Merge pull request #267 from containous/add-retries

add retries request
2025-10-05 07:33:19 +03:00 · 2016-03-30 19:04:39 +02:00 · 2016-03-29 22:25:32 +02:00 · 2016-03-29 11:12:18 +02:00 · 2016-03-28 20:54:06 +02:00 · 2016-03-28 19:16:37 +02:00
89 changed files with 5075 additions and 1417 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,78 @@
+# Contributing
+
+### Building
+
+You need either [Docker](https://github.com/docker/docker) and `make`, or `go` and `glide` in order to build traefik.
+
+#### Setting up your `go` environment
+
+- You need `go` v1.5
+- You need to set `export GO15VENDOREXPERIMENT=1` environment variable
+- You need `go-bindata` to be able to use `go generate` command (needed to build) : `go get github.com/jteeuwen/go-bindata/...`.
+- If you clone Træfɪk into something like `~/go/src/github.com/traefik`, your `GOPATH` variable will have to be set to `~/go`: export `GOPATH=~/go`.
+
+#### Using `Docker` and `Makefile`
+
+You need to run the `binary` target. This will create binaries for Linux platform in the `dist` folder.
+
+```bash
+$ make binary
+docker build -t "traefik-dev:no-more-godep-ever" -f build.Dockerfile .
+Sending build context to Docker daemon 295.3 MB
+Step 0 : FROM golang:1.5
+ ---> 8c6473912976
+Step 1 : RUN go get github.com/Masterminds/glide
+[...]
+docker run --rm  -v "/var/run/docker.sock:/var/run/docker.sock" -it -e OS_ARCH_ARG -e OS_PLATFORM_ARG -e TESTFLAGS -v "/home/emile/dev/go/src/github.com/containous/traefik/"dist":/go/src/github.com/containous/traefik/"dist"" "traefik-dev:no-more-godep-ever" ./script/make.sh generate binary
+---> Making bundle: generate (in .)
+removed 'gen.go'
+
+---> Making bundle: binary (in .)
+
+$ ls dist/
+traefik*
+```
+
+#### Using `glide`
+
+The idea behind `glide` is the following :
+
+- when checkout(ing) a project, **run `glide install`** to install
+  (`go get …`) the dependencies in the `GOPATH`.
+- if you need another dependency, import and use it in
+  the source, and **run `glide get github.com/Masterminds/cookoo`** to save it in
+  `vendor` and add it to your `glide.yaml`.
+
+```bash
+$ glide install
+# generate
+$ go generate
+# Simple go build
+$ go build
+# Using gox to build multiple platform
+$ gox "linux darwin" "386 amd64 arm" \
+    -output="dist/traefik_{{.OS}}-{{.Arch}}"
+# run other commands like tests
+$ go test ./...
+ok      _/home/vincent/src/github/vdemeester/traefik    0.004s
+```
+
+### Tests
+
+You can run unit tests using the `test-unit` target and the
+integration test using the `test-integration` target.
+
+```bash
+$ make test-unit
+docker build -t "traefik-dev:your-feature-branch" -f build.Dockerfile .
+# […]
+docker run --rm -it -e OS_ARCH_ARG -e OS_PLATFORM_ARG -e TESTFLAGS -v "/home/vincent/src/github/vdemeester/traefik/dist:/go/src/github.com/containous/traefik/dist" "traefik-dev:your-feature-branch" ./script/make.sh generate test-unit
+---> Making bundle: generate (in .)
+removed 'gen.go'
+
+---> Making bundle: test-unit (in .)
+ go test -cover -coverprofile=cover.out .
+ok      github.com/containous/traefik   0.005s  coverage: 4.1% of statements
+
+Test success
+```
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 /dist
 gen.go
 .idea
+.intellij
 log
 *.iml
 traefik
@@ -8,3 +9,4 @@ traefik.toml
 *.test
 vendor/
 static/
+.vscode/
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,10 @@
+-   repo: git://github.com/pre-commit/pre-commit-hooks
+    sha: 44e1753f98b0da305332abe26856c3e621c5c439
+    hooks:
+    -   id: detect-private-key
+-   repo: git://github.com/containous/pre-commit-hooks
+    sha: 35e641b5107671e94102b0ce909648559e568d61
+    hooks:
+    -   id: goFmt
+    -   id: goLint
+    -   id: goErrcheck
--- a/.travis.yml
+++ b/.travis.yml
@@ -0,0 +1,31 @@
+branches:
+  except:
+    - /^v\d\.\d\.\d.*$/
+    
+env:
+  REPO: $TRAVIS_REPO_SLUG
+  VERSION: v1.0.0-beta.$TRAVIS_BUILD_NUMBER
+
+sudo: required
+
+services:
+  - docker
+
+install:
+  - sudo service docker stop
+  - sudo curl https://get.docker.com/builds/Linux/x86_64/docker-1.10.1 -o /usr/bin/docker
+  - sudo chmod +x /usr/bin/docker
+  - sudo service docker start
+
+before_script:
+  - make validate
+  - make binary
+
+script:
+  - make test-unit
+  - make test-integration
+  - make crossbinary
+  - make image
+
+after_success:
+ - make deploy
--- a/LICENSE.md
+++ b/LICENSE.md
@@ -1,6 +1,6 @@
 The MIT License (MIT)

-Copyright (c) 2015 Emile Vauge, emile@vauge.com
+Copyright (c) 2016 Containous SAS, Emile Vauge, emile@vauge.com

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+THE SOFTWARE.
--- a/40
+++ b/40
@@ -4,30 +4,33 @@ TRAEFIK_ENVS := \
 	-e OS_ARCH_ARG \
 	-e OS_PLATFORM_ARG \
 	-e TESTFLAGS \
-	-e CIRCLECI
+	-e VERBOSE \
+	-e VERSION
+
+SRCS = $(shell git ls-files '*.go' | grep -v '^external/')

 BIND_DIR := "dist"
-TRAEFIK_MOUNT := -v "$(CURDIR)/$(BIND_DIR):/go/src/github.com/emilevauge/traefik/$(BIND_DIR)"
+TRAEFIK_MOUNT := -v "$(CURDIR)/$(BIND_DIR):/go/src/github.com/containous/traefik/$(BIND_DIR)"

 GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)
 TRAEFIK_DEV_IMAGE := traefik-dev$(if $(GIT_BRANCH),:$(GIT_BRANCH))
 REPONAME := $(shell echo $(REPO) | tr '[:upper:]' '[:lower:]')
-TRAEFIK_IMAGE := $(if $(REPONAME),$(REPONAME),"emilevauge/traefik")
+TRAEFIK_IMAGE := $(if $(REPONAME),$(REPONAME),"containous/traefik")
 INTEGRATION_OPTS := $(if $(MAKE_DOCKER_HOST),-e "DOCKER_HOST=$(MAKE_DOCKER_HOST)", -v "/var/run/docker.sock:/var/run/docker.sock")

-DOCKER_RUN_TRAEFIK := docker run $(if $(CIRCLECI),,--rm) $(INTEGRATION_OPTS) -it $(TRAEFIK_ENVS) $(TRAEFIK_MOUNT) "$(TRAEFIK_DEV_IMAGE)"
+DOCKER_RUN_TRAEFIK := docker run $(INTEGRATION_OPTS) -it $(TRAEFIK_ENVS) $(TRAEFIK_MOUNT) "$(TRAEFIK_DEV_IMAGE)"

 print-%: ; @echo $*=$($*)

 default: binary

-all: build
+all: generate-webui build
 	$(DOCKER_RUN_TRAEFIK) ./script/make.sh

-binary: build-webui generate-webui build
+binary: generate-webui build
 	$(DOCKER_RUN_TRAEFIK) ./script/make.sh generate binary

-crossbinary: build-webui generate-webui build
+crossbinary: generate-webui build
 	$(DOCKER_RUN_TRAEFIK) ./script/make.sh generate crossbinary

 test: build
@@ -39,8 +42,8 @@ test-unit: build
 test-integration: build
 	$(DOCKER_RUN_TRAEFIK) ./script/make.sh generate test-integration

-validate: build
-	$(DOCKER_RUN_TRAEFIK) ./script/make.sh validate-gofmt validate-govet validate-golint
+validate: build 
+	$(DOCKER_RUN_TRAEFIK) ./script/make.sh  validate-gofmt validate-govet validate-golint 

 validate-gofmt: build
 	$(DOCKER_RUN_TRAEFIK) ./script/make.sh validate-gofmt
@@ -74,7 +77,18 @@ run-dev:
 	go build
 	./traefik

-generate-webui:
-	mkdir -p static
-	docker run --rm -v "$$PWD/static":'/src/static' traefik-webui gulp
-	echo 'For more informations show `webui/readme.md`' > $$PWD/static/DONT-EDIT-FILES-IN-THIS-DIRECTORY.md
+generate-webui: build-webui
+	if [ ! -d "static" ]; then \
+		mkdir -p static; \
+		docker run --rm -v "$$PWD/static":'/src/static' traefik-webui gulp; \
+		echo 'For more informations show `webui/readme.md`' > $$PWD/static/DONT-EDIT-FILES-IN-THIS-DIRECTORY.md; \
+	fi
+
+lint:
+	script/validate-golint
+
+fmt:
+	gofmt -s -l -w $(SRCS)
+
+deploy:
+	./script/deploy.sh
--- a/README.md
+++ b/README.md
@@ -1,32 +1,39 @@
-![Træfɪk](http://traefik.github.io/traefik.logo.svg  "Træfɪk")
-___

-[![Circle CI](https://circleci.com/gh/emilevauge/traefik.svg?style=shield&circle-token=:circle-token)](https://circleci.com/gh/emilevauge/traefik)
-[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/EmileVauge/traefik/blob/master/LICENSE.md)
+<p align="center">
+<img src="http://traefik.github.io/traefik.logo.svg" alt="Træfɪk" title="Træfɪk" />
+</p>
+
+[![Build Status](https://travis-ci.org/containous/traefik.svg?branch=master)](https://travis-ci.org/containous/traefik)
+[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/containous/traefik/blob/master/LICENSE.md)
 [![Join the chat at https://traefik.herokuapp.com](https://img.shields.io/badge/style-register-green.svg?style=social&label=Slack)](https://traefik.herokuapp.com)
+[![Twitter](https://img.shields.io/twitter/follow/traefikproxy.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefikproxy)
+


 Træfɪk is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease.
-It supports several backends ([Docker :whale:](https://www.docker.com/), [Mesos/Marathon](https://mesosphere.github.io/marathon/), [Consul](https://consul.io/), [Etcd](https://coreos.com/etcd/), [Zookeeper](https://zookeeper.apache.org), [BoltDB](https://github.com/boltdb/bolt), Rest API, file...) to manage its configuration automatically and dynamically.
+It supports several backends ([Docker :whale:](https://www.docker.com/), [Swarm :whale: :whale:](https://docs.docker.com/swarm), [Mesos/Marathon](https://mesosphere.github.io/marathon/), [Consul](https://www.consul.io/), [Etcd](https://coreos.com/etcd/), [Zookeeper](https://zookeeper.apache.org), [BoltDB](https://github.com/boltdb/bolt), Rest API, file...) to manage its configuration automatically and dynamically.


 ## Features

+- [It's fast](docs/index.md#benchmarks)
 - No dependency hell, single binary made with go
- Simple json Rest API
- Simple TOML file configuration
+- Rest API
 - Multiple backends supported: Docker, Mesos/Marathon, Consul, Etcd, and more to come
 - Watchers for backends, can listen change in backends to apply a new configuration automatically
 - Hot-reloading of configuration. No need to restart the process
- Graceful shutdown http connections during hot-reloads
+- Graceful shutdown http connections
 - Circuit breakers on backends
 - Round Robin, rebalancer load-balancers
 - Rest Metrics
- Tiny docker image included
+- Tiny docker image included [![Image Layers](https://badge.imagelayers.io/containous/traefik:latest.svg)](https://imagelayers.io/?images=containous/traefik:latest)
 - SSL backends support
- SSL frontend support
+- SSL frontend support (with SNI)
 - Clean AngularJS Web UI
 - Websocket support
+- HTTP/2 support
+- Retry request if network error
+- [Let's Encrypt](https://letsencrypt.org) support (Automatic HTTPS)

 ## Demo

@@ -43,114 +50,65 @@ You can access to a simple HTML frontend of Træfik.

 ## Plumbing

- [Oxy](https://github.com/mailgun/oxy/): an awsome proxy library made by Mailgun guys
+- [Oxy](https://github.com/vulcand/oxy): an awsome proxy library made by Mailgun guys
 - [Gorilla mux](https://github.com/gorilla/mux): famous request router
 - [Negroni](https://github.com/codegangsta/negroni): web middlewares made simple
 - [Manners](https://github.com/mailgun/manners): graceful shutdown of http.Handler servers
+- [Lego](https://github.com/xenolf/lego): the best [Let's Encrypt](https://letsencrypt.org) library in go

 ## Quick start

- The simple way: grab the latest binary from the [releases](https://github.com/emilevauge/traefik/releases) page and just run it with the [sample configuration file](https://raw.githubusercontent.com/EmileVauge/traefik/master/traefik.sample.toml):
+- The simple way: grab the latest binary from the [releases](https://github.com/containous/traefik/releases) page and just run it with the [sample configuration file](https://raw.githubusercontent.com/containous/traefik/master/traefik.sample.toml):

 ```shell
-./traefik traefik.toml
+./traefik -c traefik.toml
 ```

 - Use the tiny Docker image:

 ```shell
-docker run -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/traefik.toml emilevauge/traefik
+docker run -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/etc/traefik/traefik.toml containous/traefik
 ```

 - From sources:

 ```shell
-git clone https://github.com/EmileVauge/traefik
+git clone https://github.com/containous/traefik
 ```

 ## Documentation

 You can find the complete documentation [here](docs/index.md).

-## Benchmarks
-
-Refer to the [benchmarks section](docs/index.md#benchmarks) in the documentation.
-
 ## Contributing

-### Building
+Please refer to [this section](.github/CONTRIBUTING.md).

-You need either [Docker](https://github.com/docker/docker) and `make`, or `go` and `glide` in order to build traefik.
+## Træfɪk here and there

-#### Setting up your `go` environment
+These projects use Træfɪk internally. If your company uses Træfɪk, we would be glad to get your feedback :) Contact us on [![Join the chat at https://traefik.herokuapp.com](https://img.shields.io/badge/style-register-green.svg?style=social&label=Slack)](https://traefik.herokuapp.com)

- You need `go` v1.5
- You need to set `export GO15VENDOREXPERIMENT=1` environment variable
- You need `go-bindata` to be able to use `go generate` command (needed to build) : `go get github.com/jteeuwen/go-bindata/...`.
- If you clone Træfɪk into something like `~/go/src/github.com/traefik`, your `GOPATH` variable will have to be set to `~/go`: export `GOPATH=~/go`.
+- Project [Mantl](https://mantl.io/) from Cisco

-#### Using `Docker` and `Makefile`
+![Web UI Providers](docs/img/mantl-logo.png)
+> Mantl is a modern platform for rapidly deploying globally distributed services. A container orchestrator, docker, a network stack, something to pool your logs, something to monitor health, a sprinkle of service discovery and some automation.

-You need to run the `binary` target. This will create binaries for Linux platform in the `dist` folder.
+- Project [Apollo](http://capgemini.github.io/devops/apollo/) from Cap Gemini

-```bash
-$ make binary
-docker build -t "traefik-dev:no-more-godep-ever" -f build.Dockerfile .
-Sending build context to Docker daemon 295.3 MB
-Step 0 : FROM golang:1.5
- ---> 8c6473912976
-Step 1 : RUN go get github.com/Masterminds/glide
-[...]
-docker run --rm  -v "/var/run/docker.sock:/var/run/docker.sock" -it -e OS_ARCH_ARG -e OS_PLATFORM_ARG -e TESTFLAGS -v "/home/emile/dev/go/src/github.com/emilevauge/traefik/"dist":/go/src/github.com/emilevauge/traefik/"dist"" "traefik-dev:no-more-godep-ever" ./script/make.sh generate binary
---> Making bundle: generate (in .)
-removed 'gen.go'
+![Web UI Providers](docs/img/apollo-logo.png)
+> Apollo is an open source project to aid with building and deploying IAAS and PAAS services. It is particularly geared towards managing containerized applications across multiple hosts, and big data type workloads. Apollo leverages other open source components to provide basic mechanisms for deployment, maintenance, and scaling of infrastructure and applications.

---> Making bundle: binary (in .)
+## Partners

-$ ls dist/
-traefik*
-```
+[![Zenika](docs/img/zenika.logo.png)](https://zenika.com)

-#### Using `glide`
+Zenika is one of the leading providers of professional Open Source services and agile methodologies in
+Europe. We provide consulting, development, training and support for the world’s leading Open Source
+software products.

-The idea behind `glide` is the following :

- when checkout(ing) a project, **run `glide up --quick`** to install
-  (`go get …`) the dependencies in the `GOPATH`.
- if you need another dependency, import and use it in
-  the source, and **run `glide get github.com/Masterminds/cookoo`** to save it in
-  `vendor` and add it to your `glide.yaml`.

-```bash
-$ glide up --quick
-# generate
-$ go generate
-# Simple go build
-$ go build
-# Using gox to build multiple platform
-$ gox "linux darwin" "386 amd64 arm" \
-    -output="dist/traefik_{{.OS}}-{{.Arch}}"
-# run other commands like tests
-$ go test ./...
-ok      _/home/vincent/src/github/vdemeester/traefik    0.004s
-```
+[![Asteris](docs/img/asteris.logo.png)](https://aster.is)

-### Tests
-
-You can run unit tests using the `test-unit` target and the
-integration test using the `test-integration` target.
-
-```bash
-$ make test-unit
-docker build -t "traefik-dev:your-feature-branch" -f build.Dockerfile .
-# […]
-docker run --rm -it -e OS_ARCH_ARG -e OS_PLATFORM_ARG -e TESTFLAGS -v "/home/vincent/src/github/vdemeester/traefik/dist:/go/src/github.com/emilevauge/traefik/dist" "traefik-dev:your-feature-branch" ./script/make.sh generate test-unit
---> Making bundle: generate (in .)
-removed 'gen.go'
-
---> Making bundle: test-unit (in .)
-+ go test -cover -coverprofile=cover.out .
-ok      github.com/emilevauge/traefik   0.005s  coverage: 4.1% of statements
-
-Test success
-```
+Founded in 2014, Asteris creates next-generation infrastructure software for the modern datacenter. Asteris writes software that makes it easy for companies to implement continuous delivery and realtime data pipelines. We support the HashiCorp stack, along with Kubernetes, Apache Mesos, Spark and Kafka. We're core committers on mantl.io, consul-cli and mesos-consul.
+.
--- a/acme/acme.go
+++ b/acme/acme.go
@@ -0,0 +1,405 @@
+package acme
+
+import (
+	"crypto"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/json"
+	"errors"
+	"fmt"
+	log "github.com/Sirupsen/logrus"
+	"github.com/xenolf/lego/acme"
+	"io/ioutil"
+	fmtlog "log"
+	"os"
+	"reflect"
+	"sync"
+	"time"
+)
+
+// Account is used to store lets encrypt registration info
+type Account struct {
+	Email              string
+	Registration       *acme.RegistrationResource
+	PrivateKey         []byte
+	DomainsCertificate DomainsCertificates
+}
+
+// GetEmail returns email
+func (a Account) GetEmail() string {
+	return a.Email
+}
+
+// GetRegistration returns lets encrypt registration resource
+func (a Account) GetRegistration() *acme.RegistrationResource {
+	return a.Registration
+}
+
+// GetPrivateKey returns private key
+func (a Account) GetPrivateKey() crypto.PrivateKey {
+	if privateKey, err := x509.ParsePKCS1PrivateKey(a.PrivateKey); err == nil {
+		return privateKey
+	}
+	log.Errorf("Cannot unmarshall private key %+v", a.PrivateKey)
+	return nil
+}
+
+// Certificate is used to store certificate info
+type Certificate struct {
+	Domain        string
+	CertURL       string
+	CertStableURL string
+	PrivateKey    []byte
+	Certificate   []byte
+}
+
+// DomainsCertificates stores a certificate for multiple domains
+type DomainsCertificates struct {
+	Certs []*DomainsCertificate
+	lock  *sync.RWMutex
+}
+
+func (dc *DomainsCertificates) init() error {
+	if dc.lock == nil {
+		dc.lock = &sync.RWMutex{}
+	}
+	dc.lock.Lock()
+	defer dc.lock.Unlock()
+	for _, domainsCertificate := range dc.Certs {
+		tlsCert, err := tls.X509KeyPair(domainsCertificate.Certificate.Certificate, domainsCertificate.Certificate.PrivateKey)
+		if err != nil {
+			return err
+		}
+		domainsCertificate.tlsCert = &tlsCert
+	}
+	return nil
+}
+
+func (dc *DomainsCertificates) renewCertificates(acmeCert *Certificate, domain Domain) error {
+	dc.lock.Lock()
+	defer dc.lock.Unlock()
+
+	for _, domainsCertificate := range dc.Certs {
+		if reflect.DeepEqual(domain, domainsCertificate.Domains) {
+			domainsCertificate.Certificate = acmeCert
+			tlsCert, err := tls.X509KeyPair(acmeCert.Certificate, acmeCert.PrivateKey)
+			if err != nil {
+				return err
+			}
+			domainsCertificate.tlsCert = &tlsCert
+			return nil
+		}
+	}
+	return errors.New("Certificate to renew not found for domain " + domain.Main)
+}
+
+func (dc *DomainsCertificates) addCertificateForDomains(acmeCert *Certificate, domain Domain) (*DomainsCertificate, error) {
+	dc.lock.Lock()
+	defer dc.lock.Unlock()
+
+	tlsCert, err := tls.X509KeyPair(acmeCert.Certificate, acmeCert.PrivateKey)
+	if err != nil {
+		return nil, err
+	}
+	cert := DomainsCertificate{Domains: domain, Certificate: acmeCert, tlsCert: &tlsCert}
+	dc.Certs = append(dc.Certs, &cert)
+	return &cert, nil
+}
+
+func (dc *DomainsCertificates) getCertificateForDomain(domainToFind string) (*DomainsCertificate, bool) {
+	dc.lock.RLock()
+	defer dc.lock.RUnlock()
+	for _, domainsCertificate := range dc.Certs {
+		domains := []string{}
+		domains = append(domains, domainsCertificate.Domains.Main)
+		domains = append(domains, domainsCertificate.Domains.SANs...)
+		for _, domain := range domains {
+			if domain == domainToFind {
+				return domainsCertificate, true
+			}
+		}
+	}
+	return nil, false
+}
+
+func (dc *DomainsCertificates) exists(domainToFind Domain) (*DomainsCertificate, bool) {
+	dc.lock.RLock()
+	defer dc.lock.RUnlock()
+	for _, domainsCertificate := range dc.Certs {
+		if reflect.DeepEqual(domainToFind, domainsCertificate.Domains) {
+			return domainsCertificate, true
+		}
+	}
+	return nil, false
+}
+
+// DomainsCertificate contains a certificate for multiple domains
+type DomainsCertificate struct {
+	Domains     Domain
+	Certificate *Certificate
+	tlsCert     *tls.Certificate
+}
+
+// ACME allows to connect to lets encrypt and retrieve certs
+type ACME struct {
+	Email       string
+	Domains     []Domain
+	StorageFile string
+	OnDemand    bool
+	CAServer    string
+	EntryPoint  string
+	storageLock sync.RWMutex
+}
+
+// Domain holds a domain name with SANs
+type Domain struct {
+	Main string
+	SANs []string
+}
+
+// CreateConfig creates a tls.config from using ACME configuration
+func (a *ACME) CreateConfig(tlsConfig *tls.Config, CheckOnDemandDomain func(domain string) bool) error {
+	acme.Logger = fmtlog.New(ioutil.Discard, "", 0)
+
+	if len(a.StorageFile) == 0 {
+		return errors.New("Empty StorageFile, please provide a filenmae for certs storage")
+	}
+
+	log.Debugf("Generating default certificate...")
+	if len(tlsConfig.Certificates) == 0 {
+		// no certificates in TLS config, so we add a default one
+		cert, err := generateDefaultCertificate()
+		if err != nil {
+			return err
+		}
+		tlsConfig.Certificates = append(tlsConfig.Certificates, *cert)
+	}
+	var account *Account
+	var needRegister bool
+
+	// if certificates in storage, load them
+	if fileInfo, err := os.Stat(a.StorageFile); err == nil && fileInfo.Size() != 0 {
+		log.Infof("Loading ACME certificates...")
+		// load account
+		account, err = a.loadAccount(a)
+		if err != nil {
+			return err
+		}
+	} else {
+		log.Infof("Generating ACME Account...")
+		// Create a user. New accounts need an email and private key to start
+		privateKey, err := rsa.GenerateKey(rand.Reader, 4096)
+		if err != nil {
+			return err
+		}
+		account = &Account{
+			Email:      a.Email,
+			PrivateKey: x509.MarshalPKCS1PrivateKey(privateKey),
+		}
+		account.DomainsCertificate = DomainsCertificates{Certs: []*DomainsCertificate{}, lock: &sync.RWMutex{}}
+		needRegister = true
+	}
+
+	client, err := a.buildACMEClient(account)
+	if err != nil {
+		return err
+	}
+	client.ExcludeChallenges([]acme.Challenge{acme.HTTP01, acme.DNS01})
+	wrapperChallengeProvider := newWrapperChallengeProvider()
+	client.SetChallengeProvider(acme.TLSSNI01, wrapperChallengeProvider)
+
+	if needRegister {
+		// New users will need to register; be sure to save it
+		reg, err := client.Register()
+		if err != nil {
+			return err
+		}
+		account.Registration = reg
+	}
+
+	// The client has a URL to the current Let's Encrypt Subscriber
+	// Agreement. The user will need to agree to it.
+	err = client.AgreeToTOS()
+	if err != nil {
+		return err
+	}
+
+	go a.retrieveCertificates(client, account)
+
+	tlsConfig.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
+		if challengeCert, ok := wrapperChallengeProvider.getCertificate(clientHello.ServerName); ok {
+			return challengeCert, nil
+		}
+		if domainCert, ok := account.DomainsCertificate.getCertificateForDomain(clientHello.ServerName); ok {
+			return domainCert.tlsCert, nil
+		}
+		if a.OnDemand {
+			if CheckOnDemandDomain != nil && !CheckOnDemandDomain(clientHello.ServerName) {
+				return nil, nil
+			}
+			return a.loadCertificateOnDemand(client, account, clientHello)
+		}
+		return nil, nil
+	}
+
+	ticker := time.NewTicker(24 * time.Hour)
+	go func() {
+		for {
+			select {
+			case <-ticker.C:
+
+				if err := a.renewCertificates(client, account); err != nil {
+					log.Errorf("Error renewing ACME certificate %+v: %s", account, err.Error())
+				}
+			}
+		}
+
+	}()
+	return nil
+}
+
+func (a *ACME) retrieveCertificates(client *acme.Client, account *Account) {
+	log.Infof("Retrieving ACME certificates...")
+	for _, domain := range a.Domains {
+		// check if cert isn't already loaded
+		if _, exists := account.DomainsCertificate.exists(domain); !exists {
+			domains := []string{}
+			domains = append(domains, domain.Main)
+			domains = append(domains, domain.SANs...)
+			certificateResource, err := a.getDomainsCertificates(client, domains)
+			if err != nil {
+				log.Errorf("Error getting ACME certificate for domain %s: %s", domains, err.Error())
+				continue
+			}
+			_, err = account.DomainsCertificate.addCertificateForDomains(certificateResource, domain)
+			if err != nil {
+				log.Errorf("Error adding ACME certificate for domain %s: %s", domains, err.Error())
+				continue
+			}
+			if err = a.saveAccount(account); err != nil {
+				log.Errorf("Error Saving ACME account %+v: %s", account, err.Error())
+				continue
+			}
+		}
+	}
+	log.Infof("Retrieved ACME certificates")
+}
+
+func (a *ACME) renewCertificates(client *acme.Client, account *Account) error {
+	for _, certificateResource := range account.DomainsCertificate.Certs {
+		// <= 7 days left, renew certificate
+		if certificateResource.tlsCert.Leaf.NotAfter.Before(time.Now().Add(time.Duration(24 * 7 * time.Hour))) {
+			log.Debugf("Renewing certificate %+v", certificateResource.Domains)
+			renewedCert, err := client.RenewCertificate(acme.CertificateResource{
+				Domain:        certificateResource.Certificate.Domain,
+				CertURL:       certificateResource.Certificate.CertURL,
+				CertStableURL: certificateResource.Certificate.CertStableURL,
+				PrivateKey:    certificateResource.Certificate.PrivateKey,
+				Certificate:   certificateResource.Certificate.Certificate,
+			}, false)
+			if err != nil {
+				return err
+			}
+			log.Debugf("Renewed certificate %+v", certificateResource.Domains)
+			renewedACMECert := &Certificate{
+				Domain:        renewedCert.Domain,
+				CertURL:       renewedCert.CertURL,
+				CertStableURL: renewedCert.CertStableURL,
+				PrivateKey:    renewedCert.PrivateKey,
+				Certificate:   renewedCert.Certificate,
+			}
+			err = account.DomainsCertificate.renewCertificates(renewedACMECert, certificateResource.Domains)
+			if err != nil {
+				return err
+			}
+			if err = a.saveAccount(account); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+func (a *ACME) buildACMEClient(Account *Account) (*acme.Client, error) {
+	caServer := "https://acme-v01.api.letsencrypt.org/directory"
+	if len(a.CAServer) > 0 {
+		caServer = a.CAServer
+	}
+	client, err := acme.NewClient(caServer, Account, acme.RSA4096)
+	if err != nil {
+		return nil, err
+	}
+
+	return client, nil
+}
+
+func (a *ACME) loadCertificateOnDemand(client *acme.Client, Account *Account, clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
+	if certificateResource, ok := Account.DomainsCertificate.getCertificateForDomain(clientHello.ServerName); ok {
+		return certificateResource.tlsCert, nil
+	}
+	Certificate, err := a.getDomainsCertificates(client, []string{clientHello.ServerName})
+	if err != nil {
+		return nil, err
+	}
+	log.Debugf("Got certificate on demand for domain %s", clientHello.ServerName)
+	cert, err := Account.DomainsCertificate.addCertificateForDomains(Certificate, Domain{Main: clientHello.ServerName})
+	if err != nil {
+		return nil, err
+	}
+	if err = a.saveAccount(Account); err != nil {
+		return nil, err
+	}
+	return cert.tlsCert, nil
+}
+
+func (a *ACME) loadAccount(acmeConfig *ACME) (*Account, error) {
+	a.storageLock.RLock()
+	defer a.storageLock.RUnlock()
+	Account := Account{
+		DomainsCertificate: DomainsCertificates{},
+	}
+	file, err := ioutil.ReadFile(acmeConfig.StorageFile)
+	if err != nil {
+		return nil, err
+	}
+	if err := json.Unmarshal(file, &Account); err != nil {
+		return nil, err
+	}
+	err = Account.DomainsCertificate.init()
+	if err != nil {
+		return nil, err
+	}
+	log.Infof("Loaded ACME config from storage %s", acmeConfig.StorageFile)
+	return &Account, nil
+}
+
+func (a *ACME) saveAccount(Account *Account) error {
+	a.storageLock.Lock()
+	defer a.storageLock.Unlock()
+	// write account to file
+	data, err := json.MarshalIndent(Account, "", "  ")
+	if err != nil {
+		return err
+	}
+	return ioutil.WriteFile(a.StorageFile, data, 0644)
+}
+
+func (a *ACME) getDomainsCertificates(client *acme.Client, domains []string) (*Certificate, error) {
+	log.Debugf("Loading ACME certificates %s...", domains)
+	bundle := false
+	certificate, failures := client.ObtainCertificate(domains, bundle, nil)
+	if len(failures) > 0 {
+		log.Error(failures)
+		return nil, fmt.Errorf("Cannot obtain certificates %s+v", failures)
+	}
+	log.Debugf("Loaded ACME certificates %s", domains)
+	return &Certificate{
+		Domain:        certificate.Domain,
+		CertURL:       certificate.CertURL,
+		CertStableURL: certificate.CertStableURL,
+		PrivateKey:    certificate.PrivateKey,
+		Certificate:   certificate.Certificate,
+	}, nil
+}
--- a/acme/challengeProvider.go
+++ b/acme/challengeProvider.go
@@ -0,0 +1,56 @@
+package acme
+
+import (
+	"crypto/tls"
+	"sync"
+
+	"crypto/x509"
+	"github.com/xenolf/lego/acme"
+)
+
+type wrapperChallengeProvider struct {
+	challengeCerts map[string]*tls.Certificate
+	lock           sync.RWMutex
+}
+
+func newWrapperChallengeProvider() *wrapperChallengeProvider {
+	return &wrapperChallengeProvider{
+		challengeCerts: map[string]*tls.Certificate{},
+	}
+}
+
+func (c *wrapperChallengeProvider) getCertificate(domain string) (cert *tls.Certificate, exists bool) {
+	c.lock.RLock()
+	defer c.lock.RUnlock()
+	if cert, ok := c.challengeCerts[domain]; ok {
+		return cert, true
+	}
+	return nil, false
+}
+
+func (c *wrapperChallengeProvider) Present(domain, token, keyAuth string) error {
+	cert, err := acme.TLSSNI01ChallengeCert(keyAuth)
+	if err != nil {
+		return err
+	}
+	cert.Leaf, err = x509.ParseCertificate(cert.Certificate[0])
+	if err != nil {
+		return err
+	}
+
+	c.lock.Lock()
+	defer c.lock.Unlock()
+	for i := range cert.Leaf.DNSNames {
+		c.challengeCerts[cert.Leaf.DNSNames[i]] = &cert
+	}
+
+	return nil
+
+}
+
+func (c *wrapperChallengeProvider) CleanUp(domain, token, keyAuth string) error {
+	c.lock.Lock()
+	defer c.lock.Unlock()
+	delete(c.challengeCerts, domain)
+	return nil
+}
--- a/acme/crypto.go
+++ b/acme/crypto.go
@@ -0,0 +1,78 @@
+package acme
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/hex"
+	"encoding/pem"
+	"fmt"
+	"math/big"
+	"time"
+)
+
+func generateDefaultCertificate() (*tls.Certificate, error) {
+	rsaPrivKey, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return nil, err
+	}
+	rsaPrivPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(rsaPrivKey)})
+
+	randomBytes := make([]byte, 100)
+	_, err = rand.Read(randomBytes)
+	if err != nil {
+		return nil, err
+	}
+	zBytes := sha256.Sum256(randomBytes)
+	z := hex.EncodeToString(zBytes[:sha256.Size])
+	domain := fmt.Sprintf("%s.%s.traefik.default", z[:32], z[32:])
+	tempCertPEM, err := generatePemCert(rsaPrivKey, domain)
+	if err != nil {
+		return nil, err
+	}
+
+	certificate, err := tls.X509KeyPair(tempCertPEM, rsaPrivPEM)
+	if err != nil {
+		return nil, err
+	}
+
+	return &certificate, nil
+}
+func generatePemCert(privKey *rsa.PrivateKey, domain string) ([]byte, error) {
+	derBytes, err := generateDerCert(privKey, time.Time{}, domain)
+	if err != nil {
+		return nil, err
+	}
+
+	return pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes}), nil
+}
+
+func generateDerCert(privKey *rsa.PrivateKey, expiration time.Time, domain string) ([]byte, error) {
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
+	if err != nil {
+		return nil, err
+	}
+
+	if expiration.IsZero() {
+		expiration = time.Now().Add(365)
+	}
+
+	template := x509.Certificate{
+		SerialNumber: serialNumber,
+		Subject: pkix.Name{
+			CommonName: "TRAEFIK DEFAULT CERT",
+		},
+		NotBefore: time.Now(),
+		NotAfter:  expiration,
+
+		KeyUsage:              x509.KeyUsageKeyEncipherment,
+		BasicConstraintsValid: true,
+		DNSNames:              []string{domain},
+	}
+
+	return x509.CreateCertificate(rand.Reader, &template, &template, &privKey.PublicKey, privKey)
+}
--- a/adapters.go
+++ b/adapters.go
@@ -7,7 +7,6 @@ import (
 	"net/http"

 	log "github.com/Sirupsen/logrus"
-	"github.com/gorilla/mux"
 )

 // OxyLogger implements oxy Logger interface with logrus.
@@ -33,10 +32,3 @@ func notFoundHandler(w http.ResponseWriter, r *http.Request) {
 	http.NotFound(w, r)
 	//templatesRenderer.HTML(w, http.StatusNotFound, "notFound", nil)
 }
-
-// LoadDefaultConfig returns a default gorrilla.mux router from the specified configuration.
-func LoadDefaultConfig(globalConfiguration *GlobalConfiguration) *mux.Router {
-	router := mux.NewRouter()
-	router.NotFoundHandler = http.HandlerFunc(notFoundHandler)
-	return router
-}
--- a/build.Dockerfile
+++ b/build.Dockerfile
@@ -1,13 +1,14 @@
-FROM golang:1.5.3
+FROM golang:1.6.0-alpine

-RUN go get github.com/Masterminds/glide
-RUN go get github.com/mitchellh/gox
-RUN go get github.com/tcnksm/ghr
-RUN go get github.com/jteeuwen/go-bindata/...
-RUN go get github.com/golang/lint/golint
+RUN apk update && apk add git bash gcc musl-dev \
+&& go get github.com/Masterminds/glide \
+&& go get github.com/mitchellh/gox \
+&& go get github.com/jteeuwen/go-bindata/... \
+&& go get github.com/golang/lint/golint \
+&& go get github.com/kisielk/errcheck

