1# GENERATED FILE: edits made by hand will not be preserved.
2---
3apiVersion: apiextensions.k8s.io/v1
4kind: CustomResourceDefinition
5metadata:
6 annotations:
7 controller-gen.kubebuilder.io/version: v0.13.0
8 labels:
9 app.kubernetes.io/instance: emissary-apiext
10 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
11 app.kubernetes.io/name: emissary-apiext
12 app.kubernetes.io/part-of: emissary-apiext
13 name: authservices.getambassador.io
14spec:
15 conversion:
16 strategy: Webhook
17 webhook:
18 clientConfig:
19 service:
20 name: emissary-apiext
21 namespace: emissary-system
22 conversionReviewVersions:
23 - v1
24 group: getambassador.io
25 names:
26 categories:
27 - ambassador-crds
28 kind: AuthService
29 listKind: AuthServiceList
30 plural: authservices
31 singular: authservice
32 preserveUnknownFields: false
33 scope: Namespaced
34 versions:
35 - name: v1
36 schema:
37 openAPIV3Schema:
38 description: AuthService is the Schema for the authservices API
39 properties:
40 apiVersion:
41 description: 'APIVersion defines the versioned schema of this representation
42 of an object. Servers should convert recognized schemas to the latest
43 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
44 type: string
45 kind:
46 description: 'Kind is a string value representing the REST resource this
47 object represents. Servers may infer this from the endpoint the client
48 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
49 type: string
50 metadata:
51 type: object
52 spec:
53 description: AuthServiceSpec defines the desired state of AuthService
54 properties:
55 add_auth_headers:
56 additionalProperties:
57 type: string
58 type: object
59 add_linkerd_headers:
60 type: boolean
61 allow_request_body:
62 type: boolean
63 allowed_authorization_headers:
64 items:
65 type: string
66 type: array
67 allowed_request_headers:
68 items:
69 type: string
70 type: array
71 auth_service:
72 type: string
73 failure_mode_allow:
74 type: boolean
75 include_body:
76 properties:
77 allow_partial:
78 type: boolean
79 max_bytes:
80 description: These aren't pointer types because they are required.
81 type: integer
82 required:
83 - allow_partial
84 - max_bytes
85 type: object
86 path_prefix:
87 type: string
88 proto:
89 enum:
90 - http
91 - grpc
92 type: string
93 protocol_version:
94 enum:
95 - v2
96 - v3
97 type: string
98 status_on_error:
99 description: Why isn't this just an int??
100 properties:
101 code:
102 type: integer
103 type: object
104 timeout_ms:
105 type: integer
106 v3CircuitBreakers:
107 items:
108 properties:
109 max_connections:
110 type: integer
111 max_pending_requests:
112 type: integer
113 max_requests:
114 type: integer
115 max_retries:
116 type: integer
117 priority:
118 enum:
119 - default