traefik / whoami Goto Github PK

Tiny Go server that prints os information and HTTP request to output

License: Apache License 2.0

Go 87.66% Dockerfile 9.77% Makefile 2.57%

whoami's Introduction

Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Consul, Etcd, Rancher v2, Amazon ECS, ...) and configures itself automatically and dynamically. Pointing Traefik at your orchestrator should be the only configuration step you need.

. Overview . Features . Supported backends . Quickstart . Web UI . Documentation .

. Support . Release cycle . Contributing . Maintainers . Credits .

⚠️ Please be aware that the old configurations for Traefik v1.x are NOT compatible with the v2.x config as of now. If you're running v2, please ensure you are using a v2 configuration.

Overview

Imagine that you have deployed a bunch of microservices with the help of an orchestrator (like Swarm or Kubernetes) or a service registry (like etcd or consul). Now you want users to access these microservices, and you need a reverse proxy.

Traditional reverse-proxies require that you configure each route that will connect paths and subdomains to each microservice. In an environment where you add, remove, kill, upgrade, or scale your services many times a day, the task of keeping the routes up to date becomes tedious.

This is when Traefik can help you!

Traefik listens to your service registry/orchestrator API and instantly generates the routes so your microservices are connected to the outside world -- without further intervention from your part.

Run Traefik and let it do the work for you! (But if you'd rather configure some of your routes manually, Traefik supports that too!)

Features

Continuously updates its configuration (No restarts!)
Supports multiple load balancing algorithms
Provides HTTPS to your microservices by leveraging Let's Encrypt (wildcard certificates support)
Circuit breakers, retry
See the magic through its clean web UI
Websocket, HTTP/2, gRPC ready
Provides metrics (Rest, Prometheus, Datadog, Statsd, InfluxDB 2.X)
Keeps access logs (JSON, CLF)
Fast
Exposes a Rest API
Packaged as a single binary file (made with ❤️ with go) and available as an official docker image

Supported Backends

Quickstart

To get your hands on Traefik, you can use the 5-Minute Quickstart in our documentation (you will need Docker).

Web UI

You can access the simple HTML frontend of Traefik.

Documentation

You can find the complete documentation of Traefik v2 at https://doc.traefik.io/traefik/.

A collection of contributions around Traefik can be found at https://awesome.traefik.io.

Support

To get community support, you can:

join the Traefik community forum:

If you need commercial support, please contact Traefik.io by mail: mailto:[email protected].

Download

Grab the latest binary from the releases page and run it with the sample configuration file:

./traefik --configFile=traefik.toml

Or use the official tiny Docker image and run it with the sample configuration file:

docker run -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/etc/traefik/traefik.toml traefik

Or get the sources:

git clone https://github.com/traefik/traefik

Introductory Videos

You can find high level and deep dive videos on videos.traefik.io.

Maintainers

We are strongly promoting a philosophy of openness and sharing, and firmly standing against the elitist closed approach. Being part of the core team should be accessible to anyone who is motivated and want to be part of that journey! This document describes how to be part of the maintainers' team as well as various responsibilities and guidelines for Traefik maintainers. You can also find more information on our process to review pull requests and manage issues in this document.

Contributing

If you'd like to contribute to the project, refer to the contributing documentation.

Please note that this project is released with a Contributor Code of Conduct. By participating in this project, you agree to abide by its terms.

Release Cycle

We usually release 3/4 new versions (e.g. 1.1.0, 1.2.0, 1.3.0) per year.
Release Candidates are available before the release (e.g. 1.1.0-rc1, 1.1.0-rc2, 1.1.0-rc3, 1.1.0-rc4, before 1.1.0).
Bug-fixes (e.g. 1.1.1, 1.1.2, 1.2.1, 1.2.3) are released as needed (no additional features are delivered in those versions, bug-fixes only).

Each version is supported until the next one is released (e.g. 1.1.x will be supported until 1.2.0 is out).

We use Semantic Versioning.

Mailing Lists

General announcements, new releases: mail at [email protected] or on the online viewer.
Security announcements: mail at [email protected] or on the online viewer.

Credits

Kudos to Peka for his awesome work on the gopher's logo!.

