Merge pull request #328 from samber/consul-catalog--remove-disable-frontend

feat(consul-catalog): Remove frontend when backends disabled

README.md

@@ -76,7 +76,7 @@ You can access to a simple HTML frontend of Træfik.
 
 ## Plumbing
 
-- [Oxy](https://github.com/vulcand/oxy): an awsome proxy library made by Mailgun guys
+- [Oxy](https://github.com/vulcand/oxy): an awesome proxy library made by Mailgun guys
 - [Gorilla mux](https://github.com/gorilla/mux): famous request router
 - [Negroni](https://github.com/codegangsta/negroni): web middlewares made simple
 - [Manners](https://github.com/mailgun/manners): graceful shutdown of http.Handler servers

acme/acme.go

@@ -181,7 +181,7 @@ func (a *ACME) CreateConfig(tlsConfig *tls.Config, CheckOnDemandDomain func(doma
 	acme.Logger = fmtlog.New(ioutil.Discard, "", 0)
 
 	if len(a.StorageFile) == 0 {
-		return errors.New("Empty StorageFile, please provide a filenmae for certs storage")
+		return errors.New("Empty StorageFile, please provide a filename for certs storage")
 	}
 
 	log.Debugf("Generating default certificate...")

docs/basics.md

@@ -19,7 +19,7 @@ Let's zoom on Træfɪk and have an overview of its internal architecture:
 ![Architecture](img/internal.png)
 
 - Incoming requests end on [entrypoints](#entrypoints), as the name suggests, they are the network entry points into Træfɪk (listening port, SSL, traffic redirection...).
-- Traffic is then forwared to a matching [frontend](#frontends). A frontend defines routes from [entrypoints](#entrypoints) to [backends](#backends).
+- Traffic is then forwarded to a matching [frontend](#frontends). A frontend defines routes from [entrypoints](#entrypoints) to [backends](#backends).
 Routes are created using requests fields (`Host`, `Path`, `Headers`...) and can match or not a request.
 - The [frontend](#frontends) will then send the request to a [backend](#backends). A backend can be composed by one or more [servers](#servers), and by a load-balancing strategy.
 - Finally, the [server](#servers) will forward the request to the corresponding microservice in the private network.
@@ -142,7 +142,7 @@ For example:
 
 ## Servers
 
-Servers are simply defined using a `URL`. You can also apply a custom `weight` to each server (this will be used by load-balacning).
+Servers are simply defined using a `URL`. You can also apply a custom `weight` to each server (this will be used by load-balancing).
 
 Here is an example of backends and servers definition:
 

docs/css/traefik.css

@@ -40,4 +40,22 @@ h1, h2, h3, H4 {
 
 blockquote p {
     font-size: 14px;
+}
+
+.navbar-default .navbar-nav>.open>a, .navbar-default .navbar-nav>.open>a:hover, .navbar-default .navbar-nav>.open>a:focus {
+    color: #fff;
+    background-color: #25606F;
+}
+
+.dropdown-menu>li>a:hover, .dropdown-menu>li>a:focus {
+    color: #fff;
+    text-decoration: none;
+    background-color: #25606F;
+}
+
+.dropdown-menu>.active>a, .dropdown-menu>.active>a:hover, .dropdown-menu>.active>a:focus {
+    color: #fff;
+    text-decoration: none;
+    background-color: #25606F;
+    outline: 0;
 }

docs/toml.md

@@ -89,6 +89,10 @@
 #     [entryPoints.http.redirect]
 #       regex = "^http://localhost/(.*)"
 #       replacement = "http://mydomain/$1"
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
 ```
 
 ## Retry configuration
@@ -98,7 +102,7 @@
 #
 # Optional
 #
-# [retry]
+[retry]
 
 # Number of attempts
 #
@@ -122,27 +126,27 @@
 #
 # Optional
 #
-# [acme]
+[acme]
 
 # Email address used for registration
 #
 # Required
 #
-# email = "test@traefik.io"
+email = "test@traefik.io"
 
 # File used for certificates storage.
 # WARNING, if you use Traefik in Docker, don't forget to mount this file as a volume.
 #
 # Required
 #
-# storageFile = "acme.json"
+storageFile = "acme.json"
 
 # Entrypoint to proxy acme challenge to.
 # WARNING, must point to an entrypoint on port 443
 #
 # Required
 #
-# entryPoint = "https"
+entryPoint = "https"
 
 # Enable on demand certificate. This will request a certificate from Let's Encrypt during the first TLS handshake for a hostname that does not yet have a certificate.
 # WARNING, TLS handshakes will be slow when requesting a hostname certificate for the first time, this can leads to DoS attacks.
@@ -175,6 +179,13 @@
 #   main = "local3.com"
 # [[acme.domains]]
 #   main = "local4.com"
+[[acme.domains]]
+   main = "local1.com"
+   sans = ["test1.local1.com", "test2.local1.com"]
+[[acme.domains]]
+   main = "local3.com"
+[[acme.domains]]
+   main = "local4.com"
 ```
 
