containous / traefik-extra-service-fabric Goto Github PK
View Code? Open in Web Editor NEWTraefik extra: Service Fabric Provider
License: Apache License 2.0
Traefik extra: Service Fabric Provider
License: Apache License 2.0
I'd like to see our default resolution of endpoints handle a little differently I think - currently we just grab the first endpoint that has contains http (
traefik-extra-service-fabric/servicefabric.go
Line 226 in 6e90a9e
Anyone want to take a stab at adding Support for Traefik v2? I would but am a total Go novice.
Feature/Enhancement
Improve Https SSL certificate management in service fabric:
Enable KV/clustering for Azure service fabric for lets encrypt to reduce certificate requests. Service Fabric has stateful services and management properties which could be used to store the certificates
or
Add API to add/delete/update Endpoint certificates at runtime
White label multi tenanted solution where customer domains are added through web portal using lets encrypt. We currently do this outside of service fabric using a reverse proxy automation but Traefik would be ideal if we can enable the clustering of Traefik within service fabric or manage certificates on the fly.
Service Fabric - 6.3.187.9494 on Windows
Traefik - v1.7.4
Stateless Service when deployed with a Singleton Partition, Traefik sees the frontend/backend and forwards traffic as expected.
If I deploy the same service using named partitions, the follow errors are logged to stdout and the dashboard does not show
time="2018-10-31T13:03:56Z" level=error msg="Provider connection error: Near line 49 (last key parsed 'backends'): Key 'backends.fabric:/app01/serv001' has already been defined.; retrying in 1.365652418s"
I am not if I should open this issue here or Joni GitHub repo.
I'd like to look at creating an end-to-end test scenario to ensure things behave as expected with a real instance of Service Fabric.
My current plan would be to script the following process:
Does this sound like a useful plan?
Bug
Provider connection error: Service Fabric responded with error code 401 Unauthorized to request http://localhost:19080/Applications/?api-version=3.0 with body {}; retrying in 588.391017ms
No providers found.
traefik version
: (What version of Traefik are you using?)Traefik version v1.7.7 built on 2019-01-08_10:21:03AM
################################################################
# Global configuration
################################################################
# Enable debug mode
#
# Optional
# Default: false
#
debug = true
# Traefik logs file
# If not defined, logs to stdout
#
# Optional
#
traefikLogsFile = "E:/ServiceFabric/traefik/traefik.log"
# Log level
#
# Optional
# Default: "ERROR"
logLevel = "DEBUG"
# Entrypoints to be used by frontends that do not specify any entrypoint.
# Each frontend can specify its own entrypoints.
#
# Optional
# Default: ["http"]
#
defaultEntryPoints = ["http", "https"]
# Entrypoints definition
#
# Optional
# Default:
[entryPoints]
[entryPoints.http]
address = ":21500"
[entryPoints.traefik]
address = ":21550"
# Enable access logs
# By default it will write to stdout and produce logs in the textual
# Common Log Format (CLF), extended with additional fields.
#
# Optional
#
# [accessLog]
# Sets the file path for the access log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath = "/path/to/log/log.txt"
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format = "common"
################################################################
# API definition
################################################################
[api]
# Name of the related entry point
#
# Optional
# Default: "traefik"
#
entryPoint = "traefik"
# Enabled Dashboard
#
# Optional
# Default: true
#
dashboard = true
# Enable debug mode.
# This will install HTTP handlers to expose Go expvars under /debug/vars and
# pprof profiling data under /debug/pprof.
# Additionally, the log level will be set to DEBUG.
#
# Optional
# Default: false
#
debug = true
################################################################
# Service Fabric provider
################################################################
# Enable Service Fabric configuration backend
[servicefabric]
# Service Fabric Management Endpoint
clustermanagementurl = "http://localhost:19080"
# Note: use "https://localhost:19080" if you're using a secure cluster
# Service Fabric Management Endpoint API Version
apiversion = "3.0"
# Enable TLS connection.
#
# Optional
#
#[serviceFabric.tls]
# cert = "certs/servicefabric.crt"
# key = "certs/servicefabric.key"
# insecureskipverify = true
"security": {
"ClusterCredentialType": "Windows",
"ServerCredentialType": "Windows",
"WindowsIdentities": {
"ClientIdentities": [
{
"Identity": "DOMAIN\\SA_XXXXXXXXXXXX",
"IsAdmin": true
},
....
