feat: migrate fider and remove gateway API
This commit is contained in:
parent
420a6d3489
commit
b1c0e83887
15 changed files with 3 additions and 3930 deletions
|
@ -1,21 +0,0 @@
|
||||||
HOST_DOMAIN=fider.icb4dc0.de
|
|
||||||
LOG_SQL="false"
|
|
||||||
LOG_STRUCTURED="true"
|
|
||||||
LOG_LEVEL="DEBUG"
|
|
||||||
|
|
||||||
# Metrics
|
|
||||||
METRICS_ENABLED=true
|
|
||||||
METRICS_PORT=4000
|
|
||||||
|
|
||||||
HOST_MODE=multi
|
|
||||||
|
|
||||||
# SMTP setup
|
|
||||||
EMAIL_SMTP_HOST=smtp.gmail.com
|
|
||||||
EMAIL_SMTP_PORT="587"
|
|
||||||
EMAIL_SMTP_ENABLE_STARTTLS='true'
|
|
||||||
|
|
||||||
# Blog storage
|
|
||||||
BLOB_STORAGE=s3
|
|
||||||
BLOB_STORAGE_S3_REGION=us-east-1
|
|
||||||
BLOB_STORAGE_S3_ENDPOINT_URL=https://2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com
|
|
||||||
BLOB_STORAGE_S3_BUCKET=fider
|
|
|
@ -1,20 +0,0 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
|
|
||||||
namespace: fider
|
|
||||||
|
|
||||||
labels:
|
|
||||||
- includeSelectors: true
|
|
||||||
pairs:
|
|
||||||
app.kubernetes.io/instance: icb4dc0de-feedback
|
|
||||||
app.kubernetes.io/managed-by: kustomize
|
|
||||||
|
|
||||||
resources:
|
|
||||||
- "resources/deployment.yaml"
|
|
||||||
- "resources/service.yaml"
|
|
||||||
- "resources/ingress.yaml"
|
|
||||||
|
|
||||||
secretGenerator:
|
|
||||||
- name: fider-base-config
|
|
||||||
envs:
|
|
||||||
- "config/base.env"
|
|
|
@ -1,46 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: fider
|
|
||||||
spec:
|
|
||||||
replicas: 2
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: fider
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: fider
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: fider
|
|
||||||
image: docker.io/getfider/fider:stable
|
|
||||||
ports:
|
|
||||||
- containerPort: 3000
|
|
||||||
protocol: TCP
|
|
||||||
name: web
|
|
||||||
envFrom:
|
|
||||||
- secretRef:
|
|
||||||
name: fider-base-config
|
|
||||||
- secretRef:
|
|
||||||
name: fider-secret-config
|
|
||||||
resources:
|
|
||||||
limits:
|
|
||||||
cpu: 200m
|
|
||||||
memory: 200Mi
|
|
||||||
requests:
|
|
||||||
cpu: 50m
|
|
||||||
memory: 50Mi
|
|
||||||
affinity:
|
|
||||||
podAntiAffinity:
|
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
- weight: 100
|
|
||||||
podAffinityTerm:
|
|
||||||
labelSelector:
|
|
||||||
matchExpressions:
|
|
||||||
- key: app.kubernetes.io/name
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- fider
|
|
||||||
topologyKey: topology.kubernetes.io/zone
|
|
|
@ -1,56 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: fider
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
||||||
spec:
|
|
||||||
rules:
|
|
||||||
- host: fider.icb4dc0.de
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- pathType: Prefix
|
|
||||||
path: /
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: fider
|
|
||||||
port:
|
|
||||||
number: 3000
|
|
||||||
- host: login.fider.icb4dc0.de
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- pathType: Prefix
|
|
||||||
path: /
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: fider
|
|
||||||
port:
|
|
||||||
number: 3000
|
|
||||||
- host: community.buildr.icb4dc0.de
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- pathType: Prefix
|
|
||||||
path: /
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: fider
|
|
||||||
port:
|
|
||||||
number: 3000
|
|
||||||
- host: community.inetmock.icb4dc0.de
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- pathType: Prefix
|
|
||||||
path: /
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: fider
|
|
||||||
port:
|
|
||||||
number: 3000
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- fider.icb4dc0.de
|
|
||||||
- login.fider.icb4dc0.de
|
|
||||||
- community.buildr.icb4dc0.de
|
|
||||||
- community.inetmock.icb4dc0.de
|
|
||||||
secretName: fider-ingress-tls
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: fider
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
app.kubernetes.io/name: fider
|
|
||||||
ports:
|
|
||||||
- protocol: TCP
|
|
||||||
port: 3000
|
|
||||||
targetPort: 3000
|
|
|
@ -1,45 +0,0 @@
|
||||||
---
|
|
||||||
- name: Create fider namespace
|
|
||||||
kubernetes.core.k8s:
|
|
||||||
name: fider
|
|
||||||
api_version: v1
|
|
||||||
kind: Namespace
|
|
||||||
state: present
|
|
||||||
definition:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
prometheus: default
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create Fider secrets
|
|
||||||
kubernetes.core.k8s:
|
|
||||||
state: present
|
|
||||||
definition:
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: fider-secret-config
|
|
||||||
namespace: fider
|
|
||||||
data:
|
|
||||||
# Connection string to the PostgreSQL database
|
|
||||||
DATABASE_URL: "{{ 'postgres://%s:%s@default-cluster-primary.postgres.svc:5432/fider?sslmode=require' | format(fider.db.user, fider.db.password) | b64encode }}"
|
|
||||||
|
|
||||||
# SMTP credentials
|
|
||||||
EMAIL_NOREPLY: "{{ fider.smtp.user | b64encode }}"
|
|
||||||
EMAIL_SMTP_USERNAME: "{{ fider.smtp.user | b64encode }}"
|
|
||||||
EMAIL_SMTP_PASSWORD: "{{ fider.smtp.password | b64encode }}"
|
|
||||||
|
|
||||||
# JWT secret key
|
|
||||||
JWT_SECRET: "{{ fider.jwt.secret | b64encode }}"
|
|
||||||
|
|
||||||
# OAuth
|
|
||||||
OAUTH_GITHUB_CLIENTID: "{{ fider.github.clientId | b64encode }}"
|
|
||||||
OAUTH_GITHUB_SECRET: "{{ fider.github.clientSecret | b64encode }}"
|
|
||||||
|
|
||||||
# Blob storage
|
|
||||||
BLOB_STORAGE_S3_ACCESS_KEY_ID: "{{ fider.blob.accessKeyId | b64encode }}"
|
|
||||||
BLOB_STORAGE_S3_SECRET_ACCESS_KEY: "{{ fider.blob.secretAccessKey | b64encode }}"
|
|
||||||
|
|
||||||
- name: Deploy Fider kustomization
|
|
||||||
k8s:
|
|
||||||
definition: "{{ lookup('kubernetes.core.kustomize', dir=([role_path, 'files'] | path_join)) }}"
|
|
|
@ -1,226 +0,0 @@
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
annotations:
|
|
||||||
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
|
||||||
creationTimestamp: null
|
|
||||||
name: gatewayclasses.gateway.networking.k8s.io
|
|
||||||
spec:
|
|
||||||
group: gateway.networking.k8s.io
|
|
||||||
names:
|
|
||||||
categories:
|
|
||||||
- gateway-api
|
|
||||||
kind: GatewayClass
|
|
||||||
listKind: GatewayClassList
|
|
||||||
plural: gatewayclasses
|
|
||||||
shortNames:
|
|
||||||
- gc
|
|
||||||
singular: gatewayclass
|
|
||||||
scope: Cluster
|
|
||||||
versions:
|
|
||||||
- additionalPrinterColumns:
|
|
||||||
- jsonPath: .spec.controllerName
|
|
||||||
name: Controller
|
|
||||||
type: string
|
|
||||||
- jsonPath: .metadata.creationTimestamp
|
|
||||||
name: Age
|
|
||||||
type: date
|
|
||||||
- jsonPath: .spec.description
|
|
||||||
name: Description
|
|
||||||
priority: 1
|
|
||||||
type: string
|
|
||||||
name: v1alpha2
|
|
||||||
schema:
|
|
||||||
openAPIV3Schema:
|
|
||||||
description: "GatewayClass describes a class of Gateways available to the
|
|
||||||
user for creating Gateway resources. \n It is recommended that this resource
|
|
||||||
be used as a template for Gateways. This means that a Gateway is based on
|
|
||||||
the state of the GatewayClass at the time it was created and changes to
|
|
||||||
the GatewayClass or associated parameters are not propagated down to existing
|
|
||||||
Gateways. This recommendation is intended to limit the blast radius of changes
|
|
||||||
to GatewayClass or associated parameters. If implementations choose to propagate
|
|
||||||
GatewayClass changes to existing Gateways, that MUST be clearly documented
|
|
||||||
by the implementation. \n Whenever one or more Gateways are using a GatewayClass,
|
|
||||||
implementations MUST add the `gateway-exists-finalizer.gateway.networking.k8s.io`
|
|
||||||
finalizer on the associated GatewayClass. This ensures that a GatewayClass
|
|
||||||
associated with a Gateway is not deleted while in use. \n GatewayClass is
|
|
||||||
a Cluster level resource."
|
|
||||||
properties:
|
|
||||||
apiVersion:
|
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: 'Kind is a string value representing the REST resource this
|
|
||||||
object represents. Servers may infer this from the endpoint the client
|
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
||||||
type: string
|
|
||||||
metadata:
|
|
||||||
type: object
|
|
||||||
spec:
|
|
||||||
description: Spec defines the desired state of GatewayClass.
|
|
||||||
properties:
|
|
||||||
controllerName:
|
|
||||||
description: "ControllerName is the name of the controller that is
|
|
||||||
managing Gateways of this class. The value of this field MUST be
|
|
||||||
a domain prefixed path. \n Example: \"example.net/gateway-controller\".
|
|
||||||
\n This field is not mutable and cannot be empty. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
|
|
||||||
type: string
|
|
||||||
description:
|
|
||||||
description: Description helps describe a GatewayClass with more details.
|
|
||||||
maxLength: 64
|
|
||||||
type: string
|
|
||||||
parametersRef:
|
|
||||||
description: "ParametersRef is a reference to a resource that contains
|
|
||||||
the configuration parameters corresponding to the GatewayClass.
|
|
||||||
This is optional if the controller does not require any additional
|
|
||||||
configuration. \n ParametersRef can reference a standard Kubernetes
|
|
||||||
resource, i.e. ConfigMap, or an implementation-specific custom resource.
|
|
||||||
The resource can be cluster-scoped or namespace-scoped. \n If the
|
|
||||||
referent cannot be found, the GatewayClass's \"InvalidParameters\"
|
|
||||||
status condition will be true. \n Support: Custom"
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
description: Group is the group of the referent.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: Kind is kind of the referent.
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: Name is the name of the referent.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: Namespace is the namespace of the referent. This
|
|
||||||
field is required when referring to a Namespace-scoped resource
|
|
||||||
and MUST be unset when referring to a Cluster-scoped resource.
