Default Servers Transport
A ServersTransport
allows you to configure the connection between Traefik Hub API Gateway and the HTTP servers.
The default ServersTransport
is applied to every Service that has no ServersTransport
specified.
The default ServersTransport
can be customized in the static configuration.
Configuration Example
- Static Configuration
- Helm Chart Values
## YAML file
serversTransport:
insecureSkipVerify: true
maxIdleConnsPerHost: 100
forwardingTimeouts:
dialTimeout: 42s
responseHeaderTimeout: 42s
idleConnTimeout: 42s
spiffe:
ids:
- spiffe://trust-domain/id1
- spiffe://trust-domain/id2
trustDomain: "spiffe://trust-domain"
## Values file
additionalArguments:
--serverstransport.forwardingtimeouts.dialtimeout=42s
--serverstransport.forwardingtimeouts.idleconntimeout=42s
--serverstransport.forwardingtimeouts.responseheadertimeout=42s
--serverstransport.insecureskipverify=true
--serverstransport.maxidleconnsperhost=1
--serverstransport.spiffe.ids="spiffe://trust-domain/id1,spiffe://trust-domain/id2"
--serverstransport.spiffe.trustdomain="spiffe://trust-domain"
Configuration Options
Field | Description | Default | Required |
---|---|---|---|
serverstransport. insecureSkipVerify | Controls whether the server's certificate chain and host name is verified. | false | No |
serverstransport. rootcas | Set of root certificate authorities to use when verifying server certificates. (for mTLS connections). | No | |
serverstransport. maxIdleConnsPerHost | Maximum idle (keep-alive) connections to keep per-host. | 200 | No |
serverstransport. forwardingTimeouts.dialTimeout | Amount of time to wait until a connection to a server can be established. 0 = no timeout | 30s | No |
serverstransport. forwardingTimeouts.responseHeaderTimeout | Amount of time to wait for a server's response headers after fully writing the request (including its body, if any). 0 = no timeout | 0s | No |
serverstransport. forwardingTimeouts.idleConnTimeout | Maximum amount of time an idle (keep-alive) connection will remain idle before closing itself. 0 = no timeout | 90s | No |
serverstransport. spiffe.ids | Allow SPIFFE IDs. This takes precedence over the SPIFFE TrustDomain. | No | |
serverstransport. spiffe.trustDomain | Allow SPIFFE trust domain. | "" | No |