Merge branch 'v3.0' of github.com:traefik/traefik

Signed-off-by: baalajimaestro <me@baalajimaestro.me>
Merge branch v2.11 into v3.0
2024-04-25 10:44:44 +05:30 · 2024-04-22 17:30:39 +02:00 · 2024-04-22 17:24:04 +02:00 · 2024-04-22 17:04:05 +02:00 · 2024-04-19 11:26:05 +02:00 · 2024-04-19 11:06:04 +02:00
29 changed files with 124 additions and 107 deletions
--- a/docs/content/getting-started/faq.md
+++ b/docs/content/getting-started/faq.md
@ -93,7 +93,7 @@ The example below is a file provider only version (`yaml`) of what this configur
 ```yaml tab="Static configuration"
 # traefik.yml

-entrypoints:
+entryPoints:
  web:
    address: :80

--- a/docs/content/https/acme.md
+++ b/docs/content/https/acme.md
@ -116,8 +116,8 @@ Please check the [configuration examples below](#configuration-examples) for mor
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
    # ...
    --certificatesresolvers.myresolver.acme.email=your-email@example.com
    --certificatesresolvers.myresolver.acme.storage=acme.json
@ -241,8 +241,8 @@ when using the `HTTP-01` challenge, `certificatesresolvers.myresolver.acme.httpc
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
    # ...
    --certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web
    ```
--- a/docs/content/migration/v1-to-v2.md
+++ b/docs/content/migration/v1-to-v2.md
@ -354,7 +354,7 @@ To apply a redirection:
    ```

    ```bash tab="CLI"
-    --entrypoints=Name:web Address::80 Redirect.EntryPoint:websecure
+    --entryPoints=Name:web Address::80 Redirect.EntryPoint:websecure
    --entryPoints='Name:websecure Address::443 TLS'
    ```

@ -394,10 +394,10 @@ To apply a redirection:
    ```bash tab="CLI"
    ## static configuration

-    --entrypoints.web.address=:80
-    --entrypoints.web.http.redirections.entrypoint.to=websecure
-    --entrypoints.web.http.redirections.entrypoint.scheme=https
-    --entrypoints.websecure.address=:443
+    --entryPoints.web.address=:80
+    --entryPoints.web.http.redirections.entrypoint.to=websecure
+    --entryPoints.web.http.redirections.entrypoint.scheme=https
+    --entryPoints.websecure.address=:443
    --providers.docker=true
    ```

@ -750,8 +750,8 @@ with the path `/admin` stripped, e.g. to `http://<IP>:<port>/`. In this case, yo
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
    --certificatesresolvers.myresolver.acme.email=your-email@example.com
    --certificatesresolvers.myresolver.acme.storage=acme.json
    --certificatesresolvers.myresolver.acme.tlschallenge=true
@ -1078,7 +1078,7 @@ To activate the dashboard, you can either:
      routers:
        api:
          rule: Host(`traefik.docker.localhost`)
-          entrypoints:
+          entryPoints:
            - websecure
          service: api@internal
          middlewares:
--- a/docs/content/migration/v2.md
+++ b/docs/content/migration/v2.md
@ -622,7 +622,7 @@ Starting with `v2.11.2` the `<entrypoint>.transport.respondingTimeouts.tcp.linge
 ### RespondingTimeouts.TCP and RespondingTimeouts.HTTP

 Starting with `v2.11.2` the `respondingTimeouts.tcp` and `respondingTimeouts.http` sections introduced in `v2.11.1` have been removed.
-To configure responding timeouts
+To configure the responding timeouts, please use the [`respondingTimeouts`](../routing/entrypoints.md#respondingtimeouts) section.  

 ### EntryPoint.Transport.RespondingTimeouts.ReadTimeout

--- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
+++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
@ -835,6 +835,10 @@ spec:
                      breaker will try to recover (as soon as it is in recovering
