1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 annotations:
6 controller-gen.kubebuilder.io/version: (unknown)
7 name: computeforwardingrules.compute.cnrm.cloud.google.com
8spec:
9 group: compute.cnrm.cloud.google.com
10 names:
11 kind: ComputeForwardingRule
12 listKind: ComputeForwardingRuleList
13 plural: computeforwardingrules
14 singular: computeforwardingrule
15 scope: Namespaced
16 versions:
17 - name: v1beta1
18 schema:
19 openAPIV3Schema:
20 description: ComputeForwardingRule is the Schema for the compute API
21 properties:
22 apiVersion:
23 description: |-
24 APIVersion defines the versioned schema of this representation of an object.
25 Servers should convert recognized schemas to the latest internal value, and
26 may reject unrecognized values.
27 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
28 type: string
29 kind:
30 description: |-
31 Kind is a string value representing the REST resource this object represents.
32 Servers may infer this from the endpoint the client submits requests to.
33 Cannot be updated.
34 In CamelCase.
35 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
36 type: string
37 metadata:
38 type: object
39 spec:
40 properties:
41 allPorts:
42 description: |-
43 Immutable. This field can only be used:
44 * If 'IPProtocol' is one of TCP, UDP, or SCTP.
45 * By internal TCP/UDP load balancers, backend service-based network load
46 balancers, and internal and external protocol forwarding.
47
48
49 Set this field to true to allow packets addressed to any port or packets
50 lacking destination port information (for example, UDP fragments after the
51 first fragment) to be forwarded to the backends configured with this
52 forwarding rule.
53
54
55 The 'ports', 'port_range', and
56 'allPorts' fields are mutually exclusive.
57 type: boolean
58 allowGlobalAccess:
59 description: |-
60 This field is used along with the 'backend_service' field for
61 internal load balancing or with the 'target' field for internal
62 TargetInstance.
63
64
65 If the field is set to 'TRUE', clients can access ILB from all
66 regions.
67
68
69 Otherwise only allows access from clients in the same region as the
70 internal load balancer.
71 type: boolean
72 allowPscGlobalAccess:
73 description: Immutable. This is used in PSC consumer ForwardingRule
74 to control whether the PSC endpoint can be accessed from another
75 region.
76 type: boolean
77 backendServiceRef:
78 description: |-
79 A ComputeBackendService to receive the matched traffic. This is
80 used only for internal load balancing.
81 properties:
82 external:
83 description: The external name of the referenced resource
84 type: string
85 kind:
86 description: Kind of the referent.
87 type: string
88 name:
89 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
90 type: string
91 namespace:
92 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
93 type: string
94 type: object
95 description:
96 description: |-
97 Immutable. An optional description of this resource. Provide this property when
98 you create the resource.
99 type: string
100 ipAddress:
101 description: |-
102 The IP address that this forwarding rule is serving on behalf of.
103
104
105 Addresses are restricted based on the forwarding rule's load
106 balancing scheme (EXTERNAL or INTERNAL) and scope (global or
107 regional).
108
109
110 When the load balancing scheme is EXTERNAL, for global forwarding
111 rules, the address must be a global IP, and for regional forwarding
112 rules, the address must live in the same region as the forwarding
113 rule. If this field is empty, an ephemeral IPv4 address from the
114 same scope (global or regional) will be assigned. A regional
115 forwarding rule supports IPv4 only. A global forwarding rule
116 supports either IPv4 or IPv6.
117
118
119 When the load balancing scheme is INTERNAL, this can only be an RFC
120 1918 IP address belonging to the network/subnet configured for the
121 forwarding rule. By default, if this field is empty, an ephemeral
122 internal IP address will be automatically allocated from the IP
123 range of the subnet or network configured for this forwarding rule.
124 properties:
125 addressRef:
126 properties:
127 external:
128 description: The external name of the referenced resource
129 type: string
130 kind:
131 description: Kind of the referent.
132 type: string
133 name:
134 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
135 type: string
136 namespace:
137 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
138 type: string
139 type: object
140 ip:
141 type: string
142 type: object
143 ipProtocol:
144 description: |-
145 Immutable. The IP protocol to which this rule applies.
146
147
148 For protocol forwarding, valid
149 options are 'TCP', 'UDP', 'ESP',
150 'AH', 'SCTP', 'ICMP' and
151 'L3_DEFAULT'.