 # Which docker version to test on
-ENV DOCKER_VERSION 1.6.2
+ENV DOCKER_VERSION 1.10.1

 # enable GO15VENDOREXPERIMENT
 ENV GO15VENDOREXPERIMENT 1
@@ -20,9 +21,10 @@ RUN set -ex; \
 # Set the default Docker to be run
 RUN ln -s /usr/local/bin/docker-${DOCKER_VERSION} /usr/local/bin/docker

-WORKDIR /go/src/github.com/emilevauge/traefik
+WORKDIR /go/src/github.com/containous/traefik

 COPY glide.yaml glide.yaml
-RUN glide up --quick
+COPY glide.lock glide.lock
+RUN glide install

-COPY . /go/src/github.com/emilevauge/traefik
+COPY . /go/src/github.com/containous/traefik
--- a/cmd.go
+++ b/cmd.go
@@ -0,0 +1,219 @@
+/*
+Copyright
+*/
+package main
+
+import (
+	"encoding/json"
+	fmtlog "log"
+	"os"
+	"strings"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/containous/traefik/middlewares"
+	"github.com/containous/traefik/provider"
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+	"net/http"
+)
+
+var traefikCmd = &cobra.Command{
+	Use:   "traefik",
+	Short: "traefik, a modern reverse proxy",
+	Long: `traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease.
+Complete documentation is available at http://traefik.io`,
+	Run: func(cmd *cobra.Command, args []string) {
+		run()
+	},
+}
+var versionCmd = &cobra.Command{
+	Use:   "version",
+	Short: "Print version",
+	Long:  `Print version`,
+	Run: func(cmd *cobra.Command, args []string) {
+		fmtlog.Println(Version + " built on the " + BuildDate)
+		os.Exit(0)
+	},
+}
+
+var arguments = struct {
+	GlobalConfiguration
+	web           bool
+	file          bool
+	docker        bool
+	dockerTLS     bool
+	marathon      bool
+	consul        bool
+	consulTLS     bool
+	consulCatalog bool
+	zookeeper     bool
+	etcd          bool
+	etcdTLS       bool
+	boltdb        bool
+}{
+	GlobalConfiguration{
+		EntryPoints: make(EntryPoints),
+		Docker: &provider.Docker{
+			TLS: &provider.DockerTLS{},
+		},
+		File:     &provider.File{},
+		Web:      &WebProvider{},
+		Marathon: &provider.Marathon{},
+		Consul: &provider.Consul{
+			Kv: provider.Kv{
+				TLS: &provider.KvTLS{},
+			},
+		},
+		ConsulCatalog: &provider.ConsulCatalog{},
+		Zookeeper:     &provider.Zookepper{},
+		Etcd: &provider.Etcd{
+			Kv: provider.Kv{
+				TLS: &provider.KvTLS{},
+			},
+		},
+		Boltdb: &provider.BoltDb{},
+	},
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+	false,
+}
+
+func init() {
+	traefikCmd.AddCommand(versionCmd)
+	traefikCmd.PersistentFlags().StringP("configFile", "c", "", "Configuration file to use (TOML, JSON, YAML, HCL).")
+	traefikCmd.PersistentFlags().StringP("graceTimeOut", "g", "10", "Timeout in seconds. Duration to give active requests a chance to finish during hot-reloads")
+	traefikCmd.PersistentFlags().String("accessLogsFile", "log/access.log", "Access logs file")
+	traefikCmd.PersistentFlags().String("traefikLogsFile", "log/traefik.log", "Traefik logs file")
+	traefikCmd.PersistentFlags().Var(&arguments.EntryPoints, "entryPoints", "Entrypoints definition using format: --entryPoints='Name:http Address::8000 Redirect.EntryPoint:https' --entryPoints='Name:https Address::4442 TLS:tests/traefik.crt,tests/traefik.key'")
+	traefikCmd.PersistentFlags().Var(&arguments.DefaultEntryPoints, "defaultEntryPoints", "Entrypoints to be used by frontends that do not specify any entrypoint")
+	traefikCmd.PersistentFlags().StringP("logLevel", "l", "ERROR", "Log level")
+	traefikCmd.PersistentFlags().DurationVar(&arguments.ProvidersThrottleDuration, "providersThrottleDuration", time.Duration(2*time.Second), "Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time.")
+	traefikCmd.PersistentFlags().Int("maxIdleConnsPerHost", 0, "If non-zero, controls the maximum idle (keep-alive) to keep per-host.  If zero, DefaultMaxIdleConnsPerHost is used")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.web, "web", false, "Enable Web backend")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Web.Address, "web.address", ":8080", "Web administration port")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Web.CertFile, "web.cerFile", "", "SSL certificate")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Web.KeyFile, "web.keyFile", "", "SSL certificate")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Web.ReadOnly, "web.readOnly", false, "Enable read only API")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.file, "file", false, "Enable File backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.File.Watch, "file.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.File.Filename, "file.filename", "", "Override default configuration template. For advanced users :)")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.docker, "docker", false, "Enable Docker backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Docker.Watch, "docker.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Docker.Filename, "docker.filename", "", "Override default configuration template. For advanced users :)")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Docker.Endpoint, "docker.endpoint", "unix:///var/run/docker.sock", "Docker server endpoint. Can be a tcp or a unix socket endpoint")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Docker.Domain, "docker.domain", "", "Default domain used")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.dockerTLS, "docker.tls", false, "Enable Docker TLS support")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Docker.TLS.CA, "docker.tls.ca", "", "TLS CA")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Docker.TLS.Cert, "docker.tls.cert", "", "TLS cert")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Docker.TLS.Key, "docker.tls.key", "", "TLS key")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Docker.TLS.InsecureSkipVerify, "docker.tls.insecureSkipVerify", false, "TLS insecure skip verify")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.marathon, "marathon", false, "Enable Marathon backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Marathon.Watch, "marathon.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Marathon.Filename, "marathon.filename", "", "Override default configuration template. For advanced users :)")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Marathon.Endpoint, "marathon.endpoint", "http://127.0.0.1:8080", "Marathon server endpoint. You can also specify multiple endpoint for Marathon")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Marathon.Domain, "marathon.domain", "", "Default domain used")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Marathon.ExposedByDefault, "marathon.exposedByDefault", true, "Expose Marathon apps by default")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.consul, "consul", false, "Enable Consul backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Consul.Watch, "consul.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Consul.Filename, "consul.filename", "", "Override default configuration template. For advanced users :)")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Consul.Endpoint, "consul.endpoint", "127.0.0.1:8500", "Comma sepparated Consul server endpoints")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Consul.Prefix, "consul.prefix", "/traefik", "Prefix used for KV store")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.consulTLS, "consul.tls", false, "Enable Consul TLS support")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Consul.TLS.CA, "consul.tls.ca", "", "TLS CA")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Consul.TLS.Cert, "consul.tls.cert", "", "TLS cert")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Consul.TLS.Key, "consul.tls.key", "", "TLS key")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Consul.TLS.InsecureSkipVerify, "consul.tls.insecureSkipVerify", false, "TLS insecure skip verify")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.consulCatalog, "consulCatalog", false, "Enable Consul catalog backend")
+	traefikCmd.PersistentFlags().StringVar(&arguments.ConsulCatalog.Domain, "consulCatalog.domain", "", "Default domain used")
+	traefikCmd.PersistentFlags().StringVar(&arguments.ConsulCatalog.Endpoint, "consulCatalog.endpoint", "127.0.0.1:8500", "Consul server endpoint")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.zookeeper, "zookeeper", false, "Enable Zookeeper backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Zookeeper.Watch, "zookeeper.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Zookeeper.Filename, "zookeeper.filename", "", "Override default configuration template. For advanced users :)")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Zookeeper.Endpoint, "zookeeper.endpoint", "127.0.0.1:2181", "Comma sepparated Zookeeper server endpoints")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Zookeeper.Prefix, "zookeeper.prefix", "/traefik", "Prefix used for KV store")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.etcd, "etcd", false, "Enable Etcd backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Etcd.Watch, "etcd.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Etcd.Filename, "etcd.filename", "", "Override default configuration template. For advanced users :)")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Etcd.Endpoint, "etcd.endpoint", "127.0.0.1:4001", "Comma sepparated Etcd server endpoints")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Etcd.Prefix, "etcd.prefix", "/traefik", "Prefix used for KV store")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.etcdTLS, "etcd.tls", false, "Enable Etcd TLS support")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Etcd.TLS.CA, "etcd.tls.ca", "", "TLS CA")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Etcd.TLS.Cert, "etcd.tls.cert", "", "TLS cert")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Etcd.TLS.Key, "etcd.tls.key", "", "TLS key")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Etcd.TLS.InsecureSkipVerify, "etcd.tls.insecureSkipVerify", false, "TLS insecure skip verify")
+
+	traefikCmd.PersistentFlags().BoolVar(&arguments.boltdb, "boltdb", false, "Enable Boltdb backend")
+	traefikCmd.PersistentFlags().BoolVar(&arguments.Boltdb.Watch, "boltdb.watch", true, "Watch provider")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Boltdb.Filename, "boltdb.filename", "", "Override default configuration template. For advanced users :)")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Boltdb.Endpoint, "boltdb.endpoint", "127.0.0.1:4001", "Boltdb server endpoint")
+	traefikCmd.PersistentFlags().StringVar(&arguments.Boltdb.Prefix, "boltdb.prefix", "/traefik", "Prefix used for KV store")
+
+	_ = viper.BindPFlag("configFile", traefikCmd.PersistentFlags().Lookup("configFile"))
+	_ = viper.BindPFlag("graceTimeOut", traefikCmd.PersistentFlags().Lookup("graceTimeOut"))
+	_ = viper.BindPFlag("logLevel", traefikCmd.PersistentFlags().Lookup("logLevel"))
+	// TODO: wait for this issue to be corrected: https://github.com/spf13/viper/issues/105
+	_ = viper.BindPFlag("providersThrottleDuration", traefikCmd.PersistentFlags().Lookup("providersThrottleDuration"))
+	_ = viper.BindPFlag("maxIdleConnsPerHost", traefikCmd.PersistentFlags().Lookup("maxIdleConnsPerHost"))
+	viper.SetDefault("providersThrottleDuration", time.Duration(2*time.Second))
+	viper.SetDefault("logLevel", "ERROR")
+	viper.SetDefault("MaxIdleConnsPerHost", 200)
+}
+
+func run() {
+	fmtlog.SetFlags(fmtlog.Lshortfile | fmtlog.LstdFlags)
+
+	// load global configuration
+	globalConfiguration := LoadConfiguration()
+
+	http.DefaultTransport.(*http.Transport).MaxIdleConnsPerHost = globalConfiguration.MaxIdleConnsPerHost
+	loggerMiddleware := middlewares.NewLogger(globalConfiguration.AccessLogsFile)
+	defer loggerMiddleware.Close()
+
+	// logging
+	level, err := log.ParseLevel(strings.ToLower(globalConfiguration.LogLevel))
+	if err != nil {
+		log.Fatal("Error getting level", err)
+	}
+	log.SetLevel(level)
+
+	if len(globalConfiguration.TraefikLogsFile) > 0 {
+		fi, err := os.OpenFile(globalConfiguration.TraefikLogsFile, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0666)
+		defer func() {
+			if err := fi.Close(); err != nil {
+				log.Error("Error closinf file", err)
+			}
+		}()
+		if err != nil {
+			log.Fatal("Error opening file", err)
+		} else {
+			log.SetOutput(fi)
+			log.SetFormatter(&log.TextFormatter{DisableColors: true, FullTimestamp: true, DisableSorting: true})
+		}
+	} else {
+		log.SetFormatter(&log.TextFormatter{FullTimestamp: true, DisableSorting: true})
+	}
+	jsonConf, _ := json.Marshal(globalConfiguration)
+	log.Debugf("Global configuration loaded %s", string(jsonConf))
+	server := NewServer(*globalConfiguration)
+	server.Start()
+	defer server.Close()
+	log.Info("Shutting down")
+}
--- a/configuration.go
+++ b/configuration.go
@@ -1,59 +1,298 @@
 package main

 import (
+	"errors"
+	"fmt"
 	fmtlog "log"
+	"regexp"
+	"strings"
 	"time"

-	"github.com/BurntSushi/toml"
-	"github.com/emilevauge/traefik/provider"
-	"github.com/emilevauge/traefik/types"
+	"github.com/containous/traefik/acme"
+	"github.com/containous/traefik/provider"
+	"github.com/containous/traefik/types"
+	"github.com/mitchellh/mapstructure"
+	"github.com/spf13/viper"
 )

 // GlobalConfiguration holds global configuration (with providers, etc.).
 // It's populated from the traefik configuration file passed as an argument to the binary.
 type GlobalConfiguration struct {
-	Port                      string
 	GraceTimeOut              int64
 	AccessLogsFile            string
 	TraefikLogsFile           string
-	Certificates              []Certificate
 	LogLevel                  string
+	EntryPoints               EntryPoints
+	ACME                      *acme.ACME
+	DefaultEntryPoints        DefaultEntryPoints
 	ProvidersThrottleDuration time.Duration
+	MaxIdleConnsPerHost       int
+	Retry                     *Retry
 	Docker                    *provider.Docker
 	File                      *provider.File
 	Web                       *WebProvider
 	Marathon                  *provider.Marathon
 	Consul                    *provider.Consul
+	ConsulCatalog             *provider.ConsulCatalog
 	Etcd                      *provider.Etcd
 	Zookeeper                 *provider.Zookepper
 	Boltdb                    *provider.BoltDb
 }

+// DefaultEntryPoints holds default entry points
+type DefaultEntryPoints []string
+
+// String is the method to format the flag's value, part of the flag.Value interface.
+// The String method's output will be used in diagnostics.
+func (dep *DefaultEntryPoints) String() string {
+	return fmt.Sprintf("%#v", dep)
+}
+
+// Set is the method to set the flag value, part of the flag.Value interface.
+// Set's argument is a string to be parsed to set the flag.
+// It's a comma-separated list, so we split it.
+func (dep *DefaultEntryPoints) Set(value string) error {
+	entrypoints := strings.Split(value, ",")
+	if len(entrypoints) == 0 {
+		return errors.New("Bad DefaultEntryPoints format: " + value)
+	}
+	for _, entrypoint := range entrypoints {
+		*dep = append(*dep, entrypoint)
+	}
+	return nil
+}
+
+// Type is type of the struct
+func (dep *DefaultEntryPoints) Type() string {
+	return fmt.Sprint("defaultentrypoints²")
+}
+
+// EntryPoints holds entry points configuration of the reverse proxy (ip, port, TLS...)
+type EntryPoints map[string]*EntryPoint
+
+// String is the method to format the flag's value, part of the flag.Value interface.
+// The String method's output will be used in diagnostics.
+func (ep *EntryPoints) String() string {
+	return ""
+}
+
+// Set is the method to set the flag value, part of the flag.Value interface.
+// Set's argument is a string to be parsed to set the flag.
+// It's a comma-separated list, so we split it.
+func (ep *EntryPoints) Set(value string) error {
+	regex := regexp.MustCompile("(?:Name:(?P<Name>\\S*))\\s*(?:Address:(?P<Address>\\S*))?\\s*(?:TLS:(?P<TLS>\\S*))?\\s*(?:Redirect.EntryPoint:(?P<RedirectEntryPoint>\\S*))?\\s*(?:Redirect.Regex:(?P<RedirectRegex>\\S*))?\\s*(?:Redirect.Replacement:(?P<RedirectReplacement>\\S*))?")
+	match := regex.FindAllStringSubmatch(value, -1)
+	if match == nil {
+		return errors.New("Bad EntryPoints format: " + value)
+	}
+	matchResult := match[0]
+	result := make(map[string]string)
+	for i, name := range regex.SubexpNames() {
+		if i != 0 {
+			result[name] = matchResult[i]
+		}
+	}
+	var tls *TLS
+	if len(result["TLS"]) > 0 {
+		certs := Certificates{}
+		if err := certs.Set(result["TLS"]); err != nil {
+			return err
+		}
+		tls = &TLS{
+			Certificates: certs,
+		}
+	}
+	var redirect *Redirect
+	if len(result["RedirectEntryPoint"]) > 0 || len(result["RedirectRegex"]) > 0 || len(result["RedirectReplacement"]) > 0 {
+		redirect = &Redirect{
+			EntryPoint:  result["RedirectEntryPoint"],
+			Regex:       result["RedirectRegex"],
+			Replacement: result["RedirectReplacement"],
+		}
+	}
+
+	(*ep)[result["Name"]] = &EntryPoint{
+		Address:  result["Address"],
+		TLS:      tls,
+		Redirect: redirect,
+	}
+
+	return nil
+}
+
+// Type is type of the struct
+func (ep *EntryPoints) Type() string {
+	return fmt.Sprint("entrypoints²")
+}
+
+// EntryPoint holds an entry point configuration of the reverse proxy (ip, port, TLS...)
+type EntryPoint struct {
+	Network  string
+	Address  string
+	TLS      *TLS
+	Redirect *Redirect
+}
+
+// Redirect configures a redirection of an entry point to another, or to an URL
+type Redirect struct {
+	EntryPoint  string
+	Regex       string
+	Replacement string
+}
+
+// TLS configures TLS for an entry point
+type TLS struct {
+	Certificates Certificates
+}
+
+// Certificates defines traefik certificates type
+type Certificates []Certificate
+
+// String is the method to format the flag's value, part of the flag.Value interface.
+// The String method's output will be used in diagnostics.
+func (certs *Certificates) String() string {
+	if len(*certs) == 0 {
+		return ""
+	}
+	return (*certs)[0].CertFile + "," + (*certs)[0].KeyFile
+}
+
+// Set is the method to set the flag value, part of the flag.Value interface.
+// Set's argument is a string to be parsed to set the flag.
+// It's a comma-separated list, so we split it.
+func (certs *Certificates) Set(value string) error {
+	files := strings.Split(value, ",")
+	if len(files) != 2 {
+		return errors.New("Bad certificates format: " + value)
+	}
+	*certs = append(*certs, Certificate{
+		CertFile: files[0],
+		KeyFile:  files[1],
+	})
+	return nil
+}
+
+// Type is type of the struct
+func (certs *Certificates) Type() string {
+	return fmt.Sprint("certificates")
+}
+
 // Certificate holds a SSL cert/key pair
 type Certificate struct {
 	CertFile string
 	KeyFile  string
 }

-// NewGlobalConfiguration returns a GlobalConfiguration with default values.
-func NewGlobalConfiguration() *GlobalConfiguration {
-	globalConfiguration := new(GlobalConfiguration)
-	// default values
-	globalConfiguration.Port = ":80"
-	globalConfiguration.GraceTimeOut = 10
-	globalConfiguration.LogLevel = "ERROR"
-	globalConfiguration.ProvidersThrottleDuration = time.Duration(2 * time.Second)
-
-	return globalConfiguration
+// Retry contains request retry config
+type Retry struct {
+	Attempts int
+	MaxMem   int64
 }

-// LoadFileConfig returns a GlobalConfiguration from reading the specified file (a toml file).
-func LoadFileConfig(file string) *GlobalConfiguration {
+// NewGlobalConfiguration returns a GlobalConfiguration with default values.
+func NewGlobalConfiguration() *GlobalConfiguration {
+	return new(GlobalConfiguration)
+}
+
+// LoadConfiguration returns a GlobalConfiguration.
+func LoadConfiguration() *GlobalConfiguration {
 	configuration := NewGlobalConfiguration()
-	if _, err := toml.DecodeFile(file, configuration); err != nil {
+	viper.SetEnvPrefix("traefik")
+	viper.SetConfigType("toml")
+	viper.AutomaticEnv()
+	if len(viper.GetString("configFile")) > 0 {
+		viper.SetConfigFile(viper.GetString("configFile"))
+	} else {
+		viper.SetConfigName("traefik") // name of config file (without extension)
+	}
+	viper.AddConfigPath("/etc/traefik/")   // path to look for the config file in
+	viper.AddConfigPath("$HOME/.traefik/") // call multiple times to add many search paths
+	viper.AddConfigPath(".")               // optionally look for config in the working directory
+	if err := viper.ReadInConfig(); err != nil {
 		fmtlog.Fatalf("Error reading file: %s", err)
 	}
+
+	if len(arguments.EntryPoints) > 0 {
+		viper.Set("entryPoints", arguments.EntryPoints)
+	}
+	if len(arguments.DefaultEntryPoints) > 0 {
+		viper.Set("defaultEntryPoints", arguments.DefaultEntryPoints)
+	}
+	if arguments.web {
+		viper.Set("web", arguments.Web)
+	}
+	if arguments.file {
+		viper.Set("file", arguments.File)
+	}
+	if !arguments.dockerTLS {
+		arguments.Docker.TLS = nil
+	}
+	if arguments.docker {
+		viper.Set("docker", arguments.Docker)
+	}
+	if arguments.marathon {
+		viper.Set("marathon", arguments.Marathon)
+	}
+	if !arguments.consulTLS {
+		arguments.Consul.TLS = nil
+	}
+	if arguments.consul {
+		viper.Set("consul", arguments.Consul)
+	}
+	if arguments.consulCatalog {
+		viper.Set("consulCatalog", arguments.ConsulCatalog)
+	}
+	if arguments.zookeeper {
+		viper.Set("zookeeper", arguments.Zookeeper)
+	}
+	if !arguments.etcdTLS {
+		arguments.Etcd.TLS = nil
+	}
+	if arguments.etcd {
+		viper.Set("etcd", arguments.Etcd)
+	}
+	if arguments.boltdb {
+		viper.Set("boltdb", arguments.Boltdb)
+	}
+	if err := unmarshal(&configuration); err != nil {
+
+		fmtlog.Fatalf("Error reading file: %s", err)
+	}
+
+	if len(configuration.EntryPoints) == 0 {
+		configuration.EntryPoints = make(map[string]*EntryPoint)
+		configuration.EntryPoints["http"] = &EntryPoint{
+			Address: ":80",
+		}
+		configuration.DefaultEntryPoints = []string{"http"}
+	}
+
+	if configuration.File != nil && len(configuration.File.Filename) == 0 {
+		// no filename, setting to global config file
+		configuration.File.Filename = viper.ConfigFileUsed()
+	}
+
 	return configuration
 }

+func unmarshal(rawVal interface{}) error {
+	config := &mapstructure.DecoderConfig{
+		DecodeHook:       mapstructure.StringToTimeDurationHookFunc(),
+		Metadata:         nil,
+		Result:           rawVal,
+		WeaklyTypedInput: true,
+	}
+
+	decoder, err := mapstructure.NewDecoder(config)
+	if err != nil {
+		return err
+	}
+
+	err = decoder.Decode(viper.AllSettings())
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
 type configs map[string]*types.Configuration
--- a/contrib/systemd/traefik.service
+++ b/contrib/systemd/traefik.service
@@ -2,5 +2,5 @@
 Description=Traefik

 [Service]
-ExecStart=/usr/bin/traefik /etc/traefik.toml
+ExecStart=/usr/bin/traefik --configFile=/etc/traefik.toml
 Restart=on-failure
--- a/docs/img/apollo-logo.png
+++ b/docs/img/apollo-logo.png
--- a/docs/img/asteris.logo.png
+++ b/docs/img/asteris.logo.png
--- a/docs/img/mantl-logo.png
+++ b/docs/img/mantl-logo.png
--- a/docs/img/zenika.logo.png
+++ b/docs/img/zenika.logo.png
--- a/docs/index.md
+++ b/docs/index.md
@@ -1,19 +1,22 @@
-![Træfɪk](http://traefik.github.io/traefik.logo.svg "Træfɪk")
-___
-
+<p align="center">
+<img src="http://traefik.github.io/traefik.logo.svg" alt="Træfɪk" title="Træfɪk" />
+</p>

 # <a id="top"></a> Documentation

 - [Basics](#basics)
+- [Launch configuration](#launch)
 - [Global configuration](#global)
 - [File backend](#file)
 - [API backend](#api)
 - [Docker backend](#docker)
 - [Mesos/Marathon backend](#marathon)
 - [Consul backend](#consul)
+- [Consul catalog backend](#consulcatalog)
 - [Etcd backend](#etcd)
 - [Zookeeper backend](#zk)
 - [Boltdb backend](#boltdb)
+- [Atomic configuration changes](#atomicconfig)
 - [Benchmarks](#benchmarks)


@@ -34,7 +37,9 @@ Frontends can be defined using the following rules:
 - `Host`: Host adds a matcher for the URL host. It accepts a template with zero or more URL variables enclosed by `{}`. Variables can define an optional regexp pattern to be matched: `www.traefik.io`, `{subdomain:[a-z]+}.traefik.io`
 - `Methods`: Methods adds a matcher for HTTP methods. It accepts a sequence of one or more methods to be matched, e.g.: `GET`, `POST`, `PUT`
 - `Path`: Path adds a matcher for the URL path. It accepts a template with zero or more URL variables enclosed by `{}`. The template must start with a `/`. For exemple `/products/` `/articles/{category}/{id:[0-9]+}`
+- `PathStrip`: Same as `Path` but strip the given prefix from the request URL's Path.
 - `PathPrefix`: PathPrefix adds a matcher for the URL path prefix. This matches if the given template is a prefix of the full URL path.
+- `PathPrefixStrip`: Same as `PathPrefix` but strip the given prefix from the request URL's Path.


 A frontend is a set of rules that forwards the incoming http traffic to a backend.
@@ -49,15 +54,127 @@ Various methods of load-balancing is supported:
 - `drr`: Dynamic Round Robin: increases weights on servers that perform better than others. It also rolls back to original weights if the servers have changed.

 A circuit breaker can also be applied to a backend, preventing high loads on failing servers.
+Initial state is Standby. CB observes the statistics and does not modify the request.
+In case if condition matches, CB enters Tripped state, where it responds with predefines code or redirects to another frontend.
+Once Tripped timer expires, CB enters Recovering state and resets all stats.
+In case if the condition does not match and recovery timer expries, CB enters Standby state.
+
 It can be configured using:

 - Methods: `LatencyAtQuantileMS`, `NetworkErrorRatio`, `ResponseCodeRatio`
 - Operators:  `AND`, `OR`, `EQ`, `NEQ`, `LT`, `LE`, `GT`, `GE`

 For example:
- `NetworkErrorRatio() > 0.5`
- `LatencyAtQuantileMS(50.0) > 50`
- `ResponseCodeRatio(500, 600, 0, 600) > 0.5`
+- `NetworkErrorRatio() > 0.5`: watch error ratio over 10 second sliding window for a frontend
+- `LatencyAtQuantileMS(50.0) > 50`:  watch latency at quantile in milliseconds.
+- `ResponseCodeRatio(500, 600, 0, 600) > 0.5`: ratio of response codes in range [500-600) to  [0-600)
+
+
+## <a id="launch"></a> Launch configuration
+
+Træfɪk can be configured using a TOML file configuration, arguments, or both.
+By default, Træfɪk will try to find a `traefik.toml` in the following places:
+- `/etc/traefik/`
+- `$HOME/.traefik/`
+- `.` the working directory
+
+You can override this by setting a `configFile` argument:
+
+```bash
+$ traefik --configFile=foo/bar/myconfigfile.toml
+```
+
+Træfɪk uses the following precedence order. Each item takes precedence over the item below it:
+
+- arguments
+- configuration file
+- default
+
+It means that arguments overrides configuration file.
+Each argument is described in the help section:
+
+```bash
+$ traefik --help
+traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease.
+Complete documentation is available at http://traefik.io
+
+Usage:
+  traefik [flags]
+  traefik [command]
+
+Available Commands:
+  version     Print version
+
+Flags:
+      --accessLogsFile string                Access logs file (default "log/access.log")
+      --boltdb                               Enable Boltdb backend
+      --boltdb.endpoint string               Boltdb server endpoint (default "127.0.0.1:4001")
+      --boltdb.filename string               Override default configuration template. For advanced users :)
+      --boltdb.prefix string                 Prefix used for KV store (default "/traefik")
+      --boltdb.watch                         Watch provider (default true)
+  -c, --configFile string                    Configuration file to use (TOML, JSON, YAML, HCL).
+      --consul                               Enable Consul backend
+      --consul.endpoint string               Comma sepparated Consul server endpoints (default "127.0.0.1:8500")
+      --consul.filename string               Override default configuration template. For advanced users :)
+      --consul.prefix string                 Prefix used for KV store (default "/traefik")
+      --consul.tls                           Enable Consul TLS support
+      --consul.tls.ca string                 TLS CA
+      --consul.tls.cert string               TLS cert
+      --consul.tls.insecureSkipVerify        TLS insecure skip verify
+      --consul.tls.key string                TLS key
+      --consul.watch                         Watch provider (default true)
+      --consulCatalog                        Enable Consul catalog backend
+      --consulCatalog.domain string          Default domain used
+      --consulCatalog.endpoint string        Consul server endpoint (default "127.0.0.1:8500")
+      --defaultEntryPoints value             Entrypoints to be used by frontends that do not specify any entrypoint (default &main.DefaultEntryPoints(nil))
+      --docker                               Enable Docker backend
+      --docker.domain string                 Default domain used
+      --docker.endpoint string               Docker server endpoint. Can be a tcp or a unix socket endpoint (default "unix:///var/run/docker.sock")
+      --docker.filename string               Override default configuration template. For advanced users :)
+      --docker.tls                           Enable Docker TLS support
+      --docker.tls.ca string                 TLS CA
+      --docker.tls.cert string               TLS cert
+      --docker.tls.insecureSkipVerify        TLS insecure skip verify
+      --docker.tls.key string                TLS key
+      --docker.watch                         Watch provider (default true)
+      --entryPoints value                    Entrypoints definition using format: --entryPoints='Name:http Address::8000 Redirect.EntryPoint:https' --entryPoints='Name:https Address::4442 TLS:tests/traefik.crt,tests/traefik.key'
+      --etcd                                 Enable Etcd backend
+      --etcd.endpoint string                 Comma sepparated Etcd server endpoints (default "127.0.0.1:4001")
+      --etcd.filename string                 Override default configuration template. For advanced users :)
+      --etcd.prefix string                   Prefix used for KV store (default "/traefik")
+      --etcd.tls                             Enable Etcd TLS support
+      --etcd.tls.ca string                   TLS CA
+      --etcd.tls.cert string                 TLS cert
+      --etcd.tls.insecureSkipVerify          TLS insecure skip verify
+      --etcd.tls.key string                  TLS key
+      --etcd.watch                           Watch provider (default true)
+      --file                                 Enable File backend
+      --file.filename string                 Override default configuration template. For advanced users :)
+      --file.watch                           Watch provider (default true)
+  -g, --graceTimeOut string                  Timeout in seconds. Duration to give active requests a chance to finish during hot-reloads (default "10")
+  -l, --logLevel string                      Log level (default "ERROR")
+      --marathon                             Enable Marathon backend
+      --marathon.domain string               Default domain used
+      --marathon.endpoint string             Marathon server endpoint. You can also specify multiple endpoint for Marathon (default "http://127.0.0.1:8080")
+      --marathon.exposedByDefault            Expose Marathon apps by default (default true)
+      --marathon.filename string             Override default configuration template. For advanced users :)
+      --marathon.watch                       Watch provider (default true)
+      --maxIdleConnsPerHost int              If non-zero, controls the maximum idle (keep-alive) to keep per-host.  If zero, DefaultMaxIdleConnsPerHost is used
+      --providersThrottleDuration duration   Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time. (default 2s)
+      --traefikLogsFile string               Traefik logs file (default "log/traefik.log")
+      --web                                  Enable Web backend
+      --web.address string                   Web administration port (default ":8080")
+      --web.cerFile string                   SSL certificate
+      --web.keyFile string                   SSL certificate
+      --web.readOnly                         Enable read only API
+      --zookeeper                            Enable Zookeeper backend
+      --zookeeper.endpoint string            Comma sepparated Zookeeper server endpoints (default "127.0.0.1:2181")
+      --zookeeper.filename string            Override default configuration template. For advanced users :)
+      --zookeeper.prefix string              Prefix used for KV store (default "/traefik")
+      --zookeeper.watch                      Watch provider (default true)
+
+Use "traefik [command] --help" for more information about a command.
+```

 ## <a id="global"></a> Global configuration

@@ -67,13 +184,6 @@ For example:
 # Global configuration
 ################################################################

-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-
 # Timeout in seconds.
 # Duration to give active requests a chance to finish during hot-reloads
 #
@@ -102,15 +212,6 @@ For example:
 #
 # logLevel = "ERROR"

-# SSL certificates and keys
-# You may add several certificate/key pairs to terminate HTTPS for multiple domain names using TLS SNI
-#
-# Optional
-#
-# [[certificates]]
-# CertFile = "traefik.crt"
-# KeyFile = "traefik.key"
-
 # Backends throttle duration: minimum duration between 2 events from providers
 # before applying a new configuration. It avoids unnecessary reloads if multiples events
 # are sent in a short amount of time.
@@ -120,6 +221,231 @@ For example:
 #
 # ProvidersThrottleDuration = "5s"

+# If non-zero, controls the maximum idle (keep-alive) to keep per-host.  If zero, DefaultMaxIdleConnsPerHost is used.
+# If you encounter 'too many open files' errors, you can either change this value, or change `ulimit` value.
+#
+# Optional
+# Default: http.DefaultMaxIdleConnsPerHost
+#
+# MaxIdleConnsPerHost = 200
+
+# Entrypoints to be used by frontends that do not specify any entrypoint.
+# Each frontend can specify its own entrypoints.
+#
+# Optional
+# Default: ["http"]
+#
+# defaultEntryPoints = ["http", "https"]
+
+# Enable ACME (Let's Encrypt): automatic SSL
+#
+# Optional
+#
+# [acme]
+
+# Email address used for registration
+#
+# Required
+#
+# email = "test@traefik.io"
+
+# File used for certificates storage.
+# WARNING, if you use Traefik in Docker, don't forget to mount this file as a volume.
+#
+# Required
+#
+# storageFile = "acme.json"
+
+# Entrypoint to proxy acme challenge to.
+# WARNING, must point to an entrypoint on port 443 
+#
+# Required
+#
+# entryPoint = "https"
+
+# Enable on demand certificate. This will request a certificate from Let's Encrypt during the first TLS handshake for a hostname that does not yet have a certificate.
+# WARNING, TLS handshakes will be slow when requesting a hostname certificate for the first time, this can leads to DoS attacks.
+# WARNING, Take note that Let's Encrypt have rate limiting: https://community.letsencrypt.org/t/quick-start-guide/1631
+#
+# Optional
+#
+# onDemand = true
+
+# CA server to use
+# Uncomment the line to run on the staging let's encrypt server
+# Leave comment to go to prod
+#
+# Optional
+#
+# caServer = "https://acme-staging.api.letsencrypt.org/directory"
+
+# Domains list
+# You can provide SANs (alternative domains) to each main domain
+# WARNING, Take note that Let's Encrypt have rate limiting: https://community.letsencrypt.org/t/quick-start-guide/1631
+# Each domain & SANs will lead to a certificate request.
+#
+# [[acme.domains]]
+#   main = "local1.com"
+#   sans = ["test1.local1.com", "test2.local1.com"]
+# [[acme.domains]]
+#   main = "local2.com"
+#   sans = ["test1.local2.com", "test2x.local2.com"]
+# [[acme.domains]]
+#   main = "local3.com"
+# [[acme.domains]]
+#   main = "local4.com"
+
+
+# Entrypoints definition
+#
+# Optional
+# Default:
+# [entryPoints]
+#   [entryPoints.http]
+#   address = ":80"
+#
+# To redirect an http entrypoint to an https entrypoint (with SNI support):
+# [entryPoints]
+#   [entryPoints.http]
+#   address = ":80"
+#     [entryPoints.http.redirect]
+#       entryPoint = "https"
+#   [entryPoints.https]
+#   address = ":443"
+#     [entryPoints.https.tls]
+#       [[entryPoints.https.tls.certificates]]
+#       CertFile = "integration/fixtures/https/snitest.com.cert"
+#       KeyFile = "integration/fixtures/https/snitest.com.key"
+#       [[entryPoints.https.tls.certificates]]
+#       CertFile = "integration/fixtures/https/snitest.org.cert"
+#       KeyFile = "integration/fixtures/https/snitest.org.key"
+#
+# To redirect an entrypoint rewriting the URL:
+# [entryPoints]
+#   [entryPoints.http]
+#   address = ":80"
+#     [entryPoints.http.redirect]
+#       regex = "^http://localhost/(.*)"
+#       replacement = "http://mydomain/$1"
+
+# Enable retry sending request if network error
+#
+# Optional
+#
+# [retry]
+
+# Number of attempts
+#
+# Optional
+# Default: (number servers in backend) -1
+#
+# attempts = 3
+
+# Sets the maximum request body to be stored in memory in Mo
+#
+# Optional
+# Default: 2
+#
+# maxMem = 3
+```
+
+### Samples
+
+#### HTTP only
+
+```
+defaultEntryPoints = ["http"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+```
+
+### HTTP + HTTPS (with SNI)
+
+```
+defaultEntryPoints = ["http", "https"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.com.cert"
+      KeyFile = "integration/fixtures/https/snitest.com.key"
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.org.cert"
+      KeyFile = "integration/fixtures/https/snitest.org.key"
+```
+
+### HTTP redirect on HTTPS
+
+```
+defaultEntryPoints = ["http", "https"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+    entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      certFile = "tests/traefik.crt"
+      keyFile = "tests/traefik.key"
+```
+
+### Let's Encrypt support
+
+```
+[entryPoints]
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      # certs used as default certs
+      [[entryPoints.https.tls.certificates]]
+      certFile = "tests/traefik.crt"
+      keyFile = "tests/traefik.key"
+[acme]
+email = "test@traefik.io"
+storageFile = "acme.json"
+onDemand = true
+caServer = "http://172.18.0.1:4000/directory"
+entryPoint = "https"
+
+[[acme.domains]]
+  main = "local1.com"
+  sans = ["test1.local1.com", "test2.local1.com"]
+[[acme.domains]]
+  main = "local2.com"
+  sans = ["test1.local2.com", "test2x.local2.com"]
+[[acme.domains]]
+  main = "local3.com"
+[[acme.domains]]
+  main = "local4.com"
+```
+
+### Override entrypoints in frontends
+
+```
+[frontends]
+  [frontends.frontend1]
+  backend = "backend2"
+    [frontends.frontend1.routes.test_1]
+    rule = "Host"
+    value = "test.localhost"
+  [frontends.frontend2]
+  backend = "backend1"
+  passHostHeader = true
+  entrypoints = ["https"] # overrides defaultEntryPoints
+    [frontends.frontend2.routes.test_1]
+    rule = "Host"
+    value = "{subdomain:[a-z]+}.localhost"
+  [frontends.frontend3]
+  entrypoints = ["http", "https"] # overrides defaultEntryPoints
+  backend = "backend2"
+    rule = "Path"
+    value = "/test"
 ```


@@ -131,7 +457,21 @@ Like any other reverse proxy, Træfɪk can be configured with a file. You have t