]
}
},
--logLevel=DEBUG
switch)time="2019-01-28T08:17:41+01:00" level=info msg="Using TOML configuration file D:\\ServiceFabric\\Data\\A250DOMZ01S0\\Fabric\\work\\Applications\\TraefikType_App12\\TraefikPkg.Code.1.7.7\\traefik.toml"
time="2019-01-28T08:17:41+01:00" level=info msg="Traefik version v1.7.7 built on 2019-01-08_10:21:03AM"
time="2019-01-28T08:17:41+01:00" level=debug msg="Global configuration loaded {\"LifeCycle\":{\"RequestAcceptGraceTimeout\":0,\"GraceTimeOut\":10000000000},\"GraceTimeOut\":0,\"Debug\":true,\"CheckNewVersion\":true,\"SendAnonymousUsage\":false,\"AccessLogsFile\":\"\",\"AccessLog\":null,\"TraefikLogsFile\":\"E:/ServiceFabric/traefik/traefik.log\",\"TraefikLog\":null,\"Tracing\":null,\"LogLevel\":\"DEBUG\",\"EntryPoints\":{\"http\":{\"Address\":\":21500\",\"TLS\":null,\"Redirect\":null,\"Auth\":null,\"WhitelistSourceRange\":null,\"WhiteList\":null,\"Compress\":false,\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":true,\"TrustedIPs\":null}},\"traefik\":{\"Address\":\":21550\",\"TLS\":null,\"Redirect\":null,\"Auth\":null,\"WhitelistSourceRange\":null,\"WhiteList\":null,\"Compress\":false,\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":true,\"TrustedIPs\":null}}},\"Cluster\":null,\"Constraints\":[],\"ACME\":null,\"DefaultEntryPoints\":[\"http\",\"https\"],\"ProvidersThrottleDuration\":2000000000,\"MaxIdleConnsPerHost\":200,\"IdleTimeout\":0,\"InsecureSkipVerify\":false,\"RootCAs\":null,\"Retry\":null,\"HealthCheck\":{\"Interval\":30000000000},\"RespondingTimeouts\":null,\"ForwardingTimeouts\":null,\"AllowMinWeightZero\":false,\"KeepTrailingSlash\":false,\"Web\":null,\"Docker\":null,\"File\":null,\"Marathon\":null,\"Consul\":null,\"ConsulCatalog\":null,\"Etcd\":null,\"Zookeeper\":null,\"Boltdb\":null,\"Kubernetes\":null,\"Mesos\":null,\"Eureka\":null,\"ECS\":null,\"Rancher\":null,\"DynamoDB\":null,\"ServiceFabric\":{\"Watch\":false,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"TemplateVersion\":0,\"DebugLogGeneratedTemplate\":false,\"ClusterManagementURL\":\"http://localhost:19080\",\"APIVersion\":\"3.0\",\"RefreshSeconds\":0,\"TLS\":null,\"AppInsightsClientName\":\"\",\"AppInsightsKey\":\"\",\"AppInsightsBatchSize\":0,\"AppInsightsInterval\":0},\"Rest\":null,\"API\":{\"EntryPoint\":\"traefik\",\"Dashboard\":true,\"Debug\":true,\"CurrentConfigurations\":null,\"Statistics\":null},\"Metrics\":null,\"Ping\":null,\"HostResolver\":null}"
time="2019-01-28T08:17:41+01:00" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/basics/#collected-data\n"
time="2019-01-28T08:17:41+01:00" level=warning msg="clientTLS is nil"
time="2019-01-28T08:17:41+01:00" level=info msg="Preparing server traefik &{Address::21550 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0004f01e0} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
time="2019-01-28T08:17:41+01:00" level=info msg="Preparing server http &{Address::21500 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0004f01a0} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
time="2019-01-28T08:17:41+01:00" level=info msg="Starting server on :21550"
time="2019-01-28T08:17:41+01:00" level=info msg="Starting provider configuration.ProviderAggregator {}"
time="2019-01-28T08:17:41+01:00" level=info msg="Starting server on :21500"
time="2019-01-28T08:17:41+01:00" level=info msg="Starting provider *servicefabric.Provider {\"Watch\":false,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"TemplateVersion\":0,\"DebugLogGeneratedTemplate\":false,\"ClusterManagementURL\":\"http://localhost:19080\",\"APIVersion\":\"3.0\",\"RefreshSeconds\":10000000000,\"TLS\":null,\"AppInsightsClientName\":\"\",\"AppInsightsKey\":\"\",\"AppInsightsBatchSize\":0,\"AppInsightsInterval\":0}"
time="2019-01-28T08:17:51+01:00" level=info msg="Checking service fabric config"
time="2019-01-28T08:17:51+01:00" level=error msg="Provider connection error: Service Fabric responded with error code 401 Unauthorized to request http://localhost:19080/Applications/?api-version=3.0 with body {}; retrying in 588.391017ms"
time="2019-01-28T08:18:01+01:00" level=info msg="Checking service fabric config"
time="2019-01-28T08:18:01+01:00" level=error msg="Provider connection error: Service Fabric responded with error code 401 Unauthorized to request http://localhost:19080/Applications/?api-version=3.0 with body {}; retrying in 507.777275ms"
time="2019-01-28T08:18:12+01:00" level=info msg="Checking service fabric config"
.... (Trimmed, because this goes on)
I've recently had some questions around the following problem statement via email, I wanted to open the conversation up as an Issue to get opinions/thoughts and allow others to contribute/learn.
