traefik / whoami Goto Github PK

View Code? Open in Web Editor NEW

975.0 22.0 217.0 58 KB

Tiny Go server that prints os information and HTTP request to output

Home Page: https://traefik.io

License: Apache License 2.0

Go 87.66% Dockerfile 9.77% Makefile 2.57%

whoami golang go

whoami's Introduction

whoami

Tiny Go webserver that prints OS information and HTTP request to output.

Usage

Paths

`/[?wait=d]`

Returns the whoami information (request and network information).

The optional wait query parameter can be provided to tell the server to wait before sending the response. The duration is expected in Go's time.Duration format (e.g. /?wait=100ms to wait 100 milliseconds).

The optional env query parameter can be set to true to add the environment variables to the response.

`/api`

Returns the whoami information (and some extra information) as JSON.

The optional env query parameter can be set to true to add the environment variables to the response.

`/bench`

Always return the same response (1).

`/data?size=n[&unit=u]`

Creates a response with a size n.

The unit of measure, if specified, accepts the following values: KB, MB, GB, TB (optional, default: bytes).

`/echo`

WebSocket echo.

`/health`

Heath check.

GET, HEAD, ...: returns a response with the status code defined by the POST
POST: changes the status code of the GET (HEAD, ...) response.

Flags

Flag	Env var	Description
`cert`		Give me a certificate.
`key`		Give me a key.
`cacert`		Give me a CA chain, enforces mutual TLS
`port`	`WHOAMI_PORT_NUMBER`	Give me a port number. (default: `80`)
`name`	`WHOAMI_NAME`	Give me a name.
`verbose`		Enable verbose logging.

Examples

$ docker run -d -P --name iamfoo traefik/whoami

$ docker inspect --format '{{ .NetworkSettings.Ports }}'  iamfoo
map[80/tcp:[{0.0.0.0 32769}]]

$ curl "http://0.0.0.0:32769"
Hostname :  6e0030e67d6a
IP :  127.0.0.1
IP :  ::1
IP :  172.17.0.27
IP :  fe80::42:acff:fe11:1b
GET / HTTP/1.1
Host: 0.0.0.0:32769
User-Agent: curl/7.35.0
Accept: */*

# updates health check status
$ curl -X POST -d '500' http://localhost:80/health

# calls the health check
$ curl -v http://localhost:80/health
*   Trying ::1:80...
* TCP_NODELAY set
* Connected to localhost (::1) port 80 (#0)
> GET /health HTTP/1.1
> Host: localhost:80
> User-Agent: curl/7.65.3
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 500 Internal Server Error
< Date: Mon, 16 Sep 2019 22:52:40 GMT
< Content-Length: 0

docker run -d -P -v ./certs:/certs --name iamfoo traefik/whoami --cert /certs/example.cert --key /certs/example.key

version: '3.9'

services:
  whoami:
    image: traefik/whoami
    command:
       # It tells whoami to start listening on 2001 instead of 80
       - --port=2001
       - --name=iamfoo

whoami's People

Contributors

Stargazers

Watchers

Forkers

kcollasarundell halfa jim3ma wtfkr0 dreamingbinary solidnerd juliens bee42 snahelou lshahar opera443399 koshatul zhuomingliang davidzadrazil devdlabs bossjones z0r1k seriousben yogeek ajaegle mister2d nielsole lukesiler campbellr geraldcroes inteleon tingshingip hollychen503 arno01 literadix dtomcej afcarl joscom hbozdogan-zz nakwarsi mmatur pathcl minyk peter-klaesson-stratsys trylife rochaporto esenzet rmoorman vioan developgo raufkk munkyboy clarkhan skywirex ct-open-source kingdevnl mirovskyi jlevesy khan-rizwan futuretea eagle-1 yinonavraham astraserg urvil38 touch4it manuelkasiske4idealo maysusan maddingo yaoshipu wwek sherifc129 soulteary javahuang ozcan-ozkaya chengpan epson-lee sanjay556 505games rimitchell chrisusick melotusme faycal-finalcad rochacon bsinou lylezxl sebgasm hemaltandel1 jbdoumenjou mars1024 cf-container-networking rtribotte romankspb kevinpollet thantzinz devopstoday11 zxjt777 ttys3 bscp7 simonnilsson yasir2000 kalbinsson 1xcode parente binlabnet me-jls

whoami's Issues

Add curl to image for use native HEALTHCHECK

Add revDNS to access log

Would be nice to see DNS entries instead of IP addresses when --verbose is enabled.