152
153
154 The valid IP protocols are different for different load balancing products
155 as described in [Load balancing
156 features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). Possible values: ["TCP", "UDP", "ESP", "AH", "SCTP", "ICMP", "L3_DEFAULT"].
157 type: string
158 ipVersion:
159 description: 'Immutable. The IP Version that will be used by this
160 global forwarding rule. Possible values: ["IPV4", "IPV6"].'
161 type: string
162 isMirroringCollector:
163 description: |-
164 Immutable. Indicates whether or not this load balancer can be used as a collector for
165 packet mirroring. To prevent mirroring loops, instances behind this
166 load balancer will not have their traffic mirrored even if a
167 'PacketMirroring' rule applies to them.
168
169
170 This can only be set to true for load balancers that have their
171 'loadBalancingScheme' set to 'INTERNAL'.
172 type: boolean
173 loadBalancingScheme:
174 description: |-
175 Immutable. Specifies the forwarding rule type.
176
177
178 For more information about forwarding rules, refer to
179 [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). Default value: "EXTERNAL" Possible values: ["EXTERNAL", "EXTERNAL_MANAGED", "INTERNAL", "INTERNAL_MANAGED"].
180 type: string
181 location:
182 description: 'Location represents the geographical location of the
183 ComputeForwardingRule. Specify a region name or "global" for global
184 resources. Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)'
185 type: string
186 metadataFilters:
187 description: |-
188 Immutable. Opaque filter criteria used by Loadbalancer to restrict routing
189 configuration to a limited set xDS compliant clients. In their xDS
190 requests to Loadbalancer, xDS clients present node metadata. If a
191 match takes place, the relevant routing configuration is made available
192 to those proxies.
193
194
195 For each metadataFilter in this list, if its filterMatchCriteria is set
196 to MATCH_ANY, at least one of the filterLabels must match the
197 corresponding label provided in the metadata. If its filterMatchCriteria
198 is set to MATCH_ALL, then all of its filterLabels must match with
199 corresponding labels in the provided metadata.
200
201
202 metadataFilters specified here can be overridden by those specified in
203 the UrlMap that this ForwardingRule references.
204
205
206 metadataFilters only applies to Loadbalancers that have their
207 loadBalancingScheme set to INTERNAL_SELF_MANAGED.
208 items:
209 properties:
210 filterLabels:
211 description: |-
212 Immutable. The list of label value pairs that must match labels in the
213 provided metadata based on filterMatchCriteria
214
215
216 This list must not be empty and can have at the most 64 entries.
217 items:
218 properties:
219 name:
220 description: |-
221 Immutable. Name of the metadata label. The length must be between
222 1 and 1024 characters, inclusive.
223 type: string
224 value:
225 description: |-
226 Immutable. The value that the label must match. The value has a maximum
227 length of 1024 characters.
228 type: string
229 required:
230 - name
231 - value
232 type: object
233 type: array
234 filterMatchCriteria:
235 description: |-
236 Immutable. Specifies how individual filterLabel matches within the list of
237 filterLabels contribute towards the overall metadataFilter match.
238
239
240 MATCH_ANY - At least one of the filterLabels must have a matching
241 label in the provided metadata.
242 MATCH_ALL - All filterLabels must have matching labels in the
243 provided metadata. Possible values: ["MATCH_ANY", "MATCH_ALL"].
244 type: string
245 required:
246 - filterLabels
247 - filterMatchCriteria
248 type: object
249 type: array
250 networkRef:
251 description: |-
252 This field is not used for external load balancing. For internal
253 load balancing, this field identifies the network that the load
254 balanced IP should belong to for this forwarding rule. If this
255 field is not specified, the default network will be used.
256 properties:
257 external:
258 description: The external name of the referenced resource
259 type: string
260 kind:
261 description: Kind of the referent.
262 type: string
263 name:
264 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
265 type: string
266 namespace:
267 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
268 type: string
269 type: object
270 networkTier:
271 description: |-
272 Immutable. This signifies the networking tier used for configuring
273 this load balancer and can only take the following values:
274 'PREMIUM', 'STANDARD'.
275
276
277 For regional ForwardingRule, the valid values are 'PREMIUM' and
278 'STANDARD'. For GlobalForwardingRule, the valid value is
279 'PREMIUM'.
