string{
+						Labels: &map[string]string{
 							"traefik.enable": "true",
 						},
 					},
@@ -486,14 +500,16 @@ func TestMarathonApplicationFilter(t *testing.T) {
 		},
 		{
 			application: marathon.Application{
-				ID: "test",
+				ID:     "test",
+				Labels: &map[string]string{},
 			},
 			filteredTasks: []marathon.Task{},
 			expected:      false,
 		},
 		{
 			application: marathon.Application{
-				ID: "foo",
+				ID:     "foo",
+				Labels: &map[string]string{},
 			},
 			filteredTasks: []marathon.Task{
 				{
@@ -504,7 +520,8 @@ func TestMarathonApplicationFilter(t *testing.T) {
 		},
 		{
 			application: marathon.Application{
-				ID: "foo",
+				ID:     "foo",
+				Labels: &map[string]string{},
 			},
 			filteredTasks: []marathon.Task{
 				{
@@ -539,7 +556,8 @@ func TestMarathonGetPort(t *testing.T) {
 		{
 			applications: []marathon.Application{
 				{
-					ID: "test1",
+					ID:     "test1",
+					Labels: &map[string]string{},
 				},
 			},
 			task: marathon.Task{
@@ -550,7 +568,8 @@ func TestMarathonGetPort(t *testing.T) {
 		{
 			applications: []marathon.Application{
 				{
-					ID: "test1",
+					ID:     "test1",
+					Labels: &map[string]string{},
 				},
 			},
 			task: marathon.Task{
@@ -562,7 +581,8 @@ func TestMarathonGetPort(t *testing.T) {
 		{
 			applications: []marathon.Application{
 				{
-					ID: "test1",
+					ID:     "test1",
+					Labels: &map[string]string{},
 				},
 			},
 			task: marathon.Task{
@@ -575,7 +595,7 @@ func TestMarathonGetPort(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "specify-port-number",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.port": "443",
 					},
 				},
@@ -590,7 +610,7 @@ func TestMarathonGetPort(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "specify-port-index",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.portIndex": "1",
 					},
 				},
@@ -628,7 +648,7 @@ func TestMarathonGetWeigh(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "test1",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.weight": "10",
 					},
 				},
@@ -642,7 +662,7 @@ func TestMarathonGetWeigh(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "test",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.test": "10",
 					},
 				},
@@ -656,7 +676,7 @@ func TestMarathonGetWeigh(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "test",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.weight": "10",
 					},
 				},
@@ -686,12 +706,13 @@ func TestMarathonGetDomain(t *testing.T) {
 		expected    string
 	}{
 		{
-			application: marathon.Application{},
-			expected:    "docker.localhost",
+			application: marathon.Application{
+				Labels: &map[string]string{}},
+			expected: "docker.localhost",
 		},
 		{
 			application: marathon.Application{
-				Labels: map[string]string{
+				Labels: &map[string]string{
 					"traefik.domain": "foo.bar",
 				},
 			},
@@ -724,7 +745,7 @@ func TestMarathonGetProtocol(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "test1",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.protocol": "https",
 					},
 				},
@@ -738,7 +759,7 @@ func TestMarathonGetProtocol(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "test",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.foo": "bar",
 					},
 				},
@@ -752,7 +773,7 @@ func TestMarathonGetProtocol(t *testing.T) {
 			applications: []marathon.Application{
 				{
 					ID: "test",
-					Labels: map[string]string{
+					Labels: &map[string]string{
 						"traefik.protocol": "https",
 					},
 				},
@@ -780,12 +801,13 @@ func TestMarathonGetPassHostHeader(t *testing.T) {
 		expected    string
 	}{
 		{
-			application: marathon.Application{},
-			expected:    "true",
+			application: marathon.Application{
+				Labels: &map[string]string{}},
+			expected: "true",
 		},
 		{
 			application: marathon.Application{
-				Labels: map[string]string{
+				Labels: &map[string]string{
 					"traefik.frontend.passHostHeader": "false",
 				},
 			},
@@ -809,12 +831,13 @@ func TestMarathonGetEntryPoints(t *testing.T) {
 		expected    []string
 	}{
 		{
-			application: marathon.Application{},
-			expected:    []string{},
+			application: marathon.Application{
+				Labels: &map[string]string{}},
+			expected: []string{},
 		},
 		{
 			application: marathon.Application{
-				Labels: map[string]string{
+				Labels: &map[string]string{
 					"traefik.frontend.entryPoints": "http,https",
 				},
 			},
@@ -841,18 +864,20 @@ func TestMarathonGetFrontendRule(t *testing.T) {
 		expected    string
 	}{
 		{
-			application: marathon.Application{},
-			expected:    "Host:.docker.localhost",
+			application: marathon.Application{
+				Labels: &map[string]string{}},
+			expected: "Host:.docker.localhost",
 		},
 		{
 			application: marathon.Application{
-				ID: "test",
+				ID:     "test",
+				Labels: &map[string]string{},
 			},
 			expected: "Host:test.docker.localhost",
 		},
 		{
 			application: marathon.Application{
-				Labels: map[string]string{
+				Labels: &map[string]string{
 					"traefik.frontend.rule": "Host:foo.bar",
 				},
 			},
@@ -878,7 +903,7 @@ func TestMarathonGetBackend(t *testing.T) {
 		{
 			application: marathon.Application{
 				ID: "foo",
-				Labels: map[string]string{
+				Labels: &map[string]string{
 					"traefik.backend": "bar",
 				},
 			},