The gopher's logo of Traefik is licensed under the Creative Commons 3.0 Attributions license.

The gopher's logo of Traefik was inspired by the gopher stickers made by Takuya Ueda. The original Go gopher was designed by Renee French.

whoami's People

Contributors

Stargazers

Watchers

Forkers

kcollasarundell halfa jim3ma wtfkr0 dreamingbinary solidnerd juliens bee42 snahelou lshahar opera443399 koshatul zhuomingliang davidzadrazil devdlabs bossjones z0r1k seriousben yogeek ajaegle mister2d nielsole lukesiler campbellr geraldcroes inteleon tingshingip hollychen503 arno01 literadix dtomcej afcarl joscom hbozdogan-zz nakwarsi mmatur pathcl minyk peter-klaesson-stratsys trylife rochaporto esenzet rmoorman vioan developgo raufkk munkyboy clarkhan skywirex ct-open-source kingdevnl mirovskyi jlevesy khan-rizwan futuretea eagle-1 yinonavraham astraserg urvil38 touch4it manuelkasiske4idealo maysusan maddingo yaoshipu wwek sherifc129 soulteary javahuang ozcan-ozkaya chengpan epson-lee sanjay556 505games rimitchell chrisusick melotusme faycal-finalcad rochacon bsinou lylezxl sebgasm johnmay1 jbdoumenjou mars1024 cf-container-networking rtribotte romankspb kevinpollet thantzinz devopstoday11 zxjt777 ttys3 bscp7 simonnilsson yasir2000 kalbinsson 1xcode parente binlabnet me-jls

whoami's Issues

Print requests to stdout

Useful for testing container logging

ERROR: no matching manifest for linux/arm/v7 in the manifest list entries

Trying on ARM64, Linux odroid 5.4.196-406 #1 SMP PREEMPT Tue May 31 19:52:19 UTC 2022 armv7l armv7l armv7l GNU/Linux

Can not reproduce Traefik quick start. Getting http 503 error

I'm following Traefik quick start and arrived at the following docker compose file:

version: '3'

services:
  traefik:
    image: traefik:v2.10
    restart: always
    command: --api.insecure=true --providers.docker
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  whoami:
    image: traefik/whoami
    labels:
      - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"

However it always give me http 503 error.

$ curl -v -H Host:whoami.docker.localhost http://127.0.0.1
*   Trying 127.0.0.1:80...
* Connected to 127.0.0.1 (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host:whoami.docker.localhost
> User-Agent: curl/8.0.1
> Accept: */*
>
< HTTP/1.1 503 Service Unavailable
< Content-Length: 0
< Date: Sat, 13 May 2023 10:43:50 GMT
<
* Connection #0 to host 127.0.0.1 left intact

I've tried to replace the service with python -m http.server using static config and it works. So I wonder if the 503 error is related to the whoami image.

/bin/sh not working

I tried to run /bin/sh inside the whoami container but it fails but according to inspect it should work.

 "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "EXPOSE 80"
            ],

but

root@Ubuntu18:/opt/10_docker-compose-files# docker exec -it whoami /bin/sh
OCI runtime exec failed: exec failed: container_linux.go:346: starting container process caused "exec: \"/bin/sh\": stat /bin/sh: no such file or directory": unknown