Given the problem statement: "Each service should be able to self-report that it's full, at this point only existing sessions should be routed to it. New sessions should go to other nodes". I think it's possible with the existing Traefik code and if that fails I think it should be possible with some code changes.
Proposed solution:
Currently all the servers
in a backend
have a default weight of 1 set in the configuration template which then uses this function to get weight or return a default of 1. The template is used to output the configuration from the SF plugin Traefik. The template canbe customized for individual uses. So you could take a copy of this template and then edit it.
The code supports picking up dynamically set labels, which can be set by calling the SF API, as explained here. So services can set labels themselves using this method.
So the aim is to have the service make a call to set a label which sets it's particular weight then have the template pick this up and make those changes appear in Traefik (all the instances in the cluster).
To do this we'd change this line "weight = {{ getWeight $service }}" to something like this
{{ $instanceLabel := printf("traefik.servicefabric.instance.%S.weight" $instance.ID)}}
{{ $hasPerServerWeight := hasLabel $service $instanceLabel }}
{{ if $hasPerServerWeight }}
weight = {{ getLabelValue $instanceLabel "1"}}
{{ else }}
weight = {{ getWeight $service }}
{{end}}
This would check for a label in the form of "traefik.servicefabric.instance.INSTANCEIDHERE.weight" and set it's value as the servers weight. The InstanceID is the ID of the instance in SF so should be accessible by the code running in the service.
When the node is "full" it can set it's weight to 0. I think this will not affect existing sessions but this will need to be checked in a test.
What could go wrong with this:
getLabelValue
which is meant to retreive a string value won't be as "Safe" as it could be. If you set a non-int value to the label it will cause the config update to fail rather than to use it's default. (Fixable with 1 line PR to expose getLabelValueInt
)Hopefully this makes sense, would be interested to hear how you get on if you wanted to give this a test.
In abundance of caution, while I don't see any reason it will not work, I want to flag that this approach is not something we've used before and I'd strongly recommend testing it well before using it in a production system.
This approach could be combined with the Retry option in Traefik to handle any requests which do still get routed to the node. However, this would need to tested to see what classed as a retryable
error.
Hi,
We are exposing gRPC services through Traefik with the h2c protocol on the backends. Because of the logic in getValidInstances
shown below, service instances that do not have an http endpoint are considered invalid:
traefik-extra-service-fabric/servicefabric.go
Lines 202 to 215 in 6e90a9e
As a consequence, the gRPC service instances are not included when the configuration template is evaluated.
We have managed to work around this issue by first adding an additional "dummy" http endpoint to the services and then writing a custom configuration template that selects the "h2c" endpoint using the getNamedEndpoint
template function.
Our workaround seems a bit fragile and it would be useful with a first order support for custom protocols - for example by using the traefik.protocol
label on the service.
I picked this up while updating the tests. Don't this it is a serious issue as it could be impossible to achieve.
The following line, I believe has the wrong logic.
(instanceData.ReplicaStatus == "Ready" || instanceData.HealthState != "Error")
I think this should be:
(instanceData.ReplicaStatus == "Ready" && instanceData.HealthState != "Error")
To handle a scenario where ReplicaStatus: Down
and HealthState: Warning
. As I say I'm unsure if this is possible in the cluster but happy to put in a PR to fix just in case.
What do you think?
As raised by @naeemkhedarun we are currently missing support for passTLSCert.
I propose using this issue to capture all labels which we may be missing and then creating a related PR to add the functionality.
Feature
Ive tried to configure rate limits for my frontend rule by using the Traefik labels for service fabric.
i expected to be able to use the following annotations in my servicemanifest.xml
configuration.
traefik.frontend.rateLimit.extractorFunc
traefik.frontend.rateLimit.rateSet.burst
traefik.frontend.rateLimit.rateSet.period
traefik.frontend.rateLimit.rateSet.average
although the service fabric documentation (https://docs.traefik.io/configuration/backends/servicefabric/) doesn't have these labels on the supported label list i assumed it will be just like the traefik.backend.healthcheck
label which is basically supported but for some reason isn't mentioned in the supported labels.
i couldnt define a rate limit for my frontend rule. my labels were basically ignored.