rules.go

@@ -106,6 +106,11 @@ func (r *Rules) Parse(expression string) (*mux.Route, error) {
 		"Headers":         r.headers,
 		"HeadersRegexp":   r.headersRegexp,
 	}
+
+	if len(expression) == 0 {
+		return nil, errors.New("Empty rule")
+	}
+
 	f := func(c rune) bool {
 		return c == ':'
 	}
@@ -123,11 +128,11 @@ func (r *Rules) Parse(expression string) (*mux.Route, error) {
 		// get function
 		parsedFunctions := strings.FieldsFunc(rule, f)
 		if len(parsedFunctions) == 0 {
-			return nil, errors.New("Error parsing rule: " + rule)
+			return nil, errors.New("Error parsing rule: '" + rule + "'")
 		}
-		parsedFunction, ok := functions[parsedFunctions[0]]
+		parsedFunction, ok := functions[strings.TrimSpace(parsedFunctions[0])]
 		if !ok {
-			return nil, errors.New("Error parsing rule: " + rule + ". Unknown function: " + parsedFunctions[0])
+			return nil, errors.New("Error parsing rule: '" + rule + "'. Unknown function: '" + parsedFunctions[0] + "'")
 		}
 		parsedFunctions = append(parsedFunctions[:0], parsedFunctions[1:]...)
 		fargs := func(c rune) bool {
@@ -136,12 +141,12 @@ func (r *Rules) Parse(expression string) (*mux.Route, error) {
 		// get function
 		parsedArgs := strings.FieldsFunc(strings.Join(parsedFunctions, ":"), fargs)
 		if len(parsedArgs) == 0 {
-			return nil, errors.New("Error parsing args from rule: " + rule)
+			return nil, errors.New("Error parsing args from rule: '" + rule + "'")
 		}
 
 		inputs := make([]reflect.Value, len(parsedArgs))
 		for i := range parsedArgs {
-			inputs[i] = reflect.ValueOf(parsedArgs[i])
+			inputs[i] = reflect.ValueOf(strings.TrimSpace(parsedArgs[i]))
 		}
 		method := reflect.ValueOf(parsedFunction)
 		if method.IsValid() {
@@ -154,7 +159,7 @@ func (r *Rules) Parse(expression string) (*mux.Route, error) {
 			}
 
 		} else {
-			return nil, errors.New("Method not found: " + parsedFunctions[0])
+			return nil, errors.New("Method not found: '" + parsedFunctions[0] + "'")
 		}
 	}
 	return resultRoute, nil

script/binary

@@ -17,9 +17,13 @@ if [ -z "$VERSION" ]; then
     VERSION=$(git rev-parse HEAD)
 fi
 