 # Configuration backends
@@ -247,7 +258,7 @@ defaultEntryPoints = ["http", "https"]
     rule = "Path:/test"
 ```
 
-- or put your rules in a separate file, for example `rules.tml`:
+- or put your rules in a separate file, for example `rules.toml`:
 
 ```toml
 # traefik.toml
@@ -716,25 +727,25 @@ Træfɪk can be configured to use Etcd as a backend configuration:
 #
 # Optional
 #
-# [etcd]
+[etcd]
 
 # Etcd server endpoint
 #
 # Required
 #
-# endpoint = "127.0.0.1:4001"
+endpoint = "127.0.0.1:4001"
 
 # Enable watch Etcd changes
 #
 # Optional
 #
-# watch = true
+watch = true
 
 # Prefix used for KV store.
 #
 # Optional
 #
-# prefix = "/traefik"
+prefix = "/traefik"
 
 # Override default configuration template. For advanced users :)
 #
@@ -769,25 +780,25 @@ Træfɪk can be configured to use Zookeeper as a backend configuration:
 #
 # Optional
 #
-# [zookeeper]
+[zookeeper]
 
 # Zookeeper server endpoint
 #
 # Required
 #
-# endpoint = "127.0.0.1:2181"
+endpoint = "127.0.0.1:2181"
 
 # Enable watch Zookeeper changes
 #
 # Optional
 #
-# watch = true
+watch = true
 
 # Prefix used for KV store.
 #
 # Optional
 #
-# prefix = "/traefik"
+prefix = "/traefik"
 
 # Override default configuration template. For advanced users :)
 #
@@ -811,25 +822,25 @@ Træfɪk can be configured to use BoltDB as a backend configuration:
 #
 # Optional
 #
-# [boltdb]
+[boltdb]
 
 # BoltDB file
 #
 # Required
 #
-# endpoint = "/my.db"
+endpoint = "/my.db"
 
 # Enable watch BoltDB changes
 #
 # Optional
 #
-# watch = true
+watch = true
 
 # Prefix used for KV store.
 #
 # Optional
 #
-# prefix = "/traefik"
+prefix = "/traefik"
 
 # Override default configuration template. For advanced users :)
 #
@@ -920,99 +931,3 @@ Once the `/traefik/alias` key is updated, the new `/traefik_configurations/2` co
 
 Note that Træfɪk *will not watch for key changes in the `/traefik_configurations` prefix*. It will only watch for changes in the `/traefik` prefix. Further, if the `/traefik/alias` key is set, all other sibling keys with the `/traefik` prefix are ignored.
 