Cannot Run with Xeon Processor

Hello,

I have recently put together a used Linux PC with an old Intel Xeon processor. I am planning to migrate some Dockerized home services (including traefik, as well as whoami as a sanity check) currently running on an i7 desktop to this new server machine.

I was surprised that I ran into problems getting my Docker containers to run on the new machine. traefik fired up and seems to run with no problem (web API is good), but whoami is giving me an error message.

XXX@YYYYYYYYYY:~$ docker run containous/whoami:v1.5.0-amd64
standard_init_linux.go:228: exec user process caused: exec format error
XXX@YYYYYYYYYY:~$ lscpu
Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   36 bits physical, 48 bits virtual
CPU(s):                          8
On-line CPU(s) list:             0-7
Thread(s) per core:              2
Core(s) per socket:              4
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           58
Model name:                      Intel(R) Xeon(R) CPU E3-1265L V2 @ 2.50GHz
Stepping:                        9
CPU MHz:                         1600.128
CPU max MHz:                     3500.0000
CPU min MHz:                     1600.0000
BogoMIPS:                        4999.91
Virtualization:                  VT-x
L1d cache:                       128 KiB
L1i cache:                       128 KiB
L2 cache:                        1 MiB
L3 cache:                        8 MiB
NUMA node0 CPU(s):               0-7
Vulnerability Itlb multihit:     KVM: Mitigation: Split huge pages
Vulnerability L1tf:              Mitigation; PTE Inversion; VMX conditional c
                                 ache flushes, SMT vulnerable
Vulnerability Mds:               Mitigation; Clear CPU buffers; SMT vulnerabl
                                 e
Vulnerability Meltdown:          Mitigation; PTI
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disable
                                 d via prctl and seccomp
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __u
                                 ser pointer sanitization
Vulnerability Spectre v2:        Mitigation; Full generic retpoline, IBPB con
                                 ditional, IBRS_FW, STIBP conditional, RSB fi
                                 lling
Vulnerability Srbds:             Vulnerable: No microcode
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep 
                                 mtrr pge mca cmov pat pse36 clflush dts acpi
                                  mmx fxsr sse sse2 ss ht tm pbe syscall nx r
                                 dtscp lm constant_tsc arch_perfmon pebs bts 
                                 rep_good nopl xtopology nonstop_tsc cpuid ap
                                 erfmperf pni pclmulqdq dtes64 monitor ds_cpl
                                  vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid s
                                 se4_1 sse4_2 x2apic popcnt tsc_deadline_time
                                 r xsave avx f16c rdrand lahf_lm cpuid_fault 
                                 epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi
                                  flexpriority ept vpid fsgsbase smep erms xs
                                 aveopt dtherm ida arat pln pts md_clear flus
                                 h_l1d
XXX@YYYYYYYYYY:~$ uname -a
Linux YYYYYYYYYY 5.4.0-84-generic #94-Ubuntu SMP Thu Aug 26 20:27:37 UTC 2021 x86_64 x86_64 x86_64 GNU/Linu

I poked around online, and this kind of error seems to usually come up when there is some kind of architecture disparity between host and Docker image (such as #10). I am confused because I am going from an x86_64 i7 that works fine to an older x86_64 Xeon, and do not understand what the issue may be.

Any thoughts would be appreciated. Thanks!

Edit: best guess I've had so far is that the images are compiled for a newer x86_64 instruction set architecture than my processor... but I would have hoped to get a more useful error message if that were the case =/

Could you turn off the Keep-Alive? or add an option to it?