docker inspect containous/whoami

root@Ubuntu18:/opt/10_docker-compose-files# docker inspect containous/whoami
[
    {
        "Id": "sha256:5e3337d43760321f87cb6581717817b5c6ee7e2592329e313016fc4fd84a86bd",
        "RepoTags": [
            "containous/whoami:latest"
        ],
        "RepoDigests": [
            "containous/whoami@sha256:c0d68a0f9acde95c5214bd057fd3ff1c871b2ef12dae2a9e2d2a3240fdd9214b"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2019-10-06T18:11:08.622523248Z",
        "Container": "ec87338134f236d64150373d41f531a413773ffdd7f0486765e9bd8d0730ac03",
        "ContainerConfig": {
            "Hostname": "ec87338134f2",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "EXPOSE 80"
            ],
            "Image": "sha256:d4ecbfb4906dbda7e810a8607a2bf01dc559b25886a4969a9748578a7b5a0015",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/whoami"
            ],
            "OnBuild": null,
            "Labels": {}
        },
        "DockerVersion": "18.06.0-ce",
        "Author": "",
        "Config": {
            "Hostname": "",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": null,
            "Image": "sha256:d4ecbfb4906dbda7e810a8607a2bf01dc559b25886a4969a9748578a7b5a0015",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/whoami"
            ],
            "OnBuild": null,
            "Labels": null
        },
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 7400843,
        "VirtualSize": 7400843,
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/2e724f15baf2d09dbcc6be8c2d990cd58eca55ef347a4c1fb292ec6ed377aea6/diff:/var/lib/docker/overlay2/4489560a5dee35328a1aee14ed17db4cf467f2197b79026b97468bbbf43b0aee/diff",
                "MergedDir": "/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/merged",
                "UpperDir": "/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/diff",
                "WorkDir": "/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/work"
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:20790004c269fde57cd2f3a61a0d172326866d2bf10743ab78401a988e5c76f2",
                "sha256:d929d3d3315f88e09d29dc77d991af280d7d2aa5c6974479a6d3c97f4c5dff68",
                "sha256:315baccbc30305bd711a433b73a999942c4029688cefbcbb4a3a65aa73697454"
            ]
        },
        "Metadata": {
            "LastTagTime": "0001-01-01T00:00:00Z"
        }
    }
]

docker inspect whoami

root@Ubuntu18:/opt/10_docker-compose-files# docker inspect whoami
[
    {
        "Id": "957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef",
        "Created": "2020-01-19T13:04:09.405590632Z",
        "Path": "/whoami",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 13422,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2020-01-19T13:04:11.163418421Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:5e3337d43760321f87cb6581717817b5c6ee7e2592329e313016fc4fd84a86bd",
        "ResolvConfPath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/hostname",
        "HostsPath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/hosts",
        "LogPath": "/var/lib/docker/containers/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef/957a7d1305ce3d627db94a552765f822c0695cb52a16fc7a768cf9baf638b4ef-json.log",
        "Name": "/whoami_viaSubdomain",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "docker-default",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "bridge_proxy_traefikv2",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": [],
            "CapAdd": null,
            "CapDrop": null,
            "Capabilities": null,
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "shareable",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc-init/diff:/var/lib/docker/overlay2/fff4074098ba0241d26a26612d2c2cab5d37093a4b131d8590a1923f7caee791/diff:/var/lib/docker/overlay2/2e724f15baf2d09dbcc6be8c2d990cd58eca55ef347a4c1fb292ec6ed377aea6/diff:/var/lib/docker/overlay2/4489560a5dee35328a1aee14ed17db4cf467f2197b79026b97468bbbf43b0aee/diff",
                "MergedDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc/merged",
                "UpperDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc/diff",
                "WorkDir": "/var/lib/docker/overlay2/9b2e0fff9935c7687fbf10c8b912c9f22ea7fa2064a8efa43d3f3fb0b5d994bc/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [],
        "Config": {
            "Hostname": "957a7d1305ce",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": null,
            "Image": "containous/whoami",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/whoami"
            ],
            "OnBuild": null,
            "Labels": {
                "app_name": "whoami",
                "com.docker.compose.config-hash": "dc97c6a2ec70af4a09f621592daf243da18177ff28f0d78a27045a16ec050374",
                "com.docker.compose.container-number": "1",
                "com.docker.compose.oneoff": "False",
                "com.docker.compose.project": "10_docker-compose-files",
                "com.docker.compose.service": "whoami",
                "com.docker.compose.version": "1.24.1",
                "traefik.docker.network": "bridge_proxy_traefikv2",
                "traefik.enable": "true",
                "traefik.http.routers.whoami_viaSubdomain.entrypoints": "web@80",
                "traefik.http.routers.whoami_viaSubdomain.rule": "Host(`whoami.fairbnb.community`)"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "d2055d08f79afc81451f2f621d3e4609c1ca1bc6fcf25903ed4125c720e2091e",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "80/tcp": null
            },
            "SandboxKey": "/var/run/docker/netns/d2055d08f79a",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "bridge_proxy_traefikv2": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "whoami_viaSubdomain",
                        "957a7d1305ce"
                    ],
                    "NetworkID": "bb2fe97e47e9add779bc36e981bc5786b545e9a766fa5ff6e5f8ff89492dd925",
                    "EndpointID": "2093215e8004271a5155097e7786d8abf00afbb69892066770dd73fc997129dd",
                    "Gateway": "172.20.0.1",
                    "IPAddress": "172.20.0.4",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:14:00:04",
                    "DriverOpts": null
                }
            }
        }
    }
]