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- group
|
|
||||||
- kind
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- controllerName
|
|
||||||
type: object
|
|
||||||
status:
|
|
||||||
default:
|
|
||||||
conditions:
|
|
||||||
- lastTransitionTime: "1970-01-01T00:00:00Z"
|
|
||||||
message: Waiting for controller
|
|
||||||
reason: Waiting
|
|
||||||
status: Unknown
|
|
||||||
type: Accepted
|
|
||||||
description: Status defines the current state of GatewayClass.
|
|
||||||
properties:
|
|
||||||
conditions:
|
|
||||||
default:
|
|
||||||
- lastTransitionTime: "1970-01-01T00:00:00Z"
|
|
||||||
message: Waiting for controller
|
|
||||||
reason: Waiting
|
|
||||||
status: Unknown
|
|
||||||
type: Accepted
|
|
||||||
description: "Conditions is the current status from the controller
|
|
||||||
for this GatewayClass. \n Controllers should prefer to publish conditions
|
|
||||||
using values of GatewayClassConditionType for the type of each Condition."
|
|
||||||
items:
|
|
||||||
description: "Condition contains details for one aspect of the current
|
|
||||||
state of this API Resource. --- This struct is intended for direct
|
|
||||||
use as an array at the field path .status.conditions. For example,
|
|
||||||
type FooStatus struct{ // Represents the observations of a
|
|
||||||
foo's current state. // Known .status.conditions.type are:
|
|
||||||
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
|
|
||||||
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
|
|
||||||
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
|
|
||||||
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
|
|
||||||
\n // other fields }"
|
|
||||||
properties:
|
|
||||||
lastTransitionTime:
|
|
||||||
description: lastTransitionTime is the last time the condition
|
|
||||||
transitioned from one status to another. This should be when
|
|
||||||
the underlying condition changed. If that is not known, then
|
|
||||||
using the time when the API field changed is acceptable.
|
|
||||||
format: date-time
|
|
||||||
type: string
|
|
||||||
message:
|
|
||||||
description: message is a human readable message indicating
|
|
||||||
details about the transition. This may be an empty string.
|
|
||||||
maxLength: 32768
|
|
||||||
type: string
|
|
||||||
observedGeneration:
|
|
||||||
description: observedGeneration represents the .metadata.generation
|
|
||||||
that the condition was set based upon. For instance, if .metadata.generation
|
|
||||||
is currently 12, but the .status.conditions[x].observedGeneration
|
|
||||||
is 9, the condition is out of date with respect to the current
|
|
||||||
state of the instance.
|
|
||||||
format: int64
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
reason:
|
|
||||||
description: reason contains a programmatic identifier indicating
|
|
||||||
the reason for the condition's last transition. Producers
|
|
||||||
of specific condition types may define expected values and
|
|
||||||
meanings for this field, and whether the values are considered
|
|
||||||
a guaranteed API. The value should be a CamelCase string.
|
|
||||||
This field may not be empty.
|
|
||||||
maxLength: 1024
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
||||||
type: string
|
|
||||||
status:
|
|
||||||
description: status of the condition, one of True, False, Unknown.
|
|
||||||
enum:
|
|
||||||
- "True"
|
|
||||||
- "False"
|
|
||||||
- Unknown
|
|
||||||
type: string
|
|
||||||
type:
|
|
||||||
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
||||||
--- Many .condition.type values are consistent across resources
|
|
||||||
like Available, but because arbitrary conditions can be useful
|
|
||||||
(see .node.status.conditions), the ability to deconflict is
|
|
||||||
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
||||||
maxLength: 316
|
|
||||||
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- lastTransitionTime
|
|
||||||
- message
|
|
||||||
- reason
|
|
||||||
- status
|
|
||||||
- type
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- type
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- spec
|
|
||||||
type: object
|
|
||||||
served: true
|
|
||||||
storage: true
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
|
@ -1,719 +0,0 @@
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
annotations:
|
|
||||||
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
|
||||||
creationTimestamp: null
|
|
||||||
name: gateways.gateway.networking.k8s.io
|
|
||||||
spec:
|
|
||||||
group: gateway.networking.k8s.io
|
|
||||||
names:
|
|
||||||
categories:
|
|
||||||
- gateway-api
|
|
||||||
kind: Gateway
|
|
||||||
listKind: GatewayList
|
|
||||||
plural: gateways
|
|
||||||
shortNames:
|
|
||||||
- gtw
|
|
||||||
singular: gateway
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- additionalPrinterColumns:
|
|
||||||
- jsonPath: .spec.gatewayClassName
|
|
||||||
name: Class
|
|
||||||
type: string
|
|
||||||
- jsonPath: .status.addresses[*].value
|
|
||||||
name: Address
|
|
||||||
type: string
|
|
||||||
- jsonPath: .status.conditions[?(@.type=="Ready")].status
|
|
||||||
name: Ready
|
|
||||||
type: string
|
|
||||||
- jsonPath: .metadata.creationTimestamp
|
|
||||||
name: Age
|
|
||||||
type: date
|
|
||||||
name: v1alpha2
|
|
||||||
schema:
|
|
||||||
openAPIV3Schema:
|
|
||||||
description: Gateway represents an instance of a service-traffic handling
|
|
||||||
infrastructure by binding Listeners to a set of IP addresses.
|
|
||||||
properties:
|
|
||||||
apiVersion:
|
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: 'Kind is a string value representing the REST resource this
|
|
||||||
object represents. Servers may infer this from the endpoint the client
|
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
||||||
type: string
|
|
||||||
metadata:
|
|
||||||
type: object
|
|
||||||
spec:
|
|
||||||
description: Spec defines the desired state of Gateway.
|
|
||||||
properties:
|
|
||||||
addresses:
|
|
||||||
description: "Addresses requested for this Gateway. This is optional
|
|
||||||
and behavior can depend on the implementation. If a value is set
|
|
||||||
in the spec and the requested address is invalid or unavailable,
|
|
||||||
the implementation MUST indicate this in the associated entry in
|
|
||||||
GatewayStatus.Addresses. \n The Addresses field represents a request
|
|
||||||
for the address(es) on the \"outside of the Gateway\", that traffic
|
|
||||||
bound for this Gateway will use. This could be the IP address or
|
|
||||||
hostname of an external load balancer or other networking infrastructure,
|
|
||||||
or some other address that traffic will be sent to. \n The .listener.hostname
|
|
||||||
field is used to route traffic that has already arrived at the Gateway
|
|
||||||
to the correct in-cluster destination. \n If no Addresses are specified,
|
|
||||||
the implementation MAY schedule the Gateway in an implementation-specific
|
|
||||||
manner, assigning an appropriate set of Addresses. \n The implementation
|
|
||||||
MUST bind all Listeners to every GatewayAddress that it assigns
|
|
||||||
to the Gateway and add a corresponding entry in GatewayStatus.Addresses.
|
|
||||||
\n Support: Core"
|
|
||||||
items:
|
|
||||||
description: GatewayAddress describes an address that can be bound
|
|
||||||
to a Gateway.
|
|
||||||
properties:
|
|
||||||
type:
|
|
||||||
default: IPAddress
|
|
||||||
description: Type of the address.
|
|
||||||
enum:
|
|
||||||
- IPAddress
|
|
||||||
- Hostname
|
|
||||||
- NamedAddress
|
|
||||||
type: string
|
|
||||||
value:
|
|
||||||
description: "Value of the address. The validity of the values
|
|
||||||
will depend on the type and support by the controller. \n
|
|
||||||
Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- value
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
type: array
|
|
||||||
gatewayClassName:
|
|
||||||
description: GatewayClassName used for this Gateway. This is the name
|
|
||||||
of a GatewayClass resource.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
listeners:
|
|
||||||
description: "Listeners associated with this Gateway. Listeners define
|
|
||||||
logical endpoints that are bound on this Gateway's addresses. At
|
|
||||||
least one Listener MUST be specified. \n Each listener in a Gateway
|
|
||||||
must have a unique combination of Hostname, Port, and Protocol.
|
|
||||||
\n An implementation MAY group Listeners by Port and then collapse
|
|
||||||
each group of Listeners into a single Listener if the implementation
|
|
||||||
determines that the Listeners in the group are \"compatible\". An
|
|
||||||
implementation MAY also group together and collapse compatible Listeners
|
|
||||||
belonging to different Gateways. \n For example, an implementation
|
|
||||||
might consider Listeners to be compatible with each other if all
|
|
||||||
of the following conditions are met: \n 1. Either each Listener
|
|
||||||
within the group specifies the \"HTTP\" Protocol or each Listener
|
|
||||||
within the group specifies either the \"HTTPS\" or \"TLS\" Protocol.
|
|
||||||
\n 2. Each Listener within the group specifies a Hostname that is
|
|
||||||
unique within the group. \n 3. As a special case, one Listener
|
|
||||||
within a group may omit Hostname, in which case this Listener
|
|
||||||
matches when no other Listener matches. \n If the implementation
|
|
||||||
does collapse compatible Listeners, the hostname provided in the
|
|
||||||
incoming client request MUST be matched to a Listener to find the
|
|
||||||
correct set of Routes. The incoming hostname MUST be matched using
|
|
||||||
the Hostname field for each Listener in order of most to least specific.
|
|
||||||
That is, exact matches must be processed before wildcard matches.
|
|
||||||
\n If this field specifies multiple Listeners that have the same
|
|
||||||
Port value but are not compatible, the implementation must raise
|
|
||||||
a \"Conflicted\" condition in the Listener status. \n Support: Core"
|
|
||||||
items:
|
|
||||||
description: Listener embodies the concept of a logical endpoint
|
|
||||||
where a Gateway accepts network connections.
|
|
||||||
properties:
|
|
||||||
allowedRoutes:
|
|
||||||
default:
|
|
||||||
namespaces:
|
|
||||||
from: Same
|
|
||||||
description: "AllowedRoutes defines the types of routes that
|
|
||||||
MAY be attached to a Listener and the trusted namespaces where
|
|
||||||
those Route resources MAY be present. \n Although a client
|
|
||||||
request may match multiple route rules, only one rule may
|
|
||||||
ultimately receive the request. Matching precedence MUST be
|
|
||||||
determined in order of the following criteria: \n * The most
|
|
||||||
specific match as defined by the Route type. * The oldest
|
|
||||||
Route based on creation timestamp. For example, a Route with
|
|
||||||
\ a creation timestamp of \"2020-09-08 01:02:03\" is given
|
|
||||||
precedence over a Route with a creation timestamp of \"2020-09-08
|
|
||||||
01:02:04\". * If everything else is equivalent, the Route
|
|
||||||
appearing first in alphabetical order (namespace/name) should
|
|
||||||
be given precedence. For example, foo/bar is given precedence
|
|
||||||
over foo/baz. \n All valid rules within a Route attached to
|
|
||||||
this Listener should be implemented. Invalid Route rules can
|
|
||||||
be ignored (sometimes that will mean the full Route). If a
|
|
||||||
Route rule transitions from valid to invalid, support for
|
|
||||||
that Route rule should be dropped to ensure consistency. For
|
|
||||||
example, even if a filter specified by a Route rule is invalid,
|
|
||||||
the rest of the rules within that Route should still be supported.
|
|
||||||
\n Support: Core"
|
|
||||||
properties:
|
|
||||||
kinds:
|
|
||||||
description: "Kinds specifies the groups and kinds of Routes
|
|
||||||
that are allowed to bind to this Gateway Listener. When
|
|
||||||
unspecified or empty, the kinds of Routes selected are
|
|
||||||
determined using the Listener protocol. \n A RouteGroupKind
|
|
||||||
MUST correspond to kinds of Routes that are compatible
|
|
||||||
with the application protocol specified in the Listener's
|
|
||||||
Protocol field. If an implementation does not support
|
|
||||||
or recognize this resource type, it MUST set the \"ResolvedRefs\"
|
|
||||||
condition to False for this Listener with the \"InvalidRoutesRef\"
|
|
||||||
reason. \n Support: Core"
|
|
||||||
items:
|
|
||||||
description: RouteGroupKind indicates the group and kind
|
|
||||||
of a Route resource.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: Group is the group of the Route.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: Kind is the kind of the Route.
