Update traefik to v1.1.2 and some bugfixes in v1.1.1

2016-12-21 05:25:43 +01:00 · 2016-12-21 05:25:43 +01:00 · 97453a4917
commit 97453a4917
parent e6d3d6e3f3
7 changed files with 220 additions and 3 deletions
--- a/templates/traefik/4/README.md
+++ b/templates/traefik/4/README.md
@ -18,6 +18,7 @@
 - acme_enable = false 				# Enable/Disable acme traefik support.
 - acme_email = "test@traefik.io" 	# acme user email
 - acme_ondemand = true 				# acme ondemand parameter.
+- acme_onhostrule = true 			# acme onHostRule parameter.
 - ssl_key # Paste your ssl key. *Required if you enable https
 - ssl_crt # Paste your ssl crt. *Required if you enable https
 - refresh_interval = 10s  # Interval to refresh traefik rules.toml from rancher-metadata.
@ -30,6 +31,7 @@ Traefik labels has to be added in your services, in order to get included in tra
  - true: the service will be published as *service_name.stack_name.traefik_domain*
  - stack: the service will be published as *stack_name.traefik_domain*. WARNING: You could have collisions inside services within your stack
  - false: the service will not be published
+- traefik.alias = < alias >			# Alternate names to route rule. Multiple values separated by ",". WARNING: You could have collisions BE CAREFULL
 - traefik.domain = < domain >		# Domain names to route rule. Multiple values separated by "," 
 - traefik.path = < path >		    # Path to route rule. Multiple paths separated by ","
 - traefik.port = < port > 			# Port to expose throught traefik  
@ -53,4 +55,9 @@ Traefik labels has to be added in your services, in order to get included in tra
 - http://${stack_name}.${traefik.domain}:${http_port}
 - https://${stack_name}.${traefik.domain}:${https_port}

+ If you set traefik.alias you service could also be acceses through
+
+ - http://${traefik.alias}.${traefik.domain}:${http_port}
+ - https://${traefik.alias}.${traefik.domain}:${https_port}
+
 Note: To access the services, you need to create A or CNAMES dns entries for every one. 
--- a/templates/traefik/4/docker-compose.yml
+++ b/templates/traefik/4/docker-compose.yml
@ -12,7 +12,7 @@ traefik:
    io.rancher.container.hostname_override: container_name
  tty: true
  log_opt: {}
-  image: rawmind/alpine-traefik:1.1.1-1
+  image: rawmind/alpine-traefik:1.1.1-2
  environment:
  - CONF_INTERVAL=${refresh_interval}
  - TRAEFIK_HTTP_PORT=${http_port}
@ -21,6 +21,7 @@ traefik:
  - TRAEFIK_ACME_ENABLE=${acme_enable}
  - TRAEFIK_ACME_EMAIL=${acme_email}
  - TRAEFIK_ACME_ONDEMAND=${acme_ondemand}
+  - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule}
  volumes_from:
  - traefik-conf
 traefik-conf:
@ -32,7 +33,7 @@ traefik-conf:
    io.rancher.container.start_once: 'true'
  tty: true
  log_opt: {}
-  image: rawmind/rancher-traefik:0.3.4-10
+  image: rawmind/rancher-traefik:0.3.4-14
  net: none
  volumes:
    - /opt/tools
--- a/templates/traefik/4/rancher-compose.yml
+++ b/templates/traefik/4/rancher-compose.yml
@ -60,6 +60,12 @@
      required: true
      default: true 
      type: "boolean"
+    - variable: "acme_onhostrule"
+      description: "Enable acme onHostRule."
+      label: "ACME onHostRule:"
+      required: true
+      default: true 
+      type: "boolean"
    - variable: "ssl_key"
      description: "SSL key to secure the service. *Required if you enable https"
      label: "SSL key"
--- a/templates/traefik/5/README.md
+++ b/templates/traefik/5/README.md
@ -0,0 +1,63 @@
+# Traefik active load balancer (Experimental)
+
+### Info:
+
+ This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata. 