+if [ -z "$CODENAME" ]; then
+    CODENAME=cheddar
+fi
+
 if [ -z "$DATE" ]; then
     DATE=$(date -u '+%Y-%m-%d_%I:%M:%S%p')
 fi
 
 # Build binaries
-CGO_ENABLED=0 GOGC=off go build $FLAGS -ldflags "-s -w -X main.Version=$VERSION -X main.BuildDate=$DATE" -a -installsuffix nocgo -o dist/traefik .
+CGO_ENABLED=0 GOGC=off go build $FLAGS -ldflags "-s -w -X main.Version=$VERSION -X main.Codename=$CODENAME -X main.BuildDate=$DATE" -a -installsuffix nocgo -o dist/traefik .

script/crossbinary

@@ -6,24 +6,14 @@ if ! test -e autogen/gen.go; then
 	false
 fi
 
-if [ -z "$1" ]; then
-    # Remove windows platform because of
-    # https://github.com/mailgun/log/issues/10
-    OS_PLATFORM_ARG=(linux)
-else
-    OS_PLATFORM_ARG=($1)
-fi
-
-if [ -z "$2" ]; then
-    OS_ARCH_ARG=(386 amd64 arm)
-else
-    OS_ARCH_ARG=($2)
-fi
-
 if [ -z "$VERSION" ]; then
     VERSION=$(git rev-parse HEAD)
 fi
 
+if [ -z "$CODENAME" ]; then
+    CODENAME=cheddar
+fi
+
 if [ -z "$DATE" ]; then
     DATE=$(date -u '+%Y-%m-%d_%I:%M:%S%p')
 fi
@@ -31,10 +21,23 @@ fi
 # Get rid of existing binaries
 rm -f dist/traefik_*
 
-# Build binaries
+# Build 386 amd64 binaries
+OS_PLATFORM_ARG=(linux darwin windows)
+OS_ARCH_ARG=(386 amd64)
 for OS in ${OS_PLATFORM_ARG[@]}; do
   for ARCH in ${OS_ARCH_ARG[@]}; do
     echo "Building binary for $OS/$ARCH..."
-    GOARCH=$ARCH GOOS=$OS CGO_ENABLED=0 go build -ldflags "-s -w -X main.Version=$VERSION -X main.BuildDate=$DATE" -o "dist/traefik_$OS-$ARCH" .
+    GOARCH=$ARCH GOOS=$OS CGO_ENABLED=0 go build -ldflags "-s -w -X main.Version=$VERSION -X main.Codename=$CODENAME -X main.BuildDate=$DATE" -o "dist/traefik_$OS-$ARCH" .
+  done
+done
+
+
+# Build arm binaries
+OS_PLATFORM_ARG=(linux)
+OS_ARCH_ARG=(arm arm64)
+for OS in ${OS_PLATFORM_ARG[@]}; do
+  for ARCH in ${OS_ARCH_ARG[@]}; do
+    echo "Building binary for $OS/$ARCH..."
+    GOARCH=$ARCH GOOS=$OS CGO_ENABLED=0 go build -ldflags "-s -w -X main.Version=$VERSION -X main.Codename=$CODENAME -X main.BuildDate=$DATE" -o "dist/traefik_$OS-$ARCH" .
   done
 done

server.go

@@ -14,25 +14,23 @@ import (
 	"reflect"
 	"regexp"
 	"sort"
-	"strconv"
 	"syscall"
 	"time"
 
 	log "github.com/Sirupsen/logrus"
 	"github.com/codegangsta/negroni"
 	"github.com/containous/mux"
-	"github.com/containous/oxy/cbreaker"
-	"github.com/containous/oxy/connlimit"
-	"github.com/containous/oxy/forward"
-	"github.com/containous/oxy/roundrobin"
-	"github.com/containous/oxy/stream"
-	"github.com/containous/oxy/utils"
 	"github.com/containous/traefik/middlewares"
 	"github.com/containous/traefik/provider"
 	"github.com/containous/traefik/safe"
 	"github.com/containous/traefik/types"
 	"github.com/mailgun/manners"
 	"github.com/streamrail/concurrent-map"
+	"github.com/vulcand/oxy/cbreaker"
+	"github.com/vulcand/oxy/connlimit"
+	"github.com/vulcand/oxy/forward"
+	"github.com/vulcand/oxy/roundrobin"
+	"github.com/vulcand/oxy/utils"
 )
 