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- kind
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
type: array
|
|
||||||
namespaces:
|
|
||||||
default:
|
|
||||||
from: Same
|
|
||||||
description: "Namespaces indicates namespaces from which
|
|
||||||
Routes may be attached to this Listener. This is restricted
|
|
||||||
to the namespace of this Gateway by default. \n Support:
|
|
||||||
Core"
|
|
||||||
properties:
|
|
||||||
from:
|
|
||||||
default: Same
|
|
||||||
description: "From indicates where Routes will be selected
|
|
||||||
for this Gateway. Possible values are: * All: Routes
|
|
||||||
in all namespaces may be used by this Gateway. * Selector:
|
|
||||||
Routes in namespaces selected by the selector may
|
|
||||||
be used by this Gateway. * Same: Only Routes in
|
|
||||||
the same namespace may be used by this Gateway. \n
|
|
||||||
Support: Core"
|
|
||||||
enum:
|
|
||||||
- All
|
|
||||||
- Selector
|
|
||||||
- Same
|
|
||||||
type: string
|
|
||||||
selector:
|
|
||||||
description: "Selector must be specified when From is
|
|
||||||
set to \"Selector\". In that case, only Routes in
|
|
||||||
Namespaces matching this Selector will be selected
|
|
||||||
by this Gateway. This field is ignored for other values
|
|
||||||
of \"From\". \n Support: Core"
|
|
||||||
properties:
|
|
||||||
matchExpressions:
|
|
||||||
description: matchExpressions is a list of label
|
|
||||||
selector requirements. The requirements are ANDed.
|
|
||||||
items:
|
|
||||||
description: A label selector requirement is a
|
|
||||||
selector that contains values, a key, and an
|
|
||||||
operator that relates the key and values.
|
|
||||||
properties:
|
|
||||||
key:
|
|
||||||
description: key is the label key that the
|
|
||||||
selector applies to.
|
|
||||||
type: string
|
|
||||||
operator:
|
|
||||||
description: operator represents a key's relationship
|
|
||||||
to a set of values. Valid operators are
|
|
||||||
In, NotIn, Exists and DoesNotExist.
|
|
||||||
type: string
|
|
||||||
values:
|
|
||||||
description: values is an array of string
|
|
||||||
values. If the operator is In or NotIn,
|
|
||||||
the values array must be non-empty. If the
|
|
||||||
operator is Exists or DoesNotExist, the
|
|
||||||
values array must be empty. This array is
|
|
||||||
replaced during a strategic merge patch.
|
|
||||||
items:
|
|
||||||
type: string
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- key
|
|
||||||
- operator
|
|
||||||
type: object
|
|
||||||
type: array
|
|
||||||
matchLabels:
|
|
||||||
additionalProperties:
|
|
||||||
type: string
|
|
||||||
description: matchLabels is a map of {key,value}
|
|
||||||
pairs. A single {key,value} in the matchLabels
|
|
||||||
map is equivalent to an element of matchExpressions,
|
|
||||||
whose key field is "key", the operator is "In",
|
|
||||||
and the values array contains only "value". The
|
|
||||||
requirements are ANDed.
|
|
||||||
type: object
|
|
||||||
type: object
|
|
||||||
type: object
|
|
||||||
type: object
|
|
||||||
hostname:
|
|
||||||
description: "Hostname specifies the virtual hostname to match
|
|
||||||
for protocol types that define this concept. When unspecified,
|
|
||||||
all hostnames are matched. This field is ignored for protocols
|
|
||||||
that don't require hostname based matching. \n Implementations
|
|
||||||
MUST apply Hostname matching appropriately for each of the
|
|
||||||
following protocols: \n * TLS: The Listener Hostname MUST
|
|
||||||
match the SNI. * HTTP: The Listener Hostname MUST match the
|
|
||||||
Host header of the request. * HTTPS: The Listener Hostname
|
|
||||||
SHOULD match at both the TLS and HTTP protocol layers as
|
|
||||||
described above. If an implementation does not ensure that
|
|
||||||
both the SNI and Host header match the Listener hostname,
|
|
||||||
\ it MUST clearly document that. \n For HTTPRoute and TLSRoute
|
|
||||||
resources, there is an interaction with the `spec.hostnames`
|
|
||||||
array. When both listener and route specify hostnames, there
|
|
||||||
MUST be an intersection between the values for a Route to
|
|
||||||
be accepted. For more information, refer to the Route specific
|
|
||||||
Hostnames documentation. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the Listener. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
port:
|
|
||||||
description: "Port is the network port. Multiple listeners may
|
|
||||||
use the same port, subject to the Listener compatibility rules.
|
|
||||||
\n Support: Core"
|
|
||||||
format: int32
|
|
||||||
maximum: 65535
|
|
||||||
minimum: 1
|
|
||||||
type: integer
|
|
||||||
protocol:
|
|
||||||
description: "Protocol specifies the network protocol this listener
|
|
||||||
expects to receive. \n Support: Core"
|
|
||||||
maxLength: 255
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$
|
|
||||||
type: string
|
|
||||||
tls:
|
|
||||||
description: "TLS is the TLS configuration for the Listener.
|
|
||||||
This field is required if the Protocol field is \"HTTPS\"
|
|
||||||
or \"TLS\". It is invalid to set this field if the Protocol
|
|
||||||
field is \"HTTP\", \"TCP\", or \"UDP\". \n The association
|
|
||||||
of SNIs to Certificate defined in GatewayTLSConfig is defined
|
|
||||||
based on the Hostname field for this listener. \n The GatewayClass
|
|
||||||
MUST use the longest matching SNI out of all available certificates
|
|
||||||
for any TLS handshake. \n Support: Core"
|
|
||||||
properties:
|
|
||||||
certificateRefs:
|
|
||||||
description: "CertificateRefs contains a series of references
|
|
||||||
to Kubernetes objects that contains TLS certificates and
|
|
||||||
private keys. These certificates are used to establish
|
|
||||||
a TLS handshake for requests that match the hostname of
|
|
||||||
the associated listener. \n A single CertificateRef to
|
|
||||||
a Kubernetes Secret has \"Core\" support. Implementations
|
|
||||||
MAY choose to support attaching multiple certificates
|
|
||||||
to a Listener, but this behavior is implementation-specific.
|
|
||||||
\n References to a resource in different namespace are
|
|
||||||
invalid UNLESS there is a ReferencePolicy in the target
|
|
||||||
namespace that allows the certificate to be attached.
|
|
||||||
If a ReferencePolicy does not allow this reference, the
|
|
||||||
\"ResolvedRefs\" condition MUST be set to False for this
|
|
||||||
listener with the \"InvalidCertificateRef\" reason. \n
|
|
||||||
This field is required to have at least one element when
|
|
||||||
the mode is set to \"Terminate\" (default) and is optional
|
|
||||||
otherwise. \n CertificateRefs can reference to standard
|
|
||||||
Kubernetes resources, i.e. Secret, or implementation-specific
|
|
||||||
custom resources. \n Support: Core - A single reference
|
|
||||||
to a Kubernetes Secret \n Support: Implementation-specific
|
|
||||||
(More than one reference or other resource types)"
|
|
||||||
items:
|
|
||||||
description: "SecretObjectReference identifies an API
|
|
||||||
object including its namespace, defaulting to Secret.
|
|
||||||
\n The API object must be valid in the cluster; the
|
|
||||||
Group and Kind must be registered in the cluster for
|
|
||||||
this reference to be valid. \n References to objects
|
|
||||||
with invalid Group and Kind are not valid, and must
|
|
||||||
be rejected by the implementation, with appropriate
|
|
||||||
Conditions set on the containing object."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: ""
|
|
||||||
description: Group is the group of the referent. For
|
|
||||||
example, "networking.k8s.io". When unspecified (empty
|
|
||||||
string), core API group is inferred.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Secret
|
|
||||||
description: Kind is kind of the referent. For example
|
|
||||||
"HTTPRoute" or "Service".
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: Name is the name of the referent.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the backend.
|
|
||||||
When unspecified, the local namespace is inferred.
|
|
||||||
\n Note that when a namespace is specified, a ReferencePolicy
|
|
||||||
object is required in the referent namespace to
|
|
||||||
allow that namespace's owner to accept the reference.
|
|
||||||
See the ReferencePolicy documentation for details.
|
|
||||||
\n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 64
|
|
||||||
type: array
|
|
||||||
mode:
|
|
||||||
default: Terminate
|
|
||||||
description: "Mode defines the TLS behavior for the TLS
|
|
||||||
session initiated by the client. There are two possible
|
|
||||||
modes: \n - Terminate: The TLS session between the downstream
|
|
||||||
client and the Gateway is terminated at the Gateway.
|
|
||||||
This mode requires certificateRefs to be set and contain
|
|
||||||
at least one element. - Passthrough: The TLS session is
|
|
||||||
NOT terminated by the Gateway. This implies that the
|
|
||||||
Gateway can't decipher the TLS stream except for the
|
|
||||||
ClientHello message of the TLS protocol. CertificateRefs
|
|
||||||
field is ignored in this mode. \n Support: Core"
|
|
||||||
enum:
|
|
||||||
- Terminate
|
|
||||||
- Passthrough
|
|
||||||
type: string
|
|
||||||
options:
|
|
||||||
additionalProperties:
|
|
||||||
description: AnnotationValue is the value of an annotation
|
|
||||||
in Gateway API. This is used for validation of maps
|
|
||||||
such as TLS options. This roughly matches Kubernetes
|
|
||||||
annotation validation, although the length validation
|
|
||||||
in that case is based on the entire size of the annotations
|
|
||||||
struct.
|
|
||||||
maxLength: 4096
|
|
||||||
minLength: 0
|
|
||||||
type: string
|
|
||||||
description: "Options are a list of key/value pairs to enable
|
|
||||||
extended TLS configuration for each implementation. For
|
|
||||||
example, configuring the minimum TLS version or supported
|
|
||||||
cipher suites. \n A set of common keys MAY be defined
|
|
||||||
by the API in the future. To avoid any ambiguity, implementation-specific
|
|
||||||
definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`.
|
|
||||||
Un-prefixed names are reserved for key names defined by
|
|
||||||
Gateway API. \n Support: Implementation-specific"
|
|
||||||
maxProperties: 16
|
|
||||||
type: object
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
- port
|
|
||||||
- protocol
|
|
||||||
type: object
|
|
||||||
maxItems: 64
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- name
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
required:
|
|
||||||
- gatewayClassName
|
|
||||||
- listeners
|
|
||||||
type: object
|
|
||||||
status:
|
|
||||||
default:
|
|
||||||
conditions:
|
|
||||||
- lastTransitionTime: "1970-01-01T00:00:00Z"
|
|
||||||
message: Waiting for controller
|
|
||||||
reason: NotReconciled
|
|
||||||
status: Unknown
|
|
||||||
type: Scheduled
|
|
||||||
description: Status defines the current state of Gateway.
|
|
||||||
properties:
|
|
||||||
addresses:
|
|
||||||
description: Addresses lists the IP addresses that have actually been
|
|
||||||
bound to the Gateway. These addresses may differ from the addresses
|
|
||||||
in the Spec, e.g. if the Gateway automatically assigns an address
|
|
||||||
from a reserved pool.
|
|
||||||
items:
|
|
||||||
description: GatewayAddress describes an address that can be bound
|
|
||||||
to a Gateway.
|
|
||||||
properties:
|
|
||||||
type:
|
|
||||||
default: IPAddress
|
|
||||||
description: Type of the address.
|
|
||||||
enum:
|
|
||||||
- IPAddress
|
|
||||||
- Hostname
|
|
||||||
- NamedAddress
|
|
||||||
type: string
|
|
||||||
value:
|
|
||||||
description: "Value of the address. The validity of the values
|
|
||||||
will depend on the type and support by the controller. \n
|
|
||||||
Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- value
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
type: array
|
|
||||||
conditions:
|
|
||||||
default:
|
|
||||||
- lastTransitionTime: "1970-01-01T00:00:00Z"
|
|
||||||
message: Waiting for controller
|
|
||||||
reason: NotReconciled
|
|
||||||
status: Unknown
|
|
||||||
type: Scheduled
|
|
||||||
description: "Conditions describe the current conditions of the Gateway.
|
|
||||||
\n Implementations should prefer to express Gateway conditions using
|
|
||||||
the `GatewayConditionType` and `GatewayConditionReason` constants
|
|
||||||
so that operators and tools can converge on a common vocabulary
|
|
||||||
to describe Gateway state. \n Known condition types are: \n * \"Scheduled\"
|
|
||||||
* \"Ready\""
|
|
||||||
items:
|
|
||||||
description: "Condition contains details for one aspect of the current
|
|
||||||
state of this API Resource. --- This struct is intended for direct
|
|
||||||
use as an array at the field path .status.conditions. For example,
|
|
||||||
type FooStatus struct{ // Represents the observations of a
|
|
||||||
foo's current state. // Known .status.conditions.type are:
|
|
||||||
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
|
|
||||||
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
|
|
||||||
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
|
|
||||||
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
|
|
||||||
\n // other fields }"
|
|
||||||
properties:
|
|
||||||
lastTransitionTime:
|
|
||||||
description: lastTransitionTime is the last time the condition
|
|
||||||
transitioned from one status to another. This should be when
|
|
||||||
the underlying condition changed. If that is not known, then
|
|
||||||
using the time when the API field changed is acceptable.
|
|
||||||
format: date-time
|
|
||||||
type: string
|
|
||||||
message:
|
|
||||||
description: message is a human readable message indicating
|
|
||||||
details about the transition. This may be an empty string.