Name does not appear in /api json

When setting a WHOAMI_NAME environment variable and opening the page (localhost), I can see the name as first entry.
If I access localhost/api I get a json object with most of the data. Unfortunately the name is missing.

support for TLS (SSL) ?

Hi,
Would it be possible to add support to server over TLS (SSL)?
The use case for this would be to be able to demonstrate features/capabilities of loadbalancers like gobetween (http://gobetween.io/) and how they handle SNI based routing.

As of today I am making do with stunnel + whoamI wrapped together.

Thanks and Regards,
Shantanu

whoami pods unable to start

Hello,
We're running whoami for testing purposes on our K8S Cluster, using latest DockerHub image.
We're seeing a new issue today that we didn't have before.
Pods fail to start with the following logs:

Starting up on port tcp://10.100.7.29:80
2021/12/03 16:44:43 listen tcp: address :tcp://10.100.7.29:80: too many colons in address

I see there has been a new release today, is it related ?
I can reproduce at will by simply pushing the following configuration to a K8S cluster:

kind: Deployment
apiVersion: apps/v1
metadata:
  name: whoami
  labels:
    app: traefiklabs
    name: whoami
spec:
  replicas: 2
  selector:
    matchLabels:
      app: traefiklabs
      task: whoami
  template:
    metadata:
      labels:
        app: traefiklabs
        task: whoami
    spec:
      containers:
        - name: whoami
          image: traefik/whoami
          ports:
            - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: whoami
  annotations:
    traefik.ingress.kubernetes.io/service.sticky: "true"
    traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
    traefik.ingress.kubernetes.io/service.sticky.cookie.name: "StickyCookie"
    traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "false"
spec:
  ports:
    - name: http
      port: 80
  selector:
    app: traefiklabs
    task: whoami

---
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: whoami
  annotations:
    kubernetes.io/tls-acme: "true"
spec:
  rules:
    - host: example.com
      http:
        paths:
          - path: /
            backend:
              serviceName: whoami
              servicePort: 80

Edit: using image traefik/whoami:v1.6.1 fixes the issue

/data path should be limited or configurable

Once you figure out that someone has a containous/whoami instance runing (let's say on their domain … whoami.example.com), you can DoS their host by running multiple /data?size=10&unit=GB requests and have the dataHandler send lots of data.

I see that this container is mainly for debugging purposes, but in some cases it might land on production endpoints, so the "dangerous" functions should be switched off then.

Cannot Run with Xeon Processor

Hello,

I have recently put together a used Linux PC with an old Intel Xeon processor. I am planning to migrate some Dockerized home services (including traefik, as well as whoami as a sanity check) currently running on an i7 desktop to this new server machine.

I was surprised that I ran into problems getting my Docker containers to run on the new machine. traefik fired up and seems to run with no problem (web API is good), but whoami is giving me an error message.