                      state).
                    x-kubernetes-int-or-string: true
+                  responseCode:
+                    description: ResponseCode is the status code that the circuit
+                      breaker will return while it is in the open state.
+                    type: integer
                type: object
              compress:
                description: |-
--- a/docs/content/reference/dynamic-configuration/kubernetes-gateway-traefik-lb-svc.yml
+++ b/docs/content/reference/dynamic-configuration/kubernetes-gateway-traefik-lb-svc.yml
@ -27,8 +27,8 @@ spec:
        - name: traefik
          image: traefik:v3.0
          args:
-            - --entrypoints.web.address=:80
-            - --entrypoints.websecure.address=:443
+            - --entryPoints.web.address=:80
+            - --entryPoints.websecure.address=:443
            - --experimental.kubernetesgateway
            - --providers.kubernetesgateway

--- a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
+++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
@ -172,6 +172,10 @@ spec:
                      breaker will try to recover (as soon as it is in recovering
                      state).
                    x-kubernetes-int-or-string: true
+                  responseCode:
+                    description: ResponseCode is the status code that the circuit
+                      breaker will return while it is in the open state.
+                    type: integer
                type: object
              compress:
                description: |-
--- a/docs/content/routing/entrypoints.md
+++ b/docs/content/routing/entrypoints.md
@ -227,8 +227,8 @@ If both TCP and UDP are wanted for the same port, two entryPoints definitions ar
    ```

    ```bash tab="CLI"
-    --entrypoints.specificIPv4.address=192.168.2.7:8888
-    --entrypoints.specificIPv6.address=[2001:db8::1]:8888
+    --entryPoints.specificIPv4.address=192.168.2.7:8888
+    --entryPoints.specificIPv6.address=[2001:db8::1]:8888
    ```

    Full details for how to specify `address` can be found in [net.Listen](https://golang.org/pkg/net/#Listen) (and [net.Dial](https://golang.org/pkg/net/#Dial)) of the doc for go.
@ -270,8 +270,8 @@ reloading the static configuration without any service downtime.
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.web.reusePort=true
+    --entryPoints.web.address=:80
+    --entryPoints.web.reusePort=true
    ```

    Now it is possible to run multiple Traefik processes with the same EntryPoint configuration.
@ -298,10 +298,10 @@ reloading the static configuration without any service downtime.
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.web.reusePort=true
-    --entrypoints.privateWeb.address=192.168.1.2:80
-    --entrypoints.privateWeb.reusePort=true
+    --entryPoints.web.address=:80
+    --entryPoints.web.reusePort=true
+    --entryPoints.privateWeb.address=192.168.1.2:80
+    --entryPoints.privateWeb.reusePort=true
    ```

    Requests to `192.168.1.2:80` will only be handled by routers that have `privateWeb` as the entry point.
@ -349,9 +349,9 @@ EntryPoints in this list are used (by default) on HTTP and TCP routers that do n
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
-    --entrypoints.websecure.asDefault=true
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
+    --entryPoints.websecure.asDefault=true
    ```

 ### HTTP/2
@ -401,7 +401,7 @@ entryPoints:
 ```

 ```bash tab="CLI"
--entrypoints.name.http3
+--entryPoints.name.http3
 ```