 ```toml
 # traefik.toml
-port = ":80"
+defaultEntryPoints = ["http", "https"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+      entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.com.cert"
+      KeyFile = "integration/fixtures/https/snitest.com.key"
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.org.cert"
+      KeyFile = "integration/fixtures/https/snitest.org.key"
 graceTimeOut = 10
 logLevel = "DEBUG"

@@ -167,7 +507,13 @@ logLevel = "DEBUG"
  [frontends.frontend2]
  backend = "backend1"
  passHostHeader = true
-    [frontends.frontend2.routes.test_2]
+  entrypoints = ["https"] # overrides defaultEntryPoints
+    [frontends.frontend2.routes.test_1]
+    rule = "Host"
+    value = "{subdomain:[a-z]+}.localhost"
+  [frontends.frontend3]
+  entrypoints = ["http", "https"] # overrides defaultEntryPoints
+  backend = "backend2"
    rule = "Path"
    value = "/test"
 ```
@@ -176,7 +522,20 @@ logLevel = "DEBUG"

 ```toml
 # traefik.toml
-port = ":80"
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+      entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.com.cert"
+      KeyFile = "integration/fixtures/https/snitest.com.key"
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.org.cert"
+      KeyFile = "integration/fixtures/https/snitest.org.key"
 graceTimeOut = 10
 logLevel = "DEBUG"

@@ -215,10 +574,15 @@ filename = "rules.toml"
  [frontends.frontend2]
  backend = "backend1"
  passHostHeader = true
-    [frontends.frontend2.routes.test_2]
+  entrypoints = ["https"] # overrides defaultEntryPoints
+    [frontends.frontend2.routes.test_1]
+    rule = "Host"
+    value = "{subdomain:[a-z]+}.localhost"
+  [frontends.frontend3]
+  entrypoints = ["http", "https"] # overrides defaultEntryPoints
+  backend = "backend2"
    rule = "Path"
    value = "/test"
-
 ```

 If you want Træfɪk to watch file changes automatically, just add:
@@ -429,8 +793,9 @@ Labels can be used on containers to override default behaviour:
 - `traefik.weight=10`: assign this weight to the container
 - `traefik.enable=false`: disable this container in Træfɪk
 - `traefik.frontend.rule=Host`: override the default frontend rule (Default: Host). See [frontends](#frontends).
- `traefik.frontend.value=test.example.com`: override the default frontend value (Default: `{containerName}.{domain}`) See [frontends](#frontends).
+- `traefik.frontend.value=test.example.com`: override the default frontend value (Default: `{containerName}.{domain}`) See [frontends](#frontends). Must be associated with label traefik.frontend.rule.
 - `traefik.frontend.passHostHeader=true`: forward client `Host` header to the backend.
+- `traefik.frontend.entryPoints=http,https`: assign this frontend to entry points `http` and `https`. Overrides `defaultEntryPoints`.
 * `traefik.domain=traefik.localhost`: override the default domain


@@ -458,12 +823,6 @@ Træfɪk can be configured to use Marathon as a backend configuration:
 #
 endpoint = "http://127.0.0.1:8080"

-# Network interface used to call Marathon web services
-# Optional
-# Default: "eth0"
-#
-# networkInterface = "eth0"
-
 # Enable watch Marathon changes
 #
 # Optional
@@ -482,6 +841,28 @@ domain = "marathon.localhost"
 # Optional
 #
 # filename = "marathon.tmpl"
+
+# Expose Marathon apps by default in traefik
+#
+# Optional
+# Default: false
+#
+# ExposedByDefault = true
+
+# Enable Marathon basic authentication
+#
+# Optional
+#
+#  [marathon.basic]
+#  httpBasicAuthUser = "foo"
+#  httpBasicPassword = "bar"
+
+# TLS client configuration. https://golang.org/pkg/crypto/tls/#Config
+#
+# Optional
+#
+# [marathon.TLS]
+# InsecureSkipVerify = true
 ```

 Labels can be used on containers to override default behaviour:
@@ -493,8 +874,9 @@ Labels can be used on containers to override default behaviour:
 - `traefik.weight=10`: assign this weight to the application
 - `traefik.enable=false`: disable this application in Træfɪk
 - `traefik.frontend.rule=Host`: override the default frontend rule (Default: Host). See [frontends](#frontends).
- `traefik.frontend.value=test.example.com`: override the default frontend value (Default: `{appName}.{domain}`) See [frontends](#frontends).
+- `traefik.frontend.value=test.example.com`: override the default frontend value (Default: `{appName}.{domain}`) See [frontends](#frontends). Must be associated with label traefik.frontend.rule.
 - `traefik.frontend.passHostHeader=true`: forward client `Host` header to the backend.
+- `traefik.frontend.entryPoints=http,https`: assign this frontend to entry points `http` and `https`. Overrides `defaultEntryPoints`.
 * `traefik.domain=traefik.localhost`: override the default domain

 ## <a id="consul"></a> Consul backend
@@ -535,6 +917,16 @@ prefix = "traefik"
 # Optional
 #
 # filename = "consul.tmpl"
+
+# Enable consul TLS connection
+#
+# Optional
+#
+# [consul.tls]
+# ca = "/etc/ssl/ca.crt"
+# cert = "/etc/ssl/consul.crt"
+# key = "/etc/ssl/consul.key"
+# insecureskipverify = true
 ```

 The Keys-Values structure should look (using `prefix = "/traefik"`):
@@ -573,6 +965,7 @@ The Keys-Values structure should look (using `prefix = "/traefik"`):
 |----------------------------------------------------|------------|
 | `/traefik/frontends/frontend2/backend`             | `backend1` |
 | `/traefik/frontends/frontend2/passHostHeader`      | `true`     |
+| `/traefik/frontends/frontend2/entrypoints`         |`http,https`|
 | `/traefik/frontends/frontend2/routes/test_2/rule`  | `Path`     |
 | `/traefik/frontends/frontend2/routes/test_2/value` | `/test`    |

@@ -615,6 +1008,16 @@ Træfɪk can be configured to use Etcd as a backend configuration:
 # Optional
 #
 # filename = "etcd.tmpl"
+
+# Enable etcd TLS connection
+#
+# Optional
+#
+# [etcd.tls]
+# ca = "/etc/ssl/ca.crt"
+# cert = "/etc/ssl/etcd.crt"
+# key = "/etc/ssl/etcd.key"
+# insecureskipverify = true
 ```

 The Keys-Values structure should look (using `prefix = "/traefik"`):
@@ -653,10 +1056,42 @@ The Keys-Values structure should look (using `prefix = "/traefik"`):
 |----------------------------------------------------|------------|
 | `/traefik/frontends/frontend2/backend`             | `backend1` |
 | `/traefik/frontends/frontend2/passHostHeader`      | `true`     |
+| `/traefik/frontends/frontend2/entrypoints`         |`http,https`|
 | `/traefik/frontends/frontend2/routes/test_2/rule`  | `Path`     |
 | `/traefik/frontends/frontend2/routes/test_2/value` | `/test`    |


+## <a id="consulcatalog"></a> Consul catalog backend
+
+Træfɪk can be configured to use service discovery catalog of Consul as a backend configuration:
+
+```toml
+################################################################
+# Consul Catalog configuration backend
+################################################################
+
+# Enable Consul Catalog configuration backend
+#
+# Optional
+#
+[consulCatalog]
+
+# Consul server endpoint
+#
+# Required
+#
+endpoint = "127.0.0.1:8500"
+
+# Default domain used.
+#
+# Optional
+#
+domain = "consul.localhost"
+```
+
+This backend will create routes matching on hostname based on the service name
+used in consul.
+
 ## <a id="zk"></a> Zookeeper backend

 Træfɪk can be configured to use Zookeeper as a backend configuration:
@@ -732,6 +1167,7 @@ The Keys-Values structure should look (using `prefix = "/traefik"`):
 |----------------------------------------------------|------------|
 | `/traefik/frontends/frontend2/backend`             | `backend1` |
 | `/traefik/frontends/frontend2/passHostHeader`      | `true`     |
+| `/traefik/frontends/frontend2/entrypoints`         |`http,https`|
 | `/traefik/frontends/frontend2/routes/test_2/rule`  | `Path`     |
 | `/traefik/frontends/frontend2/routes/test_2/value` | `/test`    |

@@ -776,131 +1212,112 @@ Træfɪk can be configured to use BoltDB as a backend configuration:
 # filename = "boltdb.tmpl"
 ```

+## <a id="atomicconfig"></a> Atomic configuration changes
+
+The [Etcd](https://github.com/coreos/etcd/issues/860) and [Consul](https://github.com/hashicorp/consul/issues/886) backends do not support updating multiple keys atomically. As a result, it may be possible for Træfɪk to read an intermediate configuration state despite judicious use of the `--providersThrottleDuration` flag. To solve this problem, Træfɪk supports a special key called `/traefik/alias`. If set, Træfɪk use the value as an alternative key prefix.
+
+Given the key structure below, Træfɪk will use the `http://172.17.0.2:80` as its only backend (frontend keys have been omitted for brevity).
+
+| Key                                                                     | Value                       |
+|-------------------------------------------------------------------------|-----------------------------|
+| `/traefik/alias`                                                        | `/traefik_configurations/1` |
+| `/traefik_configurations/1/backends/backend1/servers/server1/url`       | `http://172.17.0.2:80`      |
+| `/traefik_configurations/1/backends/backend1/servers/server1/weight`    | `10`                        |
+
+When an atomic configuration change is required, you may write a new configuration at an alternative prefix. Here, although the `/traefik_configurations/2/...` keys have been set, the old configuration is still active because the `/traefik/alias` key still points to `/traefik_configurations/1`:
+
+| Key                                                                     | Value                       |
+|-------------------------------------------------------------------------|-----------------------------|
+| `/traefik/alias`                                                        | `/traefik_configurations/1` |
+| `/traefik_configurations/1/backends/backend1/servers/server1/url`       | `http://172.17.0.2:80`      |
+| `/traefik_configurations/1/backends/backend1/servers/server1/weight`    | `10`                        |
+| `/traefik_configurations/2/backends/backend1/servers/server1/url`       | `http://172.17.0.2:80`      |
+| `/traefik_configurations/2/backends/backend1/servers/server1/weight`    | `5`                        |
+| `/traefik_configurations/2/backends/backend1/servers/server2/url`       | `http://172.17.0.3:80`      |
+| `/traefik_configurations/2/backends/backend1/servers/server2/weight`    | `5`                        |
+
+Once the `/traefik/alias` key is updated, the new `/traefik_configurations/2` configuration becomes active atomically. Here, we have a 50% balance between the `http://172.17.0.3:80` and the `http://172.17.0.4:80` hosts while no traffic is sent to the `172.17.0.2:80` host:
+
+| Key                                                                     | Value                       |
+|-------------------------------------------------------------------------|-----------------------------|
+| `/traefik/alias`                                                        | `/traefik_configurations/2` |
+| `/traefik_configurations/1/backends/backend1/servers/server1/url`       | `http://172.17.0.2:80`      |
+| `/traefik_configurations/1/backends/backend1/servers/server1/weight`    | `10`                        |
+| `/traefik_configurations/2/backends/backend1/servers/server1/url`       | `http://172.17.0.3:80`      |
+| `/traefik_configurations/2/backends/backend1/servers/server1/weight`    | `5`                        |
+| `/traefik_configurations/2/backends/backend1/servers/server2/url`       | `http://172.17.0.4:80`      |
+| `/traefik_configurations/2/backends/backend1/servers/server2/weight`    | `5`                        |
+
+Note that Træfɪk *will not watch for key changes in the `/traefik_configurations` prefix*. It will only watch for changes in the `/traefik` prefix. Further, if the `/traefik/alias` key is set, all other sibling keys with the `/traefik` prefix are ignored.
+

 ## <a id="benchmarks"></a> Benchmarks

-Here are some early Benchmarks between Nginx and Træfɪk acting as simple load balancers between two servers.
+Here are some early Benchmarks between Nginx, HA-Proxy and Træfɪk acting as simple load balancers between two servers.

 - Nginx:

 ```sh
-$ docker run -d -e VIRTUAL_HOST=test1.localhost emilevauge/whoami
-$ docker run -d -e VIRTUAL_HOST=test1.localhost emilevauge/whoami
+$ docker run -d -e VIRTUAL_HOST=test.nginx.localhost emilevauge/whoami
+$ docker run -d -e VIRTUAL_HOST=test.nginx.localhost emilevauge/whoami
 $ docker run --log-driver=none -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
-$ ab -n 20000 -c 20  -r http://test1.localhost/
-This is ApacheBench, Version 2.3 <$Revision: 1528965 $>
-Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
-Licensed to The Apache Software Foundation, http://www.apache.org/
+$ wrk -t12 -c400 -d60s -H "Host: test.nginx.localhost" --latency http://127.0.0.1:80
+Running 1m test @ http://127.0.0.1:80
+  12 threads and 400 connections
+  Thread Stats   Avg      Stdev     Max   +/- Stdev
+    Latency   162.61ms  203.34ms   1.72s    91.07%
+    Req/Sec   277.57    107.67   790.00     67.53%
+  Latency Distribution
+     50%  128.19ms
+     75%  218.22ms
+     90%  342.12ms
+     99%    1.08s 
+  197991 requests in 1.00m, 82.32MB read
+  Socket errors: connect 0, read 0, write 0, timeout 18
+Requests/sec:   3296.04
+Transfer/sec:      1.37MB
+```

-Benchmarking test1.localhost (be patient)
-Completed 2000 requests
-Completed 4000 requests
-Completed 6000 requests
-Completed 8000 requests
-Completed 10000 requests
-Completed 12000 requests
-Completed 14000 requests
-Completed 16000 requests
-Completed 18000 requests
-Completed 20000 requests
-Finished 20000 requests
+- HA-Proxy:

-
-Server Software:        nginx/1.9.2
-Server Hostname:        test1.localhost
-Server Port:            80
-
-Document Path:          /
-Document Length:        287 bytes
-
-Concurrency Level:      20
-Time taken for tests:   5.874 seconds
-Complete requests:      20000
-Failed requests:        0
-Total transferred:      8900000 bytes
-HTML transferred:       5740000 bytes
-Requests per second:    3404.97 [#/sec] (mean)
-Time per request:       5.874 [ms] (mean)
-Time per request:       0.294 [ms] (mean, across all concurrent requests)
-Transfer rate:          1479.70 [Kbytes/sec] received
-
-Connection Times (ms)
-              min  mean[+/-sd] median   max
-Connect:        0    0   0.1      0       2
-Processing:     0    6   2.4      6      35
-Waiting:        0    5   2.3      5      33
-Total:          0    6   2.4      6      36
-
-Percentage of the requests served within a certain time (ms)
-  50%      6
-  66%      6
-  75%      7
-  80%      7
-  90%      9
-  95%     10
-  98%     12
-  99%     13
- 100%     36 (longest request)
+```
+$ docker run -d --name web1 -e VIRTUAL_HOST=test.haproxy.localhost emilevauge/whoami
+$ docker run -d --name web2 -e VIRTUAL_HOST=test.haproxy.localhost emilevauge/whoami
+$ docker run -d -p 80:80 --link web1:web1 --link web2:web2 dockercloud/haproxy
+$ wrk -t12 -c400 -d60s -H "Host: test.haproxy.localhost" --latency http://127.0.0.1:80
+Running 1m test @ http://127.0.0.1:80
+  12 threads and 400 connections
+  Thread Stats   Avg      Stdev     Max   +/- Stdev
+    Latency   158.08ms  187.88ms   1.75s    89.61%
+    Req/Sec   281.33    120.47     0.98k    65.88%
+  Latency Distribution
+     50%  121.77ms
+     75%  227.10ms
+     90%  351.98ms
+     99%    1.01s 
+  200462 requests in 1.00m, 59.65MB read
+Requests/sec:   3337.66
+Transfer/sec:      0.99MB
 ```

 - Træfɪk:

 ```sh
-$ docker run -d -l traefik.backend=test1 -l traefik.host=test1 emilevauge/whoami
-$ docker run -d -l traefik.backend=test1 -l traefik.host=test1 emilevauge/whoami
-docker run -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/traefik.toml -v /var/run/docker.sock:/var/run/docker.sock emilevauge/traefik
-$ ab -n 20000 -c 20  -r http://test1.docker.localhost/
-This is ApacheBench, Version 2.3 <$Revision: 1528965 $>
-Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
-Licensed to The Apache Software Foundation, http://www.apache.org/
-
-Benchmarking test1.docker.localhost (be patient)
-Completed 2000 requests
-Completed 4000 requests
-Completed 6000 requests
-Completed 8000 requests
-Completed 10000 requests
-Completed 12000 requests
-Completed 14000 requests
-Completed 16000 requests
-Completed 18000 requests
-Completed 20000 requests
-Finished 20000 requests
-
-
-Server Software:        .
-Server Hostname:        test1.docker.localhost
-Server Port:            80
-
-Document Path:          /
-Document Length:        312 bytes
-
-Concurrency Level:      20
-Time taken for tests:   6.545 seconds
-Complete requests:      20000
-Failed requests:        0
-Total transferred:      8600000 bytes
-HTML transferred:       6240000 bytes
-Requests per second:    3055.60 [#/sec] (mean)
-Time per request:       6.545 [ms] (mean)
-Time per request:       0.327 [ms] (mean, across all concurrent requests)
-Transfer rate:          1283.11 [Kbytes/sec] received
-
-Connection Times (ms)
-              min  mean[+/-sd] median   max
-Connect:        0    0   0.2      0       7
-Processing:     1    6   2.2      6      22
-Waiting:        1    6   2.1      6      21
-Total:          1    7   2.2      6      22
-
-Percentage of the requests served within a certain time (ms)
-  50%      6
-  66%      7
-  75%      8
-  80%      8
-  90%      9
-  95%     10
-  98%     11
-  99%     13
- 100%     22 (longest request)
+$ docker run -d -l traefik.backend=test1 -l traefik.frontend.rule=Host -l traefik.frontend.value=test.traefik.localhost emilevauge/whoami
+$ docker run -d -l traefik.backend=test1 -l traefik.frontend.rule=Host -l traefik.frontend.value=test.traefik.localhost emilevauge/whoami
+$ docker run -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/traefik.toml -v /var/run/docker.sock:/var/run/docker.sock containous/traefik
+$ wrk -t12 -c400 -d60s -H "Host: test.traefik.localhost" --latency http://127.0.0.1:80
+Running 1m test @ http://127.0.0.1:80
+  12 threads and 400 connections
+  Thread Stats   Avg      Stdev     Max   +/- Stdev
+    Latency   132.93ms  121.89ms   1.20s    66.62%
+    Req/Sec   280.95    104.88   740.00     68.26%
+  Latency Distribution
+     50%  128.71ms
+     75%  214.15ms
+     90%  281.45ms
+     99%  498.44ms
+  200734 requests in 1.00m, 80.02MB read
+Requests/sec:   3340.13
+Transfer/sec:      1.33MB
 ```
--- a/glide.lock
+++ b/glide.lock
@@ -0,0 +1,273 @@
+hash: 21d4e8dc80c87101568a719ecf01d1af9a1b58f03c5c9dc864a8cb1005ddc160
+updated: 2016-03-29T21:50:20.577439177+02:00
+imports:
+- name: github.com/alecthomas/template
+  version: b867cc6ab45cece8143cfcc6fc9c77cf3f2c23c0
+- name: github.com/alecthomas/units
+  version: 6b4e7dc5e3143b85ea77909c72caf89416fc2915
+- name: github.com/boltdb/bolt
+  version: 51f99c862475898df9773747d3accd05a7ca33c1
+- name: github.com/BurntSushi/toml
+  version: bd2bdf7f18f849530ef7a1c29a4290217cab32a1
+- name: github.com/BurntSushi/ty
+  version: 6add9cd6ad42d389d6ead1dde60b4ad71e46fd74
+  subpackages:
+  - fun
+- name: github.com/cenkalti/backoff
+  version: 4dc77674aceaabba2c7e3da25d4c823edfb73f99
+- name: github.com/codahale/hdrhistogram
+  version: 954f16e8b9ef0e5d5189456aa4c1202758e04f17
+- name: github.com/codegangsta/cli
+  version: bf4a526f48af7badd25d2cb02d587e1b01be3b50
+- name: github.com/codegangsta/negroni
+  version: c7477ad8e330bef55bf1ebe300cf8aa67c492d1b
+- name: github.com/containous/oxy
+  version: 0b5b371bce661385d35439204298fa6fb5db5463
+  subpackages:
+  - cbreaker
+  - forward
+  - memmetrics
+  - roundrobin
+  - utils
+  - stream
+- name: github.com/coreos/go-etcd
+  version: cc90c7b091275e606ad0ca7102a23fb2072f3f5e
+  subpackages:
+  - etcd
+- name: github.com/davecgh/go-spew
+  version: 5215b55f46b2b919f50a1df0eaa5886afe4e3b3d
+  subpackages:
+  - spew
+- name: github.com/docker/distribution
+  version: 9038e48c3b982f8e82281ea486f078a73731ac4e
+- name: github.com/docker/docker
+  version: f39987afe8d611407887b3094c03d6ba6a766a67
+  subpackages:
+  - autogen
+  - api
+  - cliconfig
+  - daemon/network
+  - graph/tags
+  - image
+  - opts
+  - pkg/archive
+  - pkg/fileutils
+  - pkg/homedir
+  - pkg/httputils
+  - pkg/ioutils
+  - pkg/jsonmessage
+  - pkg/mflag
+  - pkg/nat
+  - pkg/parsers
+  - pkg/pools
+  - pkg/promise
+  - pkg/random
+  - pkg/stdcopy
+  - pkg/stringid
+  - pkg/symlink
+  - pkg/system
+  - pkg/tarsum
+  - pkg/term
+  - pkg/timeutils
+  - pkg/tlsconfig
+  - pkg/ulimit
+  - pkg/units
+  - pkg/urlutil
+  - pkg/useragent
+  - pkg/version
+  - registry
+  - runconfig
+  - utils
+  - volume
+- name: github.com/docker/libcompose
+  version: e290a513ba909ca3afefd5cd611f3a3fe56f6a3a
+  subpackages:
+  - docker
+  - logger
+  - lookup
+  - project
+  - utils
+- name: github.com/docker/libkv
+  version: 3732f7ff1b56057c3158f10bceb1e79133025373
+  subpackages:
+  - store
+  - store/boltdb
+  - store/consul
+  - store/etcd
+  - store/zookeeper
+- name: github.com/docker/libtrust
+  version: 9cbd2a1374f46905c68a4eb3694a130610adc62a
+- name: github.com/donovanhide/eventsource
+  version: d8a3071799b98cacd30b6da92f536050ccfe6da4
+- name: github.com/elazarl/go-bindata-assetfs
+  version: d5cac425555ca5cf00694df246e04f05e6a55150
+- name: github.com/flynn/go-shlex
+  version: 3f9db97f856818214da2e1057f8ad84803971cff
+- name: github.com/fsouza/go-dockerclient
+  version: a49c8269a6899cae30da1f8a4b82e0ce945f9967
+  subpackages:
+  - external/github.com/docker/docker/opts
+  - external/github.com/docker/docker/pkg/archive
+  - external/github.com/docker/docker/pkg/fileutils
+  - external/github.com/docker/docker/pkg/homedir
+  - external/github.com/docker/docker/pkg/stdcopy
+  - external/github.com/hashicorp/go-cleanhttp
+  - external/github.com/Sirupsen/logrus
+  - external/github.com/docker/docker/pkg/idtools
+  - external/github.com/docker/docker/pkg/ioutils
+  - external/github.com/docker/docker/pkg/pools
+  - external/github.com/docker/docker/pkg/promise
+  - external/github.com/docker/docker/pkg/system
+  - external/github.com/docker/docker/pkg/longpath
+  - external/github.com/opencontainers/runc/libcontainer/user
+  - external/golang.org/x/sys/unix
+  - external/golang.org/x/net/context
+  - external/github.com/docker/go-units
+- name: github.com/gambol99/go-marathon
+  version: ade11d1dc2884ee1f387078fc28509559b6235d1
+- name: github.com/golang/glog
+  version: fca8c8854093a154ff1eb580aae10276ad6b1b5f
+- name: github.com/google/go-querystring
+  version: 6bb77fe6f42b85397288d4f6f67ac72f8f400ee7
+  subpackages:
+  - query
+- name: github.com/gorilla/context
+  version: 215affda49addc4c8ef7e2534915df2c8c35c6cd
+- name: github.com/gorilla/handlers
+  version: 40694b40f4a928c062f56849989d3e9cd0570e5f
+- name: github.com/gorilla/mux
+  version: f15e0c49460fd49eebe2bcc8486b05d1bef68d3a
+- name: github.com/gorilla/websocket
+  version: e2e3d8414d0fbae04004f151979f4e27c6747fe7
+- name: github.com/hashicorp/consul
+  version: de080672fee9e6104572eeea89eccdca135bb918
+  subpackages:
+  - api
+- name: github.com/hashicorp/hcl
+  version: 2604f3bda7e8960c1be1063709e7d7f0765048d0
+  subpackages:
+  - hcl/ast
+  - hcl/parser
+  - hcl/token
+  - json/parser
+  - hcl/scanner
+  - hcl/strconv
+  - json/scanner
+  - json/token
+- name: github.com/inconshreveable/mousetrap
+  version: 76626ae9c91c4f2a10f34cad8ce83ea42c93bb75
+- name: github.com/kr/pretty
+  version: add1dbc86daf0f983cd4a48ceb39deb95c729b67
+- name: github.com/kr/text
+  version: bb797dc4fb8320488f47bf11de07a733d7233e1f
+- name: github.com/magiconair/properties
+  version: c265cfa48dda6474e208715ca93e987829f572f8
+- name: github.com/mailgun/log
+  version: 44874009257d4d47ba9806f1b7f72a32a015e4d8
+- name: github.com/mailgun/manners
+  version: fada45142db3f93097ca917da107aa3fad0ffcb5
+- name: github.com/mailgun/multibuf
+  version: 565402cd71fbd9c12aa7e295324ea357e970a61e
+- name: github.com/mailgun/predicate
+  version: cb0bff91a7ab7cf7571e661ff883fc997bc554a3
+- name: github.com/mailgun/timetools
+  version: fd192d755b00c968d312d23f521eb0cdc6f66bd0
+- name: github.com/miekg/dns
+  version: 7e024ce8ce18b21b475ac6baf8fa3c42536bf2fa
+- name: github.com/mitchellh/mapstructure
+  version: d2dd0262208475919e1a362f675cfc0e7c10e905
+- name: github.com/opencontainers/runc
+  version: 4ab132458fc3e9dbeea624153e0331952dc4c8d5
+  subpackages:
+  - libcontainer/user
+- name: github.com/pmezard/go-difflib
+  version: d8ed2627bdf02c080bf22230dbb337003b7aba2d
+  subpackages:
+  - difflib
+- name: github.com/samalba/dockerclient
+  version: cfb489c624b635251a93e74e1e90eb0959c5367f
+- name: github.com/samuel/go-zookeeper
+  version: fa6674abf3f4580b946a01bf7a1ce4ba8766205b
+  subpackages:
+  - zk
+- name: github.com/Sirupsen/logrus
+  version: 418b41d23a1bf978c06faea5313ba194650ac088
+- name: github.com/spf13/cast
+  version: ee7b3e0353166ab1f3a605294ac8cd2b77953778
+- name: github.com/spf13/cobra
+  version: c678ff029ee250b65714e518f4f5c5cb934955de
+  subpackages:
+  - cobra
+- name: github.com/spf13/jwalterweatherman
+  version: 33c24e77fb80341fe7130ee7c594256ff08ccc46
+- name: github.com/spf13/pflag
+  version: 7f60f83a2c81bc3c3c0d5297f61ddfa68da9d3b7
+- name: github.com/spf13/viper
+  version: a212099cbe6fbe8d07476bfda8d2d39b6ff8f325
+- name: github.com/stretchr/objx
+  version: cbeaeb16a013161a98496fad62933b1d21786672
+- name: github.com/stretchr/testify
+  version: 6fe211e493929a8aac0469b93f28b1d0688a9a3a
+  subpackages:
+  - mock
+  - assert
+- name: github.com/thoas/stats
+  version: 54ed61c2b47e263ae2f01b86837b0c4bd1da28e8
+- name: github.com/unrolled/render
+  version: 26b4e3aac686940fe29521545afad9966ddfc80c
+- name: github.com/vdemeester/libkermit
+  version: 01a5399bdbd3312916c9fa4848108fbc81fe88d8
+- name: github.com/vdemeester/shakers
+  version: 8fe734f75f3a70b651cbfbf8a55a009da09e8dc5
+- name: github.com/vulcand/oxy
+  version: 8aaf36279137ac04ace3792a4f86098631b27d5a
+  subpackages:
+  - memmetrics
+  - utils
+- name: github.com/vulcand/predicate
+  version: cb0bff91a7ab7cf7571e661ff883fc997bc554a3
+- name: github.com/vulcand/route
+  version: cb89d787ddbb1c5849a7ac9f79004c1fd12a4a32
+- name: github.com/vulcand/vulcand
+  version: 475540bb016702d5b7cc4674e37f48ee3e144a69
+  subpackages:
+  - plugin/rewrite
+  - plugin
+  - router
+- name: github.com/wendal/errors
+  version: f66c77a7882b399795a8987ebf87ef64a427417e
+- name: github.com/xenolf/lego
+  version: ca19a90028e242e878585941c2a27c8f3b3efc25
+  subpackages:
+  - acme
+- name: golang.org/x/crypto
+  version: 9e7f5dc375abeb9619ea3c5c58502c428f457aa2
+  subpackages:
+  - ocsp
+- name: golang.org/x/net
+  version: d9558e5c97f85372afee28cf2b6059d7d3818919
+  subpackages:
+  - context
+  - publicsuffix
+- name: golang.org/x/sys
+  version: eb2c74142fd19a79b3f237334c7384d5167b1b46
+  subpackages:
+  - unix
+- name: gopkg.in/alecthomas/kingpin.v2
+  version: 639879d6110b1b0409410c7b737ef0bb18325038
+- name: gopkg.in/check.v1
+  version: 11d3bc7aa68e238947792f30573146a3231fc0f1
+- name: gopkg.in/fsnotify.v1
+  version: 96c060f6a6b7e0d6f75fddd10efeaca3e5d1bcb0
+- name: gopkg.in/mgo.v2
+  version: 22287bab4379e1fbf6002fb4eb769888f3fb224c
+  subpackages:
+  - bson
+- name: gopkg.in/square/go-jose.v1
+  version: 7d9df93c5ee8a09ed250b3b2360972fa29b4bb3c
+  subpackages:
+  - cipher
+  - json
+- name: gopkg.in/yaml.v2
+  version: 7ad95dd0798a40da1ccdff6dff35fd177b5edf40
+devImports: []
--- a/glide.yaml
+++ b/glide.yaml
@@ -8,8 +8,8 @@ import:
    ref:     9038e48c3b982f8e82281ea486f078a73731ac4e
  - package: github.com/mailgun/log
    ref:     44874009257d4d47ba9806f1b7f72a32a015e4d8
-  - package: github.com/mailgun/oxy
-    ref:     547c334d658398c05b346c0b79d8f47ba2e1473b
+  - package: github.com/containous/oxy
+    ref:     0b5b371bce661385d35439204298fa6fb5db5463
    subpackages:
      - cbreaker
      - forward
@@ -43,7 +43,7 @@ import:
  - package: github.com/alecthomas/units
    ref:     6b4e7dc5e3143b85ea77909c72caf89416fc2915
  - package: github.com/gambol99/go-marathon
-    ref:     8ce3f764250b2de3f2c627d12ca7dd21bd5e7f93
+    ref:     ade11d1dc2884ee1f387078fc28509559b6235d1
  - package: github.com/mailgun/predicate
    ref:     cb0bff91a7ab7cf7571e661ff883fc997bc554a3
  - package: github.com/thoas/stats
@@ -57,7 +57,7 @@ import:
  - package: github.com/flynn/go-shlex
    ref:     3f9db97f856818214da2e1057f8ad84803971cff
  - package: github.com/fsouza/go-dockerclient
-    ref:     0239034d42f665efa17fd77c39f891c2f9f32922
+    ref:     a49c8269a6899cae30da1f8a4b82e0ce945f9967
  - package: github.com/boltdb/bolt
    ref:     51f99c862475898df9773747d3accd05a7ca33c1
  - package: gopkg.in/mgo.v2
@@ -124,7 +124,7 @@ import:
  - package: gopkg.in/alecthomas/kingpin.v2
    ref:     639879d6110b1b0409410c7b737ef0bb18325038
  - package: github.com/docker/libcompose
-    ref:     79ef5d150f053a5b12f16b02d8844ed7cf33611a
+    ref:     e290a513ba909ca3afefd5cd611f3a3fe56f6a3a
    subpackages:
      - docker
      - logger
@@ -146,4 +146,25 @@ import:
    ref:     d8a3071799b98cacd30b6da92f536050ccfe6da4
  - package: github.com/golang/glog
    ref:     fca8c8854093a154ff1eb580aae10276ad6b1b5f
-
+  - package: github.com/spf13/cast
+    ref: ee7b3e0353166ab1f3a605294ac8cd2b77953778
+  - package: github.com/mitchellh/mapstructure
+  - package: github.com/spf13/jwalterweatherman
+  - package: github.com/spf13/pflag
+  - package: github.com/wendal/errors
+  - package: github.com/hashicorp/hcl
+  - package: github.com/kr/pretty
+  - package: github.com/magiconair/properties
+  - package: github.com/kr/text
+  - package: github.com/spf13/viper
+    ref: a212099cbe6fbe8d07476bfda8d2d39b6ff8f325
+  - package: github.com/spf13/cobra
+    subpackages:
+    - /cobra
+  - package: github.com/google/go-querystring/query
+  - package: github.com/vulcand/vulcand/plugin/rewrite
+  - package: github.com/stretchr/testify/mock
+  - package: github.com/xenolf/lego
+  - package: github.com/vdemeester/libkermit
+    ref: 01a5399bdbd3312916c9fa4848108fbc81fe88d8
+  - package: github.com/mailgun/multibuf
--- a/integration/basic_test.go
+++ b/integration/basic_test.go
@@ -1,11 +1,11 @@
 package main

 import (
-	"fmt"
 	"net/http"
 	"os/exec"
 	"time"

+	"fmt"
 	checker "github.com/vdemeester/shakers"
 	check "gopkg.in/check.v1"
 )
@@ -18,10 +18,10 @@ func (s *SimpleSuite) TestNoOrInexistentConfigShouldFail(c *check.C) {
 	output, err := cmd.CombinedOutput()

 	c.Assert(err, checker.NotNil)
-	c.Assert(string(output), checker.Contains, "Error reading file: open traefik.toml: no such file or directory")
+	c.Assert(string(output), checker.Contains, "Error reading file: open : no such file or directory")

 	nonExistentFile := "non/existent/file.toml"
-	cmd = exec.Command(traefikBinary, nonExistentFile)
+	cmd = exec.Command(traefikBinary, "--configFile="+nonExistentFile)
 	output, err = cmd.CombinedOutput()

 	c.Assert(err, checker.NotNil)
@@ -29,30 +29,30 @@ func (s *SimpleSuite) TestNoOrInexistentConfigShouldFail(c *check.C) {
 }

 func (s *SimpleSuite) TestInvalidConfigShouldFail(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/invalid_configuration.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/invalid_configuration.toml")
 	output, err := cmd.CombinedOutput()

 	c.Assert(err, checker.NotNil)
-	c.Assert(string(output), checker.Contains, "Error reading file: Near line 1")
+	c.Assert(string(output), checker.Contains, "Error reading file: While parsing config: Near line 1")
 }

 func (s *SimpleSuite) TestSimpleDefaultConfig(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/simple_default.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/simple_default.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()

 	time.Sleep(500 * time.Millisecond)
 	// TODO validate : run on 80
-	resp, err := http.Get("http://127.0.0.1/")
+	resp, err := http.Get("http://127.0.0.1:8000/")

-	// Expected a 404 as we did not comfigure anything
+	// Expected a 404 as we did not configure anything
 	c.Assert(err, checker.IsNil)
 	c.Assert(resp.StatusCode, checker.Equals, 404)
 }

 func (s *SimpleSuite) TestWithWebConfig(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/simple_web.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/simple_web.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()
--- a/integration/consul_catalog_test.go
+++ b/integration/consul_catalog_test.go
@@ -0,0 +1,120 @@
+package main
+
+import (
+	"io/ioutil"
+	"net/http"
+	"os/exec"
+	"time"
+
+	"github.com/hashicorp/consul/api"
+	docker "github.com/vdemeester/libkermit/docker"
+
+	checker "github.com/vdemeester/shakers"
+	check "gopkg.in/check.v1"
+)
+
+// Consul catalog test suites
+type ConsulCatalogSuite struct {
+	BaseSuite
+	consulIP     string
+	consulClient *api.Client
+	project      *docker.Project
+}
+
+func (s *ConsulCatalogSuite) SetUpSuite(c *check.C) {
+	project, err := docker.NewProjectFromEnv()
+	c.Assert(err, checker.IsNil, check.Commentf("Error while creating docker project"))
+	s.project = project
+
+	s.createComposeProject(c, "consul_catalog")
+	err = s.composeProject.Start()
+	c.Assert(err, checker.IsNil, check.Commentf("Error starting project"))
+
+	consul, err := s.project.Inspect("integration-test-consul_catalog_consul_1")
+	c.Assert(err, checker.IsNil, check.Commentf("Error finding consul container"))
+
+	s.consulIP = consul.NetworkSettings.IPAddress
+	config := api.DefaultConfig()
+	config.Address = s.consulIP + ":8500"
+	consulClient, err := api.NewClient(config)
+	if err != nil {
+		c.Fatalf("Error creating consul client")
+	}
+	s.consulClient = consulClient
+
+	// Wait for consul to elect itself leader
+	time.Sleep(2000 * time.Millisecond)
+}
+
+func (s *ConsulCatalogSuite) registerService(name string, address string, port int) error {
+	catalog := s.consulClient.Catalog()
+	_, err := catalog.Register(
+		&api.CatalogRegistration{
+			Node:    address,
+			Address: address,
+			Service: &api.AgentService{
+				ID:      name,
+				Service: name,
+				Address: address,
+				Port:    port,
+			},
+		},
+		&api.WriteOptions{},
+	)
+	return err
+}
+
+func (s *ConsulCatalogSuite) deregisterService(name string, address string) error {
+	catalog := s.consulClient.Catalog()
+	_, err := catalog.Deregister(
+		&api.CatalogDeregistration{
+			Node:      address,
+			Address:   address,
+			ServiceID: name,
+		},
+		&api.WriteOptions{},
+	)
+	return err
+}
+
+func (s *ConsulCatalogSuite) TestSimpleConfiguration(c *check.C) {
+	cmd := exec.Command(traefikBinary, "--consulCatalog", "--consulCatalog.endpoint="+s.consulIP+":8500", "--configFile=fixtures/consul_catalog/simple.toml")
+	err := cmd.Start()
+	c.Assert(err, checker.IsNil)
+	defer cmd.Process.Kill()
+
+	time.Sleep(500 * time.Millisecond)
+	// TODO validate : run on 80
+	resp, err := http.Get("http://127.0.0.1:8000/")
+
+	// Expected a 404 as we did not configure anything
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, 404)
+}
+
+func (s *ConsulCatalogSuite) TestSingleService(c *check.C) {
+	cmd := exec.Command(traefikBinary, "--consulCatalog", "--consulCatalog.endpoint="+s.consulIP+":8500", "--consulCatalog.domain=consul.localhost", "--configFile=fixtures/consul_catalog/simple.toml")
+	err := cmd.Start()
+	c.Assert(err, checker.IsNil)
+	defer cmd.Process.Kill()
+
+	nginx, err := s.project.Inspect("integration-test-consul_catalog_nginx_1")
+	c.Assert(err, checker.IsNil, check.Commentf("Error finding nginx container"))
+
+	err = s.registerService("test", nginx.NetworkSettings.IPAddress, 80)
+	c.Assert(err, checker.IsNil, check.Commentf("Error registering service"))
+	defer s.deregisterService("test", nginx.NetworkSettings.IPAddress)
+
+	time.Sleep(5000 * time.Millisecond)
+	client := &http.Client{}
+	req, err := http.NewRequest("GET", "http://127.0.0.1:8000/", nil)
+	c.Assert(err, checker.IsNil)
+	req.Host = "test.consul.localhost"
+	resp, err := client.Do(req)
+
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, 200)
+
+	_, err = ioutil.ReadAll(resp.Body)
+	c.Assert(err, checker.IsNil)
+}
--- a/integration/consul_test.go
+++ b/integration/consul_test.go
@@ -9,17 +9,24 @@ import (
 	check "gopkg.in/check.v1"
 )

+// Consul test suites (using libcompose)
+type ConsulSuite struct{ BaseSuite }
+
+func (s *ConsulSuite) SetUpSuite(c *check.C) {
+	s.createComposeProject(c, "consul")
+}
+
 func (s *ConsulSuite) TestSimpleConfiguration(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/consul/simple.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/consul/simple.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()

 	time.Sleep(500 * time.Millisecond)
 	// TODO validate : run on 80
-	resp, err := http.Get("http://127.0.0.1/")
+	resp, err := http.Get("http://127.0.0.1:8000/")

-	// Expected a 404 as we did not comfigure anything
+	// Expected a 404 as we did not configure anything
 	c.Assert(err, checker.IsNil)
 	c.Assert(resp.StatusCode, checker.Equals, 404)
 }
--- a/integration/docker_test.go
+++ b/integration/docker_test.go
@@ -7,11 +7,12 @@ import (
 	"net/http"
 	"os"
 	"os/exec"
+	"strings"
 	"time"

-	"github.com/docker/docker/opts"
 	"github.com/docker/docker/pkg/namesgenerator"
-	"github.com/fsouza/go-dockerclient"
+	"github.com/vdemeester/libkermit/docker"
+
 	checker "github.com/vdemeester/shakers"
 	check "gopkg.in/check.v1"
 )
@@ -31,122 +32,64 @@ var (
 // Docker test suites
 type DockerSuite struct {
 	BaseSuite
-	client *docker.Client
+	project *docker.Project
 }

 func (s *DockerSuite) startContainer(c *check.C, image string, args ...string) string {
-	return s.startContainerWithConfig(c, docker.CreateContainerOptions{
-		Config: &docker.Config{
-			Image: image,
-			Cmd:   args,
-		},
+	return s.startContainerWithConfig(c, image, docker.ContainerConfig{
+		Cmd: args,
 	})
 }

 func (s *DockerSuite) startContainerWithLabels(c *check.C, image string, labels map[string]string, args ...string) string {
-	return s.startContainerWithConfig(c, docker.CreateContainerOptions{
-		Config: &docker.Config{
-			Image:  image,
-			Cmd:    args,
-			Labels: labels,
-		},
+	return s.startContainerWithConfig(c, image, docker.ContainerConfig{
+		Cmd:    args,
+		Labels: labels,
 	})
 }

-func (s *DockerSuite) startContainerWithConfig(c *check.C, config docker.CreateContainerOptions) string {
+func (s *DockerSuite) startContainerWithConfig(c *check.C, image string, config docker.ContainerConfig) string {
 	if config.Name == "" {
 		config.Name = namesgenerator.GetRandomName(10)
 	}
-	if config.Config.Labels == nil {
-		config.Config.Labels = map[string]string{}
-	}
-	config.Config.Labels[TestLabel] = "true"

-	container, err := s.client.CreateContainer(config)
-	c.Assert(err, checker.IsNil, check.Commentf("Error creating a container using config %v", config))
+	container, err := s.project.StartWithConfig(image, config)
+	c.Assert(err, checker.IsNil, check.Commentf("Error starting a container using config %v", config))

-	err = s.client.StartContainer(container.ID, &docker.HostConfig{})
-	c.Assert(err, checker.IsNil, check.Commentf("Error starting container %v", container))
-
-	return container.Name
+	// FIXME(vdemeester) this is ugly (it's because of the / in front of the name in docker..)
+	return strings.SplitAfter(container.Name, "/")[1]
 }

 func (s *DockerSuite) SetUpSuite(c *check.C) {
-	dockerHost := os.Getenv("DOCKER_HOST")
-	if dockerHost == "" {
-		// FIXME Handle windows -- see if dockerClient already handle that or not
-		dockerHost = fmt.Sprintf("unix://%s", opts.DefaultUnixSocket)
-	}
-	// Make sure we can speak to docker
-	dockerClient, err := docker.NewClient(dockerHost)
-	c.Assert(err, checker.IsNil, check.Commentf("Error connecting to docker daemon"))
-
-	s.client = dockerClient
-	c.Assert(s.client.Ping(), checker.IsNil)
+	project, err := docker.NewProjectFromEnv()
+	c.Assert(err, checker.IsNil, check.Commentf("Error while creating docker project"))
+	s.project = project

 	// Pull required images
 	for repository, tag := range RequiredImages {
 		image := fmt.Sprintf("%s:%s", repository, tag)
-		_, err := s.client.InspectImage(image)
-		if err != nil {
-			if err != docker.ErrNoSuchImage {
-				c.Fatalf("Error while inspect image %s", image)
-			}
-			err = s.client.PullImage(docker.PullImageOptions{
-				Repository: repository,
-				Tag:        tag,
-			}, docker.AuthConfiguration{})
-			c.Assert(err, checker.IsNil, check.Commentf("Error while pulling image %s", image))
-		}
-	}
-}
-
-func (s *DockerSuite) cleanContainers(c *check.C) {
-	// Clean the mess, a.k.a. the running containers with the right label
-	containerList, err := s.client.ListContainers(docker.ListContainersOptions{
-		Filters: map[string][]string{
-			"label": {fmt.Sprintf("%s=true", TestLabel)},
-		},
-	})
-	c.Assert(err, checker.IsNil, check.Commentf("Error listing containers started by traefik"))
-
-	for _, container := range containerList {
-		err = s.client.KillContainer(docker.KillContainerOptions{
-			ID: container.ID,
-		})
-		c.Assert(err, checker.IsNil, check.Commentf("Error killing container %v", container))
-		if os.Getenv("CIRCLECI") == "" {
-			// On circleci, we won't delete them — it errors out for now >_<
-			err = s.client.RemoveContainer(docker.RemoveContainerOptions{
-				ID:            container.ID,
-				RemoveVolumes: true,
-			})
-			c.Assert(err, checker.IsNil, check.Commentf("Error removing container %v", container))
-		}
+		s.project.Pull(image)
+		c.Assert(err, checker.IsNil, check.Commentf("Error while pulling image %s", image))
 	}
 }

 func (s *DockerSuite) TearDownTest(c *check.C) {
-	s.cleanContainers(c)
-}
-
-func (s *DockerSuite) TearDownSuite(c *check.C) {
-	// Call cleanContainers, just in case (?)
-	// s.cleanContainers(c)
+	err := s.project.Clean(os.Getenv("CIRCLECI") != "")
+	c.Assert(err, checker.IsNil, check.Commentf("Error while cleaning containers"))
 }

 func (s *DockerSuite) TestSimpleConfiguration(c *check.C) {
 	file := s.adaptFileForHost(c, "fixtures/docker/simple.toml")
 	defer os.Remove(file)

-	cmd := exec.Command(traefikBinary, file)
+	cmd := exec.Command(traefikBinary, "--configFile="+file)
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()

 	time.Sleep(500 * time.Millisecond)
 	// TODO validate : run on 80
-	resp, err := http.Get("http://127.0.0.1/")
+	resp, err := http.Get("http://127.0.0.1:8000/")

 	c.Assert(err, checker.IsNil)
 	// Expected a 404 as we did not comfigure anything
@@ -159,7 +102,7 @@ func (s *DockerSuite) TestDefaultDockerContainers(c *check.C) {
 	name := s.startContainer(c, "swarm:1.0.0", "manage", "token://blablabla")

 	// Start traefik
-	cmd := exec.Command(traefikBinary, file)
+	cmd := exec.Command(traefikBinary, "--configFile="+file)
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()
@@ -168,7 +111,7 @@ func (s *DockerSuite) TestDefaultDockerContainers(c *check.C) {
 	time.Sleep(1500 * time.Millisecond)

 	client := &http.Client{}
-	req, err := http.NewRequest("GET", "http://127.0.0.1/version", nil)
+	req, err := http.NewRequest("GET", "http://127.0.0.1:8000/version", nil)
 	c.Assert(err, checker.IsNil)
 	req.Host = fmt.Sprintf("%s.docker.localhost", name)
 	resp, err := client.Do(req)
@@ -196,7 +139,7 @@ func (s *DockerSuite) TestDockerContainersWithLabels(c *check.C) {
 	s.startContainerWithLabels(c, "swarm:1.0.0", labels, "manage", "token://blabla")

 	// Start traefik
-	cmd := exec.Command(traefikBinary, file)
+	cmd := exec.Command(traefikBinary, "--configFile="+file)
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()
@@ -205,7 +148,7 @@ func (s *DockerSuite) TestDockerContainersWithLabels(c *check.C) {
 	time.Sleep(1500 * time.Millisecond)

 	client := &http.Client{}
-	req, err := http.NewRequest("GET", "http://127.0.0.1/version", nil)
+	req, err := http.NewRequest("GET", "http://127.0.0.1:8000/version", nil)
 	c.Assert(err, checker.IsNil)
 	req.Host = fmt.Sprintf("my.super.host")
 	resp, err := client.Do(req)
@@ -232,7 +175,7 @@ func (s *DockerSuite) TestDockerContainersWithOneMissingLabels(c *check.C) {
 	s.startContainerWithLabels(c, "swarm:1.0.0", labels, "manage", "token://blabla")

 	// Start traefik
-	cmd := exec.Command(traefikBinary, file)
+	cmd := exec.Command(traefikBinary, "--configFile="+file)
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()
@@ -241,7 +184,7 @@ func (s *DockerSuite) TestDockerContainersWithOneMissingLabels(c *check.C) {
 	time.Sleep(1500 * time.Millisecond)

 	client := &http.Client{}
-	req, err := http.NewRequest("GET", "http://127.0.0.1/version", nil)
+	req, err := http.NewRequest("GET", "http://127.0.0.1:8000/version", nil)
 	c.Assert(err, checker.IsNil)
 	req.Host = fmt.Sprintf("my.super.host")
 	resp, err := client.Do(req)
--- a/integration/etcd_test.go
+++ b/integration/etcd_test.go
@@ -0,0 +1,32 @@
+package main
+
+import (
+	"net/http"
+	"os/exec"
+	"time"
+
+	checker "github.com/vdemeester/shakers"
+	check "gopkg.in/check.v1"
+)
+
+// Etcd test suites (using libcompose)
+type EtcdSuite struct{ BaseSuite }
+
+func (s *EtcdSuite) SetUpSuite(c *check.C) {
+	s.createComposeProject(c, "etcd")
+}
+
+func (s *EtcdSuite) TestSimpleConfiguration(c *check.C) {
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/etcd/simple.toml")
+	err := cmd.Start()
+	c.Assert(err, checker.IsNil)
+	defer cmd.Process.Kill()
+
+	time.Sleep(1000 * time.Millisecond)
+	// TODO validate : run on 80
+	resp, err := http.Get("http://127.0.0.1:8000/")
+
+	// Expected a 404 as we did not configure anything
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, 404)
+}
--- a/integration/file_test.go
+++ b/integration/file_test.go
@@ -9,14 +9,23 @@ import (
 	check "gopkg.in/check.v1"
 )

+// File test suites
+type FileSuite struct{ BaseSuite }
+
+func (s *FileSuite) SetUpSuite(c *check.C) {
+	s.createComposeProject(c, "file")
+
+	s.composeProject.Start()
+}
+
 func (s *FileSuite) TestSimpleConfiguration(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/file/simple.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/file/simple.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()

 	time.Sleep(1000 * time.Millisecond)
-	resp, err := http.Get("http://127.0.0.1/")
+	resp, err := http.Get("http://127.0.0.1:8000/")

 	// Expected a 404 as we did not configure anything
 	c.Assert(err, checker.IsNil)
@@ -25,13 +34,13 @@ func (s *FileSuite) TestSimpleConfiguration(c *check.C) {

 // #56 regression test, make sure it does not fail
 func (s *FileSuite) TestSimpleConfigurationNoPanic(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/file/56-simple-panic.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/file/56-simple-panic.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()

 	time.Sleep(1000 * time.Millisecond)
-	resp, err := http.Get("http://127.0.0.1/")
+	resp, err := http.Get("http://127.0.0.1:8000/")

 	// Expected a 404 as we did not configure anything
 	c.Assert(err, checker.IsNil)
--- a/integration/fixtures/consul/simple.toml
+++ b/integration/fixtures/consul/simple.toml
@@ -1,11 +1,9 @@
-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-#
-# LogLevel
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
 logLevel = "DEBUG"

 [consul]
--- a/integration/fixtures/consul_catalog/simple.toml
+++ b/integration/fixtures/consul_catalog/simple.toml
@@ -0,0 +1,9 @@
+defaultEntryPoints = ["http"]
+logLevel = "DEBUG"
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
+[consulCatalog]
+domain = "consul.localhost"
--- a/integration/fixtures/docker/simple.toml
+++ b/integration/fixtures/docker/simple.toml
@@ -1,11 +1,9 @@
-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-#
-# LogLevel
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
 logLevel = "DEBUG"

 [docker]
--- a/integration/fixtures/etcd/simple.toml
+++ b/integration/fixtures/etcd/simple.toml
@@ -0,0 +1,10 @@
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
+logLevel = "DEBUG"
+
+[etcd]
+  endpoint = "127.0.0.1:4003,127.0.0.1:4002,127.0.0.1:4001"
--- a/integration/fixtures/file/56-simple-panic.toml
+++ b/integration/fixtures/file/56-simple-panic.toml
@@ -1,11 +1,9 @@
-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-#
-# LogLevel
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
 logLevel = "DEBUG"

 [file]
--- a/integration/fixtures/file/simple.toml
+++ b/integration/fixtures/file/simple.toml
@@ -1,11 +1,9 @@
-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-#
-# LogLevel
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
 logLevel = "DEBUG"

 [file]
--- a/integration/fixtures/https/https_sni.toml
+++ b/integration/fixtures/https/https_sni.toml
@@ -1,13 +1,17 @@
-port = ":443"
 logLevel = "DEBUG"

-[[certificates]]
-CertFile = "fixtures/https/snitest.com.cert"
-KeyFile = "fixtures/https/snitest.com.key"
+defaultEntryPoints = ["https"]

-[[certificates]]
-CertFile = "fixtures/https/snitest.org.cert"
-KeyFile = "fixtures/https/snitest.org.key"
+[entryPoints]
+  [entryPoints.https]
+  address = ":4443"
+    [entryPoints.https.tls]
+     [[entryPoints.https.tls.certificates]]
+     CertFile = "fixtures/https/snitest.com.cert"
+     KeyFile = "fixtures/https/snitest.com.key"
+     [[entryPoints.https.tls.certificates]]
+     CertFile = "fixtures/https/snitest.org.cert"
+     KeyFile = "fixtures/https/snitest.org.key"

 [file]

--- a/integration/fixtures/marathon/simple.toml
+++ b/integration/fixtures/marathon/simple.toml
@@ -1,11 +1,9 @@
-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-#
-# LogLevel
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
+
 logLevel = "DEBUG"

 [marathon]
--- a/integration/fixtures/simple_default.toml
+++ b/integration/fixtures/simple_default.toml
@@ -1,9 +1,5 @@
-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-#
-# LogLevel
-logLevel = "DEBUG"
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"
--- a/integration/fixtures/simple_web.toml
+++ b/integration/fixtures/simple_web.toml
@@ -1,5 +1,9 @@
 logLevel = "DEBUG"
+defaultEntryPoints = ["http"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":8000"

 [web]
-
 address = ":8080"
--- a/integration/https_test.go
+++ b/integration/https_test.go
@@ -19,7 +19,7 @@ type HTTPSSuite struct{ BaseSuite }
 // "snitest.com", which happens to match the CN of 'snitest.com.crt'. The test
 // verifies that traefik presents the correct certificate.
 func (s *HTTPSSuite) TestWithSNIConfigHandshake(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/https/https_sni.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/https/https_sni.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()
@@ -30,7 +30,7 @@ func (s *HTTPSSuite) TestWithSNIConfigHandshake(c *check.C) {
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 	}
-	conn, err := tls.Dial("tcp", "127.0.0.1:443", tlsConfig)
+	conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
 	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))

 	defer conn.Close()
@@ -46,7 +46,7 @@ func (s *HTTPSSuite) TestWithSNIConfigHandshake(c *check.C) {
 // SNI hostnames of "snitest.org" and "snitest.com". The test verifies
 // that traefik routes the requests to the expected backends.
 func (s *HTTPSSuite) TestWithSNIConfigRoute(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/https/https_sni.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/https/https_sni.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()
@@ -72,7 +72,7 @@ func (s *HTTPSSuite) TestWithSNIConfigRoute(c *check.C) {
 	}

 	client := &http.Client{Transport: tr1}
-	req, _ := http.NewRequest("GET", "https://127.0.0.1/", nil)
+	req, _ := http.NewRequest("GET", "https://127.0.0.1:4443/", nil)
 	req.Host = "snitest.com"
 	req.Header.Set("Host", "snitest.com")
 	req.Header.Set("Accept", "*/*")
@@ -82,7 +82,7 @@ func (s *HTTPSSuite) TestWithSNIConfigRoute(c *check.C) {
 	c.Assert(resp.StatusCode, checker.Equals, 204)

 	client = &http.Client{Transport: tr2}
-	req, _ = http.NewRequest("GET", "https://127.0.0.1/", nil)
+	req, _ = http.NewRequest("GET", "https://127.0.0.1:4443/", nil)
 	req.Host = "snitest.org"
 	req.Header.Set("Host", "snitest.org")
 	req.Header.Set("Accept", "*/*")
--- a/integration/integration_test.go
+++ b/integration/integration_test.go
@@ -10,9 +10,8 @@ import (
 	"testing"
 	"text/template"

-	"github.com/docker/libcompose/docker"
-	"github.com/docker/libcompose/project"
-	"github.com/emilevauge/traefik/integration/utils"
+	"github.com/containous/traefik/integration/utils"
+	"github.com/vdemeester/libkermit/compose"

 	checker "github.com/vdemeester/shakers"
 	check "gopkg.in/check.v1"
@@ -28,94 +27,31 @@ func init() {
 	check.Suite(&FileSuite{})
 	check.Suite(&DockerSuite{})
 	check.Suite(&ConsulSuite{})
+	check.Suite(&ConsulCatalogSuite{})
+	check.Suite(&EtcdSuite{})
 	check.Suite(&MarathonSuite{})
 }

 var traefikBinary = "../dist/traefik"

-// File test suites
-type FileSuite struct{ BaseSuite }
-
-func (s *FileSuite) SetUpSuite(c *check.C) {
-	s.createComposeProject(c, "file")
-
-	s.composeProject.Up()
-}
-
-// Consul test suites (using libcompose)
-type ConsulSuite struct{ BaseSuite }
-
-func (s *ConsulSuite) SetUpSuite(c *check.C) {
-	s.createComposeProject(c, "consul")
-}
-
-// Marathon test suites (using libcompose)
-type MarathonSuite struct{ BaseSuite }
-
-func (s *MarathonSuite) SetUpSuite(c *check.C) {
-	s.createComposeProject(c, "marathon")
-}
-
 type BaseSuite struct {
-	composeProject *project.Project
-	listenChan     chan project.Event
-	started        chan bool
-	stopped        chan bool
-	deleted        chan bool
+	composeProject *compose.Project
 }

 func (s *BaseSuite) TearDownSuite(c *check.C) {
 	// shutdown and delete compose project
 	if s.composeProject != nil {
-		s.composeProject.Down()
-		<-s.stopped
-		defer close(s.stopped)
-
-		s.composeProject.Delete()
-		<-s.deleted
-		defer close(s.deleted)