 var oxyLogger = &OxyLogger{}
@@ -139,21 +137,25 @@ func (server *Server) listenProviders(stop chan bool) {
 			if !ok {
 				return
 			}
+			server.defaultConfigurationValues(configMsg.Configuration)
+			currentConfigurations := server.currentConfigurations.Get().(configs)
 			jsonConf, _ := json.Marshal(configMsg.Configuration)
 			log.Debugf("Configuration received from provider %s: %s", configMsg.ProviderName, string(jsonConf))
-			lastConfigs.Set(configMsg.ProviderName, &configMsg)
-			lastReceivedConfigurationValue := lastReceivedConfiguration.Get().(time.Time)
-			if time.Now().After(lastReceivedConfigurationValue.Add(time.Duration(server.globalConfiguration.ProvidersThrottleDuration))) {
-				log.Debugf("Last %s config received more than %s, OK", configMsg.ProviderName, server.globalConfiguration.ProvidersThrottleDuration)
-				// last config received more than n s ago
-				server.configurationValidatedChan <- configMsg
+			if configMsg.Configuration == nil || configMsg.Configuration.Backends == nil && configMsg.Configuration.Frontends == nil {
+				log.Infof("Skipping empty Configuration for provider %s", configMsg.ProviderName)
+			} else if reflect.DeepEqual(currentConfigurations[configMsg.ProviderName], configMsg.Configuration) {
+				log.Infof("Skipping same configuration for provider %s", configMsg.ProviderName)
 			} else {
-				log.Debugf("Last %s config received less than %s, waiting...", configMsg.ProviderName, server.globalConfiguration.ProvidersThrottleDuration)
-				server.routinesPool.Go(func(stop chan bool) {
-					select {
-					case <-stop:
-						return
-					case <-time.After(server.globalConfiguration.ProvidersThrottleDuration):
+				lastConfigs.Set(configMsg.ProviderName, &configMsg)
+				lastReceivedConfigurationValue := lastReceivedConfiguration.Get().(time.Time)
+				if time.Now().After(lastReceivedConfigurationValue.Add(time.Duration(server.globalConfiguration.ProvidersThrottleDuration))) {
+					log.Debugf("Last %s config received more than %s, OK", configMsg.ProviderName, server.globalConfiguration.ProvidersThrottleDuration)
+					// last config received more than n s ago
+					server.configurationValidatedChan <- configMsg
+				} else {
+					log.Debugf("Last %s config received less than %s, waiting...", configMsg.ProviderName, server.globalConfiguration.ProvidersThrottleDuration)
+					safe.Go(func() {
+						<-time.After(server.globalConfiguration.ProvidersThrottleDuration)
 						lastReceivedConfigurationValue := lastReceivedConfiguration.Get().(time.Time)
 						if time.Now().After(lastReceivedConfigurationValue.Add(time.Duration(server.globalConfiguration.ProvidersThrottleDuration))) {
 							log.Debugf("Waited for %s config, OK", configMsg.ProviderName)
@@ -161,10 +163,29 @@ func (server *Server) listenProviders(stop chan bool) {
 								server.configurationValidatedChan <- *lastConfig.(*types.ConfigMessage)
 							}
 						}
-					}
-				})
+					})
+				}
+				lastReceivedConfiguration.Set(time.Now())
 			}
-			lastReceivedConfiguration.Set(time.Now())
+		}
+	}
+}
+
+func (server *Server) defaultConfigurationValues(configuration *types.Configuration) {
+	if configuration == nil || configuration.Frontends == nil {
+		return
+	}
+	for _, frontend := range configuration.Frontends {
+		// default endpoints if not defined in frontends
+		if len(frontend.EntryPoints) == 0 {
+			frontend.EntryPoints = server.globalConfiguration.DefaultEntryPoints
+		}
+	}
+	for backendName, backend := range configuration.Backends {
+		_, err := types.NewLoadBalancerMethod(backend.LoadBalancer)
+		if err != nil {
+			log.Warnf("Error loading load balancer method '%+v' for backend %s: %v. Using default wrr.", backend.LoadBalancer, backendName, err)
+			backend.LoadBalancer = &types.LoadBalancer{Method: "wrr"}
 		}
 	}
 }
@@ -179,28 +200,23 @@ func (server *Server) listenConfigurations(stop chan bool) {
 				return
 			}
 			currentConfigurations := server.currentConfigurations.Get().(configs)
-			if configMsg.Configuration == nil {
-				log.Infof("Skipping empty Configuration for provider %s", configMsg.ProviderName)
-			} else if reflect.DeepEqual(currentConfigurations[configMsg.ProviderName], configMsg.Configuration) {
-				log.Infof("Skipping same configuration for provider %s", configMsg.ProviderName)
-			} else {
-				// Copy configurations to new map so we don't change current if LoadConfig fails
-				newConfigurations := make(configs)
-				for k, v := range currentConfigurations {
-					newConfigurations[k] = v
-				}
-				newConfigurations[configMsg.ProviderName] = configMsg.Configuration
 