 ??? info "HTTP/3 uses UDP+TLS"
@ -433,7 +433,7 @@ It can be used to override the authority in the `alt-svc` header, for example if
    ```
    
    ```bash tab="CLI"
-    --entrypoints.name.http3.advertisedport=443
+    --entryPoints.name.http3.advertisedport=443
    ```

 ### Forwarded Headers
@ -870,10 +870,10 @@ This whole section is dedicated to options, keyed by entry point, that will appl
    ```

    ```bash tab="CLI"
-    --entrypoints.web.address=:80
-    --entrypoints.web.http.redirections.entryPoint.to=websecure
-    --entrypoints.web.http.redirections.entryPoint.scheme=https
-    --entrypoints.websecure.address=:443
+    --entryPoints.web.address=:80
+    --entryPoints.web.http.redirections.entryPoint.to=websecure
+    --entryPoints.web.http.redirections.entryPoint.scheme=https
+    --entryPoints.websecure.address=:443
    ```

 #### `entryPoint`
@ -908,7 +908,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
    ```

    ```bash tab="CLI"
-    --entrypoints.foo.http.redirections.entryPoint.to=websecure
+    --entryPoints.foo.http.redirections.entryPoint.to=websecure
    ```

 ??? info "`entryPoint.scheme`"
@ -938,7 +938,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
    ```

    ```bash tab="CLI"
-    --entrypoints.foo.http.redirections.entryPoint.scheme=https
+    --entryPoints.foo.http.redirections.entryPoint.scheme=https
    ```

 ??? info "`entryPoint.permanent`"
@ -968,7 +968,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
    ```

    ```bash tab="CLI"
-    --entrypoints.foo.http.redirections.entrypoint.permanent=true
+    --entryPoints.foo.http.redirections.entrypoint.permanent=true
    ```

 ??? info "`entryPoint.priority`"
@ -998,7 +998,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
    ```

    ```bash tab="CLI"
-    --entrypoints.foo.http.redirections.entrypoint.priority=10
+    --entryPoints.foo.http.redirections.entrypoint.priority=10
    ```

 ### EncodeQuerySemicolons
@ -1026,8 +1026,8 @@ entryPoints:
 ```

 ```bash tab="CLI"
--entrypoints.websecure.address=:443
--entrypoints.websecure.http.encodequerysemicolons=true
+--entryPoints.websecure.address=:443
+--entryPoints.websecure.http.encodequerysemicolons=true
 ```

 #### Examples
@ -1062,8 +1062,8 @@ entryPoints:
 ```

 ```bash tab="CLI"
--entrypoints.websecure.address=:443
--entrypoints.websecure.http.middlewares=auth@file,strip@file
+--entryPoints.websecure.address=:443
+--entryPoints.websecure.http.middlewares=auth@file,strip@file
 ```

 ### TLS
@ -1109,13 +1109,13 @@ entryPoints:
 ```

 ```bash tab="CLI"
--entrypoints.websecure.address=:443
--entrypoints.websecure.http.tls.options=foobar
--entrypoints.websecure.http.tls.certResolver=leresolver
--entrypoints.websecure.http.tls.domains[0].main=example.com
--entrypoints.websecure.http.tls.domains[0].sans=foo.example.com,bar.example.com
--entrypoints.websecure.http.tls.domains[1].main=test.com
--entrypoints.websecure.http.tls.domains[1].sans=foo.test.com,bar.test.com
+--entryPoints.websecure.address=:443
+--entryPoints.websecure.http.tls.options=foobar
+--entryPoints.websecure.http.tls.certResolver=leresolver
+--entryPoints.websecure.http.tls.domains[0].main=example.com
+--entryPoints.websecure.http.tls.domains[0].sans=foo.example.com,bar.example.com
+--entryPoints.websecure.http.tls.domains[1].main=test.com
+--entryPoints.websecure.http.tls.domains[1].sans=foo.test.com,bar.test.com
 ```

 ??? example "Let's Encrypt"
@ -1138,8 +1138,8 @@ entryPoints:
    ```

    ```bash tab="CLI"
-    --entrypoints.websecure.address=:443
-    --entrypoints.websecure.http.tls.certResolver=leresolver
+    --entryPoints.websecure.address=:443
+    --entryPoints.websecure.http.tls.certResolver=leresolver
    ```

 ## UDP Options
@ -1170,8 +1170,8 @@ entryPoints:
 ```

 ```bash tab="CLI"
-entrypoints.foo.address=:8000/udp
-entrypoints.foo.udp.timeout=10s
+--entryPoints.foo.address=:8000/udp
+--entryPoints.foo.udp.timeout=10s
 ```