+		err := s.composeProject.Stop()
+		c.Assert(err, checker.IsNil)
 	}
 }

 func (s *BaseSuite) createComposeProject(c *check.C, name string) {
-	composeProject, err := docker.NewProject(&docker.Context{
-		Context: project.Context{
-			ComposeFile: fmt.Sprintf("resources/compose/%s.yml", name),
-			ProjectName: fmt.Sprintf("integration-test-%s", name),
-		},
-	})
+	projectName := fmt.Sprintf("integration-test-%s", name)
+	composeFile := fmt.Sprintf("resources/compose/%s.yml", name)
+	composeProject, err := compose.CreateProject(projectName, composeFile)
 	c.Assert(err, checker.IsNil)
 	s.composeProject = composeProject
-
-	s.started = make(chan bool)
-	s.stopped = make(chan bool)
-	s.deleted = make(chan bool)
-
-	s.listenChan = make(chan project.Event)
-	go s.startListening(c)
-
-	composeProject.AddListener(s.listenChan)
-
-	composeProject.Start()
-
-	// Wait for compose to start
-	<-s.started
-	defer close(s.started)
-}
-
-func (s *BaseSuite) startListening(c *check.C) {
-	for event := range s.listenChan {
-		// FIXME Add a timeout on event ?
-		if event.EventType == project.EventProjectStartDone {
-			s.started <- true
-		}
-		if event.EventType == project.EventProjectDownDone {
-			s.stopped <- true
-		}
-		if event.EventType == project.EventProjectDeleteDone {
-			s.deleted <- true
-		}
-	}
 }

 func (s *BaseSuite) traefikCmd(c *check.C, args ...string) (*exec.Cmd, string) {
--- a/integration/marathon_test.go
+++ b/integration/marathon_test.go
@@ -9,15 +9,22 @@ import (
 	check "gopkg.in/check.v1"
 )

+// Marathon test suites (using libcompose)
+type MarathonSuite struct{ BaseSuite }
+
+func (s *MarathonSuite) SetUpSuite(c *check.C) {
+	s.createComposeProject(c, "marathon")
+}
+
 func (s *MarathonSuite) TestSimpleConfiguration(c *check.C) {
-	cmd := exec.Command(traefikBinary, "fixtures/marathon/simple.toml")
+	cmd := exec.Command(traefikBinary, "--configFile=fixtures/marathon/simple.toml")
 	err := cmd.Start()
 	c.Assert(err, checker.IsNil)
 	defer cmd.Process.Kill()

 	time.Sleep(500 * time.Millisecond)
 	// TODO validate : run on 80
-	resp, err := http.Get("http://127.0.0.1/")
+	resp, err := http.Get("http://127.0.0.1:8000/")

 	// Expected a 404 as we did not configure anything
 	c.Assert(err, checker.IsNil)
--- a/integration/resources/compose/consul_catalog.yml
+++ b/integration/resources/compose/consul_catalog.yml
@@ -0,0 +1,17 @@
+consul:
+  image: progrium/consul
+  command: -server -bootstrap -log-level debug -ui-dir /ui
+  ports:
+    - "8400:8400"
+    - "8500:8500"
+    - "8600:53/udp"
+  expose:
+    - "8300"
+    - "8301"
+    - "8301/udp"
+    - "8302"
+    - "8302/udp"
+nginx:
+  image: nginx
+  ports:
+    - "8881:80"
--- a/integration/resources/compose/etcd.yml
+++ b/integration/resources/compose/etcd.yml
@@ -0,0 +1,30 @@
+etcd1:
+  image: quay.io/coreos/etcd:v2.2.0
+  net: "host"
+  command: >
+    --name etcd1
+    --listen-peer-urls http://localhost:7001
+    --listen-client-urls http://localhost:4001
+    --initial-advertise-peer-urls http://localhost:7001
+    --advertise-client-urls http://localhost:4001
+    --initial-cluster etcd1=http://localhost:7001,etcd2=http://localhost:7002,etcd3=http://localhost:7003
+etcd2:
+  image: quay.io/coreos/etcd:v2.2.0
+  net: "host"
+  command: >
+    --name etcd2
+    --listen-peer-urls http://localhost:7002
+    --listen-client-urls http://localhost:4002
+    --initial-advertise-peer-urls http://localhost:7002
+    --advertise-client-urls http://localhost:4002
+    --initial-cluster etcd1=http://localhost:7001,etcd2=http://localhost:7002,etcd3=http://localhost:7003
+etcd3:
+  image: quay.io/coreos/etcd:v2.2.0
+  net: "host"
+  command: >
+    --name etcd3
+    --listen-peer-urls http://localhost:7003
+    --listen-client-urls http://localhost:4003
+    --initial-advertise-peer-urls http://localhost:7003
+    --advertise-client-urls http://localhost:4003
+    --initial-cluster etcd1=http://localhost:7001,etcd2=http://localhost:7002,etcd3=http://localhost:7003
--- a/integration/resources/compose/marathon.yml
+++ b/integration/resources/compose/marathon.yml
@@ -3,7 +3,7 @@ zk:
  net: host
  environment:
    ZK_CONFIG: tickTime=2000,initLimit=10,syncLimit=5,maxClientCnxns=128,forceSync=no,clientPort=2181
-    ZK_ID: 1
+    ZK_ID: " 1"

 master:
  image: mesosphere/mesos-master:0.23.0-1.0.ubuntu1404
@@ -12,7 +12,7 @@ master:
    MESOS_ZK: zk://127.0.0.1:2181/mesos
    MESOS_HOSTNAME: 127.0.0.1
    MESOS_IP: 127.0.0.1
-    MESOS_QUORUM: 1
+    MESOS_QUORUM: " 1"
    MESOS_CLUSTER: docker-compose
    MESOS_WORK_DIR: /var/lib/mesos

--- a/middlewares/StripPrefix.go
+++ b/middlewares/StripPrefix.go
@@ -0,0 +1,22 @@
+package middlewares
+
+import (
+	"net/http"
+	"strings"
+)
+
+// StripPrefix is a middleware used to strip prefix from an URL request
+type StripPrefix struct {
+	Handler http.Handler
+	Prefix  string
+}
+
+func (s *StripPrefix) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if p := strings.TrimPrefix(r.URL.Path, s.Prefix); len(p) < len(r.URL.Path) {
+		r.URL.Path = p
+		r.RequestURI = r.URL.RequestURI()
+		s.Handler.ServeHTTP(w, r)
+	} else {
+		http.NotFound(w, r)
+	}
+}
--- a/middlewares/cbreaker.go
+++ b/middlewares/cbreaker.go
@@ -3,7 +3,7 @@ package middlewares
 import (
 	"net/http"

-	"github.com/mailgun/oxy/cbreaker"
+	"github.com/containous/oxy/cbreaker"
 )

 // CircuitBreaker holds the oxy circuit breaker.
--- a/middlewares/handlerSwitcher.go
+++ b/middlewares/handlerSwitcher.go
@@ -0,0 +1,40 @@
+package middlewares
+
+import (
+	"github.com/gorilla/mux"
+	"net/http"
+	"sync"
+)
+
+// HandlerSwitcher allows hot switching of http.ServeMux
+type HandlerSwitcher struct {
+	handler     *mux.Router
+	handlerLock *sync.Mutex
+}
+
+// NewHandlerSwitcher builds a new instance of HandlerSwitcher
+func NewHandlerSwitcher(newHandler *mux.Router) (hs *HandlerSwitcher) {
+	return &HandlerSwitcher{
+		handler:     newHandler,
+		handlerLock: &sync.Mutex{},
+	}
+}
+
+func (hs *HandlerSwitcher) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	hs.handlerLock.Lock()
+	handlerBackup := hs.handler
+	hs.handlerLock.Unlock()
+	handlerBackup.ServeHTTP(rw, r)
+}
+
+// GetHandler returns the current http.ServeMux
+func (hs *HandlerSwitcher) GetHandler() (newHandler *mux.Router) {
+	return hs.handler
+}
+
+// UpdateHandler safely updates the current http.ServeMux with a new one
+func (hs *HandlerSwitcher) UpdateHandler(newHandler *mux.Router) {
+	hs.handlerLock.Lock()
+	hs.handler = newHandler
+	defer hs.handlerLock.Unlock()
+}
--- a/middlewares/rewrite.go
+++ b/middlewares/rewrite.go
@@ -0,0 +1,31 @@
+package middlewares
+
+import (
+	log "github.com/Sirupsen/logrus"
+	"github.com/vulcand/vulcand/plugin/rewrite"
+	"net/http"
+)
+
+// Rewrite is a middleware that allows redirections
+type Rewrite struct {
+	rewriter *rewrite.Rewrite
+}
+
+// NewRewrite creates a Rewrite middleware
+func NewRewrite(regex, replacement string, redirect bool) (*Rewrite, error) {
+	rewriter, err := rewrite.NewRewrite(regex, replacement, false, redirect)
+	if err != nil {
+		return nil, err
+	}
+	return &Rewrite{rewriter: rewriter}, nil
+}
+
+//
+func (rewrite *Rewrite) ServeHTTP(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+	handler, err := rewrite.rewriter.NewHandler(next)
+	if err != nil {
+		log.Error("Error in rewrite middleware ", err)
+		return
+	}
+	handler.ServeHTTP(rw, r)
+}
--- a/middlewares/websocket.go
+++ b/middlewares/websocket.go
@@ -1,52 +0,0 @@
-package middlewares
-
-import (
-	"net/http"
-	"strings"
-	"time"
-
-	log "github.com/Sirupsen/logrus"
-	"github.com/mailgun/oxy/roundrobin"
-)
-
-// WebsocketUpgrader holds Websocket configuration.
-type WebsocketUpgrader struct {
-	rr *roundrobin.RoundRobin
-}
-
-// NewWebsocketUpgrader returns a new WebsocketUpgrader.
-func NewWebsocketUpgrader(rr *roundrobin.RoundRobin) *WebsocketUpgrader {
-	wu := WebsocketUpgrader{
-		rr: rr,
-	}
-	return &wu
-}
-
-func (u *WebsocketUpgrader) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	// If request is websocket, serve with golang websocket server to do protocol handshake
-	if strings.Join(req.Header["Upgrade"], "") == "websocket" {
-		start := time.Now().UTC()
-		url, err := u.rr.NextServer()
-		if err != nil {
-			log.Errorf("Can't round robin in websocket middleware")
-			return
-		}
-		log.Debugf("Websocket forward to %s", url.String())
-		NewProxy(url).ServeHTTP(w, req)
-
-		if req.TLS != nil {
-			log.Debugf("Round trip: %v, duration: %v tls:version: %x, tls:resume:%t, tls:csuite:%x, tls:server:%v",
-				req.URL, time.Now().UTC().Sub(start),
-				req.TLS.Version,
-				req.TLS.DidResume,
-				req.TLS.CipherSuite,
-				req.TLS.ServerName)
-		} else {
-			log.Debugf("Round trip: %v, duration: %v",
-				req.URL, time.Now().UTC().Sub(start))
-		}
-
-		return
-	}
-	u.rr.ServeHTTP(w, req)
-}
--- a/middlewares/websocketproxy.go
+++ b/middlewares/websocketproxy.go
@@ -1,179 +0,0 @@
-package middlewares
-
-import (
-	"io"
-	"net"
-	"net/http"
-	"net/url"
-	"strings"
-
-	log "github.com/Sirupsen/logrus"
-	"github.com/gorilla/websocket"
-)
-
-// Original developpement made by https://github.com/koding/websocketproxy
-var (
-	// DefaultUpgrader specifies the parameters for upgrading an HTTP
-	// connection to a WebSocket connection.
-	DefaultUpgrader = &websocket.Upgrader{
-		ReadBufferSize:  1024,
-		WriteBufferSize: 1024,
-	}
-
-	// DefaultDialer is a dialer with all fields set to the default zero values.
-	DefaultDialer = websocket.DefaultDialer
-)
-
-// WebsocketProxy is an HTTP Handler that takes an incoming WebSocket
-// connection and proxies it to another server.
-type WebsocketProxy struct {
-	// Backend returns the backend URL which the proxy uses to reverse proxy
-	// the incoming WebSocket connection. Request is the initial incoming and
-	// unmodified request.
-	Backend func(*http.Request) *url.URL
-
-	// Upgrader specifies the parameters for upgrading a incoming HTTP
-	// connection to a WebSocket connection. If nil, DefaultUpgrader is used.
-	Upgrader *websocket.Upgrader
-
-	//  Dialer contains options for connecting to the backend WebSocket server.
-	//  If nil, DefaultDialer is used.
-	Dialer *websocket.Dialer
-}
-
-// ProxyHandler returns a new http.Handler interface that reverse proxies the
-// request to the given target.
-func ProxyHandler(target *url.URL) http.Handler {
-	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
-		NewProxy(target).ServeHTTP(rw, req)
-	})
-}
-
-// NewProxy returns a new Websocket reverse proxy that rewrites the
-// URL's to the scheme, host and base path provider in target.
-func NewProxy(target *url.URL) *WebsocketProxy {
-	backend := func(r *http.Request) *url.URL {
-		// Shallow copy
-		u := *target
-		u.Fragment = r.URL.Fragment
-		u.Path = r.URL.Path
-		u.RawQuery = r.URL.RawQuery
-		rurl := u.String()
-		if strings.HasPrefix(rurl, "http") {
-			u.Scheme = "ws"
-		}
-		if strings.HasPrefix(rurl, "https") {
-			u.Scheme = "wss"
-		}
-		return &u
-	}
-	return &WebsocketProxy{Backend: backend}
-}
-
-// ServeHTTP implements the http.Handler that proxies WebSocket connections.
-func (w *WebsocketProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-	if w.Backend == nil {
-		log.Errorf("Websocketproxy: backend function is not defined")
-		http.Error(rw, "Backend not found", http.StatusInternalServerError)
-		http.NotFound(rw, req)
-		return
-	}
-
-	backendURL := w.Backend(req)
-	if backendURL == nil {
-		log.Errorf("Websocketproxy: backend URL is nil")
-		http.Error(rw, "Backend URL is nil", http.StatusInternalServerError)
-		return
-	}
-
-	dialer := w.Dialer
-	if w.Dialer == nil {
-		dialer = DefaultDialer
-	}
-
-	// Pass headers from the incoming request to the dialer to forward them to
-	// the final destinations.
-	requestHeader := http.Header{}
-	requestHeader.Add("Origin", req.Header.Get("Origin"))
-	for _, prot := range req.Header[http.CanonicalHeaderKey("Sec-WebSocket-Protocol")] {
-		requestHeader.Add("Sec-WebSocket-Protocol", prot)
-	}
-	for _, cookie := range req.Header[http.CanonicalHeaderKey("Cookie")] {
-		requestHeader.Add("Cookie", cookie)
-	}
-	for _, auth := range req.Header[http.CanonicalHeaderKey("Authorization")] {
-		requestHeader.Add("Authorization", auth)
-	}
-
-	// Pass X-Forwarded-For headers too, code below is a part of
-	// httputil.ReverseProxy. See http://en.wikipedia.org/wiki/X-Forwarded-For
-	// for more information
-	// TODO: use RFC7239 http://tools.ietf.org/html/rfc7239
-	if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
-		// If we aren't the first proxy retain prior
-		// X-Forwarded-For information as a comma+space
-		// separated list and fold multiple headers into one.
-		if prior, ok := req.Header["X-Forwarded-For"]; ok {
-			clientIP = strings.Join(prior, ", ") + ", " + clientIP
-		}
-		requestHeader.Set("X-Forwarded-For", clientIP)
-	}
-
-	// Set the originating protocol of the incoming HTTP request. The SSL might
-	// be terminated on our site and because we doing proxy adding this would
-	// be helpful for applications on the backend.
-	requestHeader.Set("X-Forwarded-Proto", "http")
-	if req.TLS != nil {
-		requestHeader.Set("X-Forwarded-Proto", "https")
-	}
-
-	//frontend Origin != backend Origin
-	requestHeader.Del("Origin")
-
-	// Connect to the backend URL, also pass the headers we get from the requst
-	// together with the Forwarded headers we prepared above.
-	// TODO: support multiplexing on the same backend connection instead of
-	// opening a new TCP connection time for each request. This should be
-	// optional:
-	// http://tools.ietf.org/html/draft-ietf-hybi-websocket-multiplexing-01
-	connBackend, resp, err := dialer.Dial(backendURL.String(), requestHeader)
-	if err != nil {
-		log.Errorf("Websocketproxy: couldn't dial to remote backend url %s, %s, %+v", backendURL.String(), err, resp)
-		http.Error(rw, "Remote backend unreachable", http.StatusBadGateway)
-		return
-	}
-	defer connBackend.Close()
-
-	upgrader := w.Upgrader
-	if w.Upgrader == nil {
-		upgrader = DefaultUpgrader
-	}
-
-	// Only pass those headers to the upgrader.
-	upgradeHeader := http.Header{}
-	upgradeHeader.Set("Sec-WebSocket-Protocol",
-		resp.Header.Get(http.CanonicalHeaderKey("Sec-WebSocket-Protocol")))
-	upgradeHeader.Set("Set-Cookie",
-		resp.Header.Get(http.CanonicalHeaderKey("Set-Cookie")))
-
-	// Now upgrade the existing incoming request to a WebSocket connection.
-	// Also pass the header that we gathered from the Dial handshake.
-	connPub, err := upgrader.Upgrade(rw, req, upgradeHeader)
-	if err != nil {
-		log.Errorf("Websocketproxy: couldn't upgrade %s", err)
-		http.NotFound(rw, req)
-		return
-	}
-	defer connPub.Close()
-
-	errc := make(chan error, 2)
-	cp := func(dst io.Writer, src io.Reader) {
-		_, err := io.Copy(dst, src)
-		errc <- err
-	}
-
-	// Start our proxy now, everything is ready...
-	go cp(connBackend.UnderlyingConn(), connPub.UnderlyingConn())
-	go cp(connPub.UnderlyingConn(), connBackend.UnderlyingConn())
-	<-errc
-}
--- a/mocks/Marathon.go
+++ b/mocks/Marathon.go
@@ -0,0 +1,829 @@
+package mocks
+
+import "github.com/gambol99/go-marathon"
+import "github.com/stretchr/testify/mock"
+
+import "net/url"
+
+import "time"
+
+// Marathon is a mock of marathon.Marathon
+type Marathon struct {
+	mock.Mock
+}
+
+// ListApplications provides a mock function with given fields: _a0
+func (_m *Marathon) ListApplications(_a0 url.Values) ([]string, error) {
+	ret := _m.Called(_a0)
+
+	var r0 []string
+	if rf, ok := ret.Get(0).(func(url.Values) []string); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).([]string)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(url.Values) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// ApplicationVersions provides a mock function with given fields: name
+func (_m *Marathon) ApplicationVersions(name string) (*marathon.ApplicationVersions, error) {
+	ret := _m.Called(name)
+
+	var r0 *marathon.ApplicationVersions
+	if rf, ok := ret.Get(0).(func(string) *marathon.ApplicationVersions); ok {
+		r0 = rf(name)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.ApplicationVersions)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// HasApplicationVersion provides a mock function with given fields: name, version
+func (_m *Marathon) HasApplicationVersion(name string, version string) (bool, error) {
+	ret := _m.Called(name, version)
+
+	var r0 bool
+	if rf, ok := ret.Get(0).(func(string, string) bool); ok {
+		r0 = rf(name, version)
+	} else {
+		r0 = ret.Get(0).(bool)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, string) error); ok {
+		r1 = rf(name, version)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// SetApplicationVersion provides a mock function with given fields: name, version
+func (_m *Marathon) SetApplicationVersion(name string, version *marathon.ApplicationVersion) (*marathon.DeploymentID, error) {
+	ret := _m.Called(name, version)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string, *marathon.ApplicationVersion) *marathon.DeploymentID); ok {
+		r0 = rf(name, version)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, *marathon.ApplicationVersion) error); ok {
+		r1 = rf(name, version)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// ApplicationOK provides a mock function with given fields: name
+func (_m *Marathon) ApplicationOK(name string) (bool, error) {
+	ret := _m.Called(name)
+
+	var r0 bool
+	if rf, ok := ret.Get(0).(func(string) bool); ok {
+		r0 = rf(name)
+	} else {
+		r0 = ret.Get(0).(bool)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// CreateApplication provides a mock function with given fields: application
+func (_m *Marathon) CreateApplication(application *marathon.Application) (*marathon.Application, error) {
+	ret := _m.Called(application)
+
+	var r0 *marathon.Application
+	if rf, ok := ret.Get(0).(func(*marathon.Application) *marathon.Application); ok {
+		r0 = rf(application)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Application)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(*marathon.Application) error); ok {
+		r1 = rf(application)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// DeleteApplication provides a mock function with given fields: name
+func (_m *Marathon) DeleteApplication(name string) (*marathon.DeploymentID, error) {
+	ret := _m.Called(name)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string) *marathon.DeploymentID); ok {
+		r0 = rf(name)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// UpdateApplication provides a mock function with given fields: application
+func (_m *Marathon) UpdateApplication(application *marathon.Application) (*marathon.DeploymentID, error) {
+	ret := _m.Called(application)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(*marathon.Application) *marathon.DeploymentID); ok {
+		r0 = rf(application)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(*marathon.Application) error); ok {
+		r1 = rf(application)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// ApplicationDeployments provides a mock function with given fields: name
+func (_m *Marathon) ApplicationDeployments(name string) ([]*marathon.DeploymentID, error) {
+	ret := _m.Called(name)
+
+	var r0 []*marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string) []*marathon.DeploymentID); ok {
+		r0 = rf(name)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).([]*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// ScaleApplicationInstances provides a mock function with given fields: name, instances, force
+func (_m *Marathon) ScaleApplicationInstances(name string, instances int, force bool) (*marathon.DeploymentID, error) {
+	ret := _m.Called(name, instances, force)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string, int, bool) *marathon.DeploymentID); ok {
+		r0 = rf(name, instances, force)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, int, bool) error); ok {
+		r1 = rf(name, instances, force)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// RestartApplication provides a mock function with given fields: name, force
+func (_m *Marathon) RestartApplication(name string, force bool) (*marathon.DeploymentID, error) {
+	ret := _m.Called(name, force)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string, bool) *marathon.DeploymentID); ok {
+		r0 = rf(name, force)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, bool) error); ok {
+		r1 = rf(name, force)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Applications provides a mock function with given fields: _a0
+func (_m *Marathon) Applications(_a0 url.Values) (*marathon.Applications, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *marathon.Applications
+	if rf, ok := ret.Get(0).(func(url.Values) *marathon.Applications); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Applications)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(url.Values) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Application provides a mock function with given fields: name
+func (_m *Marathon) Application(name string) (*marathon.Application, error) {
+	ret := _m.Called(name)
+
+	var r0 *marathon.Application
+	if rf, ok := ret.Get(0).(func(string) *marathon.Application); ok {
+		r0 = rf(name)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Application)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// WaitOnApplication provides a mock function with given fields: name, timeout
+func (_m *Marathon) WaitOnApplication(name string, timeout time.Duration) error {
+	ret := _m.Called(name, timeout)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func(string, time.Duration) error); ok {
+		r0 = rf(name, timeout)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// Tasks provides a mock function with given fields: application
+func (_m *Marathon) Tasks(application string) (*marathon.Tasks, error) {
+	ret := _m.Called(application)
+
+	var r0 *marathon.Tasks
+	if rf, ok := ret.Get(0).(func(string) *marathon.Tasks); ok {
+		r0 = rf(application)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Tasks)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(application)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// AllTasks provides a mock function with given fields: opts
+func (_m *Marathon) AllTasks(opts *marathon.AllTasksOpts) (*marathon.Tasks, error) {
+	ret := _m.Called(opts)
+
+	var r0 *marathon.Tasks
+	if rf, ok := ret.Get(0).(func(*marathon.AllTasksOpts) *marathon.Tasks); ok {
+		r0 = rf(opts)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Tasks)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(*marathon.AllTasksOpts) error); ok {
+		r1 = rf(opts)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// TaskEndpoints provides a mock function with given fields: name, port, healthCheck
+func (_m *Marathon) TaskEndpoints(name string, port int, healthCheck bool) ([]string, error) {
+	ret := _m.Called(name, port, healthCheck)
+
+	var r0 []string
+	if rf, ok := ret.Get(0).(func(string, int, bool) []string); ok {
+		r0 = rf(name, port, healthCheck)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).([]string)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, int, bool) error); ok {
+		r1 = rf(name, port, healthCheck)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// KillApplicationTasks provides a mock function with given fields: applicationID, opts
+func (_m *Marathon) KillApplicationTasks(applicationID string, opts *marathon.KillApplicationTasksOpts) (*marathon.Tasks, error) {
+	ret := _m.Called(applicationID, opts)
+
+	var r0 *marathon.Tasks
+	if rf, ok := ret.Get(0).(func(string, *marathon.KillApplicationTasksOpts) *marathon.Tasks); ok {
+		r0 = rf(applicationID, opts)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Tasks)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, *marathon.KillApplicationTasksOpts) error); ok {
+		r1 = rf(applicationID, opts)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// KillTask provides a mock function with given fields: taskID, opts
+func (_m *Marathon) KillTask(taskID string, opts *marathon.KillTaskOpts) (*marathon.Task, error) {
+	ret := _m.Called(taskID, opts)
+
+	var r0 *marathon.Task
+	if rf, ok := ret.Get(0).(func(string, *marathon.KillTaskOpts) *marathon.Task); ok {
+		r0 = rf(taskID, opts)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Task)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, *marathon.KillTaskOpts) error); ok {
+		r1 = rf(taskID, opts)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// KillTasks provides a mock function with given fields: taskIDs, opts
+func (_m *Marathon) KillTasks(taskIDs []string, opts *marathon.KillTaskOpts) error {
+	ret := _m.Called(taskIDs, opts)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func([]string, *marathon.KillTaskOpts) error); ok {
+		r0 = rf(taskIDs, opts)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// Groups provides a mock function with given fields:
+func (_m *Marathon) Groups() (*marathon.Groups, error) {
+	ret := _m.Called()
+
+	var r0 *marathon.Groups
+	if rf, ok := ret.Get(0).(func() *marathon.Groups); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Groups)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Group provides a mock function with given fields: name
+func (_m *Marathon) Group(name string) (*marathon.Group, error) {
+	ret := _m.Called(name)
+
+	var r0 *marathon.Group
+	if rf, ok := ret.Get(0).(func(string) *marathon.Group); ok {
+		r0 = rf(name)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Group)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// CreateGroup provides a mock function with given fields: group
+func (_m *Marathon) CreateGroup(group *marathon.Group) error {
+	ret := _m.Called(group)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func(*marathon.Group) error); ok {
+		r0 = rf(group)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// DeleteGroup provides a mock function with given fields: name
+func (_m *Marathon) DeleteGroup(name string) (*marathon.DeploymentID, error) {
+	ret := _m.Called(name)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string) *marathon.DeploymentID); ok {
+		r0 = rf(name)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// UpdateGroup provides a mock function with given fields: id, group
+func (_m *Marathon) UpdateGroup(id string, group *marathon.Group) (*marathon.DeploymentID, error) {
+	ret := _m.Called(id, group)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string, *marathon.Group) *marathon.DeploymentID); ok {
+		r0 = rf(id, group)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, *marathon.Group) error); ok {
+		r1 = rf(id, group)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// HasGroup provides a mock function with given fields: name
+func (_m *Marathon) HasGroup(name string) (bool, error) {
+	ret := _m.Called(name)
+
+	var r0 bool
+	if rf, ok := ret.Get(0).(func(string) bool); ok {
+		r0 = rf(name)
+	} else {
+		r0 = ret.Get(0).(bool)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(name)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// WaitOnGroup provides a mock function with given fields: name, timeout
+func (_m *Marathon) WaitOnGroup(name string, timeout time.Duration) error {
+	ret := _m.Called(name, timeout)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func(string, time.Duration) error); ok {
+		r0 = rf(name, timeout)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// Deployments provides a mock function with given fields:
+func (_m *Marathon) Deployments() ([]*marathon.Deployment, error) {
+	ret := _m.Called()
+
+	var r0 []*marathon.Deployment
+	if rf, ok := ret.Get(0).(func() []*marathon.Deployment); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).([]*marathon.Deployment)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// DeleteDeployment provides a mock function with given fields: id, force
+func (_m *Marathon) DeleteDeployment(id string, force bool) (*marathon.DeploymentID, error) {
+	ret := _m.Called(id, force)
+
+	var r0 *marathon.DeploymentID
+	if rf, ok := ret.Get(0).(func(string, bool) *marathon.DeploymentID); ok {
+		r0 = rf(id, force)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.DeploymentID)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string, bool) error); ok {
+		r1 = rf(id, force)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// HasDeployment provides a mock function with given fields: id
+func (_m *Marathon) HasDeployment(id string) (bool, error) {
+	ret := _m.Called(id)
+
+	var r0 bool
+	if rf, ok := ret.Get(0).(func(string) bool); ok {
+		r0 = rf(id)
+	} else {
+		r0 = ret.Get(0).(bool)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(id)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// WaitOnDeployment provides a mock function with given fields: id, timeout
+func (_m *Marathon) WaitOnDeployment(id string, timeout time.Duration) error {
+	ret := _m.Called(id, timeout)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func(string, time.Duration) error); ok {
+		r0 = rf(id, timeout)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// Subscriptions provides a mock function with given fields:
+func (_m *Marathon) Subscriptions() (*marathon.Subscriptions, error) {
+	ret := _m.Called()
+
+	var r0 *marathon.Subscriptions
+	if rf, ok := ret.Get(0).(func() *marathon.Subscriptions); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Subscriptions)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// AddEventsListener provides a mock function with given fields: channel, filter
+func (_m *Marathon) AddEventsListener(channel marathon.EventsChannel, filter int) error {
+	ret := _m.Called(channel, filter)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func(marathon.EventsChannel, int) error); ok {
+		r0 = rf(channel, filter)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// RemoveEventsListener provides a mock function with given fields: channel
+func (_m *Marathon) RemoveEventsListener(channel marathon.EventsChannel) {
+	_m.Called(channel)
+}
+
+// Unsubscribe provides a mock function with given fields: _a0
+func (_m *Marathon) Unsubscribe(_a0 string) error {
+	ret := _m.Called(_a0)
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func(string) error); ok {
+		r0 = rf(_a0)
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// GetMarathonURL provides a mock function with given fields:
+func (_m *Marathon) GetMarathonURL() string {
+	ret := _m.Called()
+
+	var r0 string
+	if rf, ok := ret.Get(0).(func() string); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(string)
+	}
+
+	return r0
+}
+
+// Ping provides a mock function with given fields:
+func (_m *Marathon) Ping() (bool, error) {
+	ret := _m.Called()
+
+	var r0 bool
+	if rf, ok := ret.Get(0).(func() bool); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(bool)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Info provides a mock function with given fields:
+func (_m *Marathon) Info() (*marathon.Info, error) {
+	ret := _m.Called()
+
+	var r0 *marathon.Info
+	if rf, ok := ret.Get(0).(func() *marathon.Info); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*marathon.Info)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Leader provides a mock function with given fields:
+func (_m *Marathon) Leader() (string, error) {
+	ret := _m.Called()
+
+	var r0 string
+	if rf, ok := ret.Get(0).(func() string); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(string)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// AbdicateLeader provides a mock function with given fields:
+func (_m *Marathon) AbdicateLeader() (string, error) {
+	ret := _m.Called()
+
+	var r0 string
+	if rf, ok := ret.Get(0).(func() string); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(string)
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
--- a/provider/boltdb.go
+++ b/provider/boltdb.go
@@ -1,20 +1,20 @@
 package provider

 import (
+	"github.com/containous/traefik/types"
 	"github.com/docker/libkv/store"
 	"github.com/docker/libkv/store/boltdb"
-	"github.com/emilevauge/traefik/types"
 )

 // BoltDb holds configurations of the BoltDb provider.
 type BoltDb struct {
-	Kv
+	Kv `mapstructure:",squash"`
 }

 // Provide allows the provider to provide configurations to traefik
 // using the given configuration channel.
 func (provider *BoltDb) Provide(configurationChan chan<- types.ConfigMessage) error {
-	provider.StoreType = store.BOLTDB
+	provider.storeType = store.BOLTDB
 	boltdb.Register()
 	return provider.provide(configurationChan)
 }
--- a/provider/consul.go
+++ b/provider/consul.go
@@ -1,20 +1,20 @@
 package provider

 import (
+	"github.com/containous/traefik/types"
 	"github.com/docker/libkv/store"
 	"github.com/docker/libkv/store/consul"
-	"github.com/emilevauge/traefik/types"
 )

 // Consul holds configurations of the Consul provider.
 type Consul struct {
-	Kv
+	Kv `mapstructure:",squash"`
 }

 // Provide allows the provider to provide configurations to traefik
 // using the given configuration channel.
 func (provider *Consul) Provide(configurationChan chan<- types.ConfigMessage) error {
-	provider.StoreType = store.CONSUL
+	provider.storeType = store.CONSUL
 	consul.Register()
 	return provider.provide(configurationChan)
 }
--- a/provider/consul_catalog.go
+++ b/provider/consul_catalog.go
@@ -0,0 +1,199 @@
+package provider
+
+import (
+	"errors"
+	"strings"
+	"text/template"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/cenkalti/backoff"
+	"github.com/containous/traefik/types"
+	"github.com/hashicorp/consul/api"
+)
+
+const (
+	// DefaultWatchWaitTime is the duration to wait when polling consul
+	DefaultWatchWaitTime = 15 * time.Second
+)
+
+// ConsulCatalog holds configurations of the Consul catalog provider.
+type ConsulCatalog struct {
+	BaseProvider `mapstructure:",squash"`
+	Endpoint     string
+	Domain       string
+	client       *api.Client
+}
+
+type catalogUpdate struct {
+	Service string
+	Nodes   []*api.ServiceEntry
+}
+
+func (provider *ConsulCatalog) watchServices(stopCh <-chan struct{}) <-chan map[string][]string {
+	watchCh := make(chan map[string][]string)
+
+	catalog := provider.client.Catalog()
+
+	go func() {
+		defer close(watchCh)
+
+		opts := &api.QueryOptions{WaitTime: DefaultWatchWaitTime}
+
+		for {
+			select {
+			case <-stopCh:
+				return
+			default:
+			}
+
+			data, meta, err := catalog.Services(opts)
+			if err != nil {
+				log.WithError(err).Errorf("Failed to list services")
+				return
+			}
+
+			// If LastIndex didn't change then it means `Get` returned
+			// because of the WaitTime and the key didn't changed.
+			if opts.WaitIndex == meta.LastIndex {
+				continue
+			}
+			opts.WaitIndex = meta.LastIndex
+
+			if data != nil {
+				watchCh <- data
+			}
+		}
+	}()
+
+	return watchCh
+}
+
+func (provider *ConsulCatalog) healthyNodes(service string) (catalogUpdate, error) {
+	health := provider.client.Health()
+	opts := &api.QueryOptions{}
+	data, _, err := health.Service(service, "", true, opts)
+	if err != nil {
+		log.WithError(err).Errorf("Failed to fetch details of " + service)
+		return catalogUpdate{}, err
+	}
+
+	return catalogUpdate{
+		Service: service,
+		Nodes:   data,
+	}, nil
+}
+
+func (provider *ConsulCatalog) getBackend(node *api.ServiceEntry) string {
+	return strings.ToLower(node.Service.Service)
+}
+
+func (provider *ConsulCatalog) getFrontendValue(service string) string {
+	return service + "." + provider.Domain
+}
+
+func (provider *ConsulCatalog) buildConfig(catalog []catalogUpdate) *types.Configuration {
+	var FuncMap = template.FuncMap{
+		"getBackend":       provider.getBackend,
+		"getFrontendValue": provider.getFrontendValue,
+		"replace":          replace,
+	}
+
+	allNodes := []*api.ServiceEntry{}
+	serviceNames := []string{}
+	for _, info := range catalog {
+		if len(info.Nodes) > 0 {
+			serviceNames = append(serviceNames, info.Service)
+			allNodes = append(allNodes, info.Nodes...)
+		}
+	}
+
+	templateObjects := struct {
+		Services []string
+		Nodes    []*api.ServiceEntry
+	}{
+		Services: serviceNames,
+		Nodes:    allNodes,
+	}
+
+	configuration, err := provider.getConfiguration("templates/consul_catalog.tmpl", FuncMap, templateObjects)
+	if err != nil {
+		log.WithError(err).Error("Failed to create config")
+	}
+
+	return configuration
+}
+
+func (provider *ConsulCatalog) getNodes(index map[string][]string) ([]catalogUpdate, error) {
+	visited := make(map[string]bool)
+
+	nodes := []catalogUpdate{}
+	for service := range index {
+		name := strings.ToLower(service)
+		if !strings.Contains(name, " ") && !visited[name] {
+			visited[name] = true
+			log.WithFields(log.Fields{
+				"service": name,
+			}).Debug("Fetching service")
+			healthy, err := provider.healthyNodes(name)
+			if err != nil {
+				return nil, err
+			}
+			nodes = append(nodes, healthy)
+		}
+	}
+	return nodes, nil
+}
+
+func (provider *ConsulCatalog) watch(configurationChan chan<- types.ConfigMessage) error {
+	stopCh := make(chan struct{})
+	serviceCatalog := provider.watchServices(stopCh)
+
+	defer close(stopCh)
+
+	for {
+		select {
+		case index, ok := <-serviceCatalog:
+			if !ok {
+				return errors.New("Consul service list nil")
+			}
+			log.Debug("List of services changed")
+			nodes, err := provider.getNodes(index)
+			if err != nil {
+				return err
+			}
+			configuration := provider.buildConfig(nodes)
+			configurationChan <- types.ConfigMessage{
+				ProviderName:  "consul_catalog",
+				Configuration: configuration,
+			}
+		}
+	}
+}
+
+// Provide allows the provider to provide configurations to traefik
+// using the given configuration channel.
+func (provider *ConsulCatalog) Provide(configurationChan chan<- types.ConfigMessage) error {
+	config := api.DefaultConfig()
+	config.Address = provider.Endpoint
+	client, err := api.NewClient(config)
+	if err != nil {
+		return err
+	}
+	provider.client = client
+
+	go func() {
+		notify := func(err error, time time.Duration) {
+			log.Errorf("Consul connection error %+v, retrying in %s", err, time)
+		}
+		worker := func() error {
+			return provider.watch(configurationChan)
+		}
+		err := backoff.RetryNotify(worker, backoff.NewExponentialBackOff(), notify)
+		if err != nil {
+			log.Fatalf("Cannot connect to consul server %+v", err)