-				newServerEntryPoints, err := server.loadConfig(newConfigurations, server.globalConfiguration)
-				if err == nil {
-					for newServerEntryPointName, newServerEntryPoint := range newServerEntryPoints {
-						server.serverEntryPoints[newServerEntryPointName].httpRouter.UpdateHandler(newServerEntryPoint.httpRouter.GetHandler())
-						log.Infof("Server configuration reloaded on %s", server.serverEntryPoints[newServerEntryPointName].httpServer.Addr)
-					}
-					server.currentConfigurations.Set(newConfigurations)
-				} else {
-					log.Error("Error loading new configuration, aborted ", err)
+			// Copy configurations to new map so we don't change current if LoadConfig fails
+			newConfigurations := make(configs)
+			for k, v := range currentConfigurations {
+				newConfigurations[k] = v
+			}
+			newConfigurations[configMsg.ProviderName] = configMsg.Configuration
+
+			newServerEntryPoints, err := server.loadConfig(newConfigurations, server.globalConfiguration)
+			if err == nil {
+				for newServerEntryPointName, newServerEntryPoint := range newServerEntryPoints {
+					server.serverEntryPoints[newServerEntryPointName].httpRouter.UpdateHandler(newServerEntryPoint.httpRouter.GetHandler())
+					log.Infof("Server configuration reloaded on %s", server.serverEntryPoints[newServerEntryPointName].httpServer.Addr)
 				}
+				server.currentConfigurations.Set(newConfigurations)
+			} else {
+				log.Error("Error loading new configuration, aborted ", err)
 			}
 		}
 	}
@@ -375,30 +391,38 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 	backend2FrontendMap := map[string]string{}
 	for _, configuration := range configurations {
 		frontendNames := sortedFrontendNamesForConfig(configuration)
+	frontend:
 		for _, frontendName := range frontendNames {
 			frontend := configuration.Frontends[frontendName]
 