 {!traefik-for-business-applications.md!}
--- a/docs/content/routing/providers/kubernetes-crd.md
+++ b/docs/content/routing/providers/kubernetes-crd.md
@ -53,9 +53,9 @@ The Kubernetes Ingress Controller, The Custom Resource Way.
                - --log.level=DEBUG
                - --api
                - --api.insecure
-                - --entrypoints.web.address=:80
-                - --entrypoints.tcpep.address=:8000
-                - --entrypoints.udpep.address=:9000/udp
+                - --entryPoints.web.address=:80
+                - --entryPoints.tcpep.address=:8000
+                - --entryPoints.udpep.address=:9000/udp
                - --providers.kubernetescrd
              ports:
                - name: web
--- a/docs/content/routing/providers/kubernetes-gateway.md
+++ b/docs/content/routing/providers/kubernetes-gateway.md
@ -234,7 +234,7 @@ Kubernetes cluster before creating `HTTPRoute` objects.
            - headers:                          # [11]
                name: foo                       # [12]
                value: bar                      # [13]
-        - backendRefs:                          # [14]
+          backendRefs:                          # [14]
            - name: whoamitcp                   # [15]
              weight: 1                         # [16]
              port: 8080                        # [17]
@ -273,7 +273,7 @@ Kubernetes cluster before creating `HTTPRoute` objects.
 | [6]  | `rules`                 | A list of HTTP matchers, filters and actions.                                                                                                                               |
 | [7]  | `matches`               | Conditions used for matching the rule against incoming HTTP requests. Each match is independent, i.e. this rule will be matched if **any** one of the matches is satisfied. |
 | [8]  | `path`                  | An HTTP request path matcher. If this field is not specified, a default prefix match on the "/" path is provided.                                                           |
-| [9]  | `type`                  | Type of match against the path Value (supported types: `Exact`, `Prefix`).                                                                                                  |
+| [9]  | `type`                  | Type of match against the path Value (supported types: `Exact`, `PathPrefix`).                                                                                              |
 | [10] | `value`                 | The value of the HTTP path to match against.                                                                                                                                |
 | [11] | `headers`               | Conditions to select a HTTP route by matching HTTP request headers.                                                                                                         |
 | [12] | `name`                  | Name of the HTTP header to be matched.                                                                                                                                      |
--- a/docs/content/routing/providers/kubernetes-ingress.md
+++ b/docs/content/routing/providers/kubernetes-ingress.md
@ -126,7 +126,7 @@ which in turn will create the resulting routers, services, handlers, etc.
            - name: traefik
              image: traefik:v3.0
              args:
-                - --entrypoints.web.address=:80
+                - --entryPoints.web.address=:80
                - --providers.kubernetesingress
              ports:
                - name: web
@ -391,8 +391,8 @@ TLS can be enabled through the [HTTP options](../entrypoints.md#tls) of an Entry

 ```bash tab="CLI"
 # Static configuration
--entrypoints.websecure.address=:443
--entrypoints.websecure.http.tls
+--entryPoints.websecure.address=:443
+--entryPoints.websecure.http.tls
 ```

 ```yaml tab="File (YAML)"
@ -524,8 +524,8 @@ This way, any Ingress attached to this Entrypoint will have TLS termination by d
            - name: traefik
              image: traefik:v3.0
              args:
-                - --entrypoints.websecure.address=:443
-                - --entrypoints.websecure.http.tls
+                - --entryPoints.websecure.address=:443
+                - --entryPoints.websecure.http.tls
                - --providers.kubernetesingress
              ports:
                - name: websecure
@ -710,7 +710,7 @@ For more options, please refer to the available [annotations](#on-ingress).
            - name: traefik
              image: traefik:v3.0
              args:
-                - --entrypoints.websecure.address=:443
+                - --entryPoints.websecure.address=:443
                - --providers.kubernetesingress
              ports:
                - name: websecure
--- a/docs/content/routing/routers/index.md
+++ b/docs/content/routing/routers/index.md
@ -146,9 +146,9 @@ If you want to limit the router scope to a set of entry points, set the `entryPo

    ```bash tab="CLI"
    ## Static configuration
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
-    --entrypoints.other.address=:9090
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
+    --entryPoints.other.address=:9090
    ```

 ??? example "Listens to Specific EntryPoints"
@ -204,9 +204,9 @@ If you want to limit the router scope to a set of entry points, set the `entryPo

    ```bash tab="CLI"
    ## Static configuration
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
-    --entrypoints.other.address=:9090
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