280
281
282 If this field is not specified, it is assumed to be 'PREMIUM'.
283 If 'IPAddress' is specified, this value must be equal to the
284 networkTier of the Address. Possible values: ["PREMIUM", "STANDARD"].
285 type: string
286 portRange:
287 description: |-
288 Immutable. This field can only be used:
289
290
291 * If 'IPProtocol' is one of TCP, UDP, or SCTP.
292 * By backend service-based network load balancers, target pool-based
293 network load balancers, internal proxy load balancers, external proxy load
294 balancers, Traffic Director, external protocol forwarding, and Classic VPN.
295 Some products have restrictions on what ports can be used. See
296 [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications)
297 for details.
298
299
300 Only packets addressed to ports in the specified range will be forwarded to
301 the backends configured with this forwarding rule.
302
303
304 The 'ports' and 'port_range' fields are mutually exclusive.
305
306
307 For external forwarding rules, two or more forwarding rules cannot use the
308 same '[IPAddress, IPProtocol]' pair, and cannot have
309 overlapping 'portRange's.
310
311
312 For internal forwarding rules within the same VPC network, two or more
313 forwarding rules cannot use the same '[IPAddress, IPProtocol]'
314 pair, and cannot have overlapping 'portRange's.
315 type: string
316 ports:
317 description: |-
318 Immutable. This field can only be used:
319
320
321 * If 'IPProtocol' is one of TCP, UDP, or SCTP.
322 * By internal TCP/UDP load balancers, backend service-based network load
323 balancers, and internal protocol forwarding.
324
325
326 You can specify a list of up to five ports by number, separated by commas.
327 The ports can be contiguous or discontiguous. Only packets addressed to
328 these ports will be forwarded to the backends configured with this
329 forwarding rule.
330
331
332 For external forwarding rules, two or more forwarding rules cannot use the
333 same '[IPAddress, IPProtocol]' pair, and cannot share any values
334 defined in 'ports'.
335
336
337 For internal forwarding rules within the same VPC network, two or more
338 forwarding rules cannot use the same '[IPAddress, IPProtocol]'
339 pair, and cannot share any values defined in 'ports'.
340
341
342 The 'ports' and 'port_range' fields are mutually exclusive.
343 items:
344 type: string
345 type: array
346 resourceID:
347 description: Immutable. Optional. The name of the resource. Used for
348 creation and acquisition. When unset, the value of `metadata.name`
349 is used as the default.
350 type: string
351 serviceDirectoryRegistrations:
352 description: |-
353 Immutable. Service Directory resources to register this forwarding rule with.
354
355
356 Currently, only supports a single Service Directory resource.
357 items:
358 properties:
359 namespace:
360 description: Immutable. Service Directory namespace to register
361 the forwarding rule under.
362 type: string
363 service:
364 description: Immutable. Service Directory service to register
365 the forwarding rule under.
366 type: string
367 type: object
368 type: array
369 serviceLabel:
370 description: |-
371 Immutable. An optional prefix to the service name for this Forwarding Rule.
372 If specified, will be the first label of the fully qualified service
373 name.
374
375
376 The label must be 1-63 characters long, and comply with RFC1035.
377 Specifically, the label must be 1-63 characters long and match the
378 regular expression '[a-z]([-a-z0-9]*[a-z0-9])?' which means the first
379 character must be a lowercase letter, and all following characters
380 must be a dash, lowercase letter, or digit, except the last
381 character, which cannot be a dash.
382
383
384 This field is only used for INTERNAL load balancing.
385 type: string
386 sourceIpRanges:
387 description: Immutable. If not empty, this Forwarding Rule will only
388 forward the traffic when the source IP address matches one of the
389 IP addresses or CIDR ranges set here. Note that a Forwarding Rule
390 can only have up to 64 source IP ranges, and this field can only
391 be used with a regional Forwarding Rule whose scheme is EXTERNAL.
392 Each sourceIpRange entry should be either an IP address (for example,
393 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
394 items:
395 type: string
396 type: array
397 subnetworkRef:
398 description: |-
399 The subnetwork that the load balanced IP should belong to for this
400 forwarding rule. This field is only used for internal load
401 balancing.
402
403
404 If the network specified is in auto subnet mode, this field is
405 optional. However, if the network is in custom subnet mode, a
406 subnetwork must be specified.
407 properties:
408 external:
409 description: The external name of the referenced resource
410 type: string
411 kind:
412 description: Kind of the referent.