-
-# Examples
-
-## HTTP only
-
-```
-defaultEntryPoints = ["http"]
-[entryPoints]
-  [entryPoints.http]
-  address = ":80"
-```
-
-## HTTP + HTTPS (with SNI)
-
-```
-defaultEntryPoints = ["http", "https"]
-[entryPoints]
-  [entryPoints.http]
-  address = ":80"
-  [entryPoints.https]
-  address = ":443"
-    [entryPoints.https.tls]
-      [[entryPoints.https.tls.certificates]]
-      CertFile = "integration/fixtures/https/snitest.com.cert"
-      KeyFile = "integration/fixtures/https/snitest.com.key"
-      [[entryPoints.https.tls.certificates]]
-      CertFile = "integration/fixtures/https/snitest.org.cert"
-      KeyFile = "integration/fixtures/https/snitest.org.key"
-```
-
-## HTTP redirect on HTTPS
-
-```
-defaultEntryPoints = ["http", "https"]
-[entryPoints]
-  [entryPoints.http]
-  address = ":80"
-    [entryPoints.http.redirect]
-    entryPoint = "https"
-  [entryPoints.https]
-  address = ":443"
-    [entryPoints.https.tls]
-      [[entryPoints.https.tls.certificates]]
-      certFile = "tests/traefik.crt"
-      keyFile = "tests/traefik.key"
-```
-
-## Let's Encrypt support
-
-```
-[entryPoints]
-  [entryPoints.https]
-  address = ":443"
-    [entryPoints.https.tls]
-      # certs used as default certs
-      [[entryPoints.https.tls.certificates]]
-      certFile = "tests/traefik.crt"
-      keyFile = "tests/traefik.key"
-[acme]
-email = "test@traefik.io"
-storageFile = "acme.json"
-onDemand = true
-caServer = "http://172.18.0.1:4000/directory"
-entryPoint = "https"
-
-[[acme.domains]]
-  main = "local1.com"
-  sans = ["test1.local1.com", "test2.local1.com"]
-[[acme.domains]]
-  main = "local2.com"
-  sans = ["test1.local2.com", "test2x.local2.com"]
-[[acme.domains]]
-  main = "local3.com"
-[[acme.domains]]
-  main = "local4.com"
-```
-
-## Override entrypoints in frontends
-
-```
-[frontends]
-  [frontends.frontend1]
-  backend = "backend2"
-    [frontends.frontend1.routes.test_1]
-    rule = "Host:test.localhost"
-  [frontends.frontend2]
-  backend = "backend1"
-  passHostHeader = true
-  entrypoints = ["https"] # overrides defaultEntryPoints
-    [frontends.frontend2.routes.test_1]
-    rule = "Host:{subdomain:[a-z]+}.localhost"
-  [frontends.frontend3]
-  entrypoints = ["http", "https"] # overrides defaultEntryPoints
-  backend = "backend2"
-    rule = "Path:/test"
-```

docs/user-guide/examples.md

@@ -0,0 +1,98 @@
+
+# Examples
+
+You will find here some configuration examples of Træfɪk.
+
+## HTTP only
+
+```
+defaultEntryPoints = ["http"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+```
+
+## HTTP + HTTPS (with SNI)
+
+```
+defaultEntryPoints = ["http", "https"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.com.cert"
+      KeyFile = "integration/fixtures/https/snitest.com.key"
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "integration/fixtures/https/snitest.org.cert"
+      KeyFile = "integration/fixtures/https/snitest.org.key"
+```
+
+## HTTP redirect on HTTPS
+
+```
+defaultEntryPoints = ["http", "https"]
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+    entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      certFile = "tests/traefik.crt"
+      keyFile = "tests/traefik.key"
+```
+
+## Let's Encrypt support
+
+```
+[entryPoints]
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      # certs used as default certs
+      [[entryPoints.https.tls.certificates]]
+      certFile = "tests/traefik.crt"
+      keyFile = "tests/traefik.key"
+[acme]
+email = "test@traefik.io"
+storageFile = "acme.json"
+onDemand = true
+caServer = "http://172.18.0.1:4000/directory"
+entryPoint = "https"
+
+[[acme.domains]]
+  main = "local1.com"
+  sans = ["test1.local1.com", "test2.local1.com"]
+[[acme.domains]]
+  main = "local2.com"
+  sans = ["test1.local2.com", "test2x.local2.com"]
+[[acme.domains]]
+  main = "local3.com"
+[[acme.domains]]
+  main = "local4.com"
+```
+
+## Override entrypoints in frontends
+
+```
+[frontends]
+  [frontends.frontend1]
+  backend = "backend2"
+    [frontends.frontend1.routes.test_1]
+    rule = "Host:test.localhost"
+  [frontends.frontend2]
+  backend = "backend1"
+  passHostHeader = true
+  entrypoints = ["https"] # overrides defaultEntryPoints
+    [frontends.frontend2.routes.test_1]
+    rule = "Host:{subdomain:[a-z]+}.localhost"
+  [frontends.frontend3]
+  entrypoints = ["http", "https"] # overrides defaultEntryPoints
+  backend = "backend2"
+    rule = "Path:/test"
+```