When testing the Swarm cluster, the emilevauge/whoami seems have Keep-Alive turned on, so if the frontend reverse proxy follow the Keep-Alive instruction, then the frontend will keep connected to a single backend, which makes the load balance useless. See the issue: traefik/traefik#718

So, could you modify the program to turn the Keep-Alive off? or add an option for it. Thanks.

ERROR: no matching manifest for linux/arm/v7 in the manifest list entries

Trying on ARM64, Linux odroid 5.4.196-406 #1 SMP PREEMPT Tue May 31 19:52:19 UTC 2022 armv7l armv7l armv7l GNU/Linux

not rootless

Why is this image not rootless? Is it hard to implement?

Base path setting

Is it possible to configure the base url? Ideally from docker labels or environment variables?
This is to use it with Traefik PathPrefix for subdomain.domain.com/whoami

Support for HTTP/3.0？

Problem in the reading of the port parameter

I have tried the last example listed on the README, as rewrited below:

version: '3.9'

services:
  whoami:
    image: traefik/whoami
    command:
       # It tells whoami to start listening on 2001 instead of 80
       - --port 2001
       - --name iamfoo

Tried in that way:

whoami:
    # A container that exposes an API to show its IP address
    image: traefik/whoami
    command:
      - "--port 90"
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.whoami.rule=Host(`foo.bar.localhost`)"
        - "traefik.http.services.whoami.loadbalancer.port=90"
        - "traefik.constraint-label=http_network"
    networks:
      http_network:
        aliases:
          - whoami

Not worked and the container logs output was:

$sudo docker logs c3f33eb92a5b
flag provided but not defined: -port 90

Print requests to stdout

Useful for testing container logging

Can not reproduce Traefik quick start. Getting http 503 error

I'm following Traefik quick start and arrived at the following docker compose file:

version: '3'

services:
  traefik:
    image: traefik:v2.10
    restart: always
    command: --api.insecure=true --providers.docker
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  whoami:
    image: traefik/whoami
    labels:
      - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"

However it always give me http 503 error.

$ curl -v -H Host:whoami.docker.localhost http://127.0.0.1
*   Trying 127.0.0.1:80...
* Connected to 127.0.0.1 (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host:whoami.docker.localhost
> User-Agent: curl/8.0.1
> Accept: */*
>
< HTTP/1.1 503 Service Unavailable
< Content-Length: 0
< Date: Sat, 13 May 2023 10:43:50 GMT
<
* Connection #0 to host 127.0.0.1 left intact

I've tried to replace the service with python -m http.server using static config and it works. So I wonder if the 503 error is related to the whoami image.

/data path should be limited or configurable

Once you figure out that someone has a containous/whoami instance runing (let's say on their domain … whoami.example.com), you can DoS their host by running multiple /data?size=10&unit=GB requests and have the dataHandler send lots of data.

I see that this container is mainly for debugging purposes, but in some cases it might land on production endpoints, so the "dangerous" functions should be switched off then.

Default port is 8080

Contrary to the documentation the default port is not 80 but 8080.

When I start the container without specifying a port the output says:
Starting up on port 8080

Name flag not working

I do not get the expected Name: MyName at the beginning of the whoami http response.

I am testing a complex traefik scenario and have multiple whoami containers running and want to tag each one clearly with the Name option.

docker run -d -P --name whoami -e name="MyName" traefik/whoami

curl 127.0.0.1:59707
Hostname: f98a3f6efd8a
IP: 127.0.0.1
IP: 172.17.0.2
RemoteAddr: 172.17.0.1:39884
GET / HTTP/1.1
Host: 127.0.0.1:59707
User-Agent: curl/7.68.0
Accept: */*

In app.go:

207
208	if name != "" {
209		_, _ = fmt.Fprintln(w, "Name:", name)
210	}
211
212	hostname, _ := os.Hostname()
213	_, _ = fmt.Fprintln(w, "Hostname:", hostname)

Steve.