+		}
+	}()
+
+	return err
+}
--- a/provider/consul_catalog_test.go
+++ b/provider/consul_catalog_test.go
@@ -0,0 +1,110 @@
+package provider
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/containous/traefik/types"
+	"github.com/hashicorp/consul/api"
+)
+
+func TestConsulCatalogGetFrontendValue(t *testing.T) {
+	provider := &ConsulCatalog{
+		Domain: "localhost",
+	}
+
+	services := []struct {
+		service  string
+		expected string
+	}{
+		{
+			service:  "foo",
+			expected: "foo.localhost",
+		},
+	}
+
+	for _, e := range services {
+		actual := provider.getFrontendValue(e.service)
+		if actual != e.expected {
+			t.Fatalf("expected %q, got %q", e.expected, actual)
+		}
+	}
+}
+
+func TestConsulCatalogBuildConfig(t *testing.T) {
+	provider := &ConsulCatalog{
+		Domain: "localhost",
+	}
+
+	cases := []struct {
+		nodes             []catalogUpdate
+		expectedFrontends map[string]*types.Frontend
+		expectedBackends  map[string]*types.Backend
+	}{
+		{
+			nodes:             []catalogUpdate{},
+			expectedFrontends: map[string]*types.Frontend{},
+			expectedBackends:  map[string]*types.Backend{},
+		},
+		{
+			nodes: []catalogUpdate{
+				{
+					Service: "test",
+				},
+			},
+			expectedFrontends: map[string]*types.Frontend{},
+			expectedBackends:  map[string]*types.Backend{},
+		},
+		{
+			nodes: []catalogUpdate{
+				{
+					Service: "test",
+					Nodes: []*api.ServiceEntry{
+						{
+							Service: &api.AgentService{
+								Service: "test",
+								Port:    80,
+							},
+							Node: &api.Node{
+								Node:    "localhost",
+								Address: "127.0.0.1",
+							},
+						},
+					},
+				},
+			},
+			expectedFrontends: map[string]*types.Frontend{
+				"frontend-test": {
+					Backend: "backend-test",
+					Routes: map[string]types.Route{
+						"route-host-test": {
+							Rule:  "Host",
+							Value: "test.localhost",
+						},
+					},
+				},
+			},
+			expectedBackends: map[string]*types.Backend{
+				"backend-test": {
+					Servers: map[string]types.Server{
+						"server-localhost-80": {
+							URL: "http://127.0.0.1:80",
+						},
+					},
+					CircuitBreaker: nil,
+					LoadBalancer:   nil,
+				},
+			},
+		},
+	}
+
+	for _, c := range cases {
+		actualConfig := provider.buildConfig(c.nodes)
+		if !reflect.DeepEqual(actualConfig.Backends, c.expectedBackends) {
+			t.Fatalf("expected %#v, got %#v", c.expectedBackends, actualConfig.Backends)
+		}
+		if !reflect.DeepEqual(actualConfig.Frontends, c.expectedFrontends) {
+			t.Fatalf("expected %#v, got %#v", c.expectedFrontends, actualConfig.Frontends)
+		}
+	}
+}
--- a/provider/docker.go
+++ b/provider/docker.go
@@ -11,16 +11,16 @@ import (
 	"github.com/BurntSushi/ty/fun"
 	log "github.com/Sirupsen/logrus"
 	"github.com/cenkalti/backoff"
-	"github.com/emilevauge/traefik/types"
+	"github.com/containous/traefik/types"
 	"github.com/fsouza/go-dockerclient"
 )

 // Docker holds configurations of the Docker provider.
 type Docker struct {
-	baseProvider
-	Endpoint string
-	Domain   string
-	TLS      *DockerTLS
+	BaseProvider `mapstructure:",squash"`
+	Endpoint     string
+	Domain       string
+	TLS          *DockerTLS
 }

 // DockerTLS holds TLS specific configurations
@@ -34,35 +34,39 @@ type DockerTLS struct {
 // Provide allows the provider to provide configurations to traefik
 // using the given configuration channel.
 func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage) error {
+	go func() {
+		operation := func() error {
+			var dockerClient *docker.Client
+			var err error

-	var dockerClient *docker.Client
-	var err error
-
-	if provider.TLS != nil {
-		dockerClient, err = docker.NewTLSClient(provider.Endpoint,
-			provider.TLS.Cert, provider.TLS.Key, provider.TLS.CA)
-		if err == nil {
-			dockerClient.TLSConfig.InsecureSkipVerify = provider.TLS.InsecureSkipVerify
-		}
-	} else {
-		dockerClient, err = docker.NewClient(provider.Endpoint)
-	}
-	if err != nil {
-		log.Errorf("Failed to create a client for docker, error: %s", err)
-		return err
-	}
-	err = dockerClient.Ping()
-	if err != nil {
-		log.Errorf("Docker connection error %+v", err)
-		return err
-	}
-	log.Debug("Docker connection established")
-	if provider.Watch {
-		dockerEvents := make(chan *docker.APIEvents)
-		dockerClient.AddEventListener(dockerEvents)
-		log.Debug("Docker listening")
-		go func() {
-			operation := func() error {
+			if provider.TLS != nil {
+				dockerClient, err = docker.NewTLSClient(provider.Endpoint,
+					provider.TLS.Cert, provider.TLS.Key, provider.TLS.CA)
+				if err == nil {
+					dockerClient.TLSConfig.InsecureSkipVerify = provider.TLS.InsecureSkipVerify
+				}
+			} else {
+				dockerClient, err = docker.NewClient(provider.Endpoint)
+			}
+			if err != nil {
+				log.Errorf("Failed to create a client for docker, error: %s", err)
+				return err
+			}
+			err = dockerClient.Ping()
+			if err != nil {
+				log.Errorf("Docker connection error %+v", err)
+				return err
+			}
+			log.Debug("Docker connection established")
+			configuration := provider.loadDockerConfig(listContainers(dockerClient))
+			configurationChan <- types.ConfigMessage{
+				ProviderName:  "docker",
+				Configuration: configuration,
+			}
+			if provider.Watch {
+				dockerEvents := make(chan *docker.APIEvents)
+				dockerClient.AddEventListener(dockerEvents)
+				log.Debug("Docker listening")
 				for {
 					event := <-dockerEvents
 					if event == nil {
@@ -81,21 +85,17 @@ func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage) er
 					}
 				}
 			}
-			notify := func(err error, time time.Duration) {
-				log.Errorf("Docker connection error %+v, retrying in %s", err, time)
-			}
-			err := backoff.RetryNotify(operation, backoff.NewExponentialBackOff(), notify)
-			if err != nil {
-				log.Fatalf("Cannot connect to docker server %+v", err)
-			}
-		}()
-	}
+			return nil
+		}
+		notify := func(err error, time time.Duration) {
+			log.Errorf("Docker connection error %+v, retrying in %s", err, time)
+		}
+		err := backoff.RetryNotify(operation, backoff.NewExponentialBackOff(), notify)
+		if err != nil {
+			log.Fatalf("Cannot connect to docker server %+v", err)
+		}
+	}()

-	configuration := provider.loadDockerConfig(listContainers(dockerClient))
-	configurationChan <- types.ConfigMessage{
-		ProviderName:  "docker",
-		Configuration: configuration,
-	}
 	return nil
 }

@@ -107,6 +107,7 @@ func (provider *Docker) loadDockerConfig(containersInspected []docker.Container)
 		"getDomain":         provider.getDomain,
 		"getProtocol":       provider.getProtocol,
 		"getPassHostHeader": provider.getPassHostHeader,
+		"getEntryPoints":    provider.getEntryPoints,
 		"getFrontendValue":  provider.getFrontendValue,
 		"getFrontendRule":   provider.getFrontendRule,
 		"replace":           replace,
@@ -234,6 +235,13 @@ func (provider *Docker) getPassHostHeader(container docker.Container) string {
 	return "false"
 }

+func (provider *Docker) getEntryPoints(container docker.Container) []string {
+	if entryPoints, err := getLabel(container, "traefik.frontend.entryPoints"); err == nil {
+		return strings.Split(entryPoints, ",")
+	}
+	return []string{}
+}
+
 func getLabel(container docker.Container, label string) (string, error) {
 	for key, value := range container.Config.Labels {
 		if key == label {
--- a/provider/docker_test.go
+++ b/provider/docker_test.go
@@ -5,7 +5,7 @@ import (
 	"strings"
 	"testing"

-	"github.com/emilevauge/traefik/types"
+	"github.com/containous/traefik/types"
 	"github.com/fsouza/go-dockerclient"
 )

@@ -676,13 +676,18 @@ func TestDockerLoadDockerConfig(t *testing.T) {
 						Ports: map[docker.Port][]docker.PortBinding{
 							"80/tcp": {},
 						},
-						IPAddress: "127.0.0.1",
+						Networks: map[string]docker.ContainerNetwork{
+							"bridgde": {
+								IPAddress: "127.0.0.1",
+							},
+						},
 					},
 				},
 			},
 			expectedFrontends: map[string]*types.Frontend{
 				`"frontend-Host-test-docker-localhost"`: {
-					Backend: "backend-test",
+					Backend:     "backend-test",
+					EntryPoints: []string{},
 					Routes: map[string]types.Route{
 						`"route-frontend-Host-test-docker-localhost"`: {
 							Rule:  "Host",
@@ -709,14 +714,19 @@ func TestDockerLoadDockerConfig(t *testing.T) {
 					Name: "test1",
 					Config: &docker.Config{
 						Labels: map[string]string{
-							"traefik.backend": "foobar",
+							"traefik.backend":              "foobar",
+							"traefik.frontend.entryPoints": "http,https",
 						},
 					},
 					NetworkSettings: &docker.NetworkSettings{
 						Ports: map[docker.Port][]docker.PortBinding{
 							"80/tcp": {},
 						},
-						IPAddress: "127.0.0.1",
+						Networks: map[string]docker.ContainerNetwork{
+							"bridgde": {
+								IPAddress: "127.0.0.1",
+							},
+						},
 					},
 				},
 				{
@@ -730,13 +740,18 @@ func TestDockerLoadDockerConfig(t *testing.T) {
 						Ports: map[docker.Port][]docker.PortBinding{
 							"80/tcp": {},
 						},
-						IPAddress: "127.0.0.1",
+						Networks: map[string]docker.ContainerNetwork{
+							"bridgde": {
+								IPAddress: "127.0.0.1",
+							},
+						},
 					},
 				},
 			},
 			expectedFrontends: map[string]*types.Frontend{
 				`"frontend-Host-test1-docker-localhost"`: {
-					Backend: "backend-foobar",
+					Backend:     "backend-foobar",
+					EntryPoints: []string{"http", "https"},
 					Routes: map[string]types.Route{
 						`"route-frontend-Host-test1-docker-localhost"`: {
 							Rule:  "Host",
@@ -745,7 +760,8 @@ func TestDockerLoadDockerConfig(t *testing.T) {
 					},
 				},
 				`"frontend-Host-test2-docker-localhost"`: {
-					Backend: "backend-foobar",
+					Backend:     "backend-foobar",
+					EntryPoints: []string{},
 					Routes: map[string]types.Route{
 						`"route-frontend-Host-test2-docker-localhost"`: {
 							Rule:  "Host",
--- a/provider/etcd.go
+++ b/provider/etcd.go
@@ -1,20 +1,20 @@
 package provider

 import (
+	"github.com/containous/traefik/types"
 	"github.com/docker/libkv/store"
 	"github.com/docker/libkv/store/etcd"
-	"github.com/emilevauge/traefik/types"
 )

 // Etcd holds configurations of the Etcd provider.
 type Etcd struct {
-	Kv
+	Kv `mapstructure:",squash"`
 }

 // Provide allows the provider to provide configurations to traefik
 // using the given configuration channel.
 func (provider *Etcd) Provide(configurationChan chan<- types.ConfigMessage) error {
-	provider.StoreType = store.ETCD
+	provider.storeType = store.ETCD
 	etcd.Register()
 	return provider.provide(configurationChan)
 }
--- a/provider/file.go
+++ b/provider/file.go
@@ -7,13 +7,13 @@ import (

 	"github.com/BurntSushi/toml"
 	log "github.com/Sirupsen/logrus"
-	"github.com/emilevauge/traefik/types"
+	"github.com/containous/traefik/types"
 	"gopkg.in/fsnotify.v1"
 )

 // File holds configurations of the File provider.
 type File struct {
-	baseProvider
+	BaseProvider `mapstructure:",squash"`
 }

 // Provide allows the provider to provide configurations to traefik
--- a/provider/kv.go
+++ b/provider/kv.go
@@ -2,34 +2,96 @@
 package provider

 import (
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"io/ioutil"
 	"strings"
 	"text/template"
 	"time"

 	"github.com/BurntSushi/ty/fun"
 	log "github.com/Sirupsen/logrus"
+	"github.com/containous/traefik/types"
 	"github.com/docker/libkv"
 	"github.com/docker/libkv/store"
-	"github.com/emilevauge/traefik/types"
 )

 // Kv holds common configurations of key-value providers.
 type Kv struct {
-	baseProvider
-	Endpoint  string
-	Prefix    string
-	StoreType store.Backend
-	kvclient  store.Store
+	BaseProvider `mapstructure:",squash"`
+	Endpoint     string
+	Prefix       string
+	TLS          *KvTLS
+	storeType    store.Backend
+	kvclient     store.Store
+}
+
+// KvTLS holds TLS specific configurations
+type KvTLS struct {
+	CA                 string
+	Cert               string
+	Key                string
+	InsecureSkipVerify bool
+}
+
+func (provider *Kv) watchKv(configurationChan chan<- types.ConfigMessage, prefix string) {
+	for {
+		chanKeys, err := provider.kvclient.WatchTree(provider.Prefix, make(chan struct{}) /* stop chan */)
+		if err != nil {
+			log.Errorf("Failed to WatchTree %s", err)
+			continue
+		}
+
+		for range chanKeys {
+			configuration := provider.loadConfig()
+			if configuration != nil {
+				configurationChan <- types.ConfigMessage{
+					ProviderName:  string(provider.storeType),
+					Configuration: configuration,
+				}
+			}
+		}
+		log.Warnf("Intermittent failure to WatchTree KV. Retrying.")
+	}
 }

 func (provider *Kv) provide(configurationChan chan<- types.ConfigMessage) error {
+	storeConfig := &store.Config{
+		ConnectionTimeout: 30 * time.Second,
+		Bucket:            "traefik",
+	}
+
+	if provider.TLS != nil {
+		caPool := x509.NewCertPool()
+
+		if provider.TLS.CA != "" {
+			ca, err := ioutil.ReadFile(provider.TLS.CA)
+
+			if err != nil {
+				return fmt.Errorf("Failed to read CA. %s", err)
+			}
+
+			caPool.AppendCertsFromPEM(ca)
+		}
+
+		cert, err := tls.LoadX509KeyPair(provider.TLS.Cert, provider.TLS.Key)
+
+		if err != nil {
+			return fmt.Errorf("Failed to load keypair. %s", err)
+		}
+
+		storeConfig.TLS = &tls.Config{
+			Certificates:       []tls.Certificate{cert},
+			RootCAs:            caPool,
+			InsecureSkipVerify: provider.TLS.InsecureSkipVerify,
+		}
+	}
+
 	kv, err := libkv.NewStore(
-		provider.StoreType,
-		[]string{provider.Endpoint},
-		&store.Config{
-			ConnectionTimeout: 30 * time.Second,
-			Bucket:            "traefik",
-		},
+		provider.storeType,
+		strings.Split(provider.Endpoint, ","),
+		storeConfig,
 	)
 	if err != nil {
 		return err
@@ -39,28 +101,11 @@ func (provider *Kv) provide(configurationChan chan<- types.ConfigMessage) error
 	}
 	provider.kvclient = kv
 	if provider.Watch {
-		stopCh := make(chan struct{})
-		chanKeys, err := kv.WatchTree(provider.Prefix, stopCh)
-		if err != nil {
-			return err
-		}
-		go func() {
-			for {
-				<-chanKeys
-				configuration := provider.loadConfig()
-				if configuration != nil {
-					configurationChan <- types.ConfigMessage{
-						ProviderName:  string(provider.StoreType),
-						Configuration: configuration,
-					}
-				}
-				defer close(stopCh)
-			}
-		}()
+		go provider.watchKv(configurationChan, provider.Prefix)
 	}
 	configuration := provider.loadConfig()
 	configurationChan <- types.ConfigMessage{
-		ProviderName:  string(provider.StoreType),
+		ProviderName:  string(provider.storeType),
 		Configuration: configuration,
 	}
 	return nil
@@ -70,12 +115,14 @@ func (provider *Kv) loadConfig() *types.Configuration {
 	templateObjects := struct {
 		Prefix string
 	}{
-		provider.Prefix,
+		// Allow `/traefik/alias` to superesede `provider.Prefix`
+		strings.TrimSuffix(provider.get(provider.Prefix, provider.Prefix+"/alias"), "/"),
 	}
 	var KvFuncMap = template.FuncMap{
-		"List": provider.list,
-		"Get":  provider.get,
-		"Last": provider.last,
+		"List":     provider.list,
+		"Get":      provider.get,
+		"SplitGet": provider.splitGet,
+		"Last":     provider.last,
 	}

 	configuration, err := provider.getConfiguration("templates/kv.tmpl", KvFuncMap, templateObjects)
@@ -89,7 +136,7 @@ func (provider *Kv) list(keys ...string) []string {
 	joinedKeys := strings.Join(keys, "")
 	keysPairs, err := provider.kvclient.List(joinedKeys)
 	if err != nil {
-		log.Error("Error getting keys: ", joinedKeys, err)
+		log.Errorf("Error getting keys %s %s ", joinedKeys, err)
 		return nil
 	}
 	directoryKeys := make(map[string]string)
@@ -100,18 +147,32 @@ func (provider *Kv) list(keys ...string) []string {
 	return fun.Values(directoryKeys).([]string)
 }

-func (provider *Kv) get(keys ...string) string {
+func (provider *Kv) get(defaultValue string, keys ...string) string {
 	joinedKeys := strings.Join(keys, "")
 	keyPair, err := provider.kvclient.Get(joinedKeys)
 	if err != nil {
-		log.Error("Error getting key: ", joinedKeys, err)
-		return ""
+		log.Warnf("Error getting key %s %s, setting default %s", joinedKeys, err, defaultValue)
+		return defaultValue
 	} else if keyPair == nil {
-		return ""
+		log.Warnf("Error getting key %s, setting default %s", joinedKeys, defaultValue)
+		return defaultValue
 	}
 	return string(keyPair.Value)
 }

+func (provider *Kv) splitGet(keys ...string) []string {
+	joinedKeys := strings.Join(keys, "")
+	keyPair, err := provider.kvclient.Get(joinedKeys)
+	if err != nil {
+		log.Warnf("Error getting key %s %s, setting default empty", joinedKeys, err)
+		return []string{}
+	} else if keyPair == nil {
+		log.Warnf("Error getting key %s, setting default %empty", joinedKeys)
+		return []string{}
+	}
+	return strings.Split(string(keyPair.Value), ",")
+}
+
 func (provider *Kv) last(key string) string {
 	splittedKey := strings.Split(key, "/")
 	return splittedKey[len(splittedKey)-1]
--- a/provider/kv_test.go
+++ b/provider/kv_test.go
@@ -2,8 +2,10 @@ package provider

 import (
 	"errors"
+	"github.com/containous/traefik/types"
 	"strings"
 	"testing"
+	"time"

 	"github.com/docker/libkv/store"
 	"reflect"
@@ -176,7 +178,7 @@ func TestKvGet(t *testing.T) {
 	}

 	for _, c := range cases {
-		actual := c.provider.get(c.keys...)
+		actual := c.provider.get("", c.keys...)
 		if actual != c.expected {
 			t.Fatalf("expected %v, got %v for %v and %v", c.expected, actual, c.keys, c.provider)
 		}
@@ -188,7 +190,7 @@ func TestKvGet(t *testing.T) {
 			Error: true,
 		},
 	}
-	actual := provider.get("anything")
+	actual := provider.get("", "anything")
 	if actual != "" {
 		t.Fatalf("Should have return nil, got %v", actual)
 	}
@@ -231,10 +233,60 @@ func TestKvLast(t *testing.T) {
 	}
 }

+type KvMock struct {
+	Kv
+}
+
+func (provider *KvMock) loadConfig() *types.Configuration {
+	return nil
+}
+
+func TestKvWatchTree(t *testing.T) {
+	returnedChans := make(chan chan []*store.KVPair)
+	provider := &KvMock{
+		Kv{
+			kvclient: &Mock{
+				WatchTreeMethod: func() <-chan []*store.KVPair {
+					c := make(chan []*store.KVPair, 10)
+					returnedChans <- c
+					return c
+				},
+			},
+		},
+	}
+
+	configChan := make(chan types.ConfigMessage)
+	go provider.watchKv(configChan, "prefix")
+
+	select {
+	case c1 := <-returnedChans:
+		c1 <- []*store.KVPair{}
+		<-configChan
+		close(c1) // WatchTree chans can close due to error
+	case <-time.After(1 * time.Second):
+		t.Fatalf("Failed to create a new WatchTree chan")
+	}
+
+	select {
+	case c2 := <-returnedChans:
+		c2 <- []*store.KVPair{}
+		<-configChan
+	case <-time.After(1 * time.Second):
+		t.Fatalf("Failed to create a new WatchTree chan")
+	}
+
+	select {
+	case _ = <-configChan:
+		t.Fatalf("configChan should be empty")
+	default:
+	}
+}
+
 // Extremely limited mock store so we can test initialization
 type Mock struct {
-	Error   bool
-	KVPairs []*store.KVPair
+	Error           bool
+	KVPairs         []*store.KVPair
+	WatchTreeMethod func() <-chan []*store.KVPair
 }

 func (s *Mock) Put(key string, value []byte, opts *store.WriteOptions) error {
@@ -269,7 +321,7 @@ func (s *Mock) Watch(key string, stopCh <-chan struct{}) (<-chan *store.KVPair,

 // WatchTree mock
 func (s *Mock) WatchTree(prefix string, stopCh <-chan struct{}) (<-chan []*store.KVPair, error) {
-	return nil, errors.New("WatchTree not supported")
+	return s.WatchTreeMethod(), nil
 }

 // NewLock mock
--- a/provider/marathon.go
+++ b/provider/marathon.go
@@ -4,22 +4,26 @@ import (
 	"errors"
 	"net/url"
 	"strconv"
+	"strings"
 	"text/template"

+	"crypto/tls"
 	"github.com/BurntSushi/ty/fun"
 	log "github.com/Sirupsen/logrus"
-	"github.com/emilevauge/traefik/types"
+	"github.com/containous/traefik/types"
 	"github.com/gambol99/go-marathon"
+	"net/http"
 )

 // Marathon holds configuration of the Marathon provider.
 type Marathon struct {
-	baseProvider
+	BaseProvider     `mapstructure:",squash"`
 	Endpoint         string
 	Domain           string
-	NetworkInterface string
+	ExposedByDefault bool
 	Basic            *MarathonBasic
-	marathonClient   lightMarathonClient
+	TLS              *tls.Config
+	marathonClient   marathon.Marathon
 }

 // MarathonBasic holds basic authentication specific configurations
@@ -38,11 +42,16 @@ type lightMarathonClient interface {
 func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage) error {
 	config := marathon.NewDefaultConfig()
 	config.URL = provider.Endpoint
-	config.EventsInterface = provider.NetworkInterface
+	config.EventsTransport = marathon.EventsTransportSSE
 	if provider.Basic != nil {
 		config.HTTPBasicAuthUser = provider.Basic.HTTPBasicAuthUser
 		config.HTTPBasicPassword = provider.Basic.HTTPBasicPassword
 	}
+	config.HTTPClient = &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: provider.TLS,
+		},
+	}
 	client, err := marathon.NewClient(config)
 	if err != nil {
 		log.Errorf("Failed to create a client for marathon, error: %s", err)
@@ -52,7 +61,7 @@ func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage)
 	update := make(marathon.EventsChannel, 5)
 	if provider.Watch {
 		if err := client.AddEventsListener(update, marathon.EVENTS_APPLICATIONS); err != nil {
-			log.Errorf("Failed to register for subscriptions, %s", err)
+			log.Errorf("Failed to register for events, %s", err)
 		} else {
 			go func() {
 				for {
@@ -80,14 +89,17 @@ func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage)

 func (provider *Marathon) loadMarathonConfig() *types.Configuration {
 	var MarathonFuncMap = template.FuncMap{
-		"getPort":           provider.getPort,
-		"getWeight":         provider.getWeight,
-		"getDomain":         provider.getDomain,
-		"getProtocol":       provider.getProtocol,
-		"getPassHostHeader": provider.getPassHostHeader,
-		"getFrontendValue":  provider.getFrontendValue,
-		"getFrontendRule":   provider.getFrontendRule,
-		"replace":           replace,
+		"getBackend":         provider.getBackend,
+		"getPort":            provider.getPort,
+		"getWeight":          provider.getWeight,
+		"getDomain":          provider.getDomain,
+		"getProtocol":        provider.getProtocol,
+		"getPassHostHeader":  provider.getPassHostHeader,
+		"getEntryPoints":     provider.getEntryPoints,
+		"getFrontendValue":   provider.getFrontendValue,
+		"getFrontendRule":    provider.getFrontendRule,
+		"getFrontendBackend": provider.getFrontendBackend,
+		"replace":            replace,
 	}

 	applications, err := provider.marathonClient.Applications(nil)
@@ -96,7 +108,7 @@ func (provider *Marathon) loadMarathonConfig() *types.Configuration {
 		return nil
 	}

-	tasks, err := provider.marathonClient.AllTasks((url.Values{"status": []string{"running"}}))
+	tasks, err := provider.marathonClient.AllTasks(&marathon.AllTasksOpts{Status: "running"})
 	if err != nil {
 		log.Errorf("Failed to create a client for marathon, error: %s", err)
 		return nil
@@ -104,7 +116,7 @@ func (provider *Marathon) loadMarathonConfig() *types.Configuration {

 	//filter tasks
 	filteredTasks := fun.Filter(func(task marathon.Task) bool {
-		return taskFilter(task, applications)
+		return taskFilter(task, applications, provider.ExposedByDefault)
 	}, tasks.Tasks).([]marathon.Task)

 	//filter apps
@@ -129,7 +141,7 @@ func (provider *Marathon) loadMarathonConfig() *types.Configuration {
 	return configuration
 }

-func taskFilter(task marathon.Task, applications *marathon.Applications) bool {
+func taskFilter(task marathon.Task, applications *marathon.Applications, exposedByDefaultFlag bool) bool {
 	if len(task.Ports) == 0 {
 		log.Debug("Filtering marathon task without port %s", task.AppID)
 		return false
@@ -139,7 +151,8 @@ func taskFilter(task marathon.Task, applications *marathon.Applications) bool {
 		log.Errorf("Unable to get marathon application from task %s", task.AppID)
 		return false
 	}
-	if application.Labels["traefik.enable"] == "false" {
+
+	if !isApplicationEnabled(application, exposedByDefaultFlag) {
 		log.Debugf("Filtering disabled marathon task %s", task.AppID)
 		return false
 	}
@@ -186,7 +199,7 @@ func taskFilter(task marathon.Task, applications *marathon.Applications) bool {
 	//filter healthchecks
 	if application.HasHealthChecks() {
 		if task.HasHealthCheckResults() {
-			for _, healthcheck := range task.HealthCheckResult {
+			for _, healthcheck := range task.HealthCheckResults {
 				// found one bad healthcheck, return false
 				if !healthcheck.Alive {
 					log.Debugf("Filtering marathon task %s with bad healthcheck", task.AppID)
@@ -216,6 +229,10 @@ func getApplication(task marathon.Task, apps []marathon.Application) (marathon.A
 	return marathon.Application{}, errors.New("Application not found: " + task.AppID)
 }

+func isApplicationEnabled(application marathon.Application, exposedByDefault bool) bool {
+	return exposedByDefault && application.Labels["traefik.enable"] != "false" || application.Labels["traefik.enable"] == "true"
+}
+
 func (provider *Marathon) getLabel(application marathon.Application, label string) (string, error) {
 	for key, value := range application.Labels {
 		if key == label {
@@ -285,6 +302,13 @@ func (provider *Marathon) getPassHostHeader(application marathon.Application) st
 	return "false"
 }

+func (provider *Marathon) getEntryPoints(application marathon.Application) []string {
+	if entryPoints, err := provider.getLabel(application, "traefik.frontend.entryPoints"); err == nil {
+		return strings.Split(entryPoints, ",")
+	}
+	return []string{}
+}
+
 // getFrontendValue returns the frontend value for the specified application, using
 // it's label. It returns a default one if the label is not present.
 func (provider *Marathon) getFrontendValue(application marathon.Application) string {
@@ -302,3 +326,19 @@ func (provider *Marathon) getFrontendRule(application marathon.Application) stri
 	}
 	return "Host"
 }
+
+func (provider *Marathon) getBackend(task marathon.Task, applications []marathon.Application) string {
+	application, errApp := getApplication(task, applications)
+	if errApp != nil {
+		log.Errorf("Unable to get marathon application from task %s", task.AppID)
+		return ""
+	}
+	return provider.getFrontendBackend(application)
+}
+
+func (provider *Marathon) getFrontendBackend(application marathon.Application) string {
+	if label, err := provider.getLabel(application, "traefik.backend"); err == nil {
+		return label
+	}
+	return replace("/", "-", application.ID)
+}
--- a/provider/marathon_test.go
+++ b/provider/marathon_test.go
@@ -1,34 +1,32 @@
 package provider

 import (
-	"errors"
-	"net/url"
 	"reflect"
 	"testing"

-	"github.com/emilevauge/traefik/types"
+	"errors"
+	"github.com/containous/traefik/mocks"
+	"github.com/containous/traefik/types"
 	"github.com/gambol99/go-marathon"
+	"github.com/stretchr/testify/mock"
 )

 type fakeClient struct {
-	applicationsError bool
-	applications      *marathon.Applications
-	tasksError        bool
-	tasks             *marathon.Tasks
+	mocks.Marathon
 }

-func (c *fakeClient) Applications(url.Values) (*marathon.Applications, error) {
-	if c.applicationsError {
-		return nil, errors.New("error")
+func newFakeClient(applicationsError bool, applications *marathon.Applications, tasksError bool, tasks *marathon.Tasks) *fakeClient {
+	// create an instance of our test object
+	fakeClient := new(fakeClient)
+	if applicationsError {
+		fakeClient.On("Applications", mock.AnythingOfType("url.Values")).Return(nil, errors.New("error"))
 	}
-	return c.applications, nil
-}
-
-func (c *fakeClient) AllTasks(v url.Values) (*marathon.Tasks, error) {
-	if c.tasksError {
-		return nil, errors.New("error")
+	fakeClient.On("Applications", mock.AnythingOfType("url.Values")).Return(applications, nil)
+	if tasksError {
+		fakeClient.On("AllTasks", mock.AnythingOfType("*marathon.AllTasksOpts")).Return(nil, errors.New("error"))
 	}
-	return c.tasks, nil
+	fakeClient.On("AllTasks", mock.AnythingOfType("*marathon.AllTasksOpts")).Return(tasks, nil)
+	return fakeClient
 }

 func TestMarathonLoadConfig(t *testing.T) {
@@ -84,7 +82,8 @@ func TestMarathonLoadConfig(t *testing.T) {
 			},
 			expectedFrontends: map[string]*types.Frontend{
 				`frontend-test`: {
-					Backend: "backend-test",
+					Backend:     "backend-test",
+					EntryPoints: []string{},
 					Routes: map[string]types.Route{
 						`route-host-test`: {
 							Rule:  "Host",
@@ -109,14 +108,11 @@ func TestMarathonLoadConfig(t *testing.T) {
 	}

 	for _, c := range cases {
+		fakeClient := newFakeClient(c.applicationsError, c.applications, c.tasksError, c.tasks)
 		provider := &Marathon{
-			Domain: "docker.localhost",
-			marathonClient: &fakeClient{
-				applicationsError: c.applicationsError,
-				applications:      c.applications,
-				tasksError:        c.tasksError,
-				tasks:             c.tasks,
-			},
+			Domain:           "docker.localhost",
+			ExposedByDefault: true,
+			marathonClient:   fakeClient,
 		}
 		actualConfig := provider.loadMarathonConfig()
 		if c.expectedNil {
@@ -137,22 +133,25 @@ func TestMarathonLoadConfig(t *testing.T) {

 func TestMarathonTaskFilter(t *testing.T) {
 	cases := []struct {
-		task         marathon.Task
-		applications *marathon.Applications
-		expected     bool
+		task             marathon.Task
+		applications     *marathon.Applications
+		expected         bool
+		exposedByDefault bool
 	}{
 		{
-			task:         marathon.Task{},
-			applications: &marathon.Applications{},
-			expected:     false,
+			task:             marathon.Task{},
+			applications:     &marathon.Applications{},
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
 				AppID: "test",
 				Ports: []int{80},
 			},
-			applications: &marathon.Applications{},
-			expected:     false,
+			applications:     &marathon.Applications{},
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -166,7 +165,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -181,7 +181,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -199,7 +200,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -217,7 +219,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: true,
+			expected:         true,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -235,7 +238,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -253,7 +257,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: true,
+			expected:         true,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -271,7 +276,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -290,7 +296,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -308,13 +315,14 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
 				AppID: "foo",
 				Ports: []int{80},
-				HealthCheckResult: []*marathon.HealthCheckResult{
+				HealthCheckResults: []*marathon.HealthCheckResult{
 					{
 						Alive: false,
 					},
@@ -331,13 +339,14 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
 				AppID: "foo",
 				Ports: []int{80},
-				HealthCheckResult: []*marathon.HealthCheckResult{
+				HealthCheckResults: []*marathon.HealthCheckResult{
 					{
 						Alive: true,
 					},
@@ -357,7 +366,8 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: false,
+			expected:         false,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
@@ -372,13 +382,14 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: true,
+			expected:         true,
+			exposedByDefault: true,
 		},
 		{
 			task: marathon.Task{
 				AppID: "foo",
 				Ports: []int{80},
-				HealthCheckResult: []*marathon.HealthCheckResult{
+				HealthCheckResults: []*marathon.HealthCheckResult{
 					{
 						Alive: true,
 					},
@@ -395,12 +406,67 @@ func TestMarathonTaskFilter(t *testing.T) {
 					},
 				},
 			},
-			expected: true,
+			expected:         true,
+			exposedByDefault: true,
+		},
+		{
+			task: marathon.Task{
+				AppID: "disable-default-expose",
+				Ports: []int{80},
+			},
+			applications: &marathon.Applications{
+				Apps: []marathon.Application{
+					{
+						ID:    "disable-default-expose",
+						Ports: []int{80},
+					},
+				},
+			},
+			expected:         false,
+			exposedByDefault: false,
+		},
+		{
+			task: marathon.Task{
+				AppID: "disable-default-expose-disable-in-label",
+				Ports: []int{80},
+			},
+			applications: &marathon.Applications{
+				Apps: []marathon.Application{
+					{
+						ID:    "disable-default-expose-disable-in-label",
+						Ports: []int{80},
+						Labels: map[string]string{
+							"traefik.enable": "false",
+						},
+					},
+				},
+			},
+			expected:         false,
+			exposedByDefault: false,
+		},
+		{
+			task: marathon.Task{
+				AppID: "disable-default-expose-enable-in-label",
+				Ports: []int{80},
+			},
+			applications: &marathon.Applications{
+				Apps: []marathon.Application{
+					{
+						ID:    "disable-default-expose-enable-in-label",
+						Ports: []int{80},
+						Labels: map[string]string{
+							"traefik.enable": "true",
+						},
+					},
+				},
+			},
+			expected:         true,
+			exposedByDefault: false,
 		},
 	}

 	for _, c := range cases {
-		actual := taskFilter(c.task, c.applications)
+		actual := taskFilter(c.task, c.applications, c.exposedByDefault)
 		if actual != c.expected {
 			t.Fatalf("expected %v, got %v", c.expected, actual)
 		}
@@ -735,6 +801,36 @@ func TestMarathonGetPassHostHeader(t *testing.T) {
 	}
 }

+func TestMarathonGetEntryPoints(t *testing.T) {
+	provider := &Marathon{}
+
+	applications := []struct {
+		application marathon.Application
+		expected    []string
+	}{
+		{
+			application: marathon.Application{},
+			expected:    []string{},
+		},
+		{
+			application: marathon.Application{
+				Labels: map[string]string{
+					"traefik.frontend.entryPoints": "http,https",
+				},
+			},
+			expected: []string{"http", "https"},
+		},
+	}
+
+	for _, a := range applications {
+		actual := provider.getEntryPoints(a.application)
+
+		if !reflect.DeepEqual(actual, a.expected) {
+			t.Fatalf("expected %#v, got %#v", a.expected, actual)
+		}
+	}
+}
+
 func TestMarathonGetFrontendValue(t *testing.T) {
 	provider := &Marathon{
 		Domain: "docker.localhost",
@@ -800,3 +896,29 @@ func TestMarathonGetFrontendRule(t *testing.T) {
 		}
 	}
 }
+
+func TestMarathonGetBackend(t *testing.T) {
+	provider := &Marathon{}
+
+	applications := []struct {
+		application marathon.Application
+		expected    string
+	}{
+		{
+			application: marathon.Application{
+				ID: "foo",
+				Labels: map[string]string{
+					"traefik.backend": "bar",
+				},
+			},
+			expected: "bar",
+		},
+	}
+
+	for _, a := range applications {
+		actual := provider.getFrontendBackend(a.application)
+		if actual != a.expected {
+			t.Fatalf("expected %q, got %q", a.expected, actual)
+		}
+	}
+}
--- a/provider/provider.go
+++ b/provider/provider.go
@@ -7,8 +7,8 @@ import (
 	"text/template"

 	"github.com/BurntSushi/toml"
-	"github.com/emilevauge/traefik/autogen"
-	"github.com/emilevauge/traefik/types"
+	"github.com/containous/traefik/autogen"
+	"github.com/containous/traefik/types"
 )

 // Provider defines methods of a provider.
@@ -18,12 +18,13 @@ type Provider interface {
 	Provide(configurationChan chan<- types.ConfigMessage) error
 }

-type baseProvider struct {
+// BaseProvider should be inherited by providers
+type BaseProvider struct {
 	Watch    bool
 	Filename string
 }

-func (p *baseProvider) getConfiguration(defaultTemplateFile string, funcMap template.FuncMap, templateObjects interface{}) (*types.Configuration, error) {
+func (p *BaseProvider) getConfiguration(defaultTemplateFile string, funcMap template.FuncMap, templateObjects interface{}) (*types.Configuration, error) {
 	var (
 		buf []byte
 		err error
@@ -62,6 +63,7 @@ func replace(s1 string, s2 string, s3 string) string {
 	return strings.Replace(s3, s1, s2, -1)
 }

+// Escape beginning slash "/", convert all others to dash "-"
 func getEscapedName(name string) string {
-	return strings.Replace(name, "/", "", -1)
+	return strings.Replace(strings.TrimPrefix(name, "/"), "/", "-", -1)
 }
--- a/provider/provider_test.go
+++ b/provider/provider_test.go
@@ -9,7 +9,7 @@ import (
 )

 type myProvider struct {
-	baseProvider
+	BaseProvider
 }

 func (p *myProvider) Foo() string {
@@ -49,7 +49,7 @@ func TestConfigurationErrors(t *testing.T) {
 	}{
 		{
 			provider: &myProvider{
-				baseProvider{
+				BaseProvider{
 					Filename: "/non/existent/template.tmpl",
 				},
 			},
@@ -62,7 +62,7 @@ func TestConfigurationErrors(t *testing.T) {
 		},
 		{
 			provider: &myProvider{
-				baseProvider{
+				BaseProvider{
 					Filename: templateErrorFile.Name(),
 				},
 			},
@@ -70,7 +70,7 @@ func TestConfigurationErrors(t *testing.T) {
 		},
 		{
 			provider: &myProvider{
-				baseProvider{
+				BaseProvider{
 					Filename: templateInvalidTOMLFile.Name(),
 				},
 			},
@@ -125,7 +125,7 @@ func TestGetConfiguration(t *testing.T) {
 	}

 	provider := &myProvider{
-		baseProvider{
+		BaseProvider{
 			Filename: templateFile.Name(),
 		},
 	}
--- a/provider/zk.go
+++ b/provider/zk.go
@@ -1,9 +1,9 @@
 package provider

 import (
+	"github.com/containous/traefik/types"
 	"github.com/docker/libkv/store"
 	"github.com/docker/libkv/store/zookeeper"
-	"github.com/emilevauge/traefik/types"
 )

 // Zookepper holds configurations of the Zookepper provider.
@@ -14,7 +14,7 @@ type Zookepper struct {
 // Provide allows the provider to provide configurations to traefik
 // using the given configuration channel.
 func (provider *Zookepper) Provide(configurationChan chan<- types.ConfigMessage) error {
-	provider.StoreType = store.ZK
+	provider.storeType = store.ZK
 	zookeeper.Register()
 	return provider.provide(configurationChan)
 }
--- a/script/.validate
+++ b/script/.validate
@@ -3,23 +3,24 @@
 if [ -z "$VALIDATE_UPSTREAM" ]; then
 	# this is kind of an expensive check, so let's not do this twice if we
 	# are running more than one validate bundlescript
-	
-	VALIDATE_REPO='https://github.com/emilevauge/traefik.git'
+
+	VALIDATE_REPO='https://github.com/containous/traefik.git'
 	VALIDATE_BRANCH='master'
-	
-	if [ "$TRAVIS" = 'true' -a "$TRAVIS_PULL_REQUEST" != 'false' ]; then
-		VALIDATE_REPO="https://github.com/${TRAVIS_REPO_SLUG}.git"
-		VALIDATE_BRANCH="${TRAVIS_BRANCH}"
-	fi
-	
+
+        # Should not be needed for now O:)
+	# if [ "$TRAVIS" = 'true' -a "$TRAVIS_PULL_REQUEST" != 'false' ]; then
+	# 	VALIDATE_REPO="https://github.com/${TRAVIS_REPO_SLUG}.git"