|
|
||||||
maxLength: 32768
|
|
||||||
type: string
|
|
||||||
observedGeneration:
|
|
||||||
description: observedGeneration represents the .metadata.generation
|
|
||||||
that the condition was set based upon. For instance, if .metadata.generation
|
|
||||||
is currently 12, but the .status.conditions[x].observedGeneration
|
|
||||||
is 9, the condition is out of date with respect to the current
|
|
||||||
state of the instance.
|
|
||||||
format: int64
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
reason:
|
|
||||||
description: reason contains a programmatic identifier indicating
|
|
||||||
the reason for the condition's last transition. Producers
|
|
||||||
of specific condition types may define expected values and
|
|
||||||
meanings for this field, and whether the values are considered
|
|
||||||
a guaranteed API. The value should be a CamelCase string.
|
|
||||||
This field may not be empty.
|
|
||||||
maxLength: 1024
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
||||||
type: string
|
|
||||||
status:
|
|
||||||
description: status of the condition, one of True, False, Unknown.
|
|
||||||
enum:
|
|
||||||
- "True"
|
|
||||||
- "False"
|
|
||||||
- Unknown
|
|
||||||
type: string
|
|
||||||
type:
|
|
||||||
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
||||||
--- Many .condition.type values are consistent across resources
|
|
||||||
like Available, but because arbitrary conditions can be useful
|
|
||||||
(see .node.status.conditions), the ability to deconflict is
|
|
||||||
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
||||||
maxLength: 316
|
|
||||||
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- lastTransitionTime
|
|
||||||
- message
|
|
||||||
- reason
|
|
||||||
- status
|
|
||||||
- type
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- type
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
listeners:
|
|
||||||
description: Listeners provide status for each unique listener port
|
|
||||||
defined in the Spec.
|
|
||||||
items:
|
|
||||||
description: ListenerStatus is the status associated with a Listener.
|
|
||||||
properties:
|
|
||||||
attachedRoutes:
|
|
||||||
description: AttachedRoutes represents the total number of Routes
|
|
||||||
that have been successfully attached to this Listener.
|
|
||||||
format: int32
|
|
||||||
type: integer
|
|
||||||
conditions:
|
|
||||||
description: Conditions describe the current condition of this
|
|
||||||
listener.
|
|
||||||
items:
|
|
||||||
description: "Condition contains details for one aspect of
|
|
||||||
the current state of this API Resource. --- This struct
|
|
||||||
is intended for direct use as an array at the field path
|
|
||||||
.status.conditions. For example, type FooStatus struct{
|
|
||||||
\ // Represents the observations of a foo's current state.
|
|
||||||
\ // Known .status.conditions.type are: \"Available\",
|
|
||||||
\"Progressing\", and \"Degraded\" // +patchMergeKey=type
|
|
||||||
\ // +patchStrategy=merge // +listType=map //
|
|
||||||
+listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\"
|
|
||||||
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
|
|
||||||
\n // other fields }"
|
|
||||||
properties:
|
|
||||||
lastTransitionTime:
|
|
||||||
description: lastTransitionTime is the last time the condition
|
|
||||||
transitioned from one status to another. This should
|
|
||||||
be when the underlying condition changed. If that is
|
|
||||||
not known, then using the time when the API field changed
|
|
||||||
is acceptable.
|
|
||||||
format: date-time
|
|
||||||
type: string
|
|
||||||
message:
|
|
||||||
description: message is a human readable message indicating
|
|
||||||
details about the transition. This may be an empty string.
|
|
||||||
maxLength: 32768
|
|
||||||
type: string
|
|
||||||
observedGeneration:
|
|
||||||
description: observedGeneration represents the .metadata.generation
|
|
||||||
that the condition was set based upon. For instance,
|
|
||||||
if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
|
|
||||||
is 9, the condition is out of date with respect to the
|
|
||||||
current state of the instance.
|
|
||||||
format: int64
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
reason:
|
|
||||||
description: reason contains a programmatic identifier
|
|
||||||
indicating the reason for the condition's last transition.
|
|
||||||
Producers of specific condition types may define expected
|
|
||||||
values and meanings for this field, and whether the
|
|
||||||
values are considered a guaranteed API. The value should
|
|
||||||
be a CamelCase string. This field may not be empty.
|
|
||||||
maxLength: 1024
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
||||||
type: string
|
|
||||||
status:
|
|
||||||
description: status of the condition, one of True, False,
|
|
||||||
Unknown.
|
|
||||||
enum:
|
|
||||||
- "True"
|
|
||||||
- "False"
|
|
||||||
- Unknown
|
|
||||||
type: string
|
|
||||||
type:
|
|
||||||
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
||||||
--- Many .condition.type values are consistent across
|
|
||||||
resources like Available, but because arbitrary conditions
|
|
||||||
can be useful (see .node.status.conditions), the ability
|
|
||||||
to deconflict is important. The regex it matches is
|
|
||||||
(dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
||||||
maxLength: 316
|
|
||||||
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- lastTransitionTime
|
|
||||||
- message
|
|
||||||
- reason
|
|
||||||
- status
|
|
||||||
- type
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- type
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
name:
|
|
||||||
description: Name is the name of the Listener that this status
|
|
||||||
corresponds to.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
supportedKinds:
|
|
||||||
description: "SupportedKinds is the list indicating the Kinds
|
|
||||||
supported by this listener. This MUST represent the kinds
|
|
||||||
an implementation supports for that Listener configuration.
|
|
||||||
\n If kinds are specified in Spec that are not supported,
|
|
||||||
they MUST NOT appear in this list and an implementation MUST
|
|
||||||
set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\"
|
|
||||||
reason. If both valid and invalid Route kinds are specified,
|
|
||||||
the implementation MUST reference the valid Route kinds that
|
|
||||||
have been specified."
|
|
||||||
items:
|
|
||||||
description: RouteGroupKind indicates the group and kind of
|
|
||||||
a Route resource.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: Group is the group of the Route.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: Kind is the kind of the Route.
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- kind
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- attachedRoutes
|
|
||||||
- conditions
|
|
||||||
- name
|
|
||||||
- supportedKinds
|
|
||||||
type: object
|
|
||||||
maxItems: 64
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- name
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- spec
|
|
||||||
type: object
|
|
||||||
served: true
|
|
||||||
storage: true
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,145 +0,0 @@
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
annotations:
|
|
||||||
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
|
||||||
creationTimestamp: null
|
|
||||||
name: referencepolicies.gateway.networking.k8s.io
|
|
||||||
spec:
|
|
||||||
group: gateway.networking.k8s.io
|
|
||||||
names:
|
|
||||||
categories:
|
|
||||||
- gateway-api
|
|
||||||
kind: ReferencePolicy
|
|
||||||
listKind: ReferencePolicyList
|
|
||||||
plural: referencepolicies
|
|
||||||
shortNames:
|
|
||||||
- refpol
|
|
||||||
singular: referencepolicy
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- additionalPrinterColumns:
|
|
||||||
- jsonPath: .metadata.creationTimestamp
|
|
||||||
name: Age
|
|
||||||
type: date
|
|
||||||
name: v1alpha2
|
|
||||||
schema:
|
|
||||||
openAPIV3Schema:
|
|
||||||
description: "ReferencePolicy identifies kinds of resources in other namespaces
|
|
||||||
that are trusted to reference the specified kinds of resources in the same
|
|
||||||
namespace as the policy. \n Each ReferencePolicy can be used to represent
|
|
||||||
a unique trust relationship. Additional Reference Policies can be used to
|
|
||||||
add to the set of trusted sources of inbound references for the namespace
|
|
||||||
they are defined within. \n All cross-namespace references in Gateway API
|
|
||||||
(with the exception of cross-namespace Gateway-route attachment) require
|
|
||||||
a ReferencePolicy. \n Support: Core"
|
|
||||||
properties:
|
|
||||||
apiVersion:
|
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: 'Kind is a string value representing the REST resource this
|
|
||||||
object represents. Servers may infer this from the endpoint the client
|
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
||||||
type: string
|
|
||||||
metadata:
|
|
||||||
type: object
|
|
||||||
spec:
|
|
||||||
description: Spec defines the desired state of ReferencePolicy.
|
|
||||||
properties:
|
|
||||||
from:
|
|
||||||
description: "From describes the trusted namespaces and kinds that
|
|
||||||
can reference the resources described in \"To\". Each entry in this
|
|
||||||
list must be considered to be an additional place that references
|
|
||||||
can be valid from, or to put this another way, entries must be combined
|
|
||||||
using OR. \n Support: Core"
|
|
||||||
items:
|
|
||||||
description: ReferencePolicyFrom describes trusted namespaces and
|
|
||||||
kinds.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
description: "Group is the group of the referent. When empty,
|
|
||||||
the Kubernetes core API group is inferred. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: "Kind is the kind of the referent. Although implementations
|
|
||||||
may support additional resources, the following Route types
|
|
||||||
are part of the \"Core\" support level for this field: \n
|
|
||||||
* HTTPRoute * TCPRoute * TLSRoute * UDPRoute"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent. \n
|
|
||||||
Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- group
|
|
||||||
- kind
|
|
||||||
- namespace
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
to:
|
|
||||||
description: "To describes the resources that may be referenced by
|
|
||||||
the resources described in \"From\". Each entry in this list must
|
|
||||||
be considered to be an additional place that references can be valid
|
|
||||||
to, or to put this another way, entries must be combined using OR.
|
|
||||||
\n Support: Core"
|
|
||||||
items:
|
|
||||||
description: ReferencePolicyTo describes what Kinds are allowed
|
|
||||||
as targets of the references.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
description: "Group is the group of the referent. When empty,
|
|
||||||
the Kubernetes core API group is inferred. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: "Kind is the kind of the referent. Although implementations
|
|
||||||
may support additional resources, the following types are
|
|
||||||
part of the \"Core\" support level for this field: \n * Service"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: Name is the name of the referent. When unspecified
|
|
||||||
or empty, this policy refers to all resources of the specified
|
|
||||||
Group and Kind in the local namespace.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- group
|
|
||||||
- kind
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- from
|
|
||||||
- to
|
|
||||||
type: object
|
|
||||||
type: object
|
|
||||||
served: true
|
|
||||||
storage: true
|
|
||||||
subresources: {}
|
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
|
@ -1,431 +0,0 @@
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
annotations:
|
|
||||||
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
|
||||||
creationTimestamp: null
|
|
||||||
name: tcproutes.gateway.networking.k8s.io
|
|
||||||
spec:
|
|
||||||
group: gateway.networking.k8s.io
|
|
||||||
names:
|
|
||||||
categories:
|
|
||||||
- gateway-api
|
|
||||||
kind: TCPRoute
|
|
||||||
listKind: TCPRouteList
|
|
||||||
plural: tcproutes
|
|
||||||
singular: tcproute
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- additionalPrinterColumns:
|
|
||||||
- jsonPath: .metadata.creationTimestamp
|
|
||||||
name: Age
|
|
||||||
type: date
|
|
||||||
name: v1alpha2
|
|
||||||
schema:
|
|
||||||
openAPIV3Schema:
|
|
||||||
description: TCPRoute provides a way to route TCP requests. When combined
|
|
||||||
with a Gateway listener, it can be used to forward connections on the port
|
|
||||||
specified by the listener to a set of backends specified by the TCPRoute.
|
|
||||||
properties:
|
|
||||||
apiVersion:
|
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: 'Kind is a string value representing the REST resource this
|
|
||||||
object represents. Servers may infer this from the endpoint the client
|
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
||||||
type: string
|
|
||||||
metadata:
|
|
||||||
type: object
|
|
||||||
spec:
|
|
||||||
description: Spec defines the desired state of TCPRoute.
|
|
||||||
properties:
|
|
||||||
parentRefs:
|
|
||||||
description: "ParentRefs references the resources (usually Gateways)
|
|
||||||
that a Route wants to be attached to. Note that the referenced parent
|
|
||||||
resource needs to allow this for the attachment to be complete.
|
|
||||||
For Gateways, that means the Gateway needs to allow attachment from
|
|
||||||
Routes of this kind and namespace. \n The only kind of parent resource
|
|
||||||
with \"Core\" support is Gateway. This API may be extended in the
|
|
||||||
future to support additional kinds of parent resources such as one
|
|
||||||
of the route kinds. \n It is invalid to reference an identical parent
|
|
||||||
more than once. It is valid to reference multiple distinct sections
|
|
||||||
within the same parent resource, such as 2 Listeners within a Gateway.