+ It would be deployed in hosts with label traefik_lb=true.
+
+### Config:
+
+- host_label = "traefik_lb=true" # Host label where to run traefik service.
+- http_port = 8080  # Port exposed to get access to the published services.
+- https_port = 8443  # Port exposed to get secured access to the published services.
+- admin_port = 8000  # Port exposed to get admin access to the traefik service.
+- https_enable = <false | true | only>
+  - false: Enable http enpoints and disable https ones.
+  - true: Enable http and https endpoints.
+  - only: Enable https endpoints and redirect http to https.
+- acme_enable = false 				# Enable/Disable acme traefik support.
+- acme_email = "test@traefik.io" 	# acme user email
+- acme_ondemand = true 				# acme ondemand parameter.
+- acme_onhostrule = true 			# acme onHostRule parameter.
+- ssl_key # Paste your ssl key. *Required if you enable https
+- ssl_crt # Paste your ssl crt. *Required if you enable https
+- refresh_interval = 10s  # Interval to refresh traefik rules.toml from rancher-metadata.
+
+### Service configuration labels:
+
+Traefik labels has to be added in your services, in order to get included in traefik dynamic config.
+
+- traefik.enable = <true | false> 
+  - true: the service will be published as *service_name.stack_name.traefik_domain*
+  - stack: the service will be published as *stack_name.traefik_domain*. WARNING: You could have collisions inside services within your stack
+  - false: the service will not be published
+- traefik.alias = < alias >			# Alternate names to route rule. Multiple values separated by ",". WARNING: You could have collisions BE CAREFULL
+- traefik.domain = < domain >		# Domain names to route rule. Multiple values separated by "," 
+- traefik.path = < path >		    # Path to route rule. Multiple paths separated by ","
+- traefik.port = < port > 			# Port to expose throught traefik  
+- traefik.acme = < true | false >	# Enable/disable ACME traefik feature
+ 
+### Usage:
+
+ Select Traefik from catalog. 
+ 
+ Set the params.
+
+ Click deploy.
+
+ Services will be accessed throught hosts ip's whith $host_label: 
+
+ - http://${service_name}.${stack_name}.${traefik.domain}:${http_port}
+ - https://${service_name}.${stack_name}.${traefik.domain}:${https_port}
+ 
+ or 
+ 
+ - http://${stack_name}.${traefik.domain}:${http_port}
+ - https://${stack_name}.${traefik.domain}:${https_port}
+
+ If you set traefik.alias you service could also be acceses through
+
+ - http://${traefik.alias}.${traefik.domain}:${http_port}
+ - https://${traefik.alias}.${traefik.domain}:${https_port}
+
+Note: To access the services, you need to create A or CNAMES dns entries for every one. 
--- a/templates/traefik/5/docker-compose.yml
+++ b/templates/traefik/5/docker-compose.yml
@ -0,0 +1,39 @@
+traefik:
+  ports:
+  - ${admin_port}:8000/tcp
+  - ${http_port}:${http_port}/tcp
+  - ${https_port}:${https_port}/tcp
+  log_driver: ''
+  labels:
+    io.rancher.scheduler.global: 'true'
+    io.rancher.scheduler.affinity:host_label: ${host_label}
+    io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
+    io.rancher.sidekicks: traefik-conf
+    io.rancher.container.hostname_override: container_name
+  tty: true
+  log_opt: {}
+  image: rawmind/alpine-traefik:1.1.2
+  environment:
+  - CONF_INTERVAL=${refresh_interval}
+  - TRAEFIK_HTTP_PORT=${http_port}
+  - TRAEFIK_HTTPS_PORT=${https_port}
+  - TRAEFIK_HTTPS_ENABLE=${https_enable}
+  - TRAEFIK_ACME_ENABLE=${acme_enable}
+  - TRAEFIK_ACME_EMAIL=${acme_email}
+  - TRAEFIK_ACME_ONDEMAND=${acme_ondemand}
+  - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule}
+  volumes_from:
+  - traefik-conf
+traefik-conf:
+  log_driver: ''
+  labels:
+    io.rancher.scheduler.global: 'true'
+    io.rancher.scheduler.affinity:host_label: ${host_label}
+    io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
+    io.rancher.container.start_once: 'true'
+  tty: true
+  log_opt: {}
+  image: rawmind/rancher-traefik:0.3.4-14
+  net: none
+  volumes:
+    - /opt/tools
--- a/templates/traefik/5/rancher-compose.yml
+++ b/templates/traefik/5/rancher-compose.yml
@ -0,0 +1,101 @@
+.catalog:
+  name: traefik
+  version: v1.1.2-rancher1
+  description: |
+    (Experimental) Traefik load balancer.
