------------------------------------------------------------------- Mon Nov 28 12:10:58 UTC 2022 - alexandre.vicenzi@suse.com - Update to version 2.9.5: * Prepare release v2.9.5 (#9513) * Create a new capture instance for each incoming request * docs(contributing): enhance wording of building-testing page * docs(contributing): add link descriptions and update wording * docs: update helm repository * Removes the experimental tag on the Traefik Hub header * Update vulcand/oxy to v1.4.2 * chore: update github.com/opencontainers/runc * Prepare release v2.9.4 * Prepare release v2.9.3 * Prepare release v2.9.2 * Handle capture on redefined http.responseWriters * Update Yaegi to v0.14.3 * Remove side effect on default transport tests * chore: bump github.com/BurntSushi/toml to v1.2.1 * chore: update actions/cache to v3 * Simplify dashboard rule example * chore: update linter * Fix links to gateway API guides * Remove unnecessary linting exclusions * Add v2.9 to release page * fix: redis configuration type * Remove raw cert escape in PassTLSClientCert middleware * chore: update misspell * ISSUE_TEMPLATE: clarify maintainers involvement in issues closing * chore: update linter * updated go-acme/lego to v4.9.0 * prepare-release-v2.9.1 (#9410) * Prepare release v2.9.0 (#9409) * Prepare release v2.9.0-rc5 * Prepare release v2.8.8 * Fix autoDiscoverClusters option documentation for ECS provider * Fix watch option description for Docker provider * Update golang.org/x/net to latest version * Improve documentation for publishedService and IP options * Prepare release v2.8.7 * Prepare release v2.9.0-rc4 * Prepare release v2.8.6 * fix: query parameter matching with equal * Rework metrics overview page * fix: acme panic * Optimize websocket headers handling * providers: simplify AddServer algorithms * fix: UDP loadbalancer tags not being used with Consul Catalog * Add documentation for ECS constraints option * docs: fix link to RouteNamespaces * Prepare release v2.9.0-rc3 * Add a note on case insensitive regex matching * Add documentation for json schema usage to validate config in the FAQ * plugins: allow empty config * Prepare release v2.9.0-rc2 * chore: drop Windows arm v5/6/7 * Prepare release v2.9.0-rc1 (#9334) * Add support for ECS Anywhere * fix: shellcheck * Make the loadbalancers servers order random * Quiet down TCP RST packet error on read operation * Remove Pilot support * ACME Default Certificate * Prepare release v2.8.5 * Update Yaegi to v0.14.2 * docs: update Docker Swarm link * Update valkeyrie to v1.0.0 * Add traffic size metrics * Add Datadog GlobalTags support * docs: update Docker Swarm Load Balancer link * Added resources for businesses * Display default TLS options in the dashboard * fix: IPv6 addr in square brackets * Update deprecation notes about Pilot * Use IPv6 address * Change default TLS options for more security * doc: add healthcheck timeout seconds to value * Add a method option to the service Health Check * Support Nomad canary deployment * Add support for reaching containers using host networking on Podman * Upgrade quic-go to v0.28.0 * Support ALPN for TCP + TLS routers * Add allowEmptyServices for Docker provider * Move consulcatalog provider to only use health apis * Start polling HTTP provider at the beginning * Load plugin configuration field value from Kubernetes Secret ------------------------------------------------------------------- Wed Sep 07 10:11:41 UTC 2022 - alexandre.vicenzi@suse.com - Update to version 2.8.4: * Enhancements * [consul,consulcatalog] Support multiple namespaces for Consul and ConsulCatalog providers * [logs] Add destination address to debug log * [middleware,provider,tls] Deprecate caOptional option in client TLS configuration * [middleware] Support URL replacement in errors middleware * [middleware] Allow config of additional CircuitBreaker params * [provider] Implement Traefik provider for Nomad orchestrator * [server] Allow HTTP/2 max concurrent stream configuration * [tls,k8s/crd] Support certificates configuration in TLSStore CRD * [webui,pilot,hub] Add Traefik Hub button and deprecate Pilot * [webui,plugins] Reach the catalog of plugins from the Traefik dashboard * Bug fixes * [docker,docker/swarm] Fix Docker provider mem leak on operation retries * [middleware] Fix retry middleware on panic * [plugins] Allow Traefik starting even if plugin service is unavailable * [marathon] Add missing context in backoff for Marathon * [k8s/ingress,k8s] Place namespace before name in router key for Ingress * [logs,middleware,tracing] Remove request dump from IPWhitelist debug log and tracing message * [metrics] Control allocation and copy of labelNamesValues type * [metrics] Fix service up gauge for Prometheus metrics * [yaml] Add missing inline tag for YAML serialization * [middleware,metrics] Improve performances when Prometheus metrics are enabled * [middleware] Support forwarded websocket protocol in RedirectScheme * [nomad] Use configured token in the Nomad client * [metrics] Ensure Datadog client is cleanly stopped * [healthcheck,service] Do not make multiple requests to the same URL for balancer healthcheck * [healthcheck,service] Add log when missing path in health check * [k8s/gatewayapi] Allow