|
|
||||||
\n It is possible to separately reference multiple distinct objects
|
|
||||||
that may be collapsed by an implementation. For example, some implementations
|
|
||||||
may choose to merge compatible Gateway Listeners together. If that
|
|
||||||
is the case, the list of routes attached to those resources should
|
|
||||||
also be merged."
|
|
||||||
items:
|
|
||||||
description: "ParentRef identifies an API object (usually a Gateway)
|
|
||||||
that can be considered a parent of this resource (usually a route).
|
|
||||||
The only kind of parent resource with \"Core\" support is Gateway.
|
|
||||||
This API may be extended in the future to support additional kinds
|
|
||||||
of parent resources, such as HTTPRoute. \n The API object must
|
|
||||||
be valid in the cluster; the Group and Kind must be registered
|
|
||||||
in the cluster for this reference to be valid. \n References to
|
|
||||||
objects with invalid Group and Kind are not valid, and must be
|
|
||||||
rejected by the implementation, with appropriate Conditions set
|
|
||||||
on the containing object."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: "Group is the group of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Gateway
|
|
||||||
description: "Kind is kind of the referent. \n Support: Core
|
|
||||||
(Gateway) Support: Custom (Other Resources)"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent. When
|
|
||||||
unspecified (or empty string), this refers to the local namespace
|
|
||||||
of the Route. \n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
sectionName:
|
|
||||||
description: "SectionName is the name of a section within the
|
|
||||||
target resource. In the following resources, SectionName is
|
|
||||||
interpreted as the following: \n * Gateway: Listener Name
|
|
||||||
\n Implementations MAY choose to support attaching Routes
|
|
||||||
to other resources. If that is the case, they MUST clearly
|
|
||||||
document how SectionName is interpreted. \n When unspecified
|
|
||||||
(empty string), this will reference the entire resource. For
|
|
||||||
the purpose of status, an attachment is considered successful
|
|
||||||
if at least one section in the parent resource accepts it.
|
|
||||||
For example, Gateway listeners can restrict which Routes can
|
|
||||||
attach to them by Route kind, namespace, or hostname. If 1
|
|
||||||
of 2 Gateway listeners accept attachment from the referencing
|
|
||||||
Route, the Route MUST be considered successfully attached.
|
|
||||||
If no Gateway listeners accept attachment from this Route,
|
|
||||||
the Route MUST be considered detached from the Gateway. \n
|
|
||||||
Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 32
|
|
||||||
type: array
|
|
||||||
rules:
|
|
||||||
description: Rules are a list of TCP matchers and actions.
|
|
||||||
items:
|
|
||||||
description: TCPRouteRule is the configuration for a given rule.
|
|
||||||
properties:
|
|
||||||
backendRefs:
|
|
||||||
description: "BackendRefs defines the backend(s) where matching
|
|
||||||
requests should be sent. If unspecified or invalid (refers
|
|
||||||
to a non-existent resource or a Service with no endpoints),
|
|
||||||
the underlying implementation MUST actively reject connection
|
|
||||||
attempts to this backend. Connection rejections must respect
|
|
||||||
weight; if an invalid backend is requested to have 80% of
|
|
||||||
connections, then 80% of connections must be rejected instead.
|
|
||||||
\n Support: Core for Kubernetes Service Support: Custom for
|
|
||||||
any other resource \n Support for weight: Extended"
|
|
||||||
items:
|
|
||||||
description: "BackendRef defines how a Route should forward
|
|
||||||
a request to a Kubernetes resource. \n Note that when a
|
|
||||||
namespace is specified, a ReferencePolicy object is required
|
|
||||||
in the referent namespace to allow that namespace's owner
|
|
||||||
to accept the reference. See the ReferencePolicy documentation
|
|
||||||
for details."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: ""
|
|
||||||
description: Group is the group of the referent. For example,
|
|
||||||
"networking.k8s.io". When unspecified (empty string),
|
|
||||||
core API group is inferred.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Service
|
|
||||||
description: Kind is kind of the referent. For example
|
|
||||||
"HTTPRoute" or "Service".
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: Name is the name of the referent.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the backend.
|
|
||||||
When unspecified, the local namespace is inferred. \n
|
|
||||||
Note that when a namespace is specified, a ReferencePolicy
|
|
||||||
object is required in the referent namespace to allow
|
|
||||||
that namespace's owner to accept the reference. See
|
|
||||||
the ReferencePolicy documentation for details. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
port:
|
|
||||||
description: Port specifies the destination port number
|
|
||||||
to use for this resource. Port is required when the
|
|
||||||
referent is a Kubernetes Service. For other resources,
|
|
||||||
destination port might be derived from the referent
|
|
||||||
resource or this field.
|
|
||||||
format: int32
|
|
||||||
maximum: 65535
|
|
||||||
minimum: 1
|
|
||||||
type: integer
|
|
||||||
weight:
|
|
||||||
default: 1
|
|
||||||
description: "Weight specifies the proportion of requests
|
|
||||||
forwarded to the referenced backend. This is computed
|
|
||||||
as weight/(sum of all weights in this BackendRefs list).
|
|
||||||
For non-zero values, there may be some epsilon from
|
|
||||||
the exact proportion defined here depending on the precision
|
|
||||||
an implementation supports. Weight is not a percentage
|
|
||||||
and the sum of weights does not need to equal 100. \n
|
|
||||||
If only one backend is specified and it has a weight
|
|
||||||
greater than 0, 100% of the traffic is forwarded to
|
|
||||||
that backend. If weight is set to 0, no traffic should
|
|
||||||
be forwarded for this entry. If unspecified, weight
|
|
||||||
defaults to 1. \n Support for this field varies based
|
|
||||||
on the context where used."
|
|
||||||
format: int32
|
|
||||||
maximum: 1000000
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- rules
|
|
||||||
type: object
|
|
||||||
status:
|
|
||||||
description: Status defines the current state of TCPRoute.
|
|
||||||
properties:
|
|
||||||
parents:
|
|
||||||
description: "Parents is a list of parent resources (usually Gateways)
|
|
||||||
that are associated with the route, and the status of the route
|
|
||||||
with respect to each parent. When this route attaches to a parent,
|
|
||||||
the controller that manages the parent must add an entry to this
|
|
||||||
list when the controller first sees the route and should update
|
|
||||||
the entry as appropriate when the route or gateway is modified.
|
|
||||||
\n Note that parent references that cannot be resolved by an implementation
|
|
||||||
of this API will not be added to this list. Implementations of this
|
|
||||||
API can only populate Route status for the Gateways/parent resources
|
|
||||||
they are responsible for. \n A maximum of 32 Gateways will be represented
|
|
||||||
in this list. An empty list means the route has not been attached
|
|
||||||
to any Gateway."
|
|
||||||
items:
|
|
||||||
description: RouteParentStatus describes the status of a route with
|
|
||||||
respect to an associated Parent.
|
|
||||||
properties:
|
|
||||||
conditions:
|
|
||||||
description: "Conditions describes the status of the route with
|
|
||||||
respect to the Gateway. Note that the route's availability
|
|
||||||
is also subject to the Gateway's own status conditions and
|
|
||||||
listener status. \n If the Route's ParentRef specifies an
|
|
||||||
existing Gateway that supports Routes of this kind AND that
|
|
||||||
Gateway's controller has sufficient access, then that Gateway's
|
|
||||||
controller MUST set the \"Accepted\" condition on the Route,
|
|
||||||
to indicate whether the route has been accepted or rejected
|
|
||||||
by the Gateway, and why. \n A Route MUST be considered \"Accepted\"
|
|
||||||
if at least one of the Route's rules is implemented by the
|
|
||||||
Gateway. \n There are a number of cases where the \"Accepted\"
|
|
||||||
condition may not be set due to lack of controller visibility,
|
|
||||||
that includes when: \n * The Route refers to a non-existent
|
|
||||||
parent. * The Route is of a type that the controller does
|
|
||||||
not support. * The Route is in a namespace the the controller
|
|
||||||
does not have access to."
|
|
||||||
items:
|
|
||||||
description: "Condition contains details for one aspect of
|
|
||||||
the current state of this API Resource. --- This struct
|
|
||||||
is intended for direct use as an array at the field path
|
|
||||||
.status.conditions. For example, type FooStatus struct{
|
|
||||||
\ // Represents the observations of a foo's current state.
|
|
||||||
\ // Known .status.conditions.type are: \"Available\",
|
|
||||||
\"Progressing\", and \"Degraded\" // +patchMergeKey=type
|
|
||||||
\ // +patchStrategy=merge // +listType=map //
|
|
||||||
+listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\"
|
|
||||||
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
|
|
||||||
\n // other fields }"
|
|
||||||
properties:
|
|
||||||
lastTransitionTime:
|
|
||||||
description: lastTransitionTime is the last time the condition
|
|
||||||
transitioned from one status to another. This should
|
|
||||||
be when the underlying condition changed. If that is
|
|
||||||
not known, then using the time when the API field changed
|
|
||||||
is acceptable.
|
|
||||||
format: date-time
|
|
||||||
type: string
|
|
||||||
message:
|
|
||||||
description: message is a human readable message indicating
|
|
||||||
details about the transition. This may be an empty string.
|
|
||||||
maxLength: 32768
|
|
||||||
type: string
|
|
||||||
observedGeneration:
|
|
||||||
description: observedGeneration represents the .metadata.generation
|
|
||||||
that the condition was set based upon. For instance,
|
|
||||||
if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
|
|
||||||
is 9, the condition is out of date with respect to the
|
|
||||||
current state of the instance.
|
|
||||||
format: int64
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
reason:
|
|
||||||
description: reason contains a programmatic identifier
|
|
||||||
indicating the reason for the condition's last transition.
|
|
||||||
Producers of specific condition types may define expected
|
|
||||||
values and meanings for this field, and whether the
|
|
||||||
values are considered a guaranteed API. The value should
|
|
||||||
be a CamelCase string. This field may not be empty.
|
|
||||||
maxLength: 1024
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
||||||
type: string
|
|
||||||
status:
|
|
||||||
description: status of the condition, one of True, False,
|
|
||||||
Unknown.
|
|
||||||
enum:
|
|
||||||
- "True"
|
|
||||||
- "False"
|
|
||||||
- Unknown
|
|
||||||
type: string
|
|
||||||
type:
|
|
||||||
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
||||||
--- Many .condition.type values are consistent across
|
|
||||||
resources like Available, but because arbitrary conditions
|
|
||||||
can be useful (see .node.status.conditions), the ability
|
|
||||||
to deconflict is important. The regex it matches is
|
|
||||||
(dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
||||||
maxLength: 316
|
|
||||||
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- lastTransitionTime
|
|
||||||
- message
|
|
||||||
- reason
|
|
||||||
- status
|
|
||||||
- type
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- type
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
controllerName:
|
|
||||||
description: "ControllerName is a domain/path string that indicates
|
|
||||||
the name of the controller that wrote this status. This corresponds
|
|
||||||
with the controllerName field on GatewayClass. \n Example:
|
|
||||||
\"example.net/gateway-controller\". \n The format of this
|
|
||||||
field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid
|
|
||||||
Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)."