I noticed that the service fabric template still doesnt support the mentioned annotations,while it looks like the vast majority of the other templates (kubernetes.tmpl
,marathon.tmpl
etc..) support them.
im basing my opinion on the template file which can be found here:
https://github.com/containous/traefik-extra-service-fabric/blob/master/servicefabric_tmpl.go
traefik version
: (What version of Traefik are you using?)im using traefik 1.5.2
Bug
I run Traefik inside Azure Service Fabric. At the same time, I configure other services on Service Fabric with Traefik's extension labels including traefik.frontend.rule
. For instance:
<ServiceTypes>
<StatelessServiceType ServiceTypeName="MyServiceType" UseImplicitHost="true">
<Extensions>
<Extension Name="Traefik">
<Labels xmlns="http://schemas.microsoft.com/2015/03/fabact-no-schema">
<Label Key="traefik.enable">true</Label>
<Label Key="traefik.frontend.passHostHeader">true</Label>
<Label Key="traefik.frontend.rule">
Host:myapp.mydomain.com;PathPrefixStripRegex:/{path:(?i)path1}, /{path:(?i)path2}
</Label>
<Label Key="traefik.backend.loadbalancer.stickiness">true</Label>
<Label Key="traefik.backend.healthcheck.path">/</Label>
<Label Key="traefik.backend.healthcheck.interval">20s</Label>
</Labels>
</Extension>
</Extensions>
</StatelessServiceType>
</ServiceTypes>
Traefik discover the service and display it on the dashboard.
Traefik didn't discover the service.
traefik version
: (What version of Traefik are you using?)1.7.6
--log.level=DEBUG
switch)time="2019-04-26T20:28:44Z" level=error msg="Provider connection error: Near line 122 (last key parsed 'frontends.frontend-fabric:/xxxx/xxxx.routes.traefik.frontend.rule.rule'): strings cannot contain newlines; retrying in 650.84664ms"
Feature
When using Azure Service Fabric as a provider, neither TLS client certificate nor certificate infos are forwarded to the backends. It would be really helpful, if the traefik.frontend.passTLSClientCert.* labels and client certificate info passing were implemented also for the Azure Service Fabric provider.
Need this feature, as the one described in the current documentation traefik.frontend.passTLSCert=true passes server instead of client certificate to the backend.
In the current v1.6rc docs, under the heading extensions the sample for labels references the v1.5 label expose
rather than the v1.6 label enable
.
<StatelessServiceType ServiceTypeName="WebServiceType">
<Extensions>
<Extension Name="Traefik">
<Labels xmlns="http://schemas.microsoft.com/2015/03/fabact-no-schema">
<Label Key="traefik.frontend.rule.example2">PathPrefixStrip: /a/path/to/strip</Label>
<!-- This should be enable -->
<Label Key="traefik.expose">true</Label>
<!-- This should be enable -->
<Label Key="traefik.frontend.passHostHeader">true</Label>
</Labels>
</Extension>
</Extensions>
</StatelessServiceType>
The docs use the labels:
traefik.backend.group.name
traefik.backend.group.weight
However in servicefabric_labelfuncs.go
on line 11 and 12:
traefikSFGroupName = "traefik.servicefabric.groupname"
traefikSFGroupWeight = "traefik.servicefabric.groupweight"
This means the grouped labels do not match and canary testing is not possible with the documented labels.
NOTE: For anybody wishing to use this feature before a fix is merged, please use the labels:
traefik.servicefabric.groupname
traefik.servicefabric.groupweight
I will post a fix shortly.
cc: @lawrencegripper
Currently the provider only checks for the existence of the label traefik.expose
but doesn't check it's associated value. This means using <Label Key="traefik.expose">false</Label>
will still actually expose the service.
Offending line: servicefabric_tmpl.go:94
We require multiple front-end rule sets to be accessible for our Fabric Service. At the moment, it appears that additional traefik.frontend.rule{.name}
labels will AND themselves together instead of OR.
My StackOverflow question should detail our use-case.
Another use case example would be to support multiple host names for our service.
Suggested label syntax could be something like this:
<Extensions>
<Extension Name="Traefik">
<Labels xmlns="http://schemas.microsoft.com/2015/03/fabact-no-schema">
<Label Key="traefik.frontends">local; external</Label> <!-- Identifies the names for multiple frontends support -->
<Label Key="traefik.frontend.local.rule">PathPrefixStrip: /my-service/</Label> <!-- Defines default rule for "local" frontend -->
<Label Key="traefik.frontend.external.rule">Host: my-domain.localhost</Label> <!-- Defines default rule for "external" frontend -->
<Label Key="traefik.frontends.passHostHeader">true</Label> <!-- Due to "frontends" it applies to all frontends -->
<Label Key="traefik.frontend.external.passHostHeader">false</Label> <!-- Overrides the "frontends" rule for the "external" frontend -->
<Label Key="traefik.enable">true</Label>
</Labels>
</Extension>
</Extensions>
Hi, I notice that there's code in here related to error pages support in Traefik. However, I can't work out what the labels need to look like and the documentation on https://docs.traefik.io/configuration/backends/servicefabric/ hasn't got any extra information.