docs/user-guide/swarm.md

@@ -0,0 +1,170 @@
+# Swarm cluster
+
+This section explains how to create a multi-host [swarm](https://docs.docker.com/swarm) cluster using [docker-machine](https://docs.docker.com/machine/) and how to deploy Træfɪk on it.
+The cluster will be made of:
+
+- 2 servers
+- 1 swarm master
+- 2 swarm nodes
+- 1 [overlay](https://docs.docker.com/engine/userguide/networking/dockernetworks/#an-overlay-network) network (multi-host networking)
+
+## Prerequisites
+
+1. You will need to install [docker-machine](https://docs.docker.com/machine/)
+2. You will need the latest [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
+
+## Cluster provisioning
+
+We will first follow [this guide](https://docs.docker.com/engine/userguide/networking/get-started-overlay/) to create the cluster.
+
+### Create machine `mh-keystore`
+
+This machine will be the service registry of our cluster.
+
+```sh
+docker-machine create -d virtualbox mh-keystore
+```
+
+Then we install the service registry [Consul](https://consul.io) on this machine:
+
+```sh
+eval "$(docker-machine env mh-keystore)"
+docker run -d \
+    -p "8500:8500" \
+    -h "consul" \
+    progrium/consul -server -bootstrap
+```
+
+### Create machine `mhs-demo0`
+
+This machine will have a swarm master and a swarm agent on it.
+
+```sh
+docker-machine create -d virtualbox \
+    --swarm --swarm-master \
+    --swarm-discovery="consul://$(docker-machine ip mh-keystore):8500" \
+    --engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \
+    --engine-opt="cluster-advertise=eth1:2376" \
+    mhs-demo0
+```
+
+### Create machine `mhs-demo1`
+
+This machine will have a swarm agent on it.
+
+```sh
+docker-machine create -d virtualbox \
+    --swarm \
+    --swarm-discovery="consul://$(docker-machine ip mh-keystore):8500" \
+    --engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \
+    --engine-opt="cluster-advertise=eth1:2376" \
+    mhs-demo1
+```
+
+### Create the overlay Network
+
+Create the overlay network on the swarm master:
+
+```sh
+eval $(docker-machine env --swarm mhs-demo0)
+docker network create --driver overlay --subnet=10.0.9.0/24 my-net
+```
+
+## Deploy Træfɪk
+
+Deploy Træfɪk:
+
+```sh
+docker $(docker-machine config mhs-demo0) run \
+    -d \
+    -p 80:80 -p 8080:8080 \
+    --net=my-net \
+    -v /var/lib/boot2docker/:/ssl \
+    traefik \
+    -l DEBUG \
+    -c /dev/null \
+    --docker \
+    --docker.domain traefik \
+    --docker.endpoint tcp://$(docker-machine ip mhs-demo0):3376 \
+    --docker.tls \
+    --docker.tls.ca /ssl/ca.pem \
+    --docker.tls.cert /ssl/server.pem \
+    --docker.tls.key /ssl/server-key.pem \
+    --docker.tls.insecureSkipVerify \
+    --docker.watch  \
+    --web
+```
+
+Let's explain this command:
+
+- `-p 80:80 -p 8080:8080`: we bind ports 80 and 8080
+- `--net=my-net`: run the container on the network my-net
+- `-v /var/lib/boot2docker/:/ssl`: mount the ssl keys generated by docker-machine
+- `-c /dev/null`: empty config file
+- `--docker`: enable docker backend
+- `--docker.endpoint tcp://172.18.0.1:3376`: connect to the swarm master using the docker_gwbridge network
+- `--docker.tls`: enable TLS using the docker-machine keys
+- `--web`: activate the webUI on port 8080
+
+## Deploy your apps
+
+We can now deploy our app on the cluster, here [whoami](https://github.com/emilevauge/whoami), a simple web server in GO, on the network `my-net`:
+
+```sh
+eval $(docker-machine env --swarm mhs-demo0)
+docker run -d --name=whoami0 --net=my-net --env="constraint:node==mhs-demo0" emilevauge/whoami
+docker run -d --name=whoami1 --net=my-net --env="constraint:node==mhs-demo1" emilevauge/whoami
+```
+
+Check that everything is started:
+
+```sh
+docker ps
+CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                                      NAMES
+ba2c21488299        emilevauge/whoami   "/whoamI"                8 seconds ago       Up 9 seconds        80/tcp                                                     mhs-demo1/whoami1
+8147a7746e7a        emilevauge/whoami   "/whoamI"                19 seconds ago      Up 20 seconds       80/tcp                                                     mhs-demo0/whoami0
+8fbc39271b4c        traefik             "/traefik -l DEBUG -c"   36 seconds ago      Up 37 seconds       192.168.99.101:80->80/tcp, 192.168.99.101:8080->8080/tcp   mhs-demo0/serene_bhabha
+```
+
+## Access to your apps through Træfɪk
+
+```sh
+curl -H Host:whoami0.traefik http://$(docker-machine ip mhs-demo0)
+Hostname: 8147a7746e7a
+IP: 127.0.0.1
+IP: ::1
+IP: 10.0.9.3
+IP: fe80::42:aff:fe00:903
+IP: 172.18.0.3
+IP: fe80::42:acff:fe12:3
+GET / HTTP/1.1
+Host: 10.0.9.3:80
+User-Agent: curl/7.35.0
+Accept: */*
+Accept-Encoding: gzip
+X-Forwarded-For: 192.168.99.1
+X-Forwarded-Host: 10.0.9.3:80
+X-Forwarded-Proto: http
+X-Forwarded-Server: 8fbc39271b4c
+
+curl -H Host:whoami1.traefik http://$(docker-machine ip mhs-demo0)
+Hostname: ba2c21488299
+IP: 127.0.0.1
+IP: ::1
+IP: 10.0.9.4
+IP: fe80::42:aff:fe00:904
+IP: 172.18.0.2
+IP: fe80::42:acff:fe12:2
+GET / HTTP/1.1
+Host: 10.0.9.4:80
+User-Agent: curl/7.35.0
+Accept: */*
+Accept-Encoding: gzip
+X-Forwarded-For: 192.168.99.1
+X-Forwarded-Host: 10.0.9.4:80
+X-Forwarded-Proto: http
+X-Forwarded-Server: 8fbc39271b4c
+```
+
+![](http://i.giphy.com/ujUdrdpX7Ok5W.gif)
+