 			log.Debugf("Creating frontend %s", frontendName)
-			fwd, _ := forward.New(forward.Logger(oxyLogger), forward.PassHostHeader(frontend.PassHostHeader))
-			saveBackend := middlewares.NewSaveBackend(fwd)
-			// default endpoints if not defined in frontends
-			if len(frontend.EntryPoints) == 0 {
-				frontend.EntryPoints = globalConfiguration.DefaultEntryPoints
+
+			fwd, err := forward.New(forward.Logger(oxyLogger), forward.PassHostHeader(frontend.PassHostHeader))
+			if err != nil {
+				log.Errorf("Error creating forwarder for frontend %s: %v", frontendName, err)
+				log.Errorf("Skipping frontend %s...", frontendName)
+				continue frontend
 			}
+			saveBackend := middlewares.NewSaveBackend(fwd)
 			if len(frontend.EntryPoints) == 0 {
-				log.Errorf("No entrypoint defined for frontend %s, defaultEntryPoints:%s. Skipping it", frontendName, globalConfiguration.DefaultEntryPoints)
-				continue
+				log.Errorf("No entrypoint defined for frontend %s, defaultEntryPoints:%s", frontendName, globalConfiguration.DefaultEntryPoints)
+				log.Errorf("Skipping frontend %s...", frontendName)
+				continue frontend
 			}
 			for _, entryPointName := range frontend.EntryPoints {
 				log.Debugf("Wiring frontend %s to entryPoint %s", frontendName, entryPointName)
 				if _, ok := serverEntryPoints[entryPointName]; !ok {
-					return nil, errors.New("Undefined entrypoint: " + entryPointName)
+					log.Errorf("Undefined entrypoint '%s' for frontend %s", entryPointName, frontendName)
+					log.Errorf("Skipping frontend %s...", frontendName)
+					continue frontend
 				}
 				newServerRoute := &serverRoute{route: serverEntryPoints[entryPointName].httpRouter.GetHandler().NewRoute().Name(frontendName)}
 				for routeName, route := range frontend.Routes {
 					err := getRoute(newServerRoute, &route)
 					if err != nil {
-						return nil, err
+						log.Errorf("Error creating route for frontend %s: %v", frontendName, err)
+						log.Errorf("Skipping frontend %s...", frontendName)
+						continue frontend
 					}
 					log.Debugf("Creating route %s %s", routeName, route.Rule)
 				}
@@ -407,7 +431,9 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 					if redirectHandlers[entryPointName] != nil {
 						newServerRoute.route.Handler(redirectHandlers[entryPointName])
 					} else if handler, err := server.loadEntryPointConfig(entryPointName, entryPoint); err != nil {
-						return nil, err
+						log.Errorf("Error loading entrypoint configuration for frontend %s: %v", frontendName, err)
+						log.Errorf("Skipping frontend %s...", frontendName)
+						continue frontend
 					} else {
 						newServerRoute.route.Handler(handler)
 						redirectHandlers[entryPointName] = handler
@@ -418,11 +444,15 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 						var lb http.Handler
 						rr, _ := roundrobin.New(saveBackend)
 						if configuration.Backends[frontend.Backend] == nil {
-							return nil, errors.New("Undefined backend: " + frontend.Backend)
+							log.Errorf("Undefined backend '%s' for frontend %s", frontend.Backend, frontendName)
+							log.Errorf("Skipping frontend %s...", frontendName)
+							continue frontend
 						}
 						lbMethod, err := types.NewLoadBalancerMethod(configuration.Backends[frontend.Backend].LoadBalancer)
 						if err != nil {
-							configuration.Backends[frontend.Backend].LoadBalancer = &types.LoadBalancer{Method: "wrr"}
+							log.Errorf("Error loading load balancer method '%+v' for frontend %s: %v", configuration.Backends[frontend.Backend].LoadBalancer, frontendName, err)
+							log.Errorf("Skipping frontend %s...", frontendName)