XXX@YYYYYYYYYY:~$ docker run containous/whoami:v1.5.0-amd64
standard_init_linux.go:228: exec user process caused: exec format error
XXX@YYYYYYYYYY:~$ lscpu
Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   36 bits physical, 48 bits virtual
CPU(s):                          8
On-line CPU(s) list:             0-7
Thread(s) per core:              2
Core(s) per socket:              4
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           58
Model name:                      Intel(R) Xeon(R) CPU E3-1265L V2 @ 2.50GHz
Stepping:                        9
CPU MHz:                         1600.128
CPU max MHz:                     3500.0000
CPU min MHz:                     1600.0000
BogoMIPS:                        4999.91
Virtualization:                  VT-x
L1d cache:                       128 KiB
L1i cache:                       128 KiB
L2 cache:                        1 MiB
L3 cache:                        8 MiB
NUMA node0 CPU(s):               0-7
Vulnerability Itlb multihit:     KVM: Mitigation: Split huge pages
Vulnerability L1tf:              Mitigation; PTE Inversion; VMX conditional c
                                 ache flushes, SMT vulnerable
Vulnerability Mds:               Mitigation; Clear CPU buffers; SMT vulnerabl
                                 e
Vulnerability Meltdown:          Mitigation; PTI
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disable
                                 d via prctl and seccomp
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __u
                                 ser pointer sanitization
Vulnerability Spectre v2:        Mitigation; Full generic retpoline, IBPB con
                                 ditional, IBRS_FW, STIBP conditional, RSB fi
                                 lling
Vulnerability Srbds:             Vulnerable: No microcode
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep 
                                 mtrr pge mca cmov pat pse36 clflush dts acpi
                                  mmx fxsr sse sse2 ss ht tm pbe syscall nx r
                                 dtscp lm constant_tsc arch_perfmon pebs bts 
                                 rep_good nopl xtopology nonstop_tsc cpuid ap
                                 erfmperf pni pclmulqdq dtes64 monitor ds_cpl
                                  vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid s
                                 se4_1 sse4_2 x2apic popcnt tsc_deadline_time
                                 r xsave avx f16c rdrand lahf_lm cpuid_fault 
                                 epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi
                                  flexpriority ept vpid fsgsbase smep erms xs
                                 aveopt dtherm ida arat pln pts md_clear flus
                                 h_l1d
XXX@YYYYYYYYYY:~$ uname -a
Linux YYYYYYYYYY 5.4.0-84-generic #94-Ubuntu SMP Thu Aug 26 20:27:37 UTC 2021 x86_64 x86_64 x86_64 GNU/Linu

I poked around online, and this kind of error seems to usually come up when there is some kind of architecture disparity between host and Docker image (such as #10). I am confused because I am going from an x86_64 i7 that works fine to an older x86_64 Xeon, and do not understand what the issue may be.

Any thoughts would be appreciated. Thanks!

Edit: best guess I've had so far is that the images are compiled for a newer x86_64 instruction set architecture than my processor... but I would have hoped to get a more useful error message if that were the case =/

Create a release and Docker Hub image for optional env query parameter

Create a release and Docker Hub image for optional env query parameter, the new feature is currently not included.

And the README.md should probably get a bold line for the parameter, like all others. Sorry

Problem in the reading of the port parameter

I have tried the last example listed on the README, as rewrited below:

version: '3.9'

services:
  whoami:
    image: traefik/whoami
    command:
       # It tells whoami to start listening on 2001 instead of 80
       - --port 2001
       - --name iamfoo

Tried in that way:

whoami:
    # A container that exposes an API to show its IP address
    image: traefik/whoami
    command:
      - "--port 90"
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.whoami.rule=Host(`foo.bar.localhost`)"
        - "traefik.http.services.whoami.loadbalancer.port=90"
        - "traefik.constraint-label=http_network"
    networks:
      http_network:
        aliases:
          - whoami

Not worked and the container logs output was:

$sudo docker logs c3f33eb92a5b
flag provided but not defined: -port 90

Support for HTTP/2.0 (h2c)?

Does whoami support HTTP/2.0, specifically "h2c", which works without TLS encryption (Wikipedia)?

It would be interesting to see if incoming requests (through a reverse proxy) are made with HTTP/2.0.

Base path setting

Is it possible to configure the base url? Ideally from docker labels or environment variables?
This is to use it with Traefik PathPrefix for subdomain.domain.com/whoami

Add X-Forwarded-For to access log

When running whoami behind traefik, we cannot distinguish from access log which host has made a request to it - they all come from traefik. Adding the X-Forwarded-For or X-Real-IP would be a great addition.

Publish to ghcr.io as well as dockerhub

Hello! Thanks for maintaining this server, it's a really useful testing tool! Is there any chance that the image could be published to ghcr.io (Github Packages) as well as Dockerhub? Would a PR be accepted for this?

---

WebSocket Origin

Hi,
would you please be kind enough to add:

CheckOrigin: func(r *http.Request) bool {
        return true
},

as member of the upgrader variable?
This would allow to test the WS stuff from anywhere.
Thanks a lot!