+    --entryPoints.other.address=:9090
    ```

 ### Rule
@ -959,9 +959,9 @@ If you want to limit the router scope to a set of entry points, set the entry po

    ```bash tab="CLI"
    ## Static configuration
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
-    --entrypoints.other.address=:9090
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
+    --entryPoints.other.address=:9090
    ```

 ??? example "Listens to Specific EntryPoints"
@ -1023,9 +1023,9 @@ If you want to limit the router scope to a set of entry points, set the entry po

    ```bash tab="CLI"
    ## Static configuration
-    --entrypoints.web.address=:80
-    --entrypoints.websecure.address=:443
-    --entrypoints.other.address=:9090
+    --entryPoints.web.address=:80
+    --entryPoints.websecure.address=:443
+    --entryPoints.other.address=:9090
    ```

 ### Rule
@ -1610,9 +1610,9 @@ If one wants to limit the router scope to a set of EntryPoints, one should set t

    ```bash tab="CLI"
    ## Static configuration
-    --entrypoints.web.address=":80"
-    --entrypoints.other.address=":9090/udp"
-    --entrypoints.streaming.address=":9191/udp"
+    --entryPoints.web.address=":80"
+    --entryPoints.other.address=":9090/udp"
+    --entryPoints.streaming.address=":9191/udp"
    ```

 ??? example "Listens to Specific EntryPoints"
@ -1667,9 +1667,9 @@ If one wants to limit the router scope to a set of EntryPoints, one should set t

    ```bash tab="CLI"
    ## Static configuration
-    --entrypoints.web.address=":80"
-    --entrypoints.other.address=":9090/udp"
-    --entrypoints.streaming.address=":9191/udp"
+    --entryPoints.web.address=":80"
+    --entryPoints.other.address=":9090/udp"
+    --entryPoints.streaming.address=":9191/udp"
    ```

 ### Services
--- a/docs/content/user-guides/crd-acme/03-deployments.yml
+++ b/docs/content/user-guides/crd-acme/03-deployments.yml
@ -30,8 +30,8 @@ spec:
          args:
            - --api.insecure
            - --accesslog
-            - --entrypoints.web.Address=:8000
-            - --entrypoints.websecure.Address=:4443
+            - --entryPoints.web.Address=:8000
+            - --entryPoints.websecure.Address=:4443
            - --providers.kubernetescrd
            - --certificatesresolvers.myresolver.acme.tlschallenge
            - --certificatesresolvers.myresolver.acme.email=foo@you.com
--- a/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml
+++ b/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml
@ -10,8 +10,8 @@ services:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
-      - "--entrypoints.websecure.address=:443"
+      - "--entryPoints.web.address=:80"
+      - "--entryPoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
--- a/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml
+++ b/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml
@ -20,8 +20,8 @@ services:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
-      - "--entrypoints.websecure.address=:443"
+      - "--entryPoints.web.address=:80"
+      - "--entryPoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
--- a/docs/content/user-guides/docker-compose/acme-dns/index.md
+++ b/docs/content/user-guides/docker-compose/acme-dns/index.md
@ -64,7 +64,7 @@ What changed between the initial setup:
 ```yaml
 command:
  # Traefik will listen to incoming request on the port 443 (https)
-  - "--entrypoints.websecure.address=:443"
+  - "--entryPoints.websecure.address=:443"
 ports:
  - "443:443"
 ```
--- a/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml
+++ b/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml
@ -10,8 +10,8 @@ services:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
-      - "--entrypoints.websecure.address=:443"
+      - "--entryPoints.web.address=:80"
+      - "--entryPoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
--- a/docs/content/user-guides/docker-compose/acme-http/index.md
+++ b/docs/content/user-guides/docker-compose/acme-http/index.md
@ -50,7 +50,7 @@ What changed between the basic example:
 ```yaml
 command:
  # Traefik will listen to incoming request on the port 443 (https)
-  - "--entrypoints.websecure.address=:443"
+  - "--entryPoints.websecure.address=:443"
 ports:
  - "443:443"
 ```
--- a/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml
+++ b/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml
@ -10,7 +10,7 @@ services:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.websecure.address=:443"
+      - "--entryPoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
--- a/docs/content/user-guides/docker-compose/acme-tls/index.md
+++ b/docs/content/user-guides/docker-compose/acme-tls/index.md
@ -50,7 +50,7 @@ What changed between the basic example:
 ```yaml
 command:
  # Traefik will listen to incoming request on the port 443 (https)
-  - "--entrypoints.websecure.address=:443"
+  - "--entryPoints.websecure.address=:443"
 ports:
  - "443:443"
 ```
--- a/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml
+++ b/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml
@ -10,7 +10,7 @@ services:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
+      - "--entryPoints.web.address=:80"
    ports:
      - "80:80"
      - "8080:8080"
--- a/docs/content/user-guides/docker-compose/basic-example/index.md
+++ b/docs/content/user-guides/docker-compose/basic-example/index.md
@ -86,7 +86,7 @@ Second, you define an entry point, along with the exposure of the matching port
 ```yaml
 command:
  # Traefik will listen to incoming request on the port 80 (HTTP)
-  - "--entrypoints.web.address=:80"
+  - "--entryPoints.web.address=:80"