+							continue frontend
 						}
 						switch lbMethod {
 						case types.Drr:
@@ -432,12 +462,16 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 							for serverName, server := range configuration.Backends[frontend.Backend].Servers {
 								url, err := url.Parse(server.URL)
 								if err != nil {
-									return nil, err
+									log.Errorf("Error parsing server URL %s: %v", server.URL, err)
+									log.Errorf("Skipping frontend %s...", frontendName)
+									continue frontend
 								}
 								backend2FrontendMap[url.String()] = frontendName
 								log.Debugf("Creating server %s at %s with weight %d", serverName, url.String(), server.Weight)
 								if err := rebalancer.UpsertServer(url, roundrobin.Weight(server.Weight)); err != nil {
-									return nil, err
+									log.Errorf("Error adding server %s to load balancer: %v", server.URL, err)
+									log.Errorf("Skipping frontend %s...", frontendName)
+									continue frontend
 								}
 							}
 						case types.Wrr:
@@ -446,12 +480,16 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 							for serverName, server := range configuration.Backends[frontend.Backend].Servers {
 								url, err := url.Parse(server.URL)
 								if err != nil {
-									return nil, err
+									log.Errorf("Error parsing server URL %s: %v", server.URL, err)
+									log.Errorf("Skipping frontend %s...", frontendName)
+									continue frontend
 								}
 								backend2FrontendMap[url.String()] = frontendName
 								log.Debugf("Creating server %s at %s with weight %d", serverName, url.String(), server.Weight)
 								if err := rr.UpsertServer(url, roundrobin.Weight(server.Weight)); err != nil {
-									return nil, err
+									log.Errorf("Error adding server %s to load balancer: %v", server.URL, err)
+									log.Errorf("Skipping frontend %s...", frontendName)
+									continue frontend
 								}
 							}
 						}
@@ -459,12 +497,16 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 						if maxConns != nil && maxConns.Amount != 0 {
 							extractFunc, err := utils.NewExtractor(maxConns.ExtractorFunc)
 							if err != nil {
-								return nil, err
+								log.Errorf("Error creating connlimit: %v", err)
+								log.Errorf("Skipping frontend %s...", frontendName)
+								continue frontend
 							}
 							log.Debugf("Creating loadd-balancer connlimit")
 							lb, err = connlimit.New(lb, extractFunc, maxConns.Amount, connlimit.Logger(oxyLogger))
 							if err != nil {
-								return nil, err
+								log.Errorf("Error creating connlimit: %v", err)
+								log.Errorf("Skipping frontend %s...", frontendName)
+								continue frontend
 							}
 						}
 						// retry ?
@@ -473,27 +515,20 @@ func (server *Server) loadConfig(configurations configs, globalConfiguration Glo
 							if globalConfiguration.Retry.Attempts > 0 {
 								retries = globalConfiguration.Retry.Attempts
 							}
-							maxMem := int64(2 * 1024 * 1024)
-							if globalConfiguration.Retry.MaxMem > 0 {
-								maxMem = globalConfiguration.Retry.MaxMem
-							}
-							lb, err = stream.New(lb,
-								stream.Logger(oxyLogger),
-								stream.Retry("IsNetworkError() && Attempts() < "+strconv.Itoa(retries)),
-								stream.MemRequestBodyBytes(maxMem),
-								stream.MaxRequestBodyBytes(maxMem),
-								stream.MemResponseBodyBytes(maxMem),
-								stream.MaxResponseBodyBytes(maxMem))
+							lb = middlewares.NewRetry(retries, lb)
 							log.Debugf("Creating retries max attempts %d", retries)
-							if err != nil {
-								return nil, err
-							}
 						}
 