Last user should not be root

This could be mitigated by creating a traefik-whoami user in the build-stage and subsequently copy it to the last-stage, e.g.: https://github.com/030/bcbsn/blob/master/Dockerfile

Newer docker image

It seems that the latest docker image does not contain the WHOAMI_PORT env feature. Could a newer docker image be created?

Pin golang version in Dockerfile

Hello,

our Vulnerability Scanner (AquaSec) found a critrical vulnerability in v1.10.1 of traefik/whoami: CVE-2015-4042.
I build the traefik/whoami image locally with golang:1.22.2-alpine3.19 as base image. This version of golang/alpine has no vulnerabilities anymore.
May I open a PR to resolve this (including an update on go 1.22) or do you follow any other process for fixing vulnerabilities?

Reconsider app binary name

Could this please be considered to rename the app binary to not overlap with a common *NIX tool whoami (man 1 whoami) so that those who prefer to not use Docker but install binary directly with go install (or by other means, e.g. Homebrew) don't suffer from a need to apply local quirks for this app to not overlap with whoami from base *NIX distros.
Thank you in advance.

/bin/sh not working

I tried to run /bin/sh inside the whoami container but it fails but according to inspect it should work.

 "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "EXPOSE 80"
            ],

but

root@Ubuntu18:/opt/10_docker-compose-files# docker exec -it whoami /bin/sh
OCI runtime exec failed: exec failed: container_linux.go:346: starting container process caused "exec: \"/bin/sh\": stat /bin/sh: no such file or directory": unknown

docker inspect containous/whoami

root@Ubuntu18:/opt/10_docker-compose-files# docker inspect containous/whoami
[
    {
        "Id": "sha256:5e3337d43760321f87cb6581717817b5c6ee7e2592329e313016fc4fd84a86bd",
        "RepoTags": [
            "containous/whoami:latest"
        ],
        "RepoDigests": [
            "containous/whoami@sha256:c0d68a0f9acde95c5214bd057fd3ff1c871b2ef12dae2a9e2d2a3240fdd9214b"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2019-10-06T18:11:08.622523248Z",
        "Container": "ec87338134f236d64150373d41f531a413773ffdd7f0486765e9bd8d0730ac03",
        "ContainerConfig": {
            "Hostname": "ec87338134f2",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "EXPOSE 80"
            ],
            "Image": "sha256:d4ecbfb4906dbda7e810a8607a2bf01dc559b25886a4969a9748578a7b5a0015",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/whoami"
            ],
            "OnBuild": null,
            "Labels": {}
        },
        "DockerVersion": "18.06.0-ce",
        "Author": "",
        "Config": {
            "Hostname": "",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": null,
            "Image": "sha256:d4ecbfb4906dbda7e810a8607a2bf01dc559b25886a4969a9748578a7b5a0015",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/whoami"
            ],
            "OnBuild": null,
            "Labels": null
        },
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 7400843,
        "VirtualSize": 7400843,
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/2e724f15baf2d09dbcc6be8c2d990cd58eca55ef347a4c1fb292ec6ed377aea6/diff:/var/lib/docker/overlay2/4489560a5dee35328a1aee14ed17db4cf467f2197b79026b97468bbbf43b0aee/diff",
                "MergedDir": "/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/merged",
                "UpperDir": "/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/diff",
                "WorkDir": "/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/work"
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:20790004c269fde57cd2f3a61a0d172326866d2bf10743ab78401a988e5c76f2",
                "sha256:d929d3d3315f88e09d29dc77d991af280d7d2aa5c6974479a6d3c97f4c5dff68",
                "sha256:315baccbc30305bd711a433b73a999942c4029688cefbcbb4a3a65aa73697454"
            ]
        },
        "Metadata": {
            "LastTagTime": "0001-01-01T00:00:00Z"
        }
    }
]