[ I know I should fork then pull request. Sorry :-) ]

Specify custom headers

In order to test things like HTTP caching, it can be useful to have the whoami respond with specific headers.

Reconsider app binary name

Could this please be considered to rename the app binary to not overlap with a common *NIX tool whoami (man 1 whoami) so that those who prefer to not use Docker but install binary directly with go install (or by other means, e.g. Homebrew) don't suffer from a need to apply local quirks for this app to not overlap with whoami from base *NIX distros.
Thank you in advance.

Could you turn off the Keep-Alive? or add an option to it?

When testing the Swarm cluster, the emilevauge/whoami seems have Keep-Alive turned on, so if the frontend reverse proxy follow the Keep-Alive instruction, then the frontend will keep connected to a single backend, which makes the load balance useless. See the issue: traefik/traefik#718

So, could you modify the program to turn the Keep-Alive off? or add an option for it. Thanks.

Unable to run on ARM

I am attempting to debug my configuration of Traefik running on a Raspberry Pi 3B+ (Docker 18.06.1-ce, go1.10.3, Raspbian GNU/Linux 9 (stretch)) and I get the following error:

standard_init_linux.go:190: exec user process caused "exec format error"

Since the Traefik container will run on the ARM platform, does it make sense to make the test/debug image work on the platform as well?

Last user should not be root

This could be mitigated by creating a traefik-whoami user in the build-stage and subsequently copy it to the last-stage, e.g.: https://github.com/030/bcbsn/blob/master/Dockerfile

support for custom message

Hi,
Along with the current info shown, would it be possible to show a custom text message?
Something like (https://github.com/hashicorp/http-echo).

This would help to test/validate the load-balancing behaviors of LB like gobetween, Fabio, Traefik, HAProxy, etc.

Regards,
Shantanu

[Suggestion] Add container ID

I'm using this repo to check my Docker container id

They are displaying it with python like so:

import socket
container_hostname = socket.gethostname()
@app.route('/')
def index():
    url = random.choice(images)
    return render_template('index.html', url=url, hostname=container_hostname)

source

Now my question is:
is it possible to add container ID info to this list in whoami?

Add curl to image for use native HEALTHCHECK

Pin golang version in Dockerfile

Hello,

our Vulnerability Scanner (AquaSec) found a critrical vulnerability in v1.10.1 of traefik/whoami: CVE-2015-4042.
I build the traefik/whoami image locally with golang:1.22.2-alpine3.19 as base image. This version of golang/alpine has no vulnerabilities anymore.
May I open a PR to resolve this (including an update on go 1.22) or do you follow any other process for fixing vulnerabilities?

Print request headers

This would help with testing/debugging reverse proxy issues.

Support to display HTTP header before upgrading to websocket

Would you like a PR which display the HTTP header send before upgrading to websocket at the beginning of the websocket flow?

📌 FROM Containous TO Traefik 🚀 ✨

Routing "whoami" from Containous to Traefik ... more information on that later! 🙊 🕵️

❤️ ❤️ ❤️

Why is there no "RemoteAddr" field in the "/api" interface?

Name flag not working

I do not get the expected Name: MyName at the beginning of the whoami http response.

I am testing a complex traefik scenario and have multiple whoami containers running and want to tag each one clearly with the Name option.

docker run -d -P --name whoami -e name="MyName" traefik/whoami

curl 127.0.0.1:59707
Hostname: f98a3f6efd8a
IP: 127.0.0.1
IP: 172.17.0.2
RemoteAddr: 172.17.0.1:39884
GET / HTTP/1.1
Host: 127.0.0.1:59707
User-Agent: curl/7.68.0
Accept: */*

In app.go:

207
208	if name != "" {
209		_, _ = fmt.Fprintln(w, "Name:", name)
210	}
211
212	hostname, _ := os.Hostname()
213	_, _ = fmt.Fprintln(w, "Hostname:", hostname)

Steve.

whoami stops after 10 minutes

Maybe I am just too dumb and after all, it is no biggie anyways:

My whoami instances always stop after ~10 minutes after start. I deploy whoami alongside traefik just to have a reference. I know I can have it restart automatically, but I had expected it to run forever.