Can we please provide some information on the labels please?
Hi,
Currently the code and the main set of documents on how to run the extension sit across two repositories. The code is here and the docs/samples sit in @jjcollinge https://github.com/jjcollinge/traefik-on-service-fabric.
I'd like to propose moving the bulk of the existing docs repository into this repository under a /docs
folder.
The main objective would be to ensure issues which related to the code are not opened in the docs (like this one) repo and the other way around.
Ps. Sorry this is a problem of our own making - we should have thought this through better before creating the separate docs repo
What are your thoughts?
Recently i tried traefik version 1.6.0-rc2.
it looks like its supposed to use the 1.1.0 service fabric provider (according to the 1.6.0-rc1 release notes, issue can be fount at traefik/traefik#3064)
Im using custom template, and im basing it upon the default template in this repository.
as a starting point i took the template just like its in version 1.1.0 and bootstrap logs have the following message:
" level=error msg="Provider connection error: template: config.toml.tmpl:118: function \"getWhitelistSourceRange\" not defined; retrying in 687.177172ms""
when I'm working with custom template and just coping the template of the 1.1.1 version everything works okay.
In addition its clear to see that between 1.1.0 and 1.1.1 the getWhitelistSourceRange
method was replaced with getWhiteList
(changes can be viewed at servicefabric_config.go
file)
Currently its really hard to understand which sf provider version is actually integrated in a given traefik release.
I observed the Traefik repository and it seems like all the other providers source code is managed in the same repo as traefik. if the provider is separated its still vital to know which version of it is embedded to the current traefik release.
Bug
Simply started the traefik exe pointing to my SF Cluster with no special configuration except the SF Cluster provider part
It could start, connect to SF Cluster properly and recognize the existing services
It crashes when it try to get further information through the SF Client API due to a malformed URL.
Service Fabric has no limitation on the Version format for both Applications and Services, it means it is possible to find Version Labels using some offending character that need to be encoded when added to the URL.
This is our case.
From the log pasted here under, you can easily find the ERROR is generated because this URL is used:
http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.010.3rdPARTIES__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.194357-7]
and I have verified the same error is returned if I put the same URL into Postman
but
If I properly encode the final part of the URL (the version parameter value) from 2.0.0 [20200719.194357-7]
to 2.0.0%20%5B20200719.194357-7%5D
the Postman with the new URL stars working as expected:
http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.010.3rdPARTIES__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0%20%5B20200719.194357-7%5D
traefik version
: (What version of Traefik are you using?)2020/08/12 12:18:34 Using high precision timer
Version: v1.7.26
Codename: maroilles
Go version: go1.14.6
Built: 2020-07-28_03:45:27PM
OS/Arch: windows/amd64
################################################################
# Global configuration
################################################################
debug = true
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":99"
[entryPoints.traefik]
address = ":8099"
################################################################
# API definition
################################################################
[api]
entryPoint = "traefik"
dashboard = true
debug = true
################################################################
# Service Fabric provider
################################################################
# Enable Service Fabric configuration backend
[servicefabric]
# Service Fabric Management Endpoint
clustermanagementurl = "http://cac-sf-02.icc.crifnet.com:19080"
apiversion = "6.0"
--log.level=DEBUG
switch)PS C:\Users\738marmonduc.ICC\Downloads\traefik> .\traefik_windows-amd64.exe --configfile=traefik.toml
2020/08/12 12:20:22 Using high precision timer
INFO[2020-08-12T12:20:23+02:00] Using TOML configuration file C:\Users\738marmonduc.ICC\Downloads\traefik\traefik.toml
INFO[2020-08-12T12:20:23+02:00] Traefik version v1.7.26 built on 2020-07-28_03:45:27PM