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
|
|
||||||
type: string
|
|
||||||
parentRef:
|
|
||||||
description: ParentRef corresponds with a ParentRef in the spec
|
|
||||||
that this RouteParentStatus struct describes the status of.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: "Group is the group of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Gateway
|
|
||||||
description: "Kind is kind of the referent. \n Support:
|
|
||||||
Core (Gateway) Support: Custom (Other Resources)"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent.
|
|
||||||
When unspecified (or empty string), this refers to the
|
|
||||||
local namespace of the Route. \n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
sectionName:
|
|
||||||
description: "SectionName is the name of a section within
|
|
||||||
the target resource. In the following resources, SectionName
|
|
||||||
is interpreted as the following: \n * Gateway: Listener
|
|
||||||
Name \n Implementations MAY choose to support attaching
|
|
||||||
Routes to other resources. If that is the case, they MUST
|
|
||||||
clearly document how SectionName is interpreted. \n When
|
|
||||||
unspecified (empty string), this will reference the entire
|
|
||||||
resource. For the purpose of status, an attachment is
|
|
||||||
considered successful if at least one section in the parent
|
|
||||||
resource accepts it. For example, Gateway listeners can
|
|
||||||
restrict which Routes can attach to them by Route kind,
|
|
||||||
namespace, or hostname. If 1 of 2 Gateway listeners accept
|
|
||||||
attachment from the referencing Route, the Route MUST
|
|
||||||
be considered successfully attached. If no Gateway listeners
|
|
||||||
accept attachment from this Route, the Route MUST be considered
|
|
||||||
detached from the Gateway. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- controllerName
|
|
||||||
- parentRef
|
|
||||||
type: object
|
|
||||||
maxItems: 32
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- parents
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- spec
|
|
||||||
type: object
|
|
||||||
served: true
|
|
||||||
storage: true
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
|
@ -1,480 +0,0 @@
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
annotations:
|
|
||||||
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
|
||||||
creationTimestamp: null
|
|
||||||
name: tlsroutes.gateway.networking.k8s.io
|
|
||||||
spec:
|
|
||||||
group: gateway.networking.k8s.io
|
|
||||||
names:
|
|
||||||
categories:
|
|
||||||
- gateway-api
|
|
||||||
kind: TLSRoute
|
|
||||||
listKind: TLSRouteList
|
|
||||||
plural: tlsroutes
|
|
||||||
singular: tlsroute
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- additionalPrinterColumns:
|
|
||||||
- jsonPath: .metadata.creationTimestamp
|
|
||||||
name: Age
|
|
||||||
type: date
|
|
||||||
name: v1alpha2
|
|
||||||
schema:
|
|
||||||
openAPIV3Schema:
|
|
||||||
description: "The TLSRoute resource is similar to TCPRoute, but can be configured
|
|
||||||
to match against TLS-specific metadata. This allows more flexibility in
|
|
||||||
matching streams for a given TLS listener. \n If you need to forward traffic
|
|
||||||
to a single target for a TLS listener, you could choose to use a TCPRoute
|
|
||||||
with a TLS listener."
|
|
||||||
properties:
|
|
||||||
apiVersion:
|
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: 'Kind is a string value representing the REST resource this
|
|
||||||
object represents. Servers may infer this from the endpoint the client
|
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
||||||
type: string
|
|
||||||
metadata:
|
|
||||||
type: object
|
|
||||||
spec:
|
|
||||||
description: Spec defines the desired state of TLSRoute.
|
|
||||||
properties:
|
|
||||||
hostnames:
|
|
||||||
description: "Hostnames defines a set of SNI names that should match
|
|
||||||
against the SNI attribute of TLS ClientHello message in TLS handshake.
|
|
||||||
This matches the RFC 1123 definition of a hostname with 2 notable
|
|
||||||
exceptions: \n 1. IPs are not allowed in SNI names per RFC 6066.
|
|
||||||
2. A hostname may be prefixed with a wildcard label (`*.`). The
|
|
||||||
wildcard label must appear by itself as the first label. \n If
|
|
||||||
a hostname is specified by both the Listener and TLSRoute, there
|
|
||||||
must be at least one intersecting hostname for the TLSRoute to be
|
|
||||||
attached to the Listener. For example: \n * A Listener with `test.example.com`
|
|
||||||
as the hostname matches TLSRoutes that have either not specified
|
|
||||||
any hostnames, or have specified at least one of `test.example.com`
|
|
||||||
or `*.example.com`. * A Listener with `*.example.com` as the hostname
|
|
||||||
matches TLSRoutes that have either not specified any hostnames
|
|
||||||
or have specified at least one hostname that matches the Listener
|
|
||||||
hostname. For example, `test.example.com` and `*.example.com`
|
|
||||||
would both match. On the other hand, `example.com` and `test.example.net`
|
|
||||||
would not match. \n If both the Listener and TLSRoute have specified
|
|
||||||
hostnames, any TLSRoute hostnames that do not match the Listener
|
|
||||||
hostname MUST be ignored. For example, if a Listener specified `*.example.com`,
|
|
||||||
and the TLSRoute specified `test.example.com` and `test.example.net`,
|
|
||||||
`test.example.net` must not be considered for a match. \n If both
|
|
||||||
the Listener and TLSRoute have specified hostnames, and none match
|
|
||||||
with the criteria above, then the TLSRoute is not accepted. The
|
|
||||||
implementation must raise an 'Accepted' Condition with a status
|
|
||||||
of `False` in the corresponding RouteParentStatus. \n Support: Core"
|
|
||||||
items:
|
|
||||||
description: "Hostname is the fully qualified domain name of a network
|
|
||||||
host. This matches the RFC 1123 definition of a hostname with
|
|
||||||
2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname
|
|
||||||
may be prefixed with a wildcard label (`*.`). The wildcard label
|
|
||||||
must appear by itself as the first label. \n Hostname can be \"precise\"
|
|
||||||
which is a domain name without the terminating dot of a network
|
|
||||||
host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain
|
|
||||||
name prefixed with a single wildcard label (e.g. `*.example.com`).
|
|
||||||
\n Note that as per RFC1035 and RFC1123, a *label* must consist
|
|
||||||
of lower case alphanumeric characters or '-', and must start and
|
|
||||||
end with an alphanumeric character. No other punctuation is allowed."
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
maxItems: 16
|
|
||||||
type: array
|
|
||||||
parentRefs:
|
|
||||||
description: "ParentRefs references the resources (usually Gateways)
|
|
||||||
that a Route wants to be attached to. Note that the referenced parent
|
|
||||||
resource needs to allow this for the attachment to be complete.
|
|
||||||
For Gateways, that means the Gateway needs to allow attachment from
|
|
||||||
Routes of this kind and namespace. \n The only kind of parent resource
|
|
||||||
with \"Core\" support is Gateway. This API may be extended in the
|
|
||||||
future to support additional kinds of parent resources such as one
|
|
||||||
of the route kinds. \n It is invalid to reference an identical parent
|
|
||||||
more than once. It is valid to reference multiple distinct sections
|
|
||||||
within the same parent resource, such as 2 Listeners within a Gateway.
|
|
||||||
\n It is possible to separately reference multiple distinct objects
|
|
||||||
that may be collapsed by an implementation. For example, some implementations
|
|
||||||
may choose to merge compatible Gateway Listeners together. If that
|
|
||||||
is the case, the list of routes attached to those resources should
|
|
||||||
also be merged."
|
|
||||||
items:
|
|
||||||
description: "ParentRef identifies an API object (usually a Gateway)
|
|
||||||
that can be considered a parent of this resource (usually a route).
|
|
||||||
The only kind of parent resource with \"Core\" support is Gateway.
|
|
||||||
This API may be extended in the future to support additional kinds
|
|
||||||
of parent resources, such as HTTPRoute. \n The API object must
|
|
||||||
be valid in the cluster; the Group and Kind must be registered
|
|
||||||
in the cluster for this reference to be valid. \n References to
|
|
||||||
objects with invalid Group and Kind are not valid, and must be
|
|
||||||
rejected by the implementation, with appropriate Conditions set
|
|
||||||
on the containing object."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: "Group is the group of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Gateway
|
|
||||||
description: "Kind is kind of the referent. \n Support: Core
|
|
||||||
(Gateway) Support: Custom (Other Resources)"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent. When
|
|
||||||
unspecified (or empty string), this refers to the local namespace
|
|
||||||
of the Route. \n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
sectionName:
|
|
||||||
description: "SectionName is the name of a section within the
|
|
||||||
target resource. In the following resources, SectionName is
|
|
||||||
interpreted as the following: \n * Gateway: Listener Name
|
|
||||||
\n Implementations MAY choose to support attaching Routes
|
|
||||||
to other resources. If that is the case, they MUST clearly
|
|
||||||
document how SectionName is interpreted. \n When unspecified
|
|
||||||
(empty string), this will reference the entire resource. For
|
|
||||||
the purpose of status, an attachment is considered successful
|
|
||||||
if at least one section in the parent resource accepts it.
|
|
||||||
For example, Gateway listeners can restrict which Routes can
|
|
||||||
attach to them by Route kind, namespace, or hostname. If 1
|
|
||||||
of 2 Gateway listeners accept attachment from the referencing
|
|
||||||
Route, the Route MUST be considered successfully attached.
|
|
||||||
If no Gateway listeners accept attachment from this Route,
|
|
||||||
the Route MUST be considered detached from the Gateway. \n
|
|
||||||
Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 32
|
|
||||||
type: array
|
|
||||||
rules:
|
|
||||||
description: Rules are a list of TLS matchers and actions.
|
|
||||||
items:
|
|
||||||
description: TLSRouteRule is the configuration for a given rule.
|
|
||||||
properties:
|
|
||||||
backendRefs:
|
|
||||||
description: "BackendRefs defines the backend(s) where matching
|
|
||||||
requests should be sent. If unspecified or invalid (refers
|
|
||||||
to a non-existent resource or a Service with no endpoints),
|
|
||||||
the rule performs no forwarding; if no filters are specified
|
|
||||||
that would result in a response being sent, the underlying
|
|
||||||
implementation must actively reject request attempts to this
|
|
||||||
backend, by rejecting the connection or returning a 503 status
|
|
||||||
code. Request rejections must respect weight; if an invalid
|
|
||||||
backend is requested to have 80% of requests, then 80% of
|
|
||||||
requests must be rejected instead. \n Support: Core for Kubernetes
|
|
||||||
Service Support: Custom for any other resource \n Support
|
|
||||||
for weight: Extended"
|
|
||||||
items:
|
|
||||||
description: "BackendRef defines how a Route should forward
|
|
||||||
a request to a Kubernetes resource. \n Note that when a
|
|
||||||
namespace is specified, a ReferencePolicy object is required
|
|
||||||
in the referent namespace to allow that namespace's owner
|
|
||||||
to accept the reference. See the ReferencePolicy documentation
|
|
||||||
for details."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: ""
|
|
||||||
description: Group is the group of the referent. For example,
|
|
||||||
"networking.k8s.io". When unspecified (empty string),
|
|
||||||
core API group is inferred.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Service
|
|
||||||
description: Kind is kind of the referent. For example
|
|
||||||
"HTTPRoute" or "Service".
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: Name is the name of the referent.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the backend.
|
|
||||||
When unspecified, the local namespace is inferred. \n
|
|
||||||
Note that when a namespace is specified, a ReferencePolicy
|
|
||||||
object is required in the referent namespace to allow
|
|
||||||
that namespace's owner to accept the reference. See
|
|
||||||
the ReferencePolicy documentation for details. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
port:
|
|
||||||
description: Port specifies the destination port number
|
|
||||||
to use for this resource. Port is required when the
|
|
||||||
referent is a Kubernetes Service. For other resources,
|
|
||||||
destination port might be derived from the referent
|
|
||||||
resource or this field.
|
|
||||||
format: int32
|
|
||||||
maximum: 65535
|
|
||||||
minimum: 1
|
|
||||||
type: integer
|
|
||||||
weight:
|
|
||||||
default: 1
|
|
||||||
description: "Weight specifies the proportion of requests
|
|
||||||
forwarded to the referenced backend. This is computed
|
|
||||||
as weight/(sum of all weights in this BackendRefs list).
|
|
||||||
For non-zero values, there may be some epsilon from
|
|
||||||
the exact proportion defined here depending on the precision
|
|
||||||
an implementation supports. Weight is not a percentage
|
|
||||||
and the sum of weights does not need to equal 100. \n
|
|
||||||
If only one backend is specified and it has a weight
|
|
||||||
greater than 0, 100% of the traffic is forwarded to
|
|
||||||
that backend. If weight is set to 0, no traffic should
|
|
||||||
be forwarded for this entry. If unspecified, weight
|
|
||||||
defaults to 1. \n Support for this field varies based
|
|
||||||
on the context where used."
|
|
||||||
format: int32
|
|
||||||
maximum: 1000000
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- rules
|
|
||||||
type: object
|
|
||||||
status:
|
|
||||||
description: Status defines the current state of TLSRoute.
