traefik/docs/content/middlewares/overview.md
mpl 96962dd21f Handle cross-provider middleware in kubernetes CRD
Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
2019-06-26 14:14:05 +02:00

7.6 KiB

Middlewares

Tweaking the Request {: .subtitle }

Overview

Attached to the routers, pieces of middleware are a mean of tweaking the requests before they are sent to your service (or before the answer from the services are sent to the clients).

There are many different available middlewares in Traefik, some can modify the request, the headers, some are in charge of redirections, some add authentication, and so on.

Pieces of middleware can be combined in chains to fit every scenario.

Configuration Example

# As a Docker Label
whoami:
  #  A container that exposes an API to show its IP address
  image: containous/whoami
  labels:
    # Create a middleware named `foo-add-prefix`
    - "traefik.http.middlewares.foo-add-prefix.addprefix.prefix=/foo"
    # Apply the middleware named `foo-add-prefix` to the router named `router1`
    - "traefik.http.router.router1.Middlewares=foo-add-prefix@docker"
# As a Kubernetes Traefik IngressRoute
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: middlewares.traefik.containo.us
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: Middleware
    plural: middlewares
    singular: middleware
  scope: Namespaced

---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: stripprefix
spec:
  stripprefix:
    prefixes:
      - /stripit

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: ingressroute
spec:
# more fields...
  routes:
    # more fields...
    middlewares:
    - name: stripprefix
"labels": {
  "traefik.http.middlewares.foo-add-prefix.addprefix.prefix": "/foo",
  "traefik.http.router.router1.Middlewares": "foo-add-prefix@marathon"
}
# As a Rancher Label
labels:
  # Create a middleware named `foo-add-prefix`
  - "traefik.http.middlewares.foo-add-prefix.addprefix.prefix=/foo"
  # Apply the middleware named `foo-add-prefix` to the router named `router1`
  - "traefik.http.router.router1.Middlewares=foo-add-prefix@rancher"
# As Toml Configuration File
[providers]
   [providers.file]

[http.routers]
  [http.routers.router1]
    Service = "myService"
    Middlewares = ["foo-add-prefix"]
    Rule = "Host(`example.com`)"

[http.middlewares]
  [http.middlewares.foo-add-prefix.AddPrefix]
    prefix = "/foo"

[http.services]
  [http.services.service1]
    [http.services.service1.LoadBalancer]

      [[http.services.service1.LoadBalancer.Servers]]
        URL = "http://127.0.0.1:80"

Provider Namespace

When you declare a middleware, it lives in its provider namespace. For example, if you declare a middleware using a Docker label, under the hoods, it will reside in the docker provider namespace.

If you use multiple providers and wish to reference a middleware declared in another provider (aka referencing a cross-provider middleware), then you'll have to append to the middleware name, the @ separator, followed by the provider name.

<resource-name>@<provider-name>

!!! important "Kubernetes Namespace"

As Kubernetes also has its own notion of namespace, one should not confuse the "provider namespace"

with the "kubernetes namespace" of a resource when in the context of a cross-provider usage. In this case, since the definition of the middleware is not in kubernetes, specifying a "kubernetes namespace" when referring to the resource does not make any sense, and therefore this specification would be ignored even if present.

!!! abstract "Referencing a Middleware from Another Provider"

Declaring the add-foo-prefix in the file provider.

```toml
[providers]
  [providers.file]

[http.middlewares]
  [http.middlewares.add-foo-prefix.AddPrefix]
    prefix = "/foo"
```

Using the add-foo-prefix middleware from other providers:

```yaml tab="Docker"
your-container: #
  image: your-docker-image

  labels:
    # Attach add-foo-prefix@file middleware (declared in file)
    - "traefik.http.routers.my-container.middlewares=add-foo-prefix@file"
```

```yaml tab="Kubernetes"
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: ingressroutestripprefix

spec:
  entryPoints:
    - web
  routes:
    - match: Host(`bar.com`)
      kind: Rule
    services:
      - name: whoami
        port: 80
    middlewares:
      - name: add-foo-prefix@file
      # namespace: bar
      # A namespace specification such as above is ignored
      # when the cross-provider syntax is used.
```

Available Middlewares

Middleware Purpose Area
AddPrefix Add a Path Prefix Path Modifier
BasicAuth Basic auth mechanism Security, Authentication
Buffering Buffers the request/response Request Lifecycle
Chain Combine multiple pieces of middleware Middleware tool
CircuitBreaker Stop calling unhealthy services Request Lifecycle
Compress Compress the response Content Modifier
DigestAuth Adds Digest Authentication Security, Authentication
Errors Define custom error pages Request Lifecycle
ForwardAuth Authentication delegation Security, Authentication
Headers Add / Update headers Security
IPWhiteList Limit the allowed client IPs Security, Request lifecycle
MaxConnection Limit the number of simultaneous connections Security, Request lifecycle
PassTLSClientCert Adding Client Certificates in a Header Security
RateLimit Limit the call frequency Security, Request lifecycle
RedirectScheme Redirect easily the client elsewhere Request lifecycle
RedirectRegex Redirect the client elsewhere Request lifecycle
ReplacePath Change the path of the request Path Modifier
ReplacePathRegex Change the path of the request Path Modifier
Retry Automatically retry the request in case of errors Request lifecycle
StripPrefix Change the path of the request Path Modifier
StripPrefixRegex Change the path of the request Path Modifier