docker inspect whoami

root@Ubuntu18:/opt/10_docker-compose-files# docker inspect whoami
[
    {
        "Id": "957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef",
        "Created": "2020-01-19T13:04:09.405590632Z",
        "Path": "/whoami",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 13422,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2020-01-19T13:04:11.163418421Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:5e3337d43760321f87cb6581717817b5c6ee7e2592329e313016fc4fd84a86bd",
        "ResolvConfPath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/hostname",
        "HostsPath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/hosts",
        "LogPath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef-json.log",
        "Name": "/whoami_viaSubdomain",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "docker-default",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "bridge_proxy_traefikv2",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": [],
            "CapAdd": null,
            "CapDrop": null,
            "Capabilities": null,
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "shareable",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc-init/diff:/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/diff:/var/lib/docker/overlay2/2e724f15baf2d09dbcc6be8c2d990cd58eca55ef347a4c1fb292ec6ed377aea6/diff:/var/lib/docker/overlay2/4489560a5dee35328a1aee14ed17db4cf467f2197b79026b97468bbbf43b0aee/diff",
                "MergedDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc/merged",
                "UpperDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc/diff",
                "WorkDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [],
        "Config": {
            "Hostname": "957a7d1305ce",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": null,
            "Image": "containous/whoami",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/whoami"
            ],
            "OnBuild": null,
            "Labels": {
                "app_name": "whoami",
                "com.docker.compose.config-hash": "dc97c6a2ec70af4a09f621592daf243da18177ff28f0d78a27045a16ec050374",
                "com.docker.compose.container-number": "1",
                "com.docker.compose.oneoff": "False",
                "com.docker.compose.project": "10_docker-compose-files",
                "com.docker.compose.service": "whoami",
                "com.docker.compose.version": "1.24.1",
                "traefik.docker.network": "bridge_proxy_traefikv2",
                "traefik.enable": "true",
                "traefik.http.routers.whoami_viaSubdomain.entrypoints": "web@80",
                "traefik.http.routers.whoami_viaSubdomain.rule": "Host(`whoami.fairbnb.community`)"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "d2055d08f79afc81451f2f621d3e4609c1ca1bc6fcf25903ed4125c720e2091e",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "80/tcp": null
            },
            "SandboxKey": "/var/run/docker/netns/d2055d08f79a",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "bridge_proxy_traefikv2": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "whoami_viaSubdomain",
                        "957a7d1305ce"
                    ],
                    "NetworkID": "bb2fe97e47e9add779bc36e981bc5786b545e9a766fa5ff6e5f8ff89492dd925",
                    "EndpointID": "2093215e8004271a5155097e7786d8abf00afbb69892066770dd73fc997129dd",
                    "Gateway": "172.20.0.1",
                    "IPAddress": "172.20.0.4",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:14:00:04",
                    "DriverOpts": null
                }
            }
        }
    }
]

support for custom message

Hi,
Along with the current info shown, would it be possible to show a custom text message?
Something like (https://github.com/hashicorp/http-echo).

This would help to test/validate the load-balancing behaviors of LB like gobetween, Fabio, Traefik, HAProxy, etc.

Regards,
Shantanu

flags are not clear or not working

Hi,
I assume
cert: give me a certificate
key: give me a key
allow me to do https.
Does that mean it creates a certificate by itself or do I need to add the path to a local certificate?

curl https://localhost:32769
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_INVALID_TOKEN (0x80090308)

Publish to ghcr.io as well as dockerhub

Hello! Thanks for maintaining this server, it's a really useful testing tool! Is there any chance that the image could be published to ghcr.io (Github Packages) as well as Dockerhub? Would a PR be accepted for this?

Add verbosity level

Would be nice for debugging, if we'd be able to enable POST body in access log. Usage can be either to change --verbose to accept parameter with verbosity level (with backward-compatible fallback to current behavior if no level is provided), or when the --verbose flag is provided twice.

Support to display HTTP header before upgrading to websocket

Would you like a PR which display the HTTP header send before upgrading to websocket at the beginning of the websocket flow?

Why is there no "RemoteAddr" field in the "/api" interface?