 ports:
  - "80:80"
--- a/integration/fixtures/k8s/01-traefik-crd.yml
+++ b/integration/fixtures/k8s/01-traefik-crd.yml
@ -835,6 +835,10 @@ spec:
                      breaker will try to recover (as soon as it is in recovering
                      state).
                    x-kubernetes-int-or-string: true
+                  responseCode:
+                    description: ResponseCode is the status code that the circuit
+                      breaker will return while it is in the open state.
+                    type: integer
                type: object
              compress:
                description: |-
--- a/pkg/plugins/builder.go
+++ b/pkg/plugins/builder.go
@ -141,7 +141,7 @@ func newMiddlewareBuilder(ctx context.Context, goPath string, manifest *Manifest
 	case runtimeYaegi, "":
 		i, err := newInterpreter(ctx, goPath, manifest.Import)
 		if err != nil {
-			return nil, fmt.Errorf("failed to craete Yaegi intepreter: %w", err)
+			return nil, fmt.Errorf("failed to create Yaegi interpreter: %w", err)
 		}

 		return newYaegiMiddlewareBuilder(i, manifest.BasePkg, manifest.Import)
--- a/pkg/provider/kubernetes/crd/kubernetes.go
+++ b/pkg/provider/kubernetes/crd/kubernetes.go
@ -648,6 +648,10 @@ func createCircuitBreakerMiddleware(circuitBreaker *traefikv1alpha1.CircuitBreak
 		}
 	}

+	if circuitBreaker.ResponseCode != 0 {
+		cb.ResponseCode = circuitBreaker.ResponseCode
+	}
+
 	return cb, nil
 }

--- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go
+++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go
@ -88,6 +88,8 @@ type CircuitBreaker struct {
 	FallbackDuration *intstr.IntOrString `json:"fallbackDuration,omitempty" toml:"fallbackDuration,omitempty" yaml:"fallbackDuration,omitempty" export:"true"`
 	// RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
 	RecoveryDuration *intstr.IntOrString `json:"recoveryDuration,omitempty" toml:"recoveryDuration,omitempty" yaml:"recoveryDuration,omitempty" export:"true"`
+	// ResponseCode is the status code that the circuit breaker will return while it is in the open state.
+	ResponseCode int `json:"responseCode,omitempty" toml:"responseCode,omitempty" yaml:"responseCode,omitempty" export:"true"`
 }