DEBU[2020-08-12T12:20:23+02:00] Global configuration loaded {"LifeCycle":{"RequestAcceptGraceTimeout":0,"GraceTimeOut":10000000000},"GraceTimeOut":0,"Debug":true,"CheckNewVersion":true,"SendAnonymousUsage":false,"AccessLogsFile":"","AccessLog":null,"TraefikLogsFile":"","TraefikLog":null,"Tracing":null,"LogLevel":"DEBUG","EntryPoints":{"http":{"Address":":99","TLS":null,"Redirect":null,"Auth":null,"WhitelistSourceRange":null,"WhiteList":null,"Compress":false,"ProxyProtocol":null,"ForwardedHeaders":{"Insecure":true,"TrustedIPs":null}},"traefik":{"Address":":8099","TLS":null,"Redirect":null,"Auth":null,"WhitelistSourceRange":null,"WhiteList":null,"Compress":false,"ProxyProtocol":null,"ForwardedHeaders":{"Insecure":true,"TrustedIPs":null}}},"Cluster":null,"Constraints":[],"ACME":null,"DefaultEntryPoints":["http","https"],"ProvidersThrottleDuration":2000000000,"MaxIdleConnsPerHost":200,"IdleTimeout":0,"InsecureSkipVerify":false,"RootCAs":null,"Retry":null,"HealthCheck":{"Interval":30000000000},"RespondingTimeouts":null,"ForwardingTimeouts":null,"AllowMinWeightZero":false,"KeepTrailingSlash":false,"Web":null,"Docker":null,"File":null,"Marathon":null,"Consul":null,"ConsulCatalog":null,"Etcd":null,"Zookeeper":null,"Boltdb":null,"Kubernetes":null,"Mesos":null,"Eureka":null,"ECS":null,"Rancher":null,"DynamoDB":null,"ServiceFabric":{"Watch":false,"Filename":"","Constraints":null,"Trace":false,"TemplateVersion":0,"DebugLogGeneratedTemplate":false,"ClusterManagementURL":"http://cac-sf-02.icc.crifnet.com:19080","APIVersion":"6.0","RefreshSeconds":0,"TLS":null,"AppInsightsClientName":"","AppInsightsKey":"","AppInsightsBatchSize":0,"AppInsightsInterval":0},"Rest":null,"API":{"EntryPoint":"traefik","Dashboard":true,"Debug":true,"CurrentConfigurations":null,"Statistics":null},"Metrics":null,"Ping":null,"HostResolver":null}
INFO[2020-08-12T12:20:23+02:00]
Stats collection is disabled.
Help us improve Traefik by turning this feature on :)
More details on: https://docs.traefik.io/v1.7/basics/#collected-data
WARN[2020-08-12T12:20:23+02:00] clientTLS is nil
INFO[2020-08-12T12:20:23+02:00] Preparing server http &{Address::99 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0009c28e0} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s
INFO[2020-08-12T12:20:23+02:00] Preparing server traefik &{Address::8099 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0009c28c0} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s
INFO[2020-08-12T12:20:23+02:00] Starting server on :99
INFO[2020-08-12T12:20:23+02:00] Starting provider configuration.ProviderAggregator {}
INFO[2020-08-12T12:20:23+02:00] Starting server on :8099
INFO[2020-08-12T12:20:23+02:00] Starting provider *servicefabric.Provider {"Watch":false,"Filename":"","Constraints":null,"Trace":false,"TemplateVersion":0,"DebugLogGeneratedTemplate":false,"ClusterManagementURL":"http://cac-sf-02.icc.crifnet.com:19080","APIVersion":"6.0","RefreshSeconds":10000000000,"TLS":null,"AppInsightsClientName":"","AppInsightsKey":"","AppInsightsBatchSize":0,"AppInsightsInterval":0}
INFO[2020-08-12T12:20:33+02:00] Checking service fabric config
ERRO[2020-08-12T12:20:33+02:00] Error retrieving serviceExtensionMap: error requesting service extensions: Service Fabric responded with error code 400 Bad Request to request http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.010.3rdPARTIES__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.194357-7] with body &{0xc0008ea040 {0 0} false <nil> 0x733d90 0x733d10}
ERRO[2020-08-12T12:20:33+02:00] error requesting service extensions: Service Fabric responded with error code 400 Bad Request to request http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.010.3rdPARTIES__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.194357-7] with body &{0xc0008ea040 {0 0} false <nil> 0x733d90 0x733d10}
ERRO[2020-08-12T12:20:33+02:00] Error retrieving serviceExtensionMap: error requesting service extensions: Service Fabric responded with error code 400 Bad Request to request http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.110.CFF-PTF-CORE__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.221114-155] - cff 7.9.1-SNAPSHOT with body &{0xc000056600 {0 0} false <nil> 0x733d90 0x733d10}
ERRO[2020-08-12T12:20:33+02:00] error requesting service extensions: Service Fabric responded with error code 400 Bad Request to request http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.110.CFF-PTF-CORE__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.221114-155] - cff 7.9.1-SNAPSHOT with body &{0xc000056600 {0 0} false <nil> 0x733d90 0x733d10}
ERRO[2020-08-12T12:20:33+02:00] Error retrieving serviceExtensionMap: error requesting service extensions: Service Fabric responded with error code 400 Bad Request to request http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.110.CFF-PTF-CORE__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.221114-155] - cff 7.9.1-SNAPSHOT with body &{0xc0008ea200 {0 0} false <nil> 0x733d90 0x733d10}
ERRO[2020-08-12T12:20:33+02:00] error requesting service extensions: Service Fabric responded with error code 400 Bad Request to request http://cac-sf-02.icc.crifnet.com:19080/ApplicationTypes/Crif.REApp.110.CFF-PTF-CORE__Type/$/GetServiceTypes?api-version=6.0&ApplicationTypeVersion=2.0.0 [20200719.221114-155] - cff 7.9.1-SNAPSHOT with body &{0xc0008ea200 {0 0} false <nil> 0x733d90 0x733d10}
INFO[2020-08-12T12:20:34+02:00] I have to go...