---

Exposing httpOnly cookies and backend security headers

The httpOnly Set-Cookie option was introduced in 2002 to mitigate certain cross-site scripting attacks. It allows the server to store cookies at the client while at the same time preventing client-side javascript from being able to see the cookie.

whoami exposes the entire client Cookie header to the client, which effectively nullifies the httpOnly option on security cookies when client-side javascript is running in the same domain as the hosted whoami. Any browser javascript in the same domain as whoami can read their httpOnly cookies.

More rarely, whoami sits behind a reverse-proxy or API gateway that adds headers to the request that are sensitive and not intended to be seen by the client.

While it is true that whoami is primarily a development/debugging tool, it is so useful that it is often added to real service stacks. At a minimum there should be clear caveats in the documentation about the potential risks.

Even better, it would be really nice to have configuration options to suppress certain named client headers in the output, or in the case of cookies, to strip certain named cookies from the output.

If there is interest, I could propose a pull request.

Unable to run on ARM

I am attempting to debug my configuration of Traefik running on a Raspberry Pi 3B+ (Docker 18.06.1-ce, go1.10.3, Raspbian GNU/Linux 9 (stretch)) and I get the following error:

standard_init_linux.go:190: exec user process caused "exec format error"

Since the Traefik container will run on the ARM platform, does it make sense to make the test/debug image work on the platform as well?

Support for HTTP/2.0 (h2c)?

Does whoami support HTTP/2.0, specifically "h2c", which works without TLS encryption (Wikipedia)?

It would be interesting to see if incoming requests (through a reverse proxy) are made with HTTP/2.0.

whoami stops after 10 minutes

Maybe I am just too dumb and after all, it is no biggie anyways:

My whoami instances always stop after ~10 minutes after start. I deploy whoami alongside traefik just to have a reference. I know I can have it restart automatically, but I had expected it to run forever.

I can see nothing in the documentation or the code that beats me to why this happens or is that a "works as designed" thing?

There are no log errors after the initial start message, the exit code is 255.

Name does not appear in /api json

When setting a WHOAMI_NAME environment variable and opening the page (localhost), I can see the name as first entry.
If I access localhost/api I get a json object with most of the data. Unfortunately the name is missing.

📌 FROM Containous TO Traefik 🚀 ✨

Routing "whoami" from Containous to Traefik ... more information on that later! 🙊 🕵️

❤️ ❤️ ❤️

Print request headers

This would help with testing/debugging reverse proxy issues.

Honor `PORT` environment variable

It's the de facto standard on most PaaS, such as Heroku, Cloud Run, etc.
It would be used as the fallback value, right after checking for WHOAMI_PORT_NUMBER, to preserve current behavior.

whoami pods unable to start

Hello,
We're running whoami for testing purposes on our K8S Cluster, using latest DockerHub image.
We're seeing a new issue today that we didn't have before.
Pods fail to start with the following logs:

Starting up on port tcp://10.100.7.29:80
2021/12/03 16:44:43 listen tcp: address :tcp://10.100.7.29:80: too many colons in address

I see there has been a new release today, is it related ?
I can reproduce at will by simply pushing the following configuration to a K8S cluster:

kind: Deployment
apiVersion: apps/v1
metadata:
  name: whoami
  labels:
    app: traefiklabs
    name: whoami
spec:
  replicas: 2
  selector:
    matchLabels:
      app: traefiklabs
      task: whoami
  template:
    metadata:
      labels:
        app: traefiklabs
        task: whoami
    spec:
      containers:
        - name: whoami
          image: traefik/whoami
          ports:
            - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: whoami
  annotations:
    traefik.ingress.kubernetes.io/service.sticky: "true"
    traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
    traefik.ingress.kubernetes.io/service.sticky.cookie.name: "StickyCookie"
    traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "false"
spec:
  ports:
    - name: http
      port: 80
  selector:
    app: traefiklabs
    task: whoami