|
|
||||||
properties:
|
|
||||||
parents:
|
|
||||||
description: "Parents is a list of parent resources (usually Gateways)
|
|
||||||
that are associated with the route, and the status of the route
|
|
||||||
with respect to each parent. When this route attaches to a parent,
|
|
||||||
the controller that manages the parent must add an entry to this
|
|
||||||
list when the controller first sees the route and should update
|
|
||||||
the entry as appropriate when the route or gateway is modified.
|
|
||||||
\n Note that parent references that cannot be resolved by an implementation
|
|
||||||
of this API will not be added to this list. Implementations of this
|
|
||||||
API can only populate Route status for the Gateways/parent resources
|
|
||||||
they are responsible for. \n A maximum of 32 Gateways will be represented
|
|
||||||
in this list. An empty list means the route has not been attached
|
|
||||||
to any Gateway."
|
|
||||||
items:
|
|
||||||
description: RouteParentStatus describes the status of a route with
|
|
||||||
respect to an associated Parent.
|
|
||||||
properties:
|
|
||||||
conditions:
|
|
||||||
description: "Conditions describes the status of the route with
|
|
||||||
respect to the Gateway. Note that the route's availability
|
|
||||||
is also subject to the Gateway's own status conditions and
|
|
||||||
listener status. \n If the Route's ParentRef specifies an
|
|
||||||
existing Gateway that supports Routes of this kind AND that
|
|
||||||
Gateway's controller has sufficient access, then that Gateway's
|
|
||||||
controller MUST set the \"Accepted\" condition on the Route,
|
|
||||||
to indicate whether the route has been accepted or rejected
|
|
||||||
by the Gateway, and why. \n A Route MUST be considered \"Accepted\"
|
|
||||||
if at least one of the Route's rules is implemented by the
|
|
||||||
Gateway. \n There are a number of cases where the \"Accepted\"
|
|
||||||
condition may not be set due to lack of controller visibility,
|
|
||||||
that includes when: \n * The Route refers to a non-existent
|
|
||||||
parent. * The Route is of a type that the controller does
|
|
||||||
not support. * The Route is in a namespace the the controller
|
|
||||||
does not have access to."
|
|
||||||
items:
|
|
||||||
description: "Condition contains details for one aspect of
|
|
||||||
the current state of this API Resource. --- This struct
|
|
||||||
is intended for direct use as an array at the field path
|
|
||||||
.status.conditions. For example, type FooStatus struct{
|
|
||||||
\ // Represents the observations of a foo's current state.
|
|
||||||
\ // Known .status.conditions.type are: \"Available\",
|
|
||||||
\"Progressing\", and \"Degraded\" // +patchMergeKey=type
|
|
||||||
\ // +patchStrategy=merge // +listType=map //
|
|
||||||
+listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\"
|
|
||||||
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
|
|
||||||
\n // other fields }"
|
|
||||||
properties:
|
|
||||||
lastTransitionTime:
|
|
||||||
description: lastTransitionTime is the last time the condition
|
|
||||||
transitioned from one status to another. This should
|
|
||||||
be when the underlying condition changed. If that is
|
|
||||||
not known, then using the time when the API field changed
|
|
||||||
is acceptable.
|
|
||||||
format: date-time
|
|
||||||
type: string
|
|
||||||
message:
|
|
||||||
description: message is a human readable message indicating
|
|
||||||
details about the transition. This may be an empty string.
|
|
||||||
maxLength: 32768
|
|
||||||
type: string
|
|
||||||
observedGeneration:
|
|
||||||
description: observedGeneration represents the .metadata.generation
|
|
||||||
that the condition was set based upon. For instance,
|
|
||||||
if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
|
|
||||||
is 9, the condition is out of date with respect to the
|
|
||||||
current state of the instance.
|
|
||||||
format: int64
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
reason:
|
|
||||||
description: reason contains a programmatic identifier
|
|
||||||
indicating the reason for the condition's last transition.
|
|
||||||
Producers of specific condition types may define expected
|
|
||||||
values and meanings for this field, and whether the
|
|
||||||
values are considered a guaranteed API. The value should
|
|
||||||
be a CamelCase string. This field may not be empty.
|
|
||||||
maxLength: 1024
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
||||||
type: string
|
|
||||||
status:
|
|
||||||
description: status of the condition, one of True, False,
|
|
||||||
Unknown.
|
|
||||||
enum:
|
|
||||||
- "True"
|
|
||||||
- "False"
|
|
||||||
- Unknown
|
|
||||||
type: string
|
|
||||||
type:
|
|
||||||
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
||||||
--- Many .condition.type values are consistent across
|
|
||||||
resources like Available, but because arbitrary conditions
|
|
||||||
can be useful (see .node.status.conditions), the ability
|
|
||||||
to deconflict is important. The regex it matches is
|
|
||||||
(dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
||||||
maxLength: 316
|
|
||||||
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- lastTransitionTime
|
|
||||||
- message
|
|
||||||
- reason
|
|
||||||
- status
|
|
||||||
- type
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- type
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
controllerName:
|
|
||||||
description: "ControllerName is a domain/path string that indicates
|
|
||||||
the name of the controller that wrote this status. This corresponds
|
|
||||||
with the controllerName field on GatewayClass. \n Example:
|
|
||||||
\"example.net/gateway-controller\". \n The format of this
|
|
||||||
field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid
|
|
||||||
Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)."
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
|
|
||||||
type: string
|
|
||||||
parentRef:
|
|
||||||
description: ParentRef corresponds with a ParentRef in the spec
|
|
||||||
that this RouteParentStatus struct describes the status of.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: "Group is the group of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Gateway
|
|
||||||
description: "Kind is kind of the referent. \n Support:
|
|
||||||
Core (Gateway) Support: Custom (Other Resources)"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent.
|
|
||||||
When unspecified (or empty string), this refers to the
|
|
||||||
local namespace of the Route. \n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
sectionName:
|
|
||||||
description: "SectionName is the name of a section within
|
|
||||||
the target resource. In the following resources, SectionName
|
|
||||||
is interpreted as the following: \n * Gateway: Listener
|
|
||||||
Name \n Implementations MAY choose to support attaching
|
|
||||||
Routes to other resources. If that is the case, they MUST
|
|
||||||
clearly document how SectionName is interpreted. \n When
|
|
||||||
unspecified (empty string), this will reference the entire
|
|
||||||
resource. For the purpose of status, an attachment is
|
|
||||||
considered successful if at least one section in the parent
|
|
||||||
resource accepts it. For example, Gateway listeners can
|
|
||||||
restrict which Routes can attach to them by Route kind,
|
|
||||||
namespace, or hostname. If 1 of 2 Gateway listeners accept
|
|
||||||
attachment from the referencing Route, the Route MUST
|
|
||||||
be considered successfully attached. If no Gateway listeners
|
|
||||||
accept attachment from this Route, the Route MUST be considered
|
|
||||||
detached from the Gateway. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- controllerName
|
|
||||||
- parentRef
|
|
||||||
type: object
|
|
||||||
maxItems: 32
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- parents
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- spec
|
|
||||||
type: object
|
|
||||||
served: true
|
|
||||||
storage: true
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
|
@ -1,431 +0,0 @@
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
annotations:
|
|
||||||
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
|
||||||
creationTimestamp: null
|
|
||||||
name: udproutes.gateway.networking.k8s.io
|
|
||||||
spec:
|
|
||||||
group: gateway.networking.k8s.io
|
|
||||||
names:
|
|
||||||
categories:
|
|
||||||
- gateway-api
|
|
||||||
kind: UDPRoute
|
|
||||||
listKind: UDPRouteList
|
|
||||||
plural: udproutes
|
|
||||||
singular: udproute
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- additionalPrinterColumns:
|
|
||||||
- jsonPath: .metadata.creationTimestamp
|
|
||||||
name: Age
|
|
||||||
type: date
|
|
||||||
name: v1alpha2
|
|
||||||
schema:
|
|
||||||
openAPIV3Schema:
|
|
||||||
description: UDPRoute provides a way to route UDP traffic. When combined with
|
|
||||||
a Gateway listener, it can be used to forward traffic on the port specified
|
|
||||||
by the listener to a set of backends specified by the UDPRoute.
|
|
||||||
properties:
|
|
||||||
apiVersion:
|
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
description: 'Kind is a string value representing the REST resource this
|
|
||||||
object represents. Servers may infer this from the endpoint the client
|
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
||||||
type: string
|
|
||||||
metadata:
|
|
||||||
type: object
|
|
||||||
spec:
|
|
||||||
description: Spec defines the desired state of UDPRoute.
|
|
||||||
properties:
|
|
||||||
parentRefs:
|
|
||||||
description: "ParentRefs references the resources (usually Gateways)
|
|
||||||
that a Route wants to be attached to. Note that the referenced parent
|
|
||||||
resource needs to allow this for the attachment to be complete.
|
|
||||||
For Gateways, that means the Gateway needs to allow attachment from
|
|
||||||
Routes of this kind and namespace. \n The only kind of parent resource
|
|
||||||
with \"Core\" support is Gateway. This API may be extended in the
|
|
||||||
future to support additional kinds of parent resources such as one
|
|
||||||
of the route kinds. \n It is invalid to reference an identical parent
|
|
||||||
more than once. It is valid to reference multiple distinct sections
|
|
||||||
within the same parent resource, such as 2 Listeners within a Gateway.
|
|
||||||
\n It is possible to separately reference multiple distinct objects
|
|
||||||
that may be collapsed by an implementation. For example, some implementations
|
|
||||||
may choose to merge compatible Gateway Listeners together. If that
|
|
||||||
is the case, the list of routes attached to those resources should
|
|
||||||
also be merged."
|
|
||||||
items:
|
|
||||||
description: "ParentRef identifies an API object (usually a Gateway)
|
|
||||||
that can be considered a parent of this resource (usually a route).
|
|
||||||
The only kind of parent resource with \"Core\" support is Gateway.
|
|
||||||
This API may be extended in the future to support additional kinds
|
|
||||||
of parent resources, such as HTTPRoute. \n The API object must
|
|
||||||
be valid in the cluster; the Group and Kind must be registered
|
|
||||||
in the cluster for this reference to be valid. \n References to
|
|
||||||
objects with invalid Group and Kind are not valid, and must be
|
|
||||||
rejected by the implementation, with appropriate Conditions set
|
|
||||||
on the containing object."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: "Group is the group of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Gateway
|
|
||||||
description: "Kind is kind of the referent. \n Support: Core
|
|
||||||
(Gateway) Support: Custom (Other Resources)"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent. When
|
|
||||||
unspecified (or empty string), this refers to the local namespace
|
|
||||||
of the Route. \n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
sectionName:
|
|
||||||
description: "SectionName is the name of a section within the
|
|
||||||
target resource. In the following resources, SectionName is
|
|
||||||
interpreted as the following: \n * Gateway: Listener Name
|
|
||||||
\n Implementations MAY choose to support attaching Routes
|
|
||||||
to other resources. If that is the case, they MUST clearly
|
|
||||||
document how SectionName is interpreted. \n When unspecified
|
|
||||||
(empty string), this will reference the entire resource. For
|
|
||||||
the purpose of status, an attachment is considered successful
|
|
||||||
if at least one section in the parent resource accepts it.
|
|
||||||
For example, Gateway listeners can restrict which Routes can
|
|
||||||
attach to them by Route kind, namespace, or hostname. If 1
|
|
||||||
of 2 Gateway listeners accept attachment from the referencing
|
|
||||||
Route, the Route MUST be considered successfully attached.
|
|
||||||
If no Gateway listeners accept attachment from this Route,
|
|
||||||
the Route MUST be considered detached from the Gateway. \n
|
|
||||||
Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 32
|
|
||||||
type: array
|
|
||||||
rules:
|
|
||||||
description: Rules are a list of UDP matchers and actions.
|
|
||||||
items:
|
|
||||||
description: UDPRouteRule is the configuration for a given rule.
|
|
||||||
properties:
|
|
||||||
backendRefs:
|
|
||||||
description: "BackendRefs defines the backend(s) where matching
|
|
||||||
requests should be sent. If unspecified or invalid (refers
|
|
||||||
to a non-existent resource or a Service with no endpoints),
|
|
||||||
the underlying implementation MUST actively reject connection
|
|
||||||
attempts to this backend. Packet drops must respect weight;
|
|
||||||
if an invalid backend is requested to have 80% of the packets,
|
|
||||||
then 80% of packets must be dropped instead. \n Support: Core
|
|
||||||
for Kubernetes Service Support: Custom for any other resource
|
|
||||||
\n Support for weight: Extended"
|
|
||||||
items:
|
|
||||||
description: "BackendRef defines how a Route should forward
|
|
||||||
a request to a Kubernetes resource. \n Note that when a
|
|
||||||
namespace is specified, a ReferencePolicy object is required
|
|
||||||
in the referent namespace to allow that namespace's owner
|
|
||||||
to accept the reference. See the ReferencePolicy documentation
|
|
||||||
for details."