413 type: string
414 name:
415 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
416 type: string
417 namespace:
418 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
419 type: string
420 type: object
421 target:
422 description: |-
423 The target resource to receive the matched traffic. The forwarded
424 traffic must be of a type appropriate to the target object. For
425 INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets
426 are valid.
427 properties:
428 targetGRPCProxyRef:
429 properties:
430 external:
431 description: The external name of the referenced resource
432 type: string
433 kind:
434 description: Kind of the referent.
435 type: string
436 name:
437 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
438 type: string
439 namespace:
440 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
441 type: string
442 type: object
443 targetHTTPProxyRef:
444 properties:
445 external:
446 description: The external name of the referenced resource
447 type: string
448 kind:
449 description: Kind of the referent.
450 type: string
451 name:
452 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
453 type: string
454 namespace:
455 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
456 type: string
457 type: object
458 targetHTTPSProxyRef:
459 properties:
460 external:
461 description: The external name of the referenced resource
462 type: string
463 kind:
464 description: Kind of the referent.
465 type: string
466 name:
467 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
468 type: string
469 namespace:
470 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
471 type: string
472 type: object
473 targetSSLProxyRef:
474 properties:
475 external:
476 description: The external name of the referenced resource
477 type: string
478 kind:
479 description: Kind of the referent.
480 type: string
481 name:
482 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
483 type: string
484 namespace:
485 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
486 type: string
487 type: object
488 targetTCPProxyRef:
489 properties:
490 external:
491 description: The external name of the referenced resource
492 type: string
493 kind:
494 description: Kind of the referent.
495 type: string
496 name:
497 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
498 type: string
499 namespace:
500 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
501 type: string
502 type: object
503 targetVPNGatewayRef:
504 properties:
505 external:
506 description: The external name of the referenced resource
507 type: string
508 kind:
509 description: Kind of the referent.
510 type: string
511 name:
512 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
513 type: string
514 namespace:
515 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
516 type: string
517 type: object
518 type: object
519 required:
520 - location
521 type: object
522 status:
523 properties:
524 baseForwardingRule:
525 description: '[Output Only] The URL for the corresponding base Forwarding
526 Rule. By base Forwarding Rule, we mean the Forwarding Rule that
527 has the same IP address, protocol, and port settings with the current
528 Forwarding Rule, but without sourceIPRanges specified. Always empty
529 if the current Forwarding Rule does not have sourceIPRanges specified.'
530 type: string
531 conditions:
532 description: |-
533 Conditions represent the latest available observations of the
534 ComputeForwardingRule's current state.
535 items:
536 properties:
537 lastTransitionTime:
538 description: Last time the condition transitioned from one status
539 to another.
540 type: string
541 message:
542 description: Human-readable message indicating details about
543 last transition.
544 type: string
545 reason:
546 description: |-
547 Unique, one-word, CamelCase reason for the condition's last
548 transition.
549 type: string
550 status:
551 description: Status is the status of the condition. Can be True,
552 False, Unknown.
553 type: string
554 type:
555 description: Type is the type of the condition.
556 type: string
557 type: object
558 type: array
559 creationTimestamp:
560 description: Creation timestamp in RFC3339 text format.
561 type: string
562 labelFingerprint:
563 description: |-
564 The fingerprint used for optimistic locking of this resource. Used
565 internally during updates.
566 type: string
567 observedGeneration:
568 description: ObservedGeneration is the generation of the resource
569 that was most recently observed by the Config Connector controller.
570 If this is equal to metadata.generation, then that means that the
571 current reported status reflects the most recent desired state of
572 the resource.
573 type: integer
574 pscConnectionId:
575 description: The PSC connection id of the PSC Forwarding Rule.
576 type: string
577 pscConnectionStatus:
578 description: 'The PSC connection status of the PSC Forwarding Rule.
579 Possible values: ''STATUS_UNSPECIFIED'', ''PENDING'', ''ACCEPTED'',
580 ''REJECTED'', ''CLOSED''.'
581 type: string
582 selfLink:
583 type: string
584 serviceName:
585 description: |-
586 The internal fully qualified service name for this Forwarding Rule.
587
588
589 This field is only used for INTERNAL load balancing.
590 type: string
591 type: object
592 type: object
593 served: true
594 storage: true
View as plain text