+	# 	VALIDATE_BRANCH="${TRAVIS_BRANCH}"
+	# fi
+
 	VALIDATE_HEAD="$(git rev-parse --verify HEAD)"
-	
+
 	git fetch -q "$VALIDATE_REPO" "refs/heads/$VALIDATE_BRANCH"
 	VALIDATE_UPSTREAM="$(git rev-parse --verify FETCH_HEAD)"
-	
+
 	VALIDATE_COMMIT_LOG="$VALIDATE_UPSTREAM..$VALIDATE_HEAD"
 	VALIDATE_COMMIT_DIFF="$VALIDATE_UPSTREAM...$VALIDATE_HEAD"
-	
+
 	validate_diff() {
 		if [ "$VALIDATE_UPSTREAM" != "$VALIDATE_HEAD" ]; then
 			git diff "$VALIDATE_COMMIT_DIFF" "$@"
--- a/script/binary
+++ b/script/binary
@@ -8,6 +8,11 @@ fi

 rm -f dist/traefik

+FLAGS=""
+if [ -n "$VERBOSE" ]; then
+    FLAGS="${FLAGS} -v"
+fi
+
 if [ -z "$VERSION" ]; then
    VERSION=$(git rev-parse HEAD)
 fi
@@ -17,4 +22,4 @@ if [ -z "$DATE" ]; then
 fi

 # Build binaries
-CGO_ENABLED=0 go build -ldflags "-X main.Version=$VERSION -X main.BuildDate=$DATE" -a -installsuffix nocgo -o dist/traefik .
+CGO_ENABLED=0 GOGC=off go build $FLAGS -ldflags "-X main.Version=$VERSION -X main.BuildDate=$DATE" -a -installsuffix nocgo -o dist/traefik .
--- a/script/crossbinary
+++ b/script/crossbinary
@@ -32,5 +32,5 @@ fi
 rm -f dist/traefik_*

 # Build binaries
-gox -ldflags "-X main.Version=$VERSION -X main.BuildDate=$DATE" "${OS_PLATFORM_ARG[@]}" "${OS_ARCH_ARG[@]}" \
+GOGC=off gox -ldflags "-X main.Version=$VERSION -X main.BuildDate=$DATE" "${OS_PLATFORM_ARG[@]}" "${OS_ARCH_ARG[@]}" \
    -output="dist/traefik_{{.OS}}-{{.Arch}}"
--- a/script/deploy.sh
+++ b/script/deploy.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+set -e
+
+if ([ "$TRAVIS_BRANCH" = "master" ] || [ ! -z "$TRAVIS_TAG" ]) && [ "$TRAVIS_PULL_REQUEST" = "false" ]; then
+  echo "Deploying"
+else
+  echo "Skipping deploy"
+  exit 0
+fi
+
+curl -LO https://github.com/tcnksm/ghr/releases/download/pre-release/linux_amd64.zip
+unzip -q linux_amd64.zip
+sudo mv ghr /usr/bin/ghr
+sudo chmod +x /usr/bin/ghr
+
+# github release and tag
+ghr -t $GITHUB_TOKEN -u containous -r traefik --prerelease ${VERSION} dist/
+
+# update traefik-library-image repo (official Docker image)
+git config --global user.email "emile@vauge.com"
+git config --global user.name "Emile Vauge"
+git clone https://github.com/containous/traefik-library-image.git
+cd traefik-library-image
+git remote rm origin
+git remote add origin https://emilevauge:${GITHUB_TOKEN}@github.com/containous/traefik-library-image.git
+./update.sh $VERSION
+git add -A
+echo $VERSION | git commit --file -
+echo $VERSION | git tag -a $VERSION --file -
+git push --follow-tags -u origin master
+
+# create docker image emilevauge/traefik (compatibility)
+docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS
+docker tag containous/traefik emilevauge/traefik:latest
+docker push emilevauge/traefik:latest
+docker tag emilevauge/traefik:latest emilevauge/traefik:${VERSION}
+docker push emilevauge/traefik:${VERSION}
+
+cd ..
+rm -Rf traefik-library-image/
+
+echo "Deployed"
--- a/script/test-integration
+++ b/script/test-integration
@@ -1,10 +1,14 @@
 #!/bin/bash
+set -e

 export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 export DEST=.

-TESTFLAGS="$TESTFLAGS -test.timeout=30m -check.v"
+TESTFLAGS="${TESTFLAGS} -test.timeout=30m -check.v"
+
+if [ -n "$VERBOSE" ]; then
+    TESTFLAGS="${TESTFLAGS} -v"
+fi

 cd integration
-go test $TESTFLAGS
-
+CGO_ENABLED=0 go test $TESTFLAGS
--- a/script/test-unit
+++ b/script/test-unit
@@ -26,6 +26,10 @@ find_dirs() {

 TESTFLAGS="-cover -coverprofile=cover.out ${TESTFLAGS}"

+if [ -n "$VERBOSE" ]; then
+    TESTFLAGS="${TESTFLAGS} -v"
+fi
+
 if [ -z "$TESTDIRS" ]; then
    TESTDIRS=$(find_dirs '*_test.go')
 fi
--- a/script/validate-errcheck
+++ b/script/validate-errcheck
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+source "$(dirname "$BASH_SOURCE")/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )
+unset IFS
+
+errors=()
+failedErrcheck=$(errcheck .)
+if [ "$failedErrcheck" ]; then
+    errors+=( "$failedErrcheck" )
+fi
+
+if [ ${#errors[@]} -eq 0 ]; then
+	echo 'Congratulations!  All Go source files have been errchecked.'
+else
+	{
+		echo "Errors from errcheck:"
+		for err in "${errors[@]}"; do
+			echo "$err"
+		done
+		echo
+		echo 'Please fix the above errors. You can test via "errcheck" and commit the result.'
+		echo
+	} >&2
+	false
+fi
--- a/server.go
+++ b/server.go
@@ -0,0 +1,553 @@
+/*
+Copyright
+*/
+package main
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"errors"
+	"net/http"
+	"net/url"
+	"os"
+	"os/signal"
+	"reflect"
+	"regexp"
+	"sort"
+	"strconv"
+	"sync"
+	"syscall"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/codegangsta/negroni"
+	"github.com/containous/oxy/cbreaker"
+	"github.com/containous/oxy/forward"
+	"github.com/containous/oxy/roundrobin"
+	"github.com/containous/oxy/stream"
+	"github.com/containous/traefik/middlewares"
+	"github.com/containous/traefik/provider"
+	"github.com/containous/traefik/types"
+	"github.com/gorilla/mux"
+	"github.com/mailgun/manners"
+)
+
+var oxyLogger = &OxyLogger{}
+
+// Server is the reverse-proxy/load-balancer engine
+type Server struct {
+	serverEntryPoints          serverEntryPoints
+	configurationChan          chan types.ConfigMessage
+	configurationValidatedChan chan types.ConfigMessage
+	signals                    chan os.Signal
+	stopChan                   chan bool
+	providers                  []provider.Provider
+	serverLock                 sync.Mutex
+	currentConfigurations      configs
+	globalConfiguration        GlobalConfiguration
+	loggerMiddleware           *middlewares.Logger
+}
+
+type serverEntryPoints map[string]*serverEntryPoint
+
+type serverEntryPoint struct {
+	httpServer *manners.GracefulServer
+	httpRouter *middlewares.HandlerSwitcher
+}
+
+// NewServer returns an initialized Server.
+func NewServer(globalConfiguration GlobalConfiguration) *Server {
+	server := new(Server)
+
+	server.serverEntryPoints = make(map[string]*serverEntryPoint)
+	server.configurationChan = make(chan types.ConfigMessage, 10)
+	server.configurationValidatedChan = make(chan types.ConfigMessage, 10)
+	server.signals = make(chan os.Signal, 1)
+	server.stopChan = make(chan bool)
+	server.providers = []provider.Provider{}
+	signal.Notify(server.signals, syscall.SIGINT, syscall.SIGTERM)
+	server.currentConfigurations = make(configs)
+	server.globalConfiguration = globalConfiguration
+	server.loggerMiddleware = middlewares.NewLogger(globalConfiguration.AccessLogsFile)
+
+	return server
+}
+
+// Start starts the server and blocks until server is shutted down.
+func (server *Server) Start() {
+	server.startHTTPServers()
+	go server.listenProviders()
+	go server.listenConfigurations()
+	server.configureProviders()
+	server.startProviders()
+	go server.listenSignals()
+	<-server.stopChan
+}
+
+// Stop stops the server
+func (server *Server) Stop() {
+	for _, serverEntryPoint := range server.serverEntryPoints {
+		serverEntryPoint.httpServer.BlockingClose()
+	}
+	server.stopChan <- true
+}
+
+// Close destroys the server
+func (server *Server) Close() {
+	close(server.configurationChan)
+	close(server.configurationValidatedChan)
+	close(server.signals)
+	close(server.stopChan)
+	server.loggerMiddleware.Close()
+}
+
+func (server *Server) startHTTPServers() {
+	server.serverEntryPoints = server.buildEntryPoints(server.globalConfiguration)
+	for newServerEntryPointName, newServerEntryPoint := range server.serverEntryPoints {
+		newsrv, err := server.prepareServer(newServerEntryPointName, newServerEntryPoint.httpRouter, server.globalConfiguration.EntryPoints[newServerEntryPointName], nil, server.loggerMiddleware, metrics)
+		if err != nil {
+			log.Fatal("Error preparing server: ", err)
+		}
+		serverEntryPoint := server.serverEntryPoints[newServerEntryPointName]
+		serverEntryPoint.httpServer = newsrv
+		go server.startServer(serverEntryPoint.httpServer, server.globalConfiguration)
+	}
+}
+
+func (server *Server) listenProviders() {
+	lastReceivedConfiguration := time.Unix(0, 0)
+	lastConfigs := make(map[string]*types.ConfigMessage)
+	for {
+		configMsg := <-server.configurationChan
+		jsonConf, _ := json.Marshal(configMsg.Configuration)
+		log.Debugf("Configuration received from provider %s: %s", configMsg.ProviderName, string(jsonConf))
+		lastConfigs[configMsg.ProviderName] = &configMsg
+		if time.Now().After(lastReceivedConfiguration.Add(time.Duration(server.globalConfiguration.ProvidersThrottleDuration))) {
+			log.Debugf("Last %s config received more than %s, OK", configMsg.ProviderName, server.globalConfiguration.ProvidersThrottleDuration)
+			// last config received more than n s ago
+			server.configurationValidatedChan <- configMsg
+		} else {
+			log.Debugf("Last %s config received less than %s, waiting...", configMsg.ProviderName, server.globalConfiguration.ProvidersThrottleDuration)
+			go func() {
+				<-time.After(server.globalConfiguration.ProvidersThrottleDuration)
+				if time.Now().After(lastReceivedConfiguration.Add(time.Duration(server.globalConfiguration.ProvidersThrottleDuration))) {
+					log.Debugf("Waited for %s config, OK", configMsg.ProviderName)
+					server.configurationValidatedChan <- *lastConfigs[configMsg.ProviderName]
+				}
+			}()
+		}
+		lastReceivedConfiguration = time.Now()
+	}
+}
+
+func (server *Server) listenConfigurations() {
+	for {
+		configMsg := <-server.configurationValidatedChan
+		if configMsg.Configuration == nil {
+			log.Info("Skipping empty Configuration")
+		} else if reflect.DeepEqual(server.currentConfigurations[configMsg.ProviderName], configMsg.Configuration) {
+			log.Info("Skipping same configuration")
+		} else {
+			// Copy configurations to new map so we don't change current if LoadConfig fails
+			newConfigurations := make(configs)
+			for k, v := range server.currentConfigurations {
+				newConfigurations[k] = v
+			}
+			newConfigurations[configMsg.ProviderName] = configMsg.Configuration
+
+			newServerEntryPoints, err := server.loadConfig(newConfigurations, server.globalConfiguration)
+			if err == nil {
+				server.serverLock.Lock()
+				for newServerEntryPointName, newServerEntryPoint := range newServerEntryPoints {
+					server.serverEntryPoints[newServerEntryPointName].httpRouter.UpdateHandler(newServerEntryPoint.httpRouter.GetHandler())
+					log.Infof("Server configuration reloaded on %s", server.serverEntryPoints[newServerEntryPointName].httpServer.Addr)
+				}
+				server.currentConfigurations = newConfigurations
+				server.serverLock.Unlock()
+			} else {
+				log.Error("Error loading new configuration, aborted ", err)
+			}
+		}
+	}
+}
+
+func (server *Server) configureProviders() {
+	// configure providers
+	if server.globalConfiguration.Docker != nil {
+		server.providers = append(server.providers, server.globalConfiguration.Docker)
+	}
+	if server.globalConfiguration.Marathon != nil {
+		server.providers = append(server.providers, server.globalConfiguration.Marathon)
+	}
+	if server.globalConfiguration.File != nil {
+		server.providers = append(server.providers, server.globalConfiguration.File)
+	}
+	if server.globalConfiguration.Web != nil {
+		server.globalConfiguration.Web.server = server
+		server.providers = append(server.providers, server.globalConfiguration.Web)
+	}
+	if server.globalConfiguration.Consul != nil {
+		server.providers = append(server.providers, server.globalConfiguration.Consul)
+	}
+	if server.globalConfiguration.ConsulCatalog != nil {
+		server.providers = append(server.providers, server.globalConfiguration.ConsulCatalog)
+	}
+	if server.globalConfiguration.Etcd != nil {
+		server.providers = append(server.providers, server.globalConfiguration.Etcd)
+	}
+	if server.globalConfiguration.Zookeeper != nil {
+		server.providers = append(server.providers, server.globalConfiguration.Zookeeper)
+	}
+	if server.globalConfiguration.Boltdb != nil {
+		server.providers = append(server.providers, server.globalConfiguration.Boltdb)
+	}
+}
+
+func (server *Server) startProviders() {
+	// start providers
+	for _, provider := range server.providers {
+		jsonConf, _ := json.Marshal(provider)
+		log.Infof("Starting provider %v %s", reflect.TypeOf(provider), jsonConf)
+		currentProvider := provider
+		go func() {
+			err := currentProvider.Provide(server.configurationChan)
+			if err != nil {
+				log.Errorf("Error starting provider %s", err)
+			}
+		}()
+	}
+}
+
+func (server *Server) listenSignals() {
+	sig := <-server.signals
+	log.Infof("I have to go... %+v", sig)
+	log.Info("Stopping server")
+	server.Stop()
+}
+
+// creates a TLS config that allows terminating HTTPS for multiple domains using SNI
+func (server *Server) createTLSConfig(entryPointName string, tlsOption *TLS, router *middlewares.HandlerSwitcher) (*tls.Config, error) {
+	if tlsOption == nil {
+		return nil, nil
+	}
+
+	config := &tls.Config{}
+	config.Certificates = []tls.Certificate{}
+	for _, v := range tlsOption.Certificates {
+		cert, err := tls.LoadX509KeyPair(v.CertFile, v.KeyFile)
+		if err != nil {
+			return nil, err
+		}
+		config.Certificates = append(config.Certificates, cert)
+	}
+
+	if server.globalConfiguration.ACME != nil {
+		if _, ok := server.serverEntryPoints[server.globalConfiguration.ACME.EntryPoint]; ok {
+			if entryPointName == server.globalConfiguration.ACME.EntryPoint {
+				checkOnDemandDomain := func(domain string) bool {
+					if router.GetHandler().Match(&http.Request{URL: &url.URL{}, Host: domain}, &mux.RouteMatch{}) {
+						return true
+					}
+					return false
+				}
+				err := server.globalConfiguration.ACME.CreateConfig(config, checkOnDemandDomain)
+				if err != nil {
+					return nil, err
+				}
+			}
+		} else {
+			return nil, errors.New("Unknown entrypoint " + server.globalConfiguration.ACME.EntryPoint + " for ACME configuration")
+		}
+	}
+	if len(config.Certificates) == 0 {
+		return nil, errors.New("No certificates found for TLS entrypoint " + entryPointName)
+	}
+	// BuildNameToCertificate parses the CommonName and SubjectAlternateName fields
+	// in each certificate and populates the config.NameToCertificate map.
+	config.BuildNameToCertificate()
+	return config, nil
+}
+
+func (server *Server) startServer(srv *manners.GracefulServer, globalConfiguration GlobalConfiguration) {
+	log.Infof("Starting server on %s", srv.Addr)
+	if srv.TLSConfig != nil {
+		if err := srv.ListenAndServeTLSWithConfig(srv.TLSConfig); err != nil {
+			log.Fatal("Error creating server: ", err)
+		}
+	} else {
+		if err := srv.ListenAndServe(); err != nil {
+			log.Fatal("Error creating server: ", err)
+		}
+	}
+	log.Info("Server stopped")
+}
+
+func (server *Server) prepareServer(entryPointName string, router *middlewares.HandlerSwitcher, entryPoint *EntryPoint, oldServer *manners.GracefulServer, middlewares ...negroni.Handler) (*manners.GracefulServer, error) {
+	log.Infof("Preparing server %s %+v", entryPointName, entryPoint)
+	// middlewares
+	var negroni = negroni.New()
+	for _, middleware := range middlewares {
+		negroni.Use(middleware)
+	}
+	negroni.UseHandler(router)
+	tlsConfig, err := server.createTLSConfig(entryPointName, entryPoint.TLS, router)
+	if err != nil {
+		log.Fatalf("Error creating TLS config %s", err)
+		return nil, err
+	}
+
+	if oldServer == nil {
+		return manners.NewWithServer(
+			&http.Server{
+				Addr:      entryPoint.Address,
+				Handler:   negroni,
+				TLSConfig: tlsConfig,
+			}), nil
+	}
+	gracefulServer, err := oldServer.HijackListener(&http.Server{
+		Addr:      entryPoint.Address,
+		Handler:   negroni,
+		TLSConfig: tlsConfig,
+	}, tlsConfig)
+	if err != nil {
+		log.Fatalf("Error hijacking server %s", err)
+		return nil, err
+	}
+	return gracefulServer, nil
+}
+
+func (server *Server) buildEntryPoints(globalConfiguration GlobalConfiguration) map[string]*serverEntryPoint {
+	serverEntryPoints := make(map[string]*serverEntryPoint)
+	for entryPointName := range globalConfiguration.EntryPoints {
+		router := server.buildDefaultHTTPRouter()
+		serverEntryPoints[entryPointName] = &serverEntryPoint{
+			httpRouter: middlewares.NewHandlerSwitcher(router),
+		}
+	}
+	return serverEntryPoints
+}
+
+// LoadConfig returns a new gorilla.mux Route from the specified global configuration and the dynamic
+// provider configurations.
+func (server *Server) loadConfig(configurations configs, globalConfiguration GlobalConfiguration) (map[string]*serverEntryPoint, error) {
+	serverEntryPoints := server.buildEntryPoints(globalConfiguration)
+	redirectHandlers := make(map[string]http.Handler)
+
+	backends := map[string]http.Handler{}
+	for _, configuration := range configurations {
+		frontendNames := sortedFrontendNamesForConfig(configuration)
+		for _, frontendName := range frontendNames {
+			frontend := configuration.Frontends[frontendName]
+
+			log.Debugf("Creating frontend %s", frontendName)
+			fwd, _ := forward.New(forward.Logger(oxyLogger), forward.PassHostHeader(frontend.PassHostHeader))
+			// default endpoints if not defined in frontends
+			if len(frontend.EntryPoints) == 0 {
+				frontend.EntryPoints = globalConfiguration.DefaultEntryPoints
+			}
+			if len(frontend.EntryPoints) == 0 {
+				log.Errorf("No entrypoint defined for frontend %s, defaultEntryPoints:%s. Skipping it", frontendName, globalConfiguration.DefaultEntryPoints)
+				continue
+			}
+			for _, entryPointName := range frontend.EntryPoints {
+				log.Debugf("Wiring frontend %s to entryPoint %s", frontendName, entryPointName)
+				if _, ok := serverEntryPoints[entryPointName]; !ok {
+					return nil, errors.New("Undefined entrypoint: " + entryPointName)
+				}
+				newRoute := serverEntryPoints[entryPointName].httpRouter.GetHandler().NewRoute().Name(frontendName)
+				for routeName, route := range frontend.Routes {
+					log.Debugf("Creating route %s %s:%s", routeName, route.Rule, route.Value)
+					route, err := getRoute(newRoute, route.Rule, route.Value)
+					if err != nil {
+						return nil, err
+					}
+					newRoute = route
+				}
+				entryPoint := globalConfiguration.EntryPoints[entryPointName]
+				if entryPoint.Redirect != nil {
+					if redirectHandlers[entryPointName] != nil {
+						newRoute.Handler(redirectHandlers[entryPointName])
+					} else if handler, err := server.loadEntryPointConfig(entryPointName, entryPoint); err != nil {
+						return nil, err
+					} else {
+						newRoute.Handler(handler)
+						redirectHandlers[entryPointName] = handler
+					}
+				} else {
+					if backends[frontend.Backend] == nil {
+						log.Debugf("Creating backend %s", frontend.Backend)
+						var lb http.Handler
+						rr, _ := roundrobin.New(fwd)
+						if configuration.Backends[frontend.Backend] == nil {
+							return nil, errors.New("Undefined backend: " + frontend.Backend)
+						}
+						lbMethod, err := types.NewLoadBalancerMethod(configuration.Backends[frontend.Backend].LoadBalancer)
+						if err != nil {
+							configuration.Backends[frontend.Backend].LoadBalancer = &types.LoadBalancer{Method: "wrr"}
+						}
+						switch lbMethod {
+						case types.Drr:
+							log.Debugf("Creating load-balancer drr")
+							rebalancer, _ := roundrobin.NewRebalancer(rr, roundrobin.RebalancerLogger(oxyLogger))
+							lb = rebalancer
+							for serverName, server := range configuration.Backends[frontend.Backend].Servers {
+								url, err := url.Parse(server.URL)
+								if err != nil {
+									return nil, err
+								}
+								log.Debugf("Creating server %s at %s with weight %d", serverName, url.String(), server.Weight)
+								if err := rebalancer.UpsertServer(url, roundrobin.Weight(server.Weight)); err != nil {
+									return nil, err
+								}
+							}
+						case types.Wrr:
+							log.Debugf("Creating load-balancer wrr")
+							lb = rr
+							for serverName, server := range configuration.Backends[frontend.Backend].Servers {
+								url, err := url.Parse(server.URL)
+								if err != nil {
+									return nil, err
+								}
+								log.Debugf("Creating server %s at %s with weight %d", serverName, url.String(), server.Weight)
+								if err := rr.UpsertServer(url, roundrobin.Weight(server.Weight)); err != nil {
+									return nil, err
+								}
+							}
+						}
+						// retry ?
+						if globalConfiguration.Retry != nil {
+							retries := len(configuration.Backends[frontend.Backend].Servers) - 1
+							if globalConfiguration.Retry.Attempts > 0 {
+								retries = globalConfiguration.Retry.Attempts
+							}
+							maxMem := int64(2 * 1024 * 1024)
+							if globalConfiguration.Retry.MaxMem > 0 {
+								maxMem = globalConfiguration.Retry.MaxMem
+							}
+							lb, err = stream.New(lb,
+								stream.Logger(oxyLogger),
+								stream.Retry("IsNetworkError() && Attempts() < "+strconv.Itoa(retries)),
+								stream.MemRequestBodyBytes(maxMem),
+								stream.MaxRequestBodyBytes(maxMem),
+								stream.MemResponseBodyBytes(maxMem),
+								stream.MaxResponseBodyBytes(maxMem))
+							log.Debugf("Creating retries max attempts %d", retries)
+							if err != nil {
+								return nil, err
+							}
+						}
+
+						var negroni = negroni.New()
+						if configuration.Backends[frontend.Backend].CircuitBreaker != nil {
+							log.Debugf("Creating circuit breaker %s", configuration.Backends[frontend.Backend].CircuitBreaker.Expression)
+							negroni.Use(middlewares.NewCircuitBreaker(lb, configuration.Backends[frontend.Backend].CircuitBreaker.Expression, cbreaker.Logger(oxyLogger)))
+						} else {
+							negroni.UseHandler(lb)
+						}
+						backends[frontend.Backend] = negroni
+					} else {
+						log.Debugf("Reusing backend %s", frontend.Backend)
+					}
+					server.wireFrontendBackend(frontend.Routes, newRoute, backends[frontend.Backend])
+				}
+				err := newRoute.GetError()
+				if err != nil {
+					log.Errorf("Error building route: %s", err)
+				}
+			}
+		}
+	}
+	return serverEntryPoints, nil
+}
+
+func (server *Server) wireFrontendBackend(routes map[string]types.Route, newRoute *mux.Route, handler http.Handler) {
+	// strip prefix
+	var strip bool
+	for _, route := range routes {
+		switch route.Rule {
+		case "PathStrip":
+			newRoute.Handler(&middlewares.StripPrefix{
+				Prefix:  route.Value,
+				Handler: handler,
+			})
+			strip = true
+			break
+		case "PathPrefixStrip":
+			newRoute.Handler(&middlewares.StripPrefix{
+				Prefix:  route.Value,
+				Handler: handler,
+			})
+			strip = true
+			break
+		}
+	}
+	if !strip {
+		newRoute.Handler(handler)
+	}
+}
+
+func (server *Server) loadEntryPointConfig(entryPointName string, entryPoint *EntryPoint) (http.Handler, error) {
+	regex := entryPoint.Redirect.Regex
+	replacement := entryPoint.Redirect.Replacement
+	if len(entryPoint.Redirect.EntryPoint) > 0 {
+		regex = "^(?:https?:\\/\\/)?([\\da-z\\.-]+)(?::\\d+)?(.*)$"
+		if server.globalConfiguration.EntryPoints[entryPoint.Redirect.EntryPoint] == nil {
+			return nil, errors.New("Unknown entrypoint " + entryPoint.Redirect.EntryPoint)
+		}
+		protocol := "http"
+		if server.globalConfiguration.EntryPoints[entryPoint.Redirect.EntryPoint].TLS != nil {
+			protocol = "https"
+		}
+		r, _ := regexp.Compile("(:\\d+)")
+		match := r.FindStringSubmatch(server.globalConfiguration.EntryPoints[entryPoint.Redirect.EntryPoint].Address)
+		if len(match) == 0 {
+			return nil, errors.New("Bad Address format: " + server.globalConfiguration.EntryPoints[entryPoint.Redirect.EntryPoint].Address)
+		}
+		replacement = protocol + "://$1" + match[0] + "$2"
+	}
+	rewrite, err := middlewares.NewRewrite(regex, replacement, true)
+	if err != nil {
+		return nil, err
+	}
+	log.Debugf("Creating entryPoint redirect %s -> %s : %s -> %s", entryPointName, entryPoint.Redirect.EntryPoint, regex, replacement)
+	negroni := negroni.New()
+	negroni.Use(rewrite)
+	return negroni, nil
+}
+
+func (server *Server) buildDefaultHTTPRouter() *mux.Router {
+	router := mux.NewRouter()
+	router.NotFoundHandler = http.HandlerFunc(notFoundHandler)
+	router.StrictSlash(true)
+	return router
+}
+
+func getRoute(any interface{}, rule string, value ...interface{}) (*mux.Route, error) {
+	switch rule {
+	case "PathStrip":
+		rule = "Path"
+	case "PathPrefixStrip":
+		rule = "PathPrefix"
+	}
+	inputs := make([]reflect.Value, len(value))
+	for i := range value {
+		inputs[i] = reflect.ValueOf(value[i])
+	}
+	method := reflect.ValueOf(any).MethodByName(rule)
+	if method.IsValid() {
+		return method.Call(inputs)[0].Interface().(*mux.Route), nil
+	}
+	return nil, errors.New("Method not found: " + rule)
+}
+
+func sortedFrontendNamesForConfig(configuration *types.Configuration) []string {
+	keys := []string{}
+
+	for key := range configuration.Frontends {
+		keys = append(keys, key)
+	}
+
+	sort.Strings(keys)
+
+	return keys
+}
--- a/templates/consul_catalog.tmpl
+++ b/templates/consul_catalog.tmpl
@@ -0,0 +1,13 @@
+[backends]{{range .Nodes}}
+    [backends.backend-{{getBackend .}}.servers.server-{{.Node.Node | replace "." "-"}}-{{.Service.Port}}]
+    url = "http://{{.Node.Address}}:{{.Service.Port}}"
+{{end}}
+
+[frontends]{{range .Services}}
+  [frontends.frontend-{{.}}]
+  backend = "backend-{{.}}"
+  passHostHeader = false
+    [frontends.frontend-{{.}}.routes.route-host-{{.}}]
+    rule = "Host"
+    value = "{{getFrontendValue .}}"
+{{end}}
--- a/templates/docker.tmpl
+++ b/templates/docker.tmpl
@@ -1,6 +1,6 @@
 [backends]{{range .Containers}}
    [backends.backend-{{getBackend .}}.servers.server-{{.Name | replace "/" "" | replace "." "-"}}]
-    url = "{{getProtocol .}}://{{.NetworkSettings.IPAddress}}:{{getPort .}}"
+    url = "{{getProtocol .}}://{{range $i := .NetworkSettings.Networks}}{{if $i}}{{.IPAddress}}{{end}}{{end}}:{{getPort .}}"
    weight = {{getWeight .}}
 {{end}}

@@ -8,6 +8,9 @@
  [frontends."frontend-{{$frontend}}"]{{$container := index $containers 0}}
  backend = "backend-{{getBackend $container}}"
  passHostHeader = {{getPassHostHeader $container}}
+  entryPoints = [{{range getEntryPoints $container}}
+    "{{.}}",
+  {{end}}]
    [frontends."frontend-{{$frontend}}".routes."route-frontend-{{$frontend}}"]
    rule = "{{getFrontendRule $container}}"
    value = "{{getFrontendValue $container}}"
--- a/templates/kv.tmpl
+++ b/templates/kv.tmpl
@@ -5,13 +5,13 @@
 {{$backend := .}}
 {{$servers := List $backend "/servers/" }}

-{{$circuitBreaker := Get . "/circuitbreaker/" "expression"}}
+{{$circuitBreaker := Get "" . "/circuitbreaker/" "expression"}}
 {{with $circuitBreaker}}
 [backends.{{Last $backend}}.circuitBreaker]
    expression = "{{$circuitBreaker}}"
 {{end}}

-{{$loadBalancer := Get . "/loadbalancer/" "method"}}
+{{$loadBalancer := Get "" . "/loadbalancer/" "method"}}
 {{with $loadBalancer}}
 [backends.{{Last $backend}}.loadBalancer]
    method = "{{$loadBalancer}}"
@@ -19,20 +19,24 @@

 {{range $servers}}
 [backends.{{Last $backend}}.servers.{{Last .}}]
-    url = "{{Get . "/url"}}"
-    weight = {{Get . "/weight"}}
+    url = "{{Get "" . "/url"}}"
+    weight = {{Get ""  . "/weight"}}
 {{end}}
 {{end}}

 [frontends]{{range $frontends}}
    {{$frontend := Last .}}
+    {{$entryPoints := SplitGet . "/entrypoints"}}
    [frontends.{{$frontend}}]
-    backend = "{{Get . "/backend"}}"
-    passHostHeader = {{Get . "/passHostHeader"}}
+    backend = "{{Get "" . "/backend"}}"
+    passHostHeader = {{Get "false" . "/passHostHeader"}}
+    entryPoints = [{{range $entryPoints}}
+      "{{.}}",
+    {{end}}]
    {{$routes := List . "/routes/"}}
        {{range $routes}}
        [frontends.{{$frontend}}.routes.{{Last .}}]
-        rule = "{{Get . "/rule"}}"
-        value = "{{Get . "/value"}}"
+        rule = "{{Get "" . "/rule"}}"
+        value = "{{Get "" . "/value"}}"
        {{end}}
 {{end}}
--- a/templates/marathon.tmpl
+++ b/templates/marathon.tmpl
@@ -1,14 +1,17 @@
 {{$apps := .Applications}}
 [backends]{{range .Tasks}}
-    [backends.backend{{.AppID | replace "/" "-"}}.servers.server-{{.ID | replace "." "-"}}]
+    [backends.backend{{getBackend . $apps}}.servers.server-{{.ID | replace "." "-"}}]
    url = "{{getProtocol . $apps}}://{{.Host}}:{{getPort . $apps}}"
    weight = {{getWeight . $apps}}
 {{end}}

 [frontends]{{range .Applications}}
  [frontends.frontend{{.ID | replace "/" "-"}}]
-  backend = "backend{{.ID | replace "/" "-"}}"
+  backend = "backend{{getFrontendBackend .}}"
  passHostHeader = {{getPassHostHeader .}}
+  entryPoints = [{{range getEntryPoints .}}
+    "{{.}}",
+  {{end}}]
    [frontends.frontend{{.ID | replace "/" "-"}}.routes.route-host{{.ID | replace "/" "-"}}]
    rule = "{{getFrontendRule .}}"
    value = "{{getFrontendValue .}}"
--- a/tests/compose-marathon.yml
+++ b/tests/compose-marathon.yml
@@ -31,6 +31,7 @@ slave:
    - /usr/bin/docker:/usr/bin/docker:ro
    - /usr/lib/x86_64-linux-gnu/libapparmor.so.1:/usr/lib/x86_64-linux-gnu/libapparmor.so.1:ro
    - /var/run/docker.sock:/var/run/docker.sock
+    - /lib/x86_64-linux-gnu/libsystemd-journal.so.0:/lib/x86_64-linux-gnu/libsystemd-journal.so.0

 marathon:
  image: mesosphere/marathon:v0.13.0
--- a/tests/consul-config.sh
+++ b/tests/consul-config.sh
@@ -16,10 +16,12 @@ curl -i -H "Accept: application/json" -X PUT -d "2"                           ht

 # frontend 1
 curl -i -H "Accept: application/json" -X PUT -d "backend2"                    http://localhost:8500/v1/kv/traefik/frontends/frontend1/backend
+curl -i -H "Accept: application/json" -X PUT -d "http"                        http://localhost:8500/v1/kv/traefik/frontends/frontend1/entrypoints
 curl -i -H "Accept: application/json" -X PUT -d "Host"                        http://localhost:8500/v1/kv/traefik/frontends/frontend1/routes/test_1/rule
 curl -i -H "Accept: application/json" -X PUT -d "test.localhost"              http://localhost:8500/v1/kv/traefik/frontends/frontend1/routes/test_1/value

 # frontend 2
 curl -i -H "Accept: application/json" -X PUT -d "backend1"                    http://localhost:8500/v1/kv/traefik/frontends/frontend2/backend
+curl -i -H "Accept: application/json" -X PUT -d "http,https"                  http://localhost:8500/v1/kv/traefik/frontends/frontend2/entrypoints
 curl -i -H "Accept: application/json" -X PUT -d "Path"                        http://localhost:8500/v1/kv/traefik/frontends/frontend2/routes/test_2/rule
 curl -i -H "Accept: application/json" -X PUT -d "/test"                       http://localhost:8500/v1/kv/traefik/frontends/frontend2/routes/test_2/value
--- a/traefik.go
+++ b/traefik.go
@@ -1,385 +1,16 @@
 package main

 import (
-	"crypto/tls"
-	"errors"
 	fmtlog "log"
-	"net/http"
-	"net/url"
 	"os"
-	"os/signal"
-	"reflect"
 	"runtime"
-	"strings"
-	"syscall"
-	"time"
-
-	log "github.com/Sirupsen/logrus"
-	"github.com/codegangsta/negroni"
-	"github.com/emilevauge/traefik/middlewares"
-	"github.com/emilevauge/traefik/provider"
-	"github.com/emilevauge/traefik/types"
-	"github.com/gorilla/mux"
-	"github.com/mailgun/manners"
-	"github.com/mailgun/oxy/cbreaker"
-	"github.com/mailgun/oxy/forward"
-	"github.com/mailgun/oxy/roundrobin"
-	"github.com/thoas/stats"
-	"gopkg.in/alecthomas/kingpin.v2"
-	"sync"
-)
-
-var (
-	globalConfigFile      = kingpin.Arg("conf", "Main configration file.").Default("traefik.toml").String()
-	version               = kingpin.Flag("version", "Get Version.").Short('v').Bool()
-	currentConfigurations = make(configs)
-	metrics               = stats.New()
-	oxyLogger             = &OxyLogger{}
 )

 func main() {
 	runtime.GOMAXPROCS(runtime.NumCPU())
-	kingpin.Version(Version + " built on the " + BuildDate)
-	kingpin.Parse()
-	fmtlog.SetFlags(fmtlog.Lshortfile | fmtlog.LstdFlags)
-	var srv *manners.GracefulServer
-	var configurationRouter *mux.Router
-	var configurationChan = make(chan types.ConfigMessage, 10)
-	defer close(configurationChan)
-	var configurationChanValidated = make(chan types.ConfigMessage, 10)
-	defer close(configurationChanValidated)
-	var sigs = make(chan os.Signal, 1)
-	defer close(sigs)
-	var stopChan = make(chan bool)
-	defer close(stopChan)
-	var providers = []provider.Provider{}
-	signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM)
-	var serverLock sync.Mutex
-
-	// load global configuration
-	globalConfiguration := LoadFileConfig(*globalConfigFile)
-
-	loggerMiddleware := middlewares.NewLogger(globalConfiguration.AccessLogsFile)
-	defer loggerMiddleware.Close()
-
-	// logging
-	level, err := log.ParseLevel(strings.ToLower(globalConfiguration.LogLevel))
-	if err != nil {
-		log.Fatal("Error getting level", err)
+	if err := traefikCmd.Execute(); err != nil {
+		fmtlog.Println(err)
+		os.Exit(-1)
 	}
-	log.SetLevel(level)
-
-	if len(globalConfiguration.TraefikLogsFile) > 0 {
-		fi, err := os.OpenFile(globalConfiguration.TraefikLogsFile, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0666)
-		defer fi.Close()
-		if err != nil {
-			log.Fatal("Error opening file", err)
-		} else {
-			log.SetOutput(fi)
-			log.SetFormatter(&log.TextFormatter{DisableColors: true, FullTimestamp: true, DisableSorting: true})
-		}
-	} else {
-		log.SetFormatter(&log.TextFormatter{FullTimestamp: true, DisableSorting: true})
-	}
-	log.Debugf("Global configuration loaded %+v", globalConfiguration)
-	configurationRouter = LoadDefaultConfig(globalConfiguration)
-
-	// listen new configurations from providers
-	go func() {
-		lastReceivedConfiguration := time.Unix(0, 0)
-		lastConfigs := make(map[string]*types.ConfigMessage)
-		for {
-			configMsg := <-configurationChan
-			log.Infof("Configuration receveived from provider %s: %#v", configMsg.ProviderName, configMsg.Configuration)
-			lastConfigs[configMsg.ProviderName] = &configMsg
-			if time.Now().After(lastReceivedConfiguration.Add(time.Duration(globalConfiguration.ProvidersThrottleDuration))) {
-				log.Infof("Last %s config received more than %s, OK", configMsg.ProviderName, globalConfiguration.ProvidersThrottleDuration)
-				// last config received more than n s ago
-				configurationChanValidated <- configMsg
-			} else {
-				log.Infof("Last %s config received less than %s, waiting...", configMsg.ProviderName, globalConfiguration.ProvidersThrottleDuration)
-				go func() {
-					<-time.After(globalConfiguration.ProvidersThrottleDuration)
-					if time.Now().After(lastReceivedConfiguration.Add(time.Duration(globalConfiguration.ProvidersThrottleDuration))) {
-						log.Infof("Waited for %s config, OK", configMsg.ProviderName)
-						configurationChanValidated <- *lastConfigs[configMsg.ProviderName]
-					}
-				}()
-			}
-			lastReceivedConfiguration = time.Now()
-		}
-	}()
-	go func() {
-		for {
-			configMsg := <-configurationChanValidated
-			if configMsg.Configuration == nil {
-				log.Info("Skipping empty Configuration")
-			} else if reflect.DeepEqual(currentConfigurations[configMsg.ProviderName], configMsg.Configuration) {
-				log.Info("Skipping same configuration")
-			} else {
-				// Copy configurations to new map so we don't change current if LoadConfig fails
-				newConfigurations := make(configs)
-				for k, v := range currentConfigurations {
-					newConfigurations[k] = v
-				}
-				newConfigurations[configMsg.ProviderName] = configMsg.Configuration
-
-				newConfigurationRouter, err := LoadConfig(newConfigurations, globalConfiguration)
-				if err == nil {
-					serverLock.Lock()
-					currentConfigurations = newConfigurations
-					configurationRouter = newConfigurationRouter
-					oldServer := srv
-					newsrv, err := prepareServer(configurationRouter, globalConfiguration, oldServer, loggerMiddleware, metrics)
-					if err != nil {
-						log.Fatal("Error preparing server: ", err)
-					}
-					go startServer(newsrv, globalConfiguration)
-					srv = newsrv
-					time.Sleep(1 * time.Second)
-					if oldServer != nil {
-						log.Info("Stopping old server")
-						oldServer.Close()
-					}
-					serverLock.Unlock()
-				} else {
-					log.Error("Error loading new configuration, aborted ", err)
-				}
-			}
-		}
-	}()
-
-	// configure providers
-	if globalConfiguration.Docker != nil {
-		providers = append(providers, globalConfiguration.Docker)
-	}
-	if globalConfiguration.Marathon != nil {
-		providers = append(providers, globalConfiguration.Marathon)
-	}
-	if globalConfiguration.File != nil {
-		if len(globalConfiguration.File.Filename) == 0 {
-			// no filename, setting to global config file
-			globalConfiguration.File.Filename = *globalConfigFile
-		}
-		providers = append(providers, globalConfiguration.File)
-	}
-	if globalConfiguration.Web != nil {
-		providers = append(providers, globalConfiguration.Web)
-	}
-	if globalConfiguration.Consul != nil {
-		providers = append(providers, globalConfiguration.Consul)
-	}
-	if globalConfiguration.Etcd != nil {
-		providers = append(providers, globalConfiguration.Etcd)
-	}
-	if globalConfiguration.Zookeeper != nil {
-		providers = append(providers, globalConfiguration.Zookeeper)
-	}
-	if globalConfiguration.Boltdb != nil {
-		providers = append(providers, globalConfiguration.Boltdb)
-	}
-
-	// start providers
-	for _, provider := range providers {
-		log.Infof("Starting provider %v %+v", reflect.TypeOf(provider), provider)
-		currentProvider := provider
-		go func() {
-			err := currentProvider.Provide(configurationChan)
-			if err != nil {
-				log.Errorf("Error starting provider %s", err)
-			}
-		}()
-	}
-
-	go func() {
-		sig := <-sigs
-		log.Infof("I have to go... %+v", sig)
-		log.Info("Stopping server")
-		srv.Close()
-		stopChan <- true
-	}()
-
-	//negroni.Use(middlewares.NewCircuitBreaker(oxyLogger))
-	//negroni.Use(middlewares.NewRoutes(configurationRouter))
-
-	var er error
-	serverLock.Lock()
-	srv, er = prepareServer(configurationRouter, globalConfiguration, nil, loggerMiddleware, metrics)
-	if er != nil {
-		log.Fatal("Error preparing server: ", er)
-	}
-	go startServer(srv, globalConfiguration)
-	//TODO change that!
-	time.Sleep(100 * time.Millisecond)
-	serverLock.Unlock()
-
-	<-stopChan
-	log.Info("Shutting down")
-}
-
-// creates a TLS config that allows terminating HTTPS for multiple domains using SNI
-func createTLSConfig(certs []Certificate) (*tls.Config, error) {
-	if len(certs) == 0 {
-		return nil, nil
-	}
-
-	config := &tls.Config{}
-	if config.NextProtos == nil {
-		config.NextProtos = []string{"http/1.1"}
-	}
-
-	var err error
-	config.Certificates = make([]tls.Certificate, len(certs))
-	for i, v := range certs {
-		config.Certificates[i], err = tls.LoadX509KeyPair(v.CertFile, v.KeyFile)
-		if err != nil {
