mirror of
https://github.com/traefik/traefik.git
synced 2025-10-29 23:41:43 +01:00
3.0 KiB
3.0 KiB
title, description
| title | description |
|---|---|
| Traefik Proxy TCP Middleware Overview | Read the official Traefik Proxy documentation for an overview of the available TCP middleware. |
TCP Middlewares
Controlling connections {: .subtitle }
Configuration Example
# As a Docker Label
whoami:
# A container that exposes an API to show its IP address
image: traefik/whoami
labels:
# Create a middleware named `foo-ip-allowlist`
- "traefik.tcp.middlewares.foo-ip-allowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
# Apply the middleware named `foo-ip-allowlist` to the router named `router1`
- "traefik.tcp.routers.router1.middlewares=foo-ip-allowlist@docker"
# As a Kubernetes Traefik IngressRoute
---
apiVersion: traefik.io/v1alpha1
kind: MiddlewareTCP
metadata:
name: foo-ip-allowlist
spec:
ipAllowList:
sourcerange:
- 127.0.0.1/32
- 192.168.1.7
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: ingressroute
spec:
# more fields...
routes:
# more fields...
middlewares:
- name: foo-ip-allowlist
# Create a middleware named `foo-ip-allowlist`
- "traefik.tcp.middlewares.foo-ip-allowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
# Apply the middleware named `foo-ip-allowlist` to the router named `router1`
- "traefik.tcp.routers.router1.middlewares=foo-ip-allowlist@consulcatalog"
# As TOML Configuration File
[tcp.routers]
[tcp.routers.router1]
service = "myService"
middlewares = ["foo-ip-allowlist"]
rule = "Host(`example.com`)"
[tcp.middlewares]
[tcp.middlewares.foo-ip-allowlist.ipAllowList]
sourceRange = ["127.0.0.1/32", "192.168.1.7"]
[tcp.services]
[tcp.services.service1]
[tcp.services.service1.loadBalancer]
[[tcp.services.service1.loadBalancer.servers]]
address = "10.0.0.10:4000"
[[tcp.services.service1.loadBalancer.servers]]
address = "10.0.0.11:4000"
# As YAML Configuration File
tcp:
routers:
router1:
service: myService
middlewares:
- "foo-ip-allowlist"
rule: "Host(`example.com`)"
middlewares:
foo-ip-allowlist:
ipAllowList:
sourceRange:
- "127.0.0.1/32"
- "192.168.1.7"
services:
service1:
loadBalancer:
servers:
- address: "10.0.0.10:4000"
- address: "10.0.0.11:4000"
Available TCP Middlewares
| Middleware | Purpose | Area |
|---|---|---|
| InFlightConn | Limits the number of simultaneous connections. | Security, Request lifecycle |
| IPAllowList | Limit the allowed client IPs. | Security, Request lifecycle |