From 96a7cc483f132b69f6a8f860ad25ddd0a31ae6b0 Mon Sep 17 00:00:00 2001 From: NicoMen Date: Tue, 14 Nov 2017 11:38:03 +0100 Subject: [PATCH] Add Traefik prefix to the KV key --- docs/user-guide/kv-config.md | 31 +++++++++++++++++++++++++++++++ provider/kv/kv.go | 2 +- 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/docs/user-guide/kv-config.md b/docs/user-guide/kv-config.md index 6afd82d7c..fb8beae54 100644 --- a/docs/user-guide/kv-config.md +++ b/docs/user-guide/kv-config.md @@ -148,6 +148,37 @@ This variable must be initialized with the ACL token value. If Traefik is launched into a Docker container, the variable `CONSUL_HTTP_TOKEN` can be initialized with the `-e` Docker option : `-e "CONSUL_HTTP_TOKEN=[consul-acl-token-value]"` +If a Consul ACL is used to restrict Træfik read/write access, one of the following configurations is needed. + +- HCL format : + +``` + key "traefik" { + policy = "write" + }, + + session "" { + policy = "write" + } +``` + +- JSON format : + +```json +{ + "key": { + "traefik": { + "policy": "write" + } + }, + "session": { + "": { + "policy": "write" + } + } +} +``` + ### TLS support To connect to a Consul endpoint using SSL, simply specify `https://` in the `consul.endpoint` property diff --git a/provider/kv/kv.go b/provider/kv/kv.go index 1ebb4298f..d2d7fa8c0 100644 --- a/provider/kv/kv.go +++ b/provider/kv/kv.go @@ -102,7 +102,7 @@ func (p *Provider) watchKv(configurationChan chan<- types.ConfigMessage, prefix func (p *Provider) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool, constraints types.Constraints) error { p.Constraints = append(p.Constraints, constraints...) operation := func() error { - if _, err := p.kvclient.Exists("qmslkjdfmqlskdjfmqlksjazçueznbvbwzlkajzebvkwjdcqmlsfj"); err != nil { + if _, err := p.kvclient.Exists(p.Prefix + "/qmslkjdfmqlskdjfmqlksjazçueznbvbwzlkajzebvkwjdcqmlsfj"); err != nil { return fmt.Errorf("Failed to test KV store connection: %v", err) } if p.Watch {