I can see nothing in the documentation or the code that beats me to why this happens or is that a "works as designed" thing?

There are no log errors after the initial start message, the exit code is 255.

Add revDNS to access log

Would be nice to see DNS entries instead of IP addresses when --verbose is enabled.

Images not being pushed to docker hub

The last update on docker hub seems to be 2 years ago. The GitHub actions seems to skip over the docker hub image push.

Context: I need the WHOAMI_PORT_NUMBER to be set, but the latest image on docker hub does not support that.

Default port is 8080

Contrary to the documentation the default port is not 80 but 8080.

When I start the container without specifying a port the output says:
Starting up on port 8080

`WHOAMI_PORT_NUMBER` has no effect

running

version 3
services:
  fake-service:
    image: traefik/whoami
    environment:
      - 'WHOAMI_PORT_NUMBER=3993'

will still bring up

fake-service_1        | Starting up on port 80

Cleanup the containous/whoami vs traefik/whoami

There's a little mess with the image on Docker hub:

https://hub.docker.com/r/containous/whoami mentions https://www.github.com/containous/whoami as source repository, which redirects to https://github.com/traefik/whoami
containous/whoami contains old image, without features mentioned on https://github.com/traefik/whoami

flags are not clear or not working

Hi,
I assume
cert: give me a certificate
key: give me a key
allow me to do https.
Does that mean it creates a certificate by itself or do I need to add the path to a local certificate?

curl https://localhost:32769
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_INVALID_TOKEN (0x80090308)

not rootless

Why is this image not rootless? Is it hard to implement?

What does each line mean ?

Hi,

Please forgive what is probably obvious to most , but what does each line that’s reported mean (exactly)? I’m using the whoami Docker container with others (gluetun) to help me validate that I’ve been given an IP provided by my vpn provider, but looking at what’s reported there is information I don’t recognise, even the host name reported is not familiar, where does that come from. Some of them I can work out, but if by any chance you have a explanation for each one, that would be awesome - thanks !

Hostname: ba38f324df5f2
IP: 127.0.0.1
IP: 104.37.6.103
IP: 10.0.3.2
RemoteAddr: 192.168.102.118:51630
GET / HTTP/1.1
Host: 10.10.10.80:89
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-gb
Connection: keep-alive
Cookie: CS_SESS_ID=1e7234ed-80df-4374-84a0-6b79d504462c; QT=1621932594983; NAS_PW_STATUS=0; NAS_SID=n04fa23sd; NAS_USER=admin; home=1
Referer: http://10.10.10.80:8080/containerstation/?t=16219325903892/
Upgrade-Insecure-Requests: 1

If there scope for a future enhancement , then perhaps consider adding environment variables to allow people to customise the labels, so rather than have 3 called IP, I could describe them differently to know which is which?

Add verbosity level

Would be nice for debugging, if we'd be able to enable POST body in access log. Usage can be either to change --verbose to accept parameter with verbosity level (with backward-compatible fallback to current behavior if no level is provided), or when the --verbose flag is provided twice.

Protocol HTTP display error

Newer docker image

It seems that the latest docker image does not contain the WHOAMI_PORT env feature. Could a newer docker image be created?

Exposing httpOnly cookies and backend security headers

The httpOnly Set-Cookie option was introduced in 2002 to mitigate certain cross-site scripting attacks. It allows the server to store cookies at the client while at the same time preventing client-side javascript from being able to see the cookie.

whoami exposes the entire client Cookie header to the client, which effectively nullifies the httpOnly option on security cookies when client-side javascript is running in the same domain as the hosted whoami. Any browser javascript in the same domain as whoami can read their httpOnly cookies.

More rarely, whoami sits behind a reverse-proxy or API gateway that adds headers to the request that are sensitive and not intended to be seen by the client.

While it is true that whoami is primarily a development/debugging tool, it is so useful that it is often added to real service stacks. At a minimum there should be clear caveats in the documentation about the potential risks.

Even better, it would be really nice to have configuration options to suppress certain named client headers in the output, or in the case of cookies, to strip certain named cookies from the output.

If there is interest, I could propose a pull request.