INFO[2020-08-12T12:20:34+02:00] Stopping server gracefully
DEBU[2020-08-12T12:20:34+02:00] Waiting 10s seconds before killing connections on entrypoint http...
DEBU[2020-08-12T12:20:34+02:00] Waiting 10s seconds before killing connections on entrypoint traefik...
DEBU[2020-08-12T12:20:34+02:00] Entrypoint http closed
DEBU[2020-08-12T12:20:34+02:00] Entrypoint traefik closed
INFO[2020-08-12T12:20:34+02:00] Server stopped
INFO[2020-08-12T12:20:34+02:00] Shutting down
Is this supposed to be able to work with stateful services? Because I can't get it to do so. Traefik shows the backend name of the service as hyphenated with a guid suffix (unlike my stateless services which have names that align to the service names in the fabric naming service). The front end rules for the statful service specified via extension labels in ServiceManifest are not picked up.
My service has a single named partition. I suspect it may be something to do with partitioning but I don't understand enough about how to implement it.
Using Traefik version 1.7.12 on Service Fabric, I'd like to add a custom header to certain responses returned from a particular service. It seems the only way to do this is to re-deploy the service with different labels. The problem with this is then I'll end up with 2 backends. In my case, this means 2 set of docker containers.
Is there a way to map multiple frontends to the same backend?
BUG
Deploy two services, one with a valid ServiceManifest.xml and good labels (GoodService) for Traefik, and one a ServiceManifest.xml containing a bad label value (BorkService):
<StatelessServiceType ServiceTypeName="BorkServiceType" UseImplicitHost="true">
<Extensions>
<Extension Name="Traefik">
<Labels xmlns="http://schemas.microsoft.com/2015/03/fabact-no-schema">
<Label Key="traefik.frontend.rule.borkservice">PathPrefixStrip: /bork</Label>
<Label Key="traefik.enable">true</Label>
<Label Key="traefik.frontend.entryPoints">["https","http"]</Label><!-- value should be: https,http -->
</Labels>
</Extension>
</Extensions>
</StatelessServiceType>
Traefik should register GoodService but not BorkService.
No backend services. Traefik Dashboard UI is entirely blank except for header. Errors are not visible unless viewing Traefik logs on server.
1.6.0
Provider: Service Fabric v6.1.480.9494
Platform: Windows Server 2016 Datacenter
################################################################
# Global configuration
################################################################
InsecureSkipVerify = true
debug = true
logLevel = "INFO"
defaultEntryPoints = ["https","http"]
[traefikLog]
filePath = "traefik.log"
[entryPoints]
[entryPoints.http]
address = ":30080"
[entryPoints.https]
address = ":30443"
[entryPoints.https.proxyProtocol]
insecure = true
[entryPoints.https.tls]
[entryPoints.https.tls.ClientCA]
optional = true
[[entryPoints.https.tls.certificates]]
certFile = "localhost.cert"
keyFile = "localhost.key"
[entryPoints.traefik]
address = ":38080"
################################################################
# API definition
################################################################
[api]
entryPoint = "traefik"
dashboard = true
################################################################
# Service Fabric provider
################################################################
[servicefabric]
clustermanagementurl = "https://localhost:19080"
apiversion = "3.0"
[serviceFabric.tls]
cert = "traefikcert.crt"
key = "traefikkey.key"
insecureskipverify = true
caoptional = true
time="2018-05-11T19:54:07Z" level=error msg="Provider connection error: Near line 133 (last key parsed 'frontends.frontend-fabric:/BorkService/BorkService.entryPoints'): expected a comma or array terminator ']', but got 'h' instead; retrying in 1.008273491s"
Bug
I setup service fabric configuration with two listening endpoints. One for the web endpoint and one for a healthcheck endpoint. Here is the service fabric configuration with Traefik labels:
<?xml version="1.0" encoding="utf-8"?>
<ServiceManifest Name="CustomerApiPkg"
Version="1.0.0"
xmlns="http://schemas.microsoft.com/2011/01/fabric"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ServiceTypes>
<!-- This is the name of your ServiceType.