examples/compose-marathon.yml

@@ -6,7 +6,7 @@ zk:
     ZK_ID: 1
 
 master:
-  image: mesosphere/mesos-master:0.26.0-0.2.145.ubuntu1404
+  image: mesosphere/mesos-master:0.28.1-2.0.20.ubuntu1404
   net: host
   environment:
     MESOS_ZK: zk://127.0.0.1:2181/mesos
@@ -17,7 +17,7 @@ master:
     MESOS_WORK_DIR: /var/lib/mesos
 
 slave:
-  image: mesosphere/mesos-slave:0.26.0-0.2.145.ubuntu1404
+  image: mesosphere/mesos-slave:0.28.1-2.0.20.ubuntu1404
   net: host
   pid: host
   privileged: true
@@ -34,10 +34,19 @@ slave:
     - /lib/x86_64-linux-gnu/libsystemd-journal.so.0:/lib/x86_64-linux-gnu/libsystemd-journal.so.0
 
 marathon:
-  image: mesosphere/marathon:v0.13.0
+  image: mesosphere/marathon:v1.1.1
   net: host
   environment:
     MARATHON_MASTER: zk://127.0.0.1:2181/mesos
     MARATHON_ZK: zk://127.0.0.1:2181/marathon
     MARATHON_HOSTNAME: 127.0.0.1
   command: --event_subscriber http_callback
+
+traefik:
+  image: containous/traefik
+  command: -c /dev/null --web --logLevel=DEBUG --marathon --marathon.domain marathon.localhost --marathon.endpoint http://172.17.0.1:8080 --marathon.watch
+  ports:
+    - "8000:80"
+    - "8081:8080"
+  volumes:
+    - /var/run/docker.sock:/var/run/docker.sock

examples/compose-traefik.yml

@@ -1,12 +1,11 @@
 traefik:
   image: traefik
-  command: --web --docker --docker.domain=docker.localhost --logLevel=DEBUG
+  command: -c /dev/null --web --docker --docker.domain=docker.localhost --logLevel=DEBUG
   ports:
     - "80:80"
     - "8080:8080"
   volumes:
     - /var/run/docker.sock:/var/run/docker.sock
-    - /dev/null:/traefik.toml
 