 						var negroni = negroni.New()
 						if configuration.Backends[frontend.Backend].CircuitBreaker != nil {
 							log.Debugf("Creating circuit breaker %s", configuration.Backends[frontend.Backend].CircuitBreaker.Expression)
-							negroni.Use(middlewares.NewCircuitBreaker(lb, configuration.Backends[frontend.Backend].CircuitBreaker.Expression, cbreaker.Logger(oxyLogger)))
+							cbreaker, err := middlewares.NewCircuitBreaker(lb, configuration.Backends[frontend.Backend].CircuitBreaker.Expression, cbreaker.Logger(oxyLogger))
+							if err != nil {
+								log.Errorf("Error creating circuit breaker: %v", err)
+								log.Errorf("Skipping frontend %s...", frontendName)
+								continue frontend
+							}
+							negroni.Use(cbreaker)
 						} else {
 							negroni.UseHandler(lb)
 						}

templates/consul_catalog.tmpl

@@ -1,7 +1,7 @@
 [backends]
 {{range $index, $node := .Nodes}}
   {{if ne (getAttribute "enable" $node.Service.Tags "true") "false"}}
-    [backends.backend-{{getBackend $node}}.servers.{{getBackendName $node $index}}]
+    [backends."backend-{{getBackend $node}}".servers."{{getBackendName $node $index}}"]
       url = "{{getAttribute "protocol" $node.Service.Tags "http"}}://{{getBackendAddress $node}}:{{$node.Service.Port}}"
       {{$weight := getAttribute "backend.weight" $node.Service.Tags ""}}
       {{with $weight}}
@@ -14,20 +14,20 @@
   {{$service := .ServiceName}}
   {{$circuitBreaker := getAttribute "backend.circuitbreaker" .Attributes ""}}
   {{with $circuitBreaker}}
-  [backends.backend-{{$service}}.circuitbreaker]
+  [backends."backend-{{$service}}".circuitbreaker]
     expression = "{{$circuitBreaker}}"
   {{end}}
 
   {{$loadBalancer := getAttribute "backend.loadbalancer" .Attributes ""}}
   {{with $loadBalancer}}
-  [backends.backend-{{$service}}.loadbalancer]
+  [backends."backend-{{$service}}".loadbalancer]
     method = "{{$loadBalancer}}"
   {{end}}
 {{end}}
 
 [frontends]
 {{range .Services}}
-  [frontends.frontend-{{.ServiceName}}]
+  [frontends."frontend-{{.ServiceName}}"]
   backend = "backend-{{.ServiceName}}"
   passHostHeader = {{getAttribute "frontend.passHostHeader" .Attributes "true"}}
   priority = {{getAttribute "frontend.priority" .Attributes "0"}}
@@ -37,6 +37,6 @@
       "{{.}}",
     {{end}}]
   {{end}}
-  [frontends.frontend-{{.ServiceName}}.routes.route-host-{{.ServiceName}}]
+  [frontends."frontend-{{.ServiceName}}".routes."route-host-{{.ServiceName}}"]
     rule = "{{getFrontendRule .}}"
 {{end}}

traefik.go

@@ -20,6 +20,7 @@ import (
 )
 
 var versionTemplate = `Version:      {{.Version}}
+Codename:     {{.Codename}}
 Go version:   {{.GoVersion}}
 Built:        {{.BuildTime}}
 OS/Arch:      {{.Os}}/{{.Arch}}`
@@ -57,12 +58,14 @@ Complete documentation is available at https://traefik.io`,
 
 			v := struct {
 				Version   string
+				Codename  string
 				GoVersion string
 				BuildTime string
 				Os        string
 				Arch      string
 			}{
 				Version:   Version,
+				Codename:  Codename,
 				GoVersion: runtime.Version(),
 				BuildTime: BuildDate,
 				Os:        runtime.GOOS,

traefik.sample.toml

@@ -157,13 +157,6 @@
 #
 # attempts = 3
 
-# Sets the maximum request body to be stored in memory in Mo
-#
-# Optional
-# Default: 2
-#
-# maxMem = 3
-
 ################################################################
 # Web configuration backend
 ################################################################
@@ -325,12 +318,11 @@
 #  httpBasicAuthUser = "foo"
 #  httpBasicPassword = "bar"
 
-# TLS client configuration. https://golang.org/pkg/crypto/tls/#Config
+# DCOSToken for DCOS environment, This will override the Authorization header
 #
 # Optional
 #
-# [marathon.TLS]
-# InsecureSkipVerify = true
+# dcosToken = "xxxxxx"
 
 ################################################################
 # Kubernetes Ingress configuration backend

version.go

@@ -3,6 +3,8 @@ package main
 var (
 	// Version holds the current version of traefik.
 	Version = "dev"
+	// Codename holds the current version codename of traefik.
+	Codename = "cheddar" // beta cheese
 	// BuildDate holds the build date of traefik.
 	BuildDate = "I don't remember exactly"
 )

webui/src/app/core/health.resource.js

@@ -7,7 +7,7 @@
 
       /** @ngInject */
       function Health($resource) {
-        return $resource('/health');
+        return $resource('../health');
       }
 
 })();

webui/src/app/core/providers.resource.js

@@ -7,7 +7,7 @@
 
     /** @ngInject */
     function Providers($resource) {
-      return $resource('/api/providers');
+      return $resource('../api/providers');
     }
 
 })();