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: ""
|
|
||||||
description: Group is the group of the referent. For example,
|
|
||||||
"networking.k8s.io". When unspecified (empty string),
|
|
||||||
core API group is inferred.
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Service
|
|
||||||
description: Kind is kind of the referent. For example
|
|
||||||
"HTTPRoute" or "Service".
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: Name is the name of the referent.
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the backend.
|
|
||||||
When unspecified, the local namespace is inferred. \n
|
|
||||||
Note that when a namespace is specified, a ReferencePolicy
|
|
||||||
object is required in the referent namespace to allow
|
|
||||||
that namespace's owner to accept the reference. See
|
|
||||||
the ReferencePolicy documentation for details. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
port:
|
|
||||||
description: Port specifies the destination port number
|
|
||||||
to use for this resource. Port is required when the
|
|
||||||
referent is a Kubernetes Service. For other resources,
|
|
||||||
destination port might be derived from the referent
|
|
||||||
resource or this field.
|
|
||||||
format: int32
|
|
||||||
maximum: 65535
|
|
||||||
minimum: 1
|
|
||||||
type: integer
|
|
||||||
weight:
|
|
||||||
default: 1
|
|
||||||
description: "Weight specifies the proportion of requests
|
|
||||||
forwarded to the referenced backend. This is computed
|
|
||||||
as weight/(sum of all weights in this BackendRefs list).
|
|
||||||
For non-zero values, there may be some epsilon from
|
|
||||||
the exact proportion defined here depending on the precision
|
|
||||||
an implementation supports. Weight is not a percentage
|
|
||||||
and the sum of weights does not need to equal 100. \n
|
|
||||||
If only one backend is specified and it has a weight
|
|
||||||
greater than 0, 100% of the traffic is forwarded to
|
|
||||||
that backend. If weight is set to 0, no traffic should
|
|
||||||
be forwarded for this entry. If unspecified, weight
|
|
||||||
defaults to 1. \n Support for this field varies based
|
|
||||||
on the context where used."
|
|
||||||
format: int32
|
|
||||||
maximum: 1000000
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
type: object
|
|
||||||
maxItems: 16
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- rules
|
|
||||||
type: object
|
|
||||||
status:
|
|
||||||
description: Status defines the current state of UDPRoute.
|
|
||||||
properties:
|
|
||||||
parents:
|
|
||||||
description: "Parents is a list of parent resources (usually Gateways)
|
|
||||||
that are associated with the route, and the status of the route
|
|
||||||
with respect to each parent. When this route attaches to a parent,
|
|
||||||
the controller that manages the parent must add an entry to this
|
|
||||||
list when the controller first sees the route and should update
|
|
||||||
the entry as appropriate when the route or gateway is modified.
|
|
||||||
\n Note that parent references that cannot be resolved by an implementation
|
|
||||||
of this API will not be added to this list. Implementations of this
|
|
||||||
API can only populate Route status for the Gateways/parent resources
|
|
||||||
they are responsible for. \n A maximum of 32 Gateways will be represented
|
|
||||||
in this list. An empty list means the route has not been attached
|
|
||||||
to any Gateway."
|
|
||||||
items:
|
|
||||||
description: RouteParentStatus describes the status of a route with
|
|
||||||
respect to an associated Parent.
|
|
||||||
properties:
|
|
||||||
conditions:
|
|
||||||
description: "Conditions describes the status of the route with
|
|
||||||
respect to the Gateway. Note that the route's availability
|
|
||||||
is also subject to the Gateway's own status conditions and
|
|
||||||
listener status. \n If the Route's ParentRef specifies an
|
|
||||||
existing Gateway that supports Routes of this kind AND that
|
|
||||||
Gateway's controller has sufficient access, then that Gateway's
|
|
||||||
controller MUST set the \"Accepted\" condition on the Route,
|
|
||||||
to indicate whether the route has been accepted or rejected
|
|
||||||
by the Gateway, and why. \n A Route MUST be considered \"Accepted\"
|
|
||||||
if at least one of the Route's rules is implemented by the
|
|
||||||
Gateway. \n There are a number of cases where the \"Accepted\"
|
|
||||||
condition may not be set due to lack of controller visibility,
|
|
||||||
that includes when: \n * The Route refers to a non-existent
|
|
||||||
parent. * The Route is of a type that the controller does
|
|
||||||
not support. * The Route is in a namespace the the controller
|
|
||||||
does not have access to."
|
|
||||||
items:
|
|
||||||
description: "Condition contains details for one aspect of
|
|
||||||
the current state of this API Resource. --- This struct
|
|
||||||
is intended for direct use as an array at the field path
|
|
||||||
.status.conditions. For example, type FooStatus struct{
|
|
||||||
\ // Represents the observations of a foo's current state.
|
|
||||||
\ // Known .status.conditions.type are: \"Available\",
|
|
||||||
\"Progressing\", and \"Degraded\" // +patchMergeKey=type
|
|
||||||
\ // +patchStrategy=merge // +listType=map //
|
|
||||||
+listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\"
|
|
||||||
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
|
|
||||||
\n // other fields }"
|
|
||||||
properties:
|
|
||||||
lastTransitionTime:
|
|
||||||
description: lastTransitionTime is the last time the condition
|
|
||||||
transitioned from one status to another. This should
|
|
||||||
be when the underlying condition changed. If that is
|
|
||||||
not known, then using the time when the API field changed
|
|
||||||
is acceptable.
|
|
||||||
format: date-time
|
|
||||||
type: string
|
|
||||||
message:
|
|
||||||
description: message is a human readable message indicating
|
|
||||||
details about the transition. This may be an empty string.
|
|
||||||
maxLength: 32768
|
|
||||||
type: string
|
|
||||||
observedGeneration:
|
|
||||||
description: observedGeneration represents the .metadata.generation
|
|
||||||
that the condition was set based upon. For instance,
|
|
||||||
if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
|
|
||||||
is 9, the condition is out of date with respect to the
|
|
||||||
current state of the instance.
|
|
||||||
format: int64
|
|
||||||
minimum: 0
|
|
||||||
type: integer
|
|
||||||
reason:
|
|
||||||
description: reason contains a programmatic identifier
|
|
||||||
indicating the reason for the condition's last transition.
|
|
||||||
Producers of specific condition types may define expected
|
|
||||||
values and meanings for this field, and whether the
|
|
||||||
values are considered a guaranteed API. The value should
|
|
||||||
be a CamelCase string. This field may not be empty.
|
|
||||||
maxLength: 1024
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
||||||
type: string
|
|
||||||
status:
|
|
||||||
description: status of the condition, one of True, False,
|
|
||||||
Unknown.
|
|
||||||
enum:
|
|
||||||
- "True"
|
|
||||||
- "False"
|
|
||||||
- Unknown
|
|
||||||
type: string
|
|
||||||
type:
|
|
||||||
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
||||||
--- Many .condition.type values are consistent across
|
|
||||||
resources like Available, but because arbitrary conditions
|
|
||||||
can be useful (see .node.status.conditions), the ability
|
|
||||||
to deconflict is important. The regex it matches is
|
|
||||||
(dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
||||||
maxLength: 316
|
|
||||||
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- lastTransitionTime
|
|
||||||
- message
|
|
||||||
- reason
|
|
||||||
- status
|
|
||||||
- type
|
|
||||||
type: object
|
|
||||||
maxItems: 8
|
|
||||||
minItems: 1
|
|
||||||
type: array
|
|
||||||
x-kubernetes-list-map-keys:
|
|
||||||
- type
|
|
||||||
x-kubernetes-list-type: map
|
|
||||||
controllerName:
|
|
||||||
description: "ControllerName is a domain/path string that indicates
|
|
||||||
the name of the controller that wrote this status. This corresponds
|
|
||||||
with the controllerName field on GatewayClass. \n Example:
|
|
||||||
\"example.net/gateway-controller\". \n The format of this
|
|
||||||
field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid
|
|
||||||
Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)."
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
|
|
||||||
type: string
|
|
||||||
parentRef:
|
|
||||||
description: ParentRef corresponds with a ParentRef in the spec
|
|
||||||
that this RouteParentStatus struct describes the status of.
|
|
||||||
properties:
|
|
||||||
group:
|
|
||||||
default: gateway.networking.k8s.io
|
|
||||||
description: "Group is the group of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
kind:
|
|
||||||
default: Gateway
|
|
||||||
description: "Kind is kind of the referent. \n Support:
|
|
||||||
Core (Gateway) Support: Custom (Other Resources)"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
|
||||||
type: string
|
|
||||||
name:
|
|
||||||
description: "Name is the name of the referent. \n Support:
|
|
||||||
Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
type: string
|
|
||||||
namespace:
|
|
||||||
description: "Namespace is the namespace of the referent.
|
|
||||||
When unspecified (or empty string), this refers to the
|
|
||||||
local namespace of the Route. \n Support: Core"
|
|
||||||
maxLength: 63
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
||||||
type: string
|
|
||||||
sectionName:
|
|
||||||
description: "SectionName is the name of a section within
|
|
||||||
the target resource. In the following resources, SectionName
|
|
||||||
is interpreted as the following: \n * Gateway: Listener
|
|
||||||
Name \n Implementations MAY choose to support attaching
|
|
||||||
Routes to other resources. If that is the case, they MUST
|
|
||||||
clearly document how SectionName is interpreted. \n When
|
|
||||||
unspecified (empty string), this will reference the entire
|
|
||||||
resource. For the purpose of status, an attachment is
|
|
||||||
considered successful if at least one section in the parent
|
|
||||||
resource accepts it. For example, Gateway listeners can
|
|
||||||
restrict which Routes can attach to them by Route kind,
|
|
||||||
namespace, or hostname. If 1 of 2 Gateway listeners accept
|
|
||||||
attachment from the referencing Route, the Route MUST
|
|
||||||
be considered successfully attached. If no Gateway listeners
|
|
||||||
accept attachment from this Route, the Route MUST be considered
|
|
||||||
detached from the Gateway. \n Support: Core"
|
|
||||||
maxLength: 253
|
|
||||||
minLength: 1
|
|
||||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
||||||
type: string
|
|
||||||
required:
|
|
||||||
- name
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- controllerName
|
|
||||||
- parentRef
|
|
||||||
type: object
|
|
||||||
maxItems: 32
|
|
||||||
type: array
|
|
||||||
required:
|
|
||||||
- parents
|
|
||||||
type: object
|
|
||||||
required:
|
|
||||||
- spec
|
|
||||||
type: object
|
|
||||||
served: true
|
|
||||||
storage: true
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
|
@ -1,13 +0,0 @@
|
||||||
---
|
|
||||||
- name: Deploy Gatway API CRDs
|
|
||||||
kubernetes.core.k8s:
|
|
||||||
state: present
|
|
||||||
definition: "{{ lookup('file', item) | from_yaml }}"
|
|
||||||
loop:
|
|
||||||
- gatewayclasses.yaml
|
|
||||||
- gateways.yaml
|
|
||||||
- httproutes.yaml
|
|
||||||
- referencepolicies.yaml
|
|
||||||
- tcproutes.yaml
|
|
||||||
- tlsroutes.yaml
|
|
||||||
- udproutes.yaml
|
|
|
@ -9,3 +9,5 @@ networking:
|
||||||
env:
|
env:
|
||||||
HCLOUD_LOAD_BALANCERS_USE_PRIVATE_IP:
|
HCLOUD_LOAD_BALANCERS_USE_PRIVATE_IP:
|
||||||
value: "true"
|
value: "true"
|
||||||
|
HCLOUD_LOAD_BALANCERS_LOCATION:
|
||||||
|
value: "hel1"
|
Loading…
Reference in a new issue