 whoami1:
   image: emilevauge/whoami

examples/consul-config.sh

@@ -17,11 +17,9 @@ curl -i -H "Accept: application/json" -X PUT -d "2"                           ht
 # frontend 1
 curl -i -H "Accept: application/json" -X PUT -d "backend2"                    http://localhost:8500/v1/kv/traefik/frontends/frontend1/backend
 curl -i -H "Accept: application/json" -X PUT -d "http"                        http://localhost:8500/v1/kv/traefik/frontends/frontend1/entrypoints
-curl -i -H "Accept: application/json" -X PUT -d "Host"                        http://localhost:8500/v1/kv/traefik/frontends/frontend1/routes/test_1/rule
-curl -i -H "Accept: application/json" -X PUT -d "test.localhost"              http://localhost:8500/v1/kv/traefik/frontends/frontend1/routes/test_1/value
+curl -i -H "Accept: application/json" -X PUT -d "Host:test.localhost"         http://localhost:8500/v1/kv/traefik/frontends/frontend1/routes/test_1/rule
 
 # frontend 2
 curl -i -H "Accept: application/json" -X PUT -d "backend1"                    http://localhost:8500/v1/kv/traefik/frontends/frontend2/backend
-curl -i -H "Accept: application/json" -X PUT -d "http,https"                  http://localhost:8500/v1/kv/traefik/frontends/frontend2/entrypoints
-curl -i -H "Accept: application/json" -X PUT -d "Path"                        http://localhost:8500/v1/kv/traefik/frontends/frontend2/routes/test_2/rule
-curl -i -H "Accept: application/json" -X PUT -d "/test"                       http://localhost:8500/v1/kv/traefik/frontends/frontend2/routes/test_2/value
+curl -i -H "Accept: application/json" -X PUT -d "http"                  http://localhost:8500/v1/kv/traefik/frontends/frontend2/entrypoints
+curl -i -H "Accept: application/json" -X PUT -d "Path:/test"                  http://localhost:8500/v1/kv/traefik/frontends/frontend2/routes/test_2/rule

examples/whoami.json

@@ -25,7 +25,7 @@
   ],
   "labels": {
       "traefik.weight": "1",
-      "traefik.protocole": "http",
-      "traefik.frontend.rule" : "Headers:Host,test.localhost"
+      "traefik.protocol": "http",
+      "traefik.frontend.rule" : "Host:test.marathon.localhost"
   }
 }

mkdocs.yml

@@ -46,4 +46,7 @@ pages:
   - Getting Started: index.md
   - Basics: basics.md
   - traefik.toml: toml.md
+  - User Guide:
+      - 'Configuration examples': 'user-guide/examples.md'
+      - 'Swarm cluster': 'user-guide/swarm.md'
   - Benchmarks: benchmarks.md

provider/consul_catalog.go

@@ -125,8 +125,8 @@ func (provider *ConsulCatalog) getFrontendRule(service serviceUpdate) string {
 
 func (provider *ConsulCatalog) getAttribute(name string, tags []string, defaultValue string) string {
 	for _, tag := range tags {
-		if strings.Index(tag, DefaultConsulCatalogTagPrefix+".") == 0 {
-			if kv := strings.SplitN(tag[len(DefaultConsulCatalogTagPrefix+"."):], "=", 2); len(kv) == 2 && kv[0] == name {
+		if strings.Index(strings.ToLower(tag), DefaultConsulCatalogTagPrefix+".") == 0 {
+			if kv := strings.SplitN(tag[len(DefaultConsulCatalogTagPrefix+"."):], "=", 2); len(kv) == 2 && strings.ToLower(kv[0]) == strings.ToLower(name) {
 				return kv[1]
 			}
 		}
@@ -146,9 +146,14 @@ func (provider *ConsulCatalog) buildConfig(catalog []catalogUpdate) *types.Confi
 	allNodes := []*api.ServiceEntry{}
 	services := []*serviceUpdate{}
 	for _, info := range catalog {
-		if len(info.Nodes) > 0 {
-			services = append(services, info.Service)
-			allNodes = append(allNodes, info.Nodes...)
+		for _, node := range info.Nodes {
+			isEnabled := provider.getAttribute("enable", node.Service.Tags, "true")
+			if isEnabled != "false" && len(info.Nodes) > 0 {
+				services = append(services, info.Service)
+				allNodes = append(allNodes, info.Nodes...)
+				break
+			}
+
 		}
 	}
 

provider/docker.go

@@ -130,6 +130,15 @@ func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage, po
 				eventHandler.Handle("die", startStopHandle)
 
 				errChan := events.MonitorWithHandler(ctx, dockerClient, options, eventHandler)
+				pool.Go(func(stop chan bool) {
+					for {
+						select {
+						case <-stop:
+							cancel()
+							return
+						}
+					}
+				})
 				if err := <-errChan; err != nil {
 					return err
 				}

provider/kv.go

@@ -10,8 +10,10 @@ import (
 	"text/template"
 	"time"
 