---
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: whoami
  annotations:
    kubernetes.io/tls-acme: "true"
spec:
  rules:
    - host: example.com
      http:
        paths:
          - path: /
            backend:
              serviceName: whoami
              servicePort: 80

Edit: using image traefik/whoami:v1.6.1 fixes the issue

`WHOAMI_PORT_NUMBER` has no effect

running

version 3
services:
  fake-service:
    image: traefik/whoami
    environment:
      - 'WHOAMI_PORT_NUMBER=3993'

will still bring up

fake-service_1        | Starting up on port 80

Protocol HTTP display error

[Suggestion] Add container ID

I'm using this repo to check my Docker container id

They are displaying it with python like so:

import socket
container_hostname = socket.gethostname()
@app.route('/')
def index():
    url = random.choice(images)
    return render_template('index.html', url=url, hostname=container_hostname)

source

Now my question is:
is it possible to add container ID info to this list in whoami?

Create a release and Docker Hub image for optional env query parameter

Create a release and Docker Hub image for optional env query parameter, the new feature is currently not included.

And the README.md should probably get a bold line for the parameter, like all others. Sorry

Images not being pushed to docker hub

The last update on docker hub seems to be 2 years ago. The GitHub actions seems to skip over the docker hub image push.

Context: I need the WHOAMI_PORT_NUMBER to be set, but the latest image on docker hub does not support that.

What does each line mean ?

Hi,

Please forgive what is probably obvious to most , but what does each line that’s reported mean (exactly)? I’m using the whoami Docker container with others (gluetun) to help me validate that I’ve been given an IP provided by my vpn provider, but looking at what’s reported there is information I don’t recognise, even the host name reported is not familiar, where does that come from. Some of them I can work out, but if by any chance you have a explanation for each one, that would be awesome - thanks !

Hostname: ba38f324df5f2
IP: 127.0.0.1
IP: 104.37.6.103
IP: 10.0.3.2
RemoteAddr: 192.168.102.118:51630
GET / HTTP/1.1
Host: 10.10.10.80:89
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-gb
Connection: keep-alive
Cookie: CS_SESS_ID=1e7234ed-80df-4374-84a0-6b79d504462c; QT=1621932594983; NAS_PW_STATUS=0; NAS_SID=n04fa23sd; NAS_USER=admin; home=1
Referer: http://10.10.10.80:8080/containerstation/?t=16219325903892/
Upgrade-Insecure-Requests: 1

If there scope for a future enhancement , then perhaps consider adding environment variables to allow people to customise the labels, so rather than have 3 called IP, I could describe them differently to know which is which?

WebSocket Origin

Hi,
would you please be kind enough to add:

CheckOrigin: func(r *http.Request) bool {
        return true
},

as member of the upgrader variable?
This would allow to test the WS stuff from anywhere.
Thanks a lot!

[ I know I should fork then pull request. Sorry :-) ]

Specify custom headers

In order to test things like HTTP caching, it can be useful to have the whoami respond with specific headers.

Cleanup the containous/whoami vs traefik/whoami

There's a little mess with the image on Docker hub:

https://hub.docker.com/r/containous/whoami mentions https://www.github.com/containous/whoami as source repository, which redirects to https://github.com/traefik/whoami
containous/whoami contains old image, without features mentioned on https://github.com/traefik/whoami

support for TLS (SSL) ?

Hi,
Would it be possible to add support to server over TLS (SSL)?
The use case for this would be to be able to demonstrate features/capabilities of loadbalancers like gobetween (http://gobetween.io/) and how they handle SNI based routing.

As of today I am making do with stunnel + whoamI wrapped together.

Thanks and Regards,
Shantanu

Add X-Forwarded-For to access log

When running whoami behind traefik, we cannot distinguish from access log which host has made a request to it - they all come from traefik. Adding the X-Forwarded-For or X-Real-IP would be a great addition.

traefik / whoami Goto Github PK

whoami's Introduction

whoami

Usage

Paths

/[?wait=d]

/api

/bench

/data?size=n[&unit=u]

/echo

/health