multiple listeners on same port in Gateway API provider * [middleware] RedirectScheme redirects based on X-Forwarded-Proto header * [rules] Fix HostRegexp and Query muxers * [logs] Fix invalid placeholder in log message ------------------------------------------------------------------- Tue Jun 07 08:27:42 UTC 2022 - alexandre.vicenzi@suse.com - Update to version 2.7.0: * Enhancements * [consulcatalog] Watch for Consul events to rebuild the dynamic configuration * [healthcheck] Add Failover service * [http3] Configure advertised port using h3 server option * [hub] Add Traefik Hub Integration * [k8s/crd,k8s] Allow empty services in Kubernetes CRD * [metrics] Support InfluxDB v2 metrics backend * [plugins] Remove Pilot token setup constraint to use plugins * [provider] Refactor configuration reload/throttling * [rules,tcp] Add HostSNIRegexp rule matcher for TCP * [tcp] Add muxer for TCP Routers * [webui,pilot] Add Traefik Hub access and remove Pilot access * [webui] Add a link to service on router detail view * Bug fixes * [hub] Skip Provide when TLS is nil * [tcp] Fix TCP-TLS/HTTPS routing precedence * [webui,hub] Use dedicated entrypoint for the tunnels * [logs,k8s/crd] Fix log statement for ExternalName misconfig * [tcp,service] Fix initial tcp lookup when address is not available * [tls] Fix panic when getting certificates with non-existing store * [acme] Fix RenewInterval computation in ACME provider * [ecs,logs] Remove duplicate error logs * [ecs] Filter out ECS anywhere instance IDs * [middleware] Re-add missing writeheader call in flush * [middleware] Fix bug for when custom page is large enough * [middleware] Fix regexp handling in redirect middleware * [plugins] Fix slice parsing for plugins * [tls] Return TLS unrecognized_name error when no certificate is available * [acme] Add domain to HTTP challenge errors * [metrics] Fix metrics bucket key high cardinality * [middleware,tls] Use CNAME for SNI check on host header * [middleware,tracing] Rename Datadog span tags * [tls] Apply the same approach as the rules system on the TLS configuration choice ------------------------------------------------------------------- Fri Feb 04 13:37:58 UTC 2022 - alexandre.vicenzi@suse.com - Update to version 2.6.0: * Updated Kubernetes Gateway API provider * Consul Enterprise support * Consul Connect support * Inflight request middleware for TCP routers * HTTP/3 support (experimental) * Added support for loading plugins directly from the filesystem (Local Plugins) * Added ability to create Provider Plugins * Added TCP Middleware * Kubernetes 1.22 API changes * Dropped support for Ingress API versions extensions/v1beta1 * Updated Traefik Proxy CRDs to use API apiextensions.k8s.io/v1 ------------------------------------------------------------------- Wed Jul 28 15:46:39 UTC 2021 - alexandre.vicenzi@suse.com - Update to version 2.4.12: * Get Kubernetes server version early * Don't remove ingress config on API call failure * Ratelimiter: use correct ttlSeconds value, and always call Set * Check if defaultcertificate is defined in store * Disable ExternalName Services by default on Kubernetes providers * Fix: malformed Kubernetes resource names and references in tests * Disable Cross-Namespace by default for IngressRoute provider * Accesslog: support multiple values for a given header * Ignore http 1.0 request host missing errors * Headers Middleware: support http.CloseNotifier interface * Detect certificates content modifications * Update go-acme/lego to v4.4.0 * Fix: ACME preferred chain. * Remove error when HTTProutes is empty * Fix incorrect behaviour with multi-port endpoint subsets * Kubernetes ingress provider to search via all endpoints * Fix plugin unzip call on windows * Update Yaegi to v0.9.17 * Bump paerser to v0.1.4 * Create buffered signals channel * Fix: use defaultEntryPoints when no entryPoint is defined in a TCPRouter * Use a dynamic buffer to handle client Hello SNI detection * Error span on 5xx only ------------------------------------------------------------------- Wed May 19 09:06:54 UTC 2021 - Bernhard Wiedemann - Allow to override build date with SOURCE_DATE_EPOCH in order to make builds reproducible (boo#1047218) ------------------------------------------------------------------- Thu Apr 29 10:07:36 UTC 2021 - alexandre.vicenzi@suse.com - Update to version 2.4.8: * Prepare release v2.4.8 * Raise errors for non-ASCII domain names in a router's rules * Adding an option to (de)activate Pilot integration into the Traefik dashboard * Doc: improve basic auth middleware httpasswd example * Add missing `traefik.` prefix across sample config * Fix travis docker image pulling for docs * updating docs to remove a no longer needed note * Update to gateway-api v0.2.0 * server: updating go-proxyproto with security bugfix from upstream * Update go-acme/lego to v4.3.1 ------------------------------------------------------------------- Thu Jan 10 14:50:22 UTC 2019 - pgeorgiadis@suse.com - Initial package release to version 1.7.7: * Check for watched namespace before getting kubernetes objects * Allow empty path with App-root annotation * kubernetes: sort and uniq TLS secrets * Skip TLS section with no secret in Kubernetes ingress