+	"errors"
 	"github.com/BurntSushi/ty/fun"
 	log "github.com/Sirupsen/logrus"
+	"github.com/cenkalti/backoff"
 	"github.com/containous/traefik/safe"
 	"github.com/containous/traefik/types"
 	"github.com/docker/libkv"
@@ -37,25 +39,38 @@ type KvTLS struct {
 }
 
 func (provider *Kv) watchKv(configurationChan chan<- types.ConfigMessage, prefix string, stop chan bool) {
-	for {
+	operation := func() error {
 		events, err := provider.kvclient.WatchTree(provider.Prefix, make(chan struct{}) /* stop chan */)
 		if err != nil {
 			log.Errorf("Failed to WatchTree %s", err)
-			continue
+			return err
 		}
-		select {
-		case <-stop:
-			return
-		case <-events:
-			configuration := provider.loadConfig()
-			if configuration != nil {
-				configurationChan <- types.ConfigMessage{
-					ProviderName:  string(provider.storeType),
-					Configuration: configuration,
+		for {
+			select {
+			case <-stop:
+				return nil
+			case _, ok := <-events:
+				if !ok {
+					return errors.New("watchtree channel closed")
+				}
+				configuration := provider.loadConfig()
+				if configuration != nil {
+					configurationChan <- types.ConfigMessage{
+						ProviderName:  string(provider.storeType),
+						Configuration: configuration,
+					}
 				}
 			}
 		}
 	}
+
+	notify := func(err error, time time.Duration) {
+		log.Errorf("KV connection error %+v, retrying in %s", err, time)
+	}
+	err := backoff.RetryNotify(operation, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		log.Fatalf("Cannot connect to KV server %+v", err)
+	}
 }
 
 func (provider *Kv) provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool) error {
@@ -90,27 +105,37 @@ func (provider *Kv) provide(configurationChan chan<- types.ConfigMessage, pool *
 		}
 	}
 
-	kv, err := libkv.NewStore(
-		provider.storeType,
-		strings.Split(provider.Endpoint, ","),
-		storeConfig,
-	)
+	operation := func() error {
+		kv, err := libkv.NewStore(
+			provider.storeType,
+			strings.Split(provider.Endpoint, ","),
+			storeConfig,
+		)
+		if err != nil {
+			return err
+		}
+		if _, err := kv.List(""); err != nil {
+			return err
+		}
+		provider.kvclient = kv
+		if provider.Watch {
+			pool.Go(func(stop chan bool) {
+				provider.watchKv(configurationChan, provider.Prefix, stop)
+			})
+		}
+		configuration := provider.loadConfig()
+		configurationChan <- types.ConfigMessage{
+			ProviderName:  string(provider.storeType),
+			Configuration: configuration,
+		}
+		return nil
+	}
+	notify := func(err error, time time.Duration) {
+		log.Errorf("KV connection error %+v, retrying in %s", err, time)
+	}
+	err := backoff.RetryNotify(operation, backoff.NewExponentialBackOff(), notify)
 	if err != nil {
-		return err
-	}
-	if _, err := kv.List(""); err != nil {
-		return err
-	}
-	provider.kvclient = kv
-	if provider.Watch {
-		pool.Go(func(stop chan bool) {
-			provider.watchKv(configurationChan, provider.Prefix, stop)
-		})
-	}
-	configuration := provider.loadConfig()
-	configurationChan <- types.ConfigMessage{
-		ProviderName:  string(provider.storeType),
-		Configuration: configuration,
+		log.Fatalf("Cannot connect to KV server %+v", err)
 	}
 	return nil
 }

provider/marathon.go

@@ -10,10 +10,12 @@ import (
 	"crypto/tls"
 	"github.com/BurntSushi/ty/fun"
 	log "github.com/Sirupsen/logrus"
+	"github.com/cenkalti/backoff"
 	"github.com/containous/traefik/safe"
 	"github.com/containous/traefik/types"
 	"github.com/gambol99/go-marathon"
 	"net/http"
+	"time"
 )
 