This name must match the string used in RegisterServiceType call in Program.cs. -->
<StatelessServiceType ServiceTypeName="CustomerApiType">
<Extensions>
<Extension Name="Traefik">
<Labels xmlns="http://schemas.microsoft.com/2015/03/fabact-no-schema">
<Label Key="traefik.frontend.rule.customer">PathPrefix: /api/customer/</Label>
<Label Key="traefik.portName">WebPort</Label>
<Label Key="traefik.backend.healthcheck.path">/api/customer/</Label>
<Label Key="traefik.backend.healthcheck.port">8261</Label>
<Label Key="traefik.backend.healthcheck.interval">1s</Label>
<Label Key="traefik.enable">true</Label>
<Label Key="traefik.frontend.passHostHeader">true</Label>
</Labels>
</Extension>
</Extensions>
</StatelessServiceType>
</ServiceTypes>
<!-- Code package is your service executable. -->
<CodePackage Name="Code" Version="1.0.0">
<EntryPoint>
<ExeHost>
<Program>CustomerApi.exe</Program>
<WorkingFolder>CodePackage</WorkingFolder>
</ExeHost>
</EntryPoint>
<EnvironmentVariables>
<EnvironmentVariable Name="ASPNETCORE_ENVIRONMENT" Value=""/>
</EnvironmentVariables>
</CodePackage>
<!-- Config package is the contents of the Config directoy under PackageRoot that contains an
independently-updateable and versioned set of custom configuration settings for your service. -->
<ConfigPackage Name="Config" Version="1.0.0" />
<Resources>
<Endpoints>
<!-- This endpoint is used by the communication listener to obtain the port on which to
listen. Please note that if your service is partitioned, this port is shared with
replicas of different partitions that are placed in your code. -->
<Endpoint Protocol="http" Name="WebPort" Type="Input" Port="80" />
<Endpoint Protocol="http" Name="HealthCheckPort" Type="Input" Port="8261" />
</Endpoints>
</Resources>
</ServiceManifest>
I expect Traefik to serve up the WebPort endpoint.
What happens is Traefik sometimes serves up the WebPort endpoint and then sometimes serves up the HealthCheckPort endpoint. It appears that the Traefik Label "traefik.portName" is having no affect over selecting the endpoint to serve web traffic through.
traefik version
: (What version of Traefik are you using?)v1.7.6
Running Traefik as a guest executable on Service Fabric. Here is my toml configuration:
################################################################
# Global configuration
################################################################
# Enable debug mode
#
# Optional
# Default: false
#
debug = true
# Traefik logs file
# If not defined, logs to stdout
#
# Optional
#
# traefikLogsFile = "log/traefik.log"
# Log level
#
# Optional
# Default: "ERROR"
logLevel = "INFO"
# Entrypoints to be used by frontends that do not specify any entrypoint.
# Each frontend can specify its own entrypoints.
#
# Optional
# Default: ["http"]
#
defaultEntryPoints = ["http", "https"]
# Entrypoints definition
#
# Optional
# Default:
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.traefik]
address = ":9000"
# Enable access logs
# By default it will write to stdout and produce logs in the textual
# Common Log Format (CLF), extended with additional fields.
#
# Optional
#
# [accessLog]
# Sets the file path for the access log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath = "/path/to/log/log.txt"
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format = "common"
################################################################
# API definition
################################################################
[api]
# Name of the related entry point
#
# Optional
# Default: "traefik"
#
entryPoint = "traefik"
# Enabled Dashboard
#
# Optional
# Default: true
#
dashboard = true
# Enable debug mode.
# This will install HTTP handlers to expose Go expvars under /debug/vars and
# pprof profiling data under /debug/pprof.
# Additionally, the log level will be set to DEBUG.
#
# Optional
# Default: false
#
debug = true
################################################################
# Service Fabric provider
################################################################
# Enable Service Fabric configuration backend
[servicefabric]
# Service Fabric Management Endpoint
clustermanagementurl = "http://localhost:19080"
# Note: use "https://localhost:19080" if you're using a secure cluster
# Service Fabric Management Endpoint API Version
apiversion = "3.0"
# Enable TLS connection.
#
# Optional
#
#[serviceFabric.tls]
# cert = "certs/servicefabric.crt"
# key = "certs/servicefabric.key"
# insecureskipverify = true
Got Traefik working on Azure Service Fabric cloud host.
However the url to access my api is as follows:
mycloud.southeastasia.cloudapp.azure.com/api/values
Shouldn't it be (Following the built in reverse proxy by microsoft)
mycloud.southeastasia.cloudapp.azure.com/AppName/ServiceName/api/values
How can I configure it so that Traefik includes the AppName and ServiceName in the url ?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.