+  minimum_rancher_version: v0.59.0
+  maintainer: "Raul Sanchez <rawmind@gmail.com>"
+  uuid: traefik-0
+  questions:
+    - variable: "host_label"
+      description: "Host label where to run traefik service."
+      label: "Host label:"
+      required: true
+      default: "traefik_lb=true" 
+      type: "string"
+    - variable: "http_port"
+      description: "Traefik http public port to listen."
+      label: "Http port:"
+      required: true
+      default: 8080
+      type: "int"
+    - variable: "https_port"
+      description: "Traefik https public port to listen."
+      label: "Https port:"
+      required: true
+      default: 8443
+      type: "int"
+    - variable: "admin_port"
+      description: "Traefik admin public port to listen."
+      label: "Admin port:"
+      required: true
+      default: 8000 
+      type: "int"
+    - variable: "https_enable"
+      label: "Enable HTTPS:"
+      description: |
+        Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work.
+      default: false
+      required: true
+      type: enum
+      options:
+        - false
+        - true
+        - only
+    - variable: "acme_enable"
+      description: "Enable acme support on traefik."
+      label: "Enable ACME:"
+      required: true
+      default: false 
+      type: "boolean"
+    - variable: "acme_email"
+      description: "ACME user email."
+      label: "ACME email:"
+      required: true
+      default: "test@traefik.io" 
+      type: "string"
+    - variable: "acme_ondemand"
+      description: "Enable acme ondemand."
+      label: "ACME ondemand:"
+      required: true
+      default: true 
+      type: "boolean"
+    - variable: "acme_onhostrule"
+      description: "Enable acme onHostRule."
+      label: "ACME onHostRule:"
+      required: true
+      default: true 
+      type: "boolean"
+    - variable: "ssl_key"
+      description: "SSL key to secure the service. *Required if you enable https"
+      label: "SSL key"
+      type: "multiline"
+      required: false
+      default: ""
+    - variable: "ssl_crt"
+      description: "SSL cert to secure the service. *Required if you enable https"
+      label: "SSL crt"
+      type: "multiline"
+      required: false
+      default: ""
+    - variable: "refresh_interval"
+      description: "Interval to poll/apply configuration changes." 
+      label: "Refresh Interval (s):"
+      required: true
+      default: 10 
+      type: "int"
+traefik:
+  retain_ip: true
+  health_check:
+    port: 8000
+    interval: 5000
+    unhealthy_threshold: 3
+    request_line: 'GET /dashboard/# HTTP/1.0'
+    healthy_threshold: 2
+    response_timeout: 5000
+  metadata:
+    traefik:
+      ssl_key: |
+        ${ssl_key}
+      ssl_crt: |
+        ${ssl_crt}
--- a/templates/traefik/config.yml
+++ b/templates/traefik/config.yml
@ -1,7 +1,7 @@
 name: Traefik
 description: |
  (Experimental) Traefik active load balancer
-version: v1.1.1-rancher1
+version: v1.1.2-rancher1
 category: Load Balancing
 maintainer: "Raul Sanchez <rawmind@gmail.com>"
 minimum_rancher_version: v0.59.0