 // Marathon holds configuration of the Marathon provider.
@@ -41,30 +43,33 @@ type lightMarathonClient interface {
 // Provide allows the provider to provide configurations to traefik
 // using the given configuration channel.
 func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool) error {
-	config := marathon.NewDefaultConfig()
-	config.URL = provider.Endpoint
-	config.EventsTransport = marathon.EventsTransportSSE
-	if provider.Basic != nil {
-		config.HTTPBasicAuthUser = provider.Basic.HTTPBasicAuthUser
-		config.HTTPBasicPassword = provider.Basic.HTTPBasicPassword
-	}
-	config.HTTPClient = &http.Client{
-		Transport: &http.Transport{
-			TLSClientConfig: provider.TLS,
-		},
-	}
-	client, err := marathon.NewClient(config)
-	if err != nil {
-		log.Errorf("Failed to create a client for marathon, error: %s", err)
-		return err
-	}
-	provider.marathonClient = client
-	update := make(marathon.EventsChannel, 5)
-	if provider.Watch {
-		if err := client.AddEventsListener(update, marathon.EVENTS_APPLICATIONS); err != nil {
-			log.Errorf("Failed to register for events, %s", err)
-		} else {
+	operation := func() error {
+		config := marathon.NewDefaultConfig()
+		config.URL = provider.Endpoint
+		config.EventsTransport = marathon.EventsTransportSSE
+		if provider.Basic != nil {
+			config.HTTPBasicAuthUser = provider.Basic.HTTPBasicAuthUser
+			config.HTTPBasicPassword = provider.Basic.HTTPBasicPassword
+		}
+		config.HTTPClient = &http.Client{
+			Transport: &http.Transport{
+				TLSClientConfig: provider.TLS,
+			},
+		}
+		client, err := marathon.NewClient(config)
+		if err != nil {
+			log.Errorf("Failed to create a client for marathon, error: %s", err)
+			return err
+		}
+		provider.marathonClient = client
+		update := make(marathon.EventsChannel, 5)
+		if provider.Watch {
+			if err := client.AddEventsListener(update, marathon.EVENTS_APPLICATIONS); err != nil {
+				log.Errorf("Failed to register for events, %s", err)
+				return err
+			}
 			pool.Go(func(stop chan bool) {
+				defer close(update)
 				for {
 					select {
 					case <-stop:
@@ -82,12 +87,20 @@ func (provider *Marathon) Provide(configurationChan chan<- types.ConfigMessage,
 				}
 			})
 		}
+		configuration := provider.loadMarathonConfig()
+		configurationChan <- types.ConfigMessage{
+			ProviderName:  "marathon",
+			Configuration: configuration,
+		}
+		return nil
 	}
 
-	configuration := provider.loadMarathonConfig()
-	configurationChan <- types.ConfigMessage{
-		ProviderName:  "marathon",
-		Configuration: configuration,
+	notify := func(err error, time time.Duration) {
+		log.Errorf("Marathon connection error %+v, retrying in %s", err, time)
+	}
+	err := backoff.RetryNotify(operation, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		log.Fatalf("Cannot connect to Marathon server %+v", err)
 	}
 	return nil
 }

rules.go

@@ -116,7 +116,7 @@ func (r *Rules) Parse(expression string) (*mux.Route, error) {
 	}
 	parsedFunction, ok := functions[parsedFunctions[0]]
 	if !ok {
-		return nil, errors.New("Error parsing rule: " + expression + ". Unknow function: " + parsedFunctions[0])
+		return nil, errors.New("Error parsing rule: " + expression + ". Unknown function: " + parsedFunctions[0])
 	}
 	parsedFunctions = append(parsedFunctions[:0], parsedFunctions[1:]...)
 	fargs := func(c rune) bool {

types/types.go

@@ -13,7 +13,7 @@ type Backend struct {
 	MaxConn        *MaxConn          `json:"maxConn,omitempty"`
 }
 
-// MaxConn holds maximum connection configuraiton
+// MaxConn holds maximum connection configuration
 type MaxConn struct {
 	Amount        int64  `json:"amount,omitempty"`
 	ExtractorFunc string `json:"extractorFunc,omitempty"`