 // +k8s:deepcopy-gen=true
--- a/pkg/server/router/tcp/router.go
+++ b/pkg/server/router/tcp/router.go
@ -100,6 +100,11 @@ func (r *Router) ServeTCP(conn tcp.WriteCloser) {
 		// If there is a handler matching the connection metadata,
 		// we let it handle the connection.
 		if handler != nil {
+			// Remove read/write deadline and delegate this to underlying TCP server.
+			if err := conn.SetDeadline(time.Time{}); err != nil {
+				log.Error().Err(err).Msg("Error while setting deadline")
+			}
+
 			handler.ServeTCP(conn)
 			return
 		}
@ -128,15 +133,9 @@ func (r *Router) ServeTCP(conn tcp.WriteCloser) {
 		return
 	}

-	// Remove read/write deadline and delegate this to underlying tcp server (for now only handled by HTTP Server)
-	err = conn.SetReadDeadline(time.Time{})
-	if err != nil {
-		log.Error().Err(err).Msg("Error while setting read deadline")
-	}
-
-	err = conn.SetWriteDeadline(time.Time{})
-	if err != nil {
-		log.Error().Err(err).Msg("Error while setting write deadline")
+	// Remove read/write deadline and delegate this to underlying TCP server (for now only handled by HTTP Server)
+	if err := conn.SetDeadline(time.Time{}); err != nil {
+		log.Error().Err(err).Msg("Error while setting deadline")
 	}

 	connData, err := tcpmuxer.NewConnData(hello.serverName, conn, hello.protos)
--- a/pkg/server/service/roundtripper_test.go
+++ b/pkg/server/service/roundtripper_test.go
@ -536,7 +536,7 @@ func (f *fakeSpiffePKI) genSVID(id spiffeid.ID) (*x509svid.SVID, error) {
 	return x509svid.ParseRaw(certDER, keyPKCS8)
 }

-// fakeSpiffeSource allows retrieving staticly an SVID and its associated bundle.
+// fakeSpiffeSource allows retrieving statically an SVID and its associated bundle.
 type fakeSpiffeSource struct {
 	bundle *x509bundle.Bundle
 	svid   *x509svid.SVID
--- a/webui/src/components/dashboard/PanelProvider.vue
+++ b/webui/src/components/dashboard/PanelProvider.vue
@ -6,7 +6,7 @@
    <q-card-section>
      <div class="row items-center no-wrap">
        <div class="col text-center">
-          <q-avatar class="provider-logo">
+          <q-avatar class="provider-logo" font-size="inherit">
            <q-icon :name="`img:${getLogoPath}`" />
          </q-avatar>
        </div>
Author	SHA1	Message	Date
baalajimaestro	fba88f2f25	Merge branch 'v3.0' of github.com:traefik/traefik All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details Signed-off-by: baalajimaestro <me@baalajimaestro.me>	2024-04-25 10:44:44 +05:30
Fernandez Ludovic	f5d451d816	Merge branch v2.11 into v3.0	2024-04-22 17:30:39 +02:00
Jesper Noordsij	f84e00e481	Consistent entryPoints capitalization in CLI flag usage	2024-04-22 17:24:04 +02:00
Jesper Noordsij	fe0af1ec4b	Use latest Ubuntu (LTS) image consistenly across GitHub workflow	2024-04-22 17:04:05 +02:00
Ludovic Fernandez	95312d5324	Adds the missing circuit-breaker response code for CRD	2024-04-19 11:26:05 +02:00
Sid Karunaratne	e3729ec600	Fix HTTPRoute path type	2024-04-19 11:06:04 +02:00
Sid Karunaratne	20d6c19c30	Fix HTTPRoute use of backendRefs	2024-04-19 10:44:04 +02:00
Kevin Pollet	7a7b03eb01	Fix unfinished migration sentence for v2.11.2	2024-04-18 16:24:04 +02:00
Dmitry Romashov	ea4f307fcd	Fix provider icon size	2024-04-18 16:04:04 +02:00
kevinpollet	a6b00608d2	Merge branch v2.11 into v3.0	2024-04-18 15:34:01 +02:00
hidewrong	7b649e2f0c	Fix some typos in comments	2024-04-18 15:14:04 +02:00
Romain	70968bc6a9	Remove deadlines for non-TLS connections Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>	2024-04-15 17:02:06 +02:00