-			return nil, err
-		}
-	}
-	// BuildNameToCertificate parses the CommonName and SubjectAlternateName fields
-	// in each certificate and populates the config.NameToCertificate map.
-	config.BuildNameToCertificate()
-	return config, nil
-}
-
-func startServer(srv *manners.GracefulServer, globalConfiguration *GlobalConfiguration) {
-	log.Info("Starting server")
-	if srv.TLSConfig != nil {
-		err := srv.ListenAndServeTLSWithConfig(srv.TLSConfig)
-		if err != nil {
-			log.Fatal("Error creating server: ", err)
-		}
-	} else {
-		err := srv.ListenAndServe()
-		if err != nil {
-			log.Fatal("Error creating server: ", err)
-		}
-	}
-	log.Info("Server stopped")
-}
-
-func prepareServer(router *mux.Router, globalConfiguration *GlobalConfiguration, oldServer *manners.GracefulServer, middlewares ...negroni.Handler) (*manners.GracefulServer, error) {
-	log.Info("Preparing server")
-	// middlewares
-	var negroni = negroni.New()
-	for _, middleware := range middlewares {
-		negroni.Use(middleware)
-	}
-	negroni.UseHandler(router)
-	tlsConfig, err := createTLSConfig(globalConfiguration.Certificates)
-	if err != nil {
-		log.Fatalf("Error creating TLS config %s", err)
-		return nil, err
-	}
-
-	if oldServer == nil {
-		return manners.NewWithServer(
-			&http.Server{
-				Addr:      globalConfiguration.Port,
-				Handler:   negroni,
-				TLSConfig: tlsConfig,
-			}), nil
-	}
-	server, err := oldServer.HijackListener(&http.Server{
-		Addr:      globalConfiguration.Port,
-		Handler:   negroni,
-		TLSConfig: tlsConfig,
-	}, tlsConfig)
-	if err != nil {
-		log.Fatalf("Error hijacking server %s", err)
-		return nil, err
-	}
-	return server, nil
-}
-
-// LoadConfig returns a new gorrilla.mux Route from the specified global configuration and the dynamic
-// provider configurations.
-func LoadConfig(configurations configs, globalConfiguration *GlobalConfiguration) (*mux.Router, error) {
-	router := mux.NewRouter()
-	router.NotFoundHandler = http.HandlerFunc(notFoundHandler)
-	backends := map[string]http.Handler{}
-	for _, configuration := range configurations {
-		for frontendName, frontend := range configuration.Frontends {
-			log.Debugf("Creating frontend %s", frontendName)
-			fwd, _ := forward.New(forward.Logger(oxyLogger), forward.PassHostHeader(frontend.PassHostHeader))
-			newRoute := router.NewRoute().Name(frontendName)
-			for routeName, route := range frontend.Routes {
-				log.Debugf("Creating route %s %s:%s", routeName, route.Rule, route.Value)
-				newRouteReflect, err := invoke(newRoute, route.Rule, route.Value)
-				if err != nil {
-					return nil, err
-				}
-				newRoute = newRouteReflect[0].Interface().(*mux.Route)
-			}
-			if backends[frontend.Backend] == nil {
-				log.Debugf("Creating backend %s", frontend.Backend)
-				var lb http.Handler
-				rr, _ := roundrobin.New(fwd)
-				if configuration.Backends[frontend.Backend] == nil {
-					return nil, errors.New("Backend not found: " + frontend.Backend)
-				}
-				lbMethod, err := types.NewLoadBalancerMethod(configuration.Backends[frontend.Backend].LoadBalancer)
-				if err != nil {
-					configuration.Backends[frontend.Backend].LoadBalancer = &types.LoadBalancer{Method: "wrr"}
-				}
-				switch lbMethod {
-				case types.Drr:
-					log.Infof("Creating load-balancer drr")
-					rebalancer, _ := roundrobin.NewRebalancer(rr, roundrobin.RebalancerLogger(oxyLogger))
-					lb = rebalancer
-					for serverName, server := range configuration.Backends[frontend.Backend].Servers {
-						url, err := url.Parse(server.URL)
-						if err != nil {
-							return nil, err
-						}
-						log.Infof("Creating server %s %s", serverName, url.String())
-						rebalancer.UpsertServer(url, roundrobin.Weight(server.Weight))
-					}
-				case types.Wrr:
-					log.Infof("Creating load-balancer wrr")
-					lb = middlewares.NewWebsocketUpgrader(rr)
-					for serverName, server := range configuration.Backends[frontend.Backend].Servers {
-						url, err := url.Parse(server.URL)
-						if err != nil {
-							return nil, err
-						}
-						log.Infof("Creating server %s %s", serverName, url.String())
-						rr.UpsertServer(url, roundrobin.Weight(server.Weight))
-					}
-				}
-				var negroni = negroni.New()
-				if configuration.Backends[frontend.Backend].CircuitBreaker != nil {
-					log.Infof("Creating circuit breaker %s", configuration.Backends[frontend.Backend].CircuitBreaker.Expression)
-					negroni.Use(middlewares.NewCircuitBreaker(lb, configuration.Backends[frontend.Backend].CircuitBreaker.Expression, cbreaker.Logger(oxyLogger)))
-				} else {
-					negroni.UseHandler(lb)
-				}
-				backends[frontend.Backend] = negroni
-			} else {
-				log.Infof("Reusing backend %s", frontend.Backend)
-			}
-			//		stream.New(backends[frontend.Backend], stream.Retry("IsNetworkError() && Attempts() <= " + strconv.Itoa(globalConfiguration.Replay)), stream.Logger(oxyLogger))
-
-			newRoute.Handler(backends[frontend.Backend])
-			err := newRoute.GetError()
-			if err != nil {
-				log.Errorf("Error building route: %s", err)
-			}
-		}
-	}
-	return router, nil
-}
-
-// Invoke calls the specified method with the specified arguments on the specified interface.
-// It uses the go(lang) reflect package.
-func invoke(any interface{}, name string, args ...interface{}) ([]reflect.Value, error) {
-	inputs := make([]reflect.Value, len(args))
-	for i := range args {
-		inputs[i] = reflect.ValueOf(args[i])
-	}
-	method := reflect.ValueOf(any).MethodByName(name)
-	if method.IsValid() {
-		return method.Call(inputs), nil
-	}
-	return nil, errors.New("Method not found: " + name)
+	os.Exit(0)
 }
--- a/traefik.sample.toml
+++ b/traefik.sample.toml
@@ -2,13 +2,6 @@
 # Global configuration
 ################################################################

-# Reverse proxy port
-#
-# Optional
-# Default: ":80"
-#
-# port = ":80"
-
 # Timeout in seconds.
 # Duration to give active requests a chance to finish during hot-reloads
 #
@@ -37,15 +30,6 @@
 #
 # logLevel = "ERROR"

-# SSL certificates and keys
-# You may add several certificate/key pairs to terminate HTTPS for multiple domain names using TLS SNI
-#
-# Optional
-#
-# [[certificates]]
-# CertFile = "traefik.crt"
-# KeyFile = "traefik.key"
-
 # Backends throttle duration: minimum duration between 2 events from providers
 # before applying a new configuration. It avoids unnecessary reloads if multiples events
 # are sent in a short amount of time.
@@ -55,6 +39,130 @@
 #
 # ProvidersThrottleDuration = "5s"

+# If non-zero, controls the maximum idle (keep-alive) to keep per-host.  If zero, DefaultMaxIdleConnsPerHost is used.
+# If you encounter 'too many open files' errors, you can either change this value, or change `ulimit` value.
+#
+# Optional
+# Default: http.DefaultMaxIdleConnsPerHost
+#
+# MaxIdleConnsPerHost = 200
+
+# Entrypoints to be used by frontends that do not specify any entrypoint.
+# Each frontend can specify its own entrypoints.
+#
+# Optional
+# Default: ["http"]
+#
+# defaultEntryPoints = ["http", "https"]
+
+# Enable ACME (Let's Encrypt): automatic SSL
+#
+# Optional
+#
+# [acme]
+
+# Email address used for registration
+#
+# Required
+#
+# email = "test@traefik.io"
+
+# File used for certificates storage.
+# WARNING, if you use Traefik in Docker, don't forget to mount this file as a volume.
+#
+# Required
+#
+# storageFile = "acme.json"
+
+# Entrypoint to proxy acme challenge to.
+# WARNING, must point to an entrypoint on port 443 
+#
+# Required
+#
+# entryPoint = "https"
+
+# Enable on demand certificate. This will request a certificate from Let's Encrypt during the first TLS handshake for a hostname that does not yet have a certificate.
+# WARNING, TLS handshakes will be slow when requesting a hostname certificate for the first time, this can leads to DoS attacks.
+# WARNING, Take note that Let's Encrypt have rate limiting: https://community.letsencrypt.org/t/quick-start-guide/1631
+#
+# Optional
+#
+# onDemand = true
+
+# CA server to use
+# Uncomment the line to run on the staging let's encrypt server
+# Leave comment to go to prod
+#
+# Optional
+#
+# caServer = "https://acme-staging.api.letsencrypt.org/directory"
+
+# Domains list
+# You can provide SANs (alternative domains) to each main domain
+#
+# [[acme.domains]]
+#   main = "local1.com"
+#   sans = ["test1.local1.com", "test2.local1.com"]
+# [[acme.domains]]
+#   main = "local2.com"
+#   sans = ["test1.local2.com", "test2x.local2.com"]
+# [[acme.domains]]
+#   main = "local3.com"
+# [[acme.domains]]
+#   main = "local4.com"
+
+
+# Entrypoints definition
+#
+# Optional
+# Default:
+# [entryPoints]
+#   [entryPoints.http]
+#   address = ":80"
+#
+# To redirect an http entrypoint to an https entrypoint (with SNI support):
+# [entryPoints]
+#   [entryPoints.http]
+#   address = ":80"
+#     [entryPoints.http.redirect]
+#       entryPoint = "https"
+#   [entryPoints.https]
+#   address = ":443"
+#     [entryPoints.https.tls]
+#       [[entryPoints.https.tls.certificates]]
+#       CertFile = "integration/fixtures/https/snitest.com.cert"
+#       KeyFile = "integration/fixtures/https/snitest.com.key"
+#       [[entryPoints.https.tls.certificates]]
+#       CertFile = "integration/fixtures/https/snitest.org.cert"
+#       KeyFile = "integration/fixtures/https/snitest.org.key"
+#
+# To redirect an entrypoint rewriting the URL:
+# [entryPoints]
+#   [entryPoints.http]
+#   address = ":80"
+#     [entryPoints.http.redirect]
+#       regex = "^http://localhost/(.*)"
+#       replacement = "http://mydomain/$1"
+
+# Enable retry sending request if network error
+#
+# Optional
+#
+# [retry]
+
+# Number of attempts
+#
+# Optional
+# Default: (number servers in backend) -1
+#
+# attempts = 3
+
+# Sets the maximum request body to be stored in memory in Mo
+#
+# Optional
+# Default: 2
+#
+# maxMem = 3

 ################################################################
 # Web configuration backend
@@ -78,6 +186,11 @@
 #
 # CertFile = "traefik.crt"
 # KeyFile = "traefik.key"
+#
+# Set REST API to read-only mode
+#
+# Optional
+# ReadOnly = false


 ################################################################
@@ -169,12 +282,6 @@
 #
 # endpoint = "http://127.0.0.1:8080"

-# Network interface used to call Marathon web services. Needed in case of multiple network interfaces.
-# Optional
-# Default: "eth0"
-#
-# networkInterface = "eth0"
-
 # Enable watch Marathon changes
 #
 # Optional
@@ -194,6 +301,13 @@
 #
 # filename = "marathon.tmpl"

+# Expose Marathon apps by default in traefik
+#
+# Optional
+# Default: false
+#
+# ExposedByDefault = true
+
 # Enable Marathon basic authentication
 #
 # Optional
@@ -202,6 +316,13 @@
 #  httpBasicAuthUser = "foo"
 #  httpBasicPassword = "bar"

+# TLS client configuration. https://golang.org/pkg/crypto/tls/#Config
+#
+# Optional
+#
+# [marathon.TLS]
+# InsecureSkipVerify = true
+

 ################################################################
 # Consul KV configuration backend
@@ -237,6 +358,16 @@
 #
 # filename = "consul.tmpl"

+# Enable consul TLS connection
+#
+# Optional
+#
+# [consul.tls]
+# ca = "/etc/ssl/ca.crt"
+# cert = "/etc/ssl/consul.crt"
+# key = "/etc/ssl/consul.key"
+# insecureskipverify = true
+

 ################################################################
 # Etcd configuration backend
@@ -272,6 +403,16 @@
 #
 # filename = "etcd.tmpl"

+# Enable etcd TLS connection
+#
+# Optional
+#
+# [etcd.tls]
+# ca = "/etc/ssl/ca.crt"
+# cert = "/etc/ssl/etcd.crt"
+# key = "/etc/ssl/etcd.key"
+# insecureskipverify = true
+

 ################################################################
 # Zookeeper configuration backend
@@ -377,6 +518,12 @@
 #   [frontends.frontend2]
 #   backend = "backend1"
 #   passHostHeader = true
-#     [frontends.frontend2.routes.test_2]
+#   entrypoints = ["https"] # overrides defaultEntryPoints
+#     [frontends.frontend2.routes.test_1]
+#     rule = "Host"
+#     value = "{subdomain:[a-z]+}.localhost"
+#   [frontends.frontend3]
+#   entrypoints = ["http", "https"] # overrides defaultEntryPoints
+#   backend = "backend2"
 #     rule = "Path"
 #     value = "/test"
--- a/types/types.go
+++ b/types/types.go
@@ -36,6 +36,7 @@ type Route struct {

 // Frontend holds frontend configuration.
 type Frontend struct {
+	EntryPoints    []string         `json:"entryPoints,omitempty"`
 	Backend        string           `json:"backend,omitempty"`
 	Routes         map[string]Route `json:"routes,omitempty"`
 	PassHostHeader bool             `json:"passHostHeader,omitempty"`
--- a/web.go
+++ b/web.go
@@ -7,19 +7,23 @@ import (
 	"net/http"

 	log "github.com/Sirupsen/logrus"
+	"github.com/containous/traefik/autogen"
+	"github.com/containous/traefik/types"
 	"github.com/elazarl/go-bindata-assetfs"
-	"github.com/emilevauge/traefik/autogen"
-	"github.com/emilevauge/traefik/types"
 	"github.com/gorilla/mux"
+	"github.com/thoas/stats"
 	"github.com/unrolled/render"
 )

+var metrics = stats.New()
+
 // WebProvider is a provider.Provider implementation that provides the UI.
 // FIXME to be handled another way.
 type WebProvider struct {
 	Address           string
 	CertFile, KeyFile string
 	ReadOnly          bool
+	server            *Server
 }

 var (
@@ -34,12 +38,12 @@ func (provider *WebProvider) Provide(configurationChan chan<- types.ConfigMessag
 	systemRouter := mux.NewRouter()

 	// health route
-	systemRouter.Methods("GET").Path("/health").HandlerFunc(getHealthHandler)
+	systemRouter.Methods("GET").Path("/health").HandlerFunc(provider.getHealthHandler)

 	// API routes
-	systemRouter.Methods("GET").Path("/api").HandlerFunc(getConfigHandler)
-	systemRouter.Methods("GET").Path("/api/providers").HandlerFunc(getConfigHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}").HandlerFunc(getProviderHandler)
+	systemRouter.Methods("GET").Path("/api").HandlerFunc(provider.getConfigHandler)
+	systemRouter.Methods("GET").Path("/api/providers").HandlerFunc(provider.getConfigHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}").HandlerFunc(provider.getProviderHandler)
 	systemRouter.Methods("PUT").Path("/api/providers/{provider}").HandlerFunc(func(response http.ResponseWriter, request *http.Request) {
 		if provider.ReadOnly {
 			response.WriteHeader(http.StatusForbidden)
@@ -58,20 +62,20 @@ func (provider *WebProvider) Provide(configurationChan chan<- types.ConfigMessag
 		err := json.Unmarshal(body, configuration)
 		if err == nil {
 			configurationChan <- types.ConfigMessage{"web", configuration}
-			getConfigHandler(response, request)
+			provider.getConfigHandler(response, request)
 		} else {
 			log.Errorf("Error parsing configuration %+v", err)
 			http.Error(response, fmt.Sprintf("%+v", err), http.StatusBadRequest)
 		}
 	})
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends").HandlerFunc(getBackendsHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends/{backend}").HandlerFunc(getBackendHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends/{backend}/servers").HandlerFunc(getServersHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends/{backend}/servers/{server}").HandlerFunc(getServerHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends").HandlerFunc(getFrontendsHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends/{frontend}").HandlerFunc(getFrontendHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends/{frontend}/routes").HandlerFunc(getRoutesHandler)
-	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends/{frontend}/routes/{route}").HandlerFunc(getRouteHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends").HandlerFunc(provider.getBackendsHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends/{backend}").HandlerFunc(provider.getBackendHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends/{backend}/servers").HandlerFunc(provider.getServersHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/backends/{backend}/servers/{server}").HandlerFunc(provider.getServerHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends").HandlerFunc(provider.getFrontendsHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends/{frontend}").HandlerFunc(provider.getFrontendHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends/{frontend}/routes").HandlerFunc(provider.getRoutesHandler)
+	systemRouter.Methods("GET").Path("/api/providers/{provider}/frontends/{frontend}/routes/{route}").HandlerFunc(provider.getRouteHandler)

 	// Expose dashboard
 	systemRouter.Methods("GET").Path("/").HandlerFunc(func(response http.ResponseWriter, request *http.Request) {
@@ -95,39 +99,39 @@ func (provider *WebProvider) Provide(configurationChan chan<- types.ConfigMessag
 	return nil
 }

-func getHealthHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getHealthHandler(response http.ResponseWriter, request *http.Request) {
 	templatesRenderer.JSON(response, http.StatusOK, metrics.Data())
 }

-func getConfigHandler(response http.ResponseWriter, request *http.Request) {
-	templatesRenderer.JSON(response, http.StatusOK, currentConfigurations)
+func (provider *WebProvider) getConfigHandler(response http.ResponseWriter, request *http.Request) {
+	templatesRenderer.JSON(response, http.StatusOK, provider.server.currentConfigurations)
 }

-func getProviderHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getProviderHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		templatesRenderer.JSON(response, http.StatusOK, provider)
 	} else {
 		http.NotFound(response, request)
 	}
 }

-func getBackendsHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getBackendsHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		templatesRenderer.JSON(response, http.StatusOK, provider.Backends)
 	} else {
 		http.NotFound(response, request)
 	}
 }

-func getBackendHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getBackendHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
 	backendID := vars["backend"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		if backend, ok := provider.Backends[backendID]; ok {
 			templatesRenderer.JSON(response, http.StatusOK, backend)
 			return
@@ -136,11 +140,11 @@ func getBackendHandler(response http.ResponseWriter, request *http.Request) {
 	http.NotFound(response, request)
 }

-func getServersHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getServersHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
 	backendID := vars["backend"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		if backend, ok := provider.Backends[backendID]; ok {
 			templatesRenderer.JSON(response, http.StatusOK, backend.Servers)
 			return
@@ -149,12 +153,12 @@ func getServersHandler(response http.ResponseWriter, request *http.Request) {
 	http.NotFound(response, request)
 }

-func getServerHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getServerHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
 	backendID := vars["backend"]
 	serverID := vars["server"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		if backend, ok := provider.Backends[backendID]; ok {
 			if server, ok := backend.Servers[serverID]; ok {
 				templatesRenderer.JSON(response, http.StatusOK, server)
@@ -165,21 +169,21 @@ func getServerHandler(response http.ResponseWriter, request *http.Request) {
 	http.NotFound(response, request)
 }

-func getFrontendsHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getFrontendsHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		templatesRenderer.JSON(response, http.StatusOK, provider.Frontends)
 	} else {
 		http.NotFound(response, request)
 	}
 }

-func getFrontendHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getFrontendHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
 	frontendID := vars["frontend"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		if frontend, ok := provider.Frontends[frontendID]; ok {
 			templatesRenderer.JSON(response, http.StatusOK, frontend)
 			return
@@ -188,11 +192,11 @@ func getFrontendHandler(response http.ResponseWriter, request *http.Request) {
 	http.NotFound(response, request)
 }

-func getRoutesHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getRoutesHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
 	frontendID := vars["frontend"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		if frontend, ok := provider.Frontends[frontendID]; ok {
 			templatesRenderer.JSON(response, http.StatusOK, frontend.Routes)
 			return
@@ -201,12 +205,12 @@ func getRoutesHandler(response http.ResponseWriter, request *http.Request) {
 	http.NotFound(response, request)
 }

-func getRouteHandler(response http.ResponseWriter, request *http.Request) {
+func (provider *WebProvider) getRouteHandler(response http.ResponseWriter, request *http.Request) {
 	vars := mux.Vars(request)
 	providerID := vars["provider"]
 	frontendID := vars["frontend"]
 	routeID := vars["route"]
-	if provider, ok := currentConfigurations[providerID]; ok {
+	if provider, ok := provider.server.currentConfigurations[providerID]; ok {
 		if frontend, ok := provider.Frontends[frontendID]; ok {
 			if route, ok := frontend.Routes[routeID]; ok {
 				templatesRenderer.JSON(response, http.StatusOK, route)
--- a/webui/Dockerfile
+++ b/webui/Dockerfile
@@ -11,8 +11,8 @@ COPY bower.json $WEBUI_DIR/

 WORKDIR $WEBUI_DIR
 RUN npm set progress=false
-RUN npm install
-RUN bower install --allow-root
+RUN npm install --quiet
+RUN bower install --allow-root --quiet

 COPY . $WEBUI_DIR/

--- a/webui/src/app/sections/providers/frontend-monitor/frontend-monitor.html
+++ b/webui/src/app/sections/providers/frontend-monitor/frontend-monitor.html
@@ -17,6 +17,7 @@
    </table>
  </div>
  <div data-bg-show="frontendCtrl.frontend.backend" class="panel-footer">
+    <span data-ng-repeat="entryPoint in frontendCtrl.frontend.entryPoints"><span class="label label-primary">{{entryPoint}}</span><span data-ng-hide="$last">&nbsp;</span></span>
    <span class="label label-warning" role="button" data-toggle="collapse" href="#{{frontendCtrl.frontend.backend}}" aria-expanded="false">{{frontendCtrl.frontend.backend}}</span>
    <span data-ng-show="frontendCtrl.frontend.passHostHeader" class="label label-warning">Pass Host Header</span>
  </div>
--- a/webui/src/favicon.ico
+++ b/webui/src/favicon.ico
--- a/webui/src/index.html
+++ b/webui/src/index.html
@@ -2,9 +2,10 @@
 <html ng-app="traefik">
  <head>
    <meta charset="utf-8">
-      <title>/ˈTræfɪk/</title>
+      <title>Træfɪk</title>
    <meta name="description" content="">
    <meta name="viewport" content="width=device-width">
+    <link rel="icon" type="image/png" href="traefik.icon.png" />
    <!-- Place favicon.ico and apple-touch-icon.png in the root directory -->

    <!-- build:css({.tmp/serve,src}) styles/vendor.css -->
@@ -29,7 +30,7 @@
        <nav class="navbar navbar-default">
          <div class="container-fluid">
            <div class="navbar-header">
-              <a class="navbar-brand traefik-text" ui-sref="provider">/ˈTr<span class="traefik-blue">æ</span>fɪk/</a>
+              <a class="navbar-brand traefik-text" ui-sref="provider"><img src="traefik.icon.png"/></a>
            </div>

            <div class="collapse navbar-collapse">
@@ -39,7 +40,7 @@
              </ul>
              <ul class="nav navbar-nav navbar-right">
                <li>
-                  <a href="https://github.com/EmileVauge/traefik/blob/master/docs/index.md" target="_blank">Documentation</a>
+                  <a href="https://github.com/containous/traefik/blob/master/docs/index.md" target="_blank">Documentation</a>
                </li>
                <li>
                  <a href="http://traefik.io" target="_blank"><span class="traefik-blue">traefik.io</span></a>
--- a/webui/src/traefik.icon.png
+++ b/webui/src/traefik.icon.png
Author	SHA1	Message	Date
Vincent Demeester	dd160dc342	Merge pull request #267 from containous/add-retries add retries request	2016-03-30 19:04:39 +02:00
Emile Vauge	4a9e82903e	add retries request Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-29 22:25:32 +02:00
Vincent Demeester	1d040dbdd2	Merge pull request #265 from antoinecarton/master Fix typo	2016-03-29 11:12:18 +02:00
Antoine Carton	e4db9c72dd	Fix typo	2016-03-28 20:54:06 +02:00
Emile Vauge	6308ce2740	Merge pull request #264 from vdemeester/libkermit-integration Libkermit integration 😇	2016-03-28 19:16:37 +02:00
Vincent Demeester	87bad71bec	Use libkermit for integration test Using the compose package for starting and stopping project.	2016-03-27 19:58:08 +02:00
Vincent Demeester	50f09c8e4d	Move Suite definition to their respective file	2016-03-27 16:27:56 +02:00
Emile Vauge	bb1ecdd3c9	Merge pull request #262 from containous/fix-marathon-exposedByDefault Add exposedByDefault doc	2016-03-25 11:14:19 +01:00
Emile Vauge	a2c3e6e405	Add exposedByDefault doc Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-25 10:38:41 +01:00
Emile Vauge	cddbb44c75	Merge pull request #259 from vdemeester/few-build-adjustements Add a verbose mode to builds	2016-03-24 00:50:09 +01:00
Vincent Demeester	7aa0c91401	Add a verbose mode to builds Using the VERBOSE environment variable, tests and binary compilation are ran in verbose mode (using -v), but by default there are more quiet O:). Signed-off-by: Vincent Demeester <vincent@sbr.pm>	2016-03-23 23:06:22 +01:00
Vincent Demeester	6bfc849a24	Merge pull request #224 from containous/add-lets-encrypt-suppport Add let's encrypt support	2016-03-23 16:52:21 +01:00
Emile Vauge	ac4aa0d182	add errcheck validation Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-23 16:39:09 +01:00
Emile Vauge	d9ffc39075	add acme package, refactor acme as resuable API Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-22 00:12:43 +01:00
Emile Vauge	87e8393b07	Fix tests with lets encrypt Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-21 20:15:28 +01:00
Emile Vauge	1ab9c82dfb	Let's Encrypt Doc Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-21 20:15:28 +01:00
Emile Vauge	6e484e5c2d	add let's encrypt support Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-21 20:15:28 +01:00
Emile Vauge	087b68e14d	Merge pull request #251 from sample/master Add defaultExpose option to marathon section	2016-03-21 14:01:57 +01:00
Nikita Borzykh	c313950891	Add exposedByDefault option to marathon section	2016-03-21 12:37:02 +03:00
Vincent Demeester	7716d3377a	Merge pull request #256 from containous/move-to-containous-oxy Move to containous/oxy	2016-03-16 11:41:20 +01:00
Emile Vauge	0cbe34eef3	Move to containous/oxy, remove websocket specific support Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-15 23:42:52 +01:00
Vincent Demeester	08d8c334a3	Merge pull request #255 from containous/Fix-remove-travis-build-tag Avoid travis building on tags	2016-03-14 18:28:51 +01:00
Emile Vauge	d75a151df3	Avoid travis building on tags due to https://github.com/travis-ci/travis-ci/issues/1532	2016-03-14 17:36:12 +01:00
Emile Vauge	10e223ede2	Merge pull request #246 from keis/new-style-argument-systemd Update systemd service file with new cli flags	2016-03-14 16:53:05 +01:00
David Keijser	6a8bacf01c	Update systemd service file with new cli flags	2016-03-14 16:34:31 +01:00
Emile Vauge	d4cc3900bd	Merge pull request #250 from containous/bump-beta-semver Bump to beta, using semver	2016-03-09 23:55:26 +01:00
Emile Vauge	ab619a4a3f	Bump to beta, using semver Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-09 23:40:01 +01:00
Emile Vauge	4c447985b6	Merge pull request #247 from containous/fix-redirect-bug fixes redirect bug en port 80	2016-03-09 19:54:16 +01:00
Emile Vauge	eaadd2d0cd	fixes redirect bug en port 80	2016-03-09 18:59:08 +01:00
Emile Vauge	9830086790	Merge pull request #242 from containous/fix-old-docker-repo Fix push to old docker repo emilevauge/traefik	2016-03-08 17:24:26 +01:00
Emile Vauge	8393746e02	Fix benchmarks	2016-03-08 16:27:12 +01:00
Emile Vauge	2314ad9bf9	Fix push to old docker repo emilevauge/traefik	2016-03-08 13:16:58 +01:00
Vincent Demeester	3af21612b6	Merge pull request #239 from goguardian/kv-watch-tree Support libkv.WatchTree chan errors:	2016-03-05 21:58:48 +01:00
Advait Shinde	7674a82801	Fatalf for timeout cases.	2016-03-05 20:43:44 +00:00
Advait Shinde	d63d2a8a26	Support libkv.WatchTree chan errors: - libkv.WatchTree returns a channel whose messages represent changes to the watched tree. In situations where libkv cannot read from the underlying store, libkv will close the provided channel. - This PR handles this edge case and fixes #238.	2016-03-05 20:38:33 +00:00
Vincent Demeester	a458018aa2	Merge pull request #240 from containous/update-benchmarks update benchmarks with haproxy and latest results	2016-03-05 18:39:00 +01:00
Emile Vauge	33cde6aacd	update benchmarks with haproxy and latest results Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-05 13:34:18 +01:00
Vincent Demeester	4ded2682d2	Merge pull request #235 from containous/refactor-hot-reload Refactor hot reload	2016-03-04 16:41:45 +01:00
Emile Vauge	4042938556	add handler switcher instead of Manners Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-04 15:55:28 +01:00
Vincent Demeester	0e683cc535	Merge pull request #234 from thermeon/feature/quick_typo Fix typo Unkown -> unknown in error	2016-03-04 09:01:49 +01:00
Gareth Kirwan	4923da7f4d	Fix typo Unkown -> unknown in error	2016-03-03 20:29:52 +00:00
Vincent Demeester	11781087ca	Merge pull request #230 from tayzlor/marathon-event-stream Use event stream API instead of event subscriptions	2016-03-02 15:24:43 +01:00
Graham Taylor	3063251d43	Use event stream API instead of event subscriptions	2016-03-02 09:22:14 +00:00
Vincent Demeester	b42b170ad2	Merge pull request #227 from containous/fix-docker-network Fix docker network	2016-03-01 13:12:08 +01:00
Emile Vauge	defbb44b35	Fix docker network Signed-off-by: Emile Vauge <emile@vauge.com>	2016-03-01 11:52:30 +00:00
Emile Vauge	a00eb81f03	Merge pull request #228 from ProPheT777/patch-1 My $0.02 - Center gopher	2016-02-29 19:35:47 +01:00
Johann Saunier	a63d989a35	My $0.02 - Center gopher	2016-02-29 18:27:09 +01:00
Vincent Demeester	6c3c5578c6	Merge pull request #225 from containous/add-path-prefix Add PathPrefixStrip and PathStrip rules	2016-02-26 16:52:12 +01:00
Emile Vauge	122783e36b	Add PathPrefixStrip and PathStrip rules Signed-off-by: Emile Vauge <emile@vauge.com>	2016-02-26 15:58:55 +01:00
Emile Vauge	b84b95fe97	Merge pull request #223 from goguardian/kv-multi Support multiple endpoints for KV stores:	2016-02-26 11:41:18 +01:00
Advait Shinde	a99010b8c2	Create an integration test for Etcd: - Integration test specifically spins up an Etcd cluster with three nodes.	2016-02-25 23:34:51 +00:00
Advait Shinde	8954aa7118	Update docs to mention commas.	2016-02-25 23:34:51 +00:00
Advait Shinde	3cf848958f	Support multiple endpoints for KV stores: - Fixes #222	2016-02-25 23:34:51 +00:00
Vincent Demeester	1a5668377c	Merge pull request #209 from tboerger/feature/tls-auth Integrated TLS auth for etcd and consul	2016-02-25 10:58:23 +01:00
Thomas Boerger	dc10c56b35	Integrated TLS auth for etcd and consul	2016-02-24 23:32:34 +01:00
Vincent Demeester	331cd173ce	Merge pull request #220 from containous/transfer-repo-to-containous-org Transfer emilevauge/traefik to containous/traefik	2016-02-24 22:22:57 +01:00
Emile Vauge	1881d5eeed	Transfer emilevauge/traefik to containous/traefik Signed-off-by: Emile Vauge <emile@vauge.com>	2016-02-24 17:38:36 +01:00
Vincent Demeester	e0872b6157	Merge pull request #219 from emilevauge/add-traefik-library-image Add publish to traefik-library-image	2016-02-24 16:11:15 +01:00
Emile Vauge	63fb9c7135	publish binary to traefik-library-image repo Signed-off-by: Emile Vauge <emile@vauge.com>	2016-02-24 15:48:03 +01:00
Vincent Demeester	9964654495	Merge pull request #183 from keis/consul-catalog WIP consul catalog provider	2016-02-24 09:35:26 +01:00
David Keijser	ae275c9e60	Consul catalog provider Fixes #176	2016-02-24 09:23:27 +01:00
David Keijser	4277fe2fdb	Bump libcompose	2016-02-24 09:23:27 +01:00
Vincent Demeester	7acc2beae0	Merge pull request #214 from octoblu/add-frontend-determinism Deterministic frontend registration	2016-02-24 00:05:03 +01:00
Roy van de Water	847deeac79	Deterministic frontend registration Conflicts: server.go	2016-02-22 13:37:54 -07:00
Emile Vauge	ac56c1310c	Merge pull request #206 from emilevauge/add-partners Add partners	2016-02-22 17:33:28 +01:00
emile	7460b343fe	Cleanup configuration management	2016-02-22 17:15:45 +01:00
emile	ec16011e31	Add partners, move contributing	2016-02-22 16:26:20 +01:00
emile	71b0e27517	bash instead?	2016-02-22 16:03:57 +01:00
emile	60e9282f0a	fixes typo ghr	2016-02-22 15:35:51 +01:00
emile	6cd35a50ce	after succes make deploy	2016-02-22 15:17:14 +01:00
emile	b35ad76ec6	rewrite deploy tests	2016-02-22 15:01:00 +01:00
emile	54208f6fc3	travis after_success instead of deploy Signed-off-by: emile <emile@vauge.com>	2016-02-22 14:33:46 +01:00
emile	6282bf33a0	travis skip_cleanup Signed-off-by: emile <emile@vauge.com>	2016-02-22 14:11:17 +01:00
Emile Vauge	a1c1958235	Merge pull request #208 from emilevauge/migrate-on-travisci Migrate on travisci	2016-02-22 13:35:00 +01:00
emile	91b699fbe0	Migrate CI to travis - Add travis build file - Use golang alpine image - Clean scripts a little bit - Disable CGO for test-integration >_<	2016-02-22 12:20:56 +01:00
Vincent Demeester	3a08655b06	Merge pull request #188 from emilevauge/add-marathon-tls-client-config Add Marathon TLS client config	2016-02-18 14:23:38 +01:00
emile	9a9c8e5709	Add Marathon TLS client config Signed-off-by: emile <emile@vauge.com>	2016-02-18 12:42:59 +00:00
Vincent Demeester	c7d34b54aa	Merge pull request #205 from emilevauge/bump-go-1.6 Bump go 1.6	2016-02-18 11:07:18 +01:00
emile	8d860c84c8	Add HTTP2 support Signed-off-by: emile <emile@vauge.com>	2016-02-18 10:31:56 +01:00
emile	1dc086730e	Bump golang 1.6	2016-02-18 10:30:41 +01:00
Emile Vauge	5d79e56d30	Merge pull request #193 from dontrebootme/fix192 fix mantl url typo	2016-02-17 23:05:26 +01:00
Vincent Demeester	6e7677de79	Merge pull request #203 from goguardian/alias Implement `/traefik/alias` for KV stores.	2016-02-17 09:56:43 +01:00
Patrick O'Connor	fab6b8be3c	fix mantl url typo	2016-02-16 12:30:33 -08:00
Advait Shinde	f1c1eed437	Fix typo in documentation	2016-02-16 11:55:42 -05:00
Advait Shinde	348ab794c9	Add documentation for `/traefik/alias`.	2016-02-15 18:46:03 -05:00
Advait Shinde	aacedcc4b3	Implement `/traefik/alias` for KV stores.	2016-02-15 18:14:57 -05:00
Emile Vauge	786acc961a	Merge pull request #200 from vdemeester/some-fixes Do some build / test-integration fixes	2016-02-13 16:33:42 +01:00
Vincent Demeester	7adffdbd78	Run npm in quiet mode O:) Signed-off-by: Vincent Demeester <vincent@sbr.pm>	2016-02-13 16:14:26 +01:00
Vincent Demeester	e3b519cdd8	Do some build / test-integration fixes - target generate-webui depends on build-webui - generate-webui will run only if the folder static does not exists - create compose project before starting it >_<'', otherwise it does nothing :'D Signed-off-by: Vincent Demeester <vincent@sbr.pm>	2016-02-13 16:04:08 +01:00
Vincent Demeester	e9c23195a0	Merge pull request #195 from emilevauge/fix-regression-marathon-backends Fix regression on marathon backend	2016-02-12 15:31:59 +01:00
emile	c6c3af8099	Fix regression on marathon backend Signed-off-by: emile <emile@vauge.com>	2016-02-12 15:03:28 +01:00
Emile Vauge	07c077cf94	Merge pull request #189 from vdemeester/fix-make-all Fix make all	2016-02-10 14:10:26 +01:00
Vincent Demeester	4ac18f1989	Fix make all Add build-ui as dependent target for all. Otherwise it does not build >_< Signed-off-by: Vincent Demeester <vincent@sbr.pm>	2016-02-10 13:55:47 +01:00
Vincent Demeester	4ecb919787	Merge pull request #178 from emilevauge/add-multiple-entrypoints-support Add multiple entry points support	2016-02-10 13:54:30 +01:00
emile	4152bd5e26	Update doc with entrypoints	2016-02-10 12:18:50 +01:00
emile	a8cc26fd91	Add entrypoints to providers	2016-02-10 12:14:16 +01:00
emile	81cb00573f	Fix tests to accept entrypoints	2016-02-10 12:14:16 +01:00
emile	c22598c8ff	Add multiple entry points support, add entry point redirection	2016-02-10 12:14:16 +01:00
Vincent Demeester	bb3b9f61cd	Merge pull request #187 from emilevauge/add-max-idle-conns-per-host Add MaxIdleConnsPerHost. Fixes too many open files error.	2016-02-09 22:49:03 +01:00
emile	49cd7f799e	Add MaxIdleConnsPerHost. Fixes too many open files error.	2016-02-09 22:29:01 +01:00
Vincent Demeester	8b334551d8	Merge pull request #185 from ReadmeCritic/master Update README URLs based on HTTP redirects	2016-02-08 19:15:41 +01:00
ReadmeCritic	5ef6d53d00	Update README URLs based on HTTP redirects	2016-02-08 07:43:43 -08:00
Vincent Demeester	901c9b29bc	Merge pull request #171 from tayzlor/fix-170-marathon-getbackend Fix #170 - getBackend for marathon plugin	2016-02-06 14:06:42 +01:00
Graham Taylor	2d79c500df	Fix #170 - lookup backend for marathon plugin so we can specify traefik.backend via labels on the container	2016-02-05 18:01:47 +00:00
Vincent Demeester	d3598021b7	Merge pull request #184 from dontrebootme/master Updated getEscapedName with slash to dash instead of space	2016-02-03 22:09:52 +01:00
Patrick O'Connor	31e0340959	Updated getEscapedName with slash to dash instead of space Remove only the first slash, convert the rest to dash	2016-02-03 12:07:08 -08:00
Emile Vauge	cb46e8751b	Merge pull request #177 from Hugues-Antoine/master Updating documentation to make a more explicit usage of the traefik.frontend.rule rule when combined with traefik.frontend.value	2016-01-29 19:46:12 +01:00
Hugues-Antoine	739a836c52	Updating documentation to make a more explicit usage of the traefik.frontend.rule rule when combined with traefik.frontend.value	2016-01-29 18:59:31 +01:00
Vincent Demeester	1cbe00d613	Merge pull request #161 from emilevauge/add-env-args Add environnement variables and arguments configuration	2016-01-29 11:49:33 +01:00
Vincent Demeester	10d92ca176	Merge branch 'master' into add-env-args	2016-01-29 11:34:15 +01:00
emile	f1b62b45f4	Fixes following review	2016-01-27 19:47:20 +01:00
emile	8adadaa5d4	Add launch configuration documentation	2016-01-27 13:56:46 +01:00
emile	35070f7c1c	Use of Viper and cobra	2016-01-27 13:56:46 +01:00
emile	a0b15a0efd	Main file refactoring, extract a Server object	2016-01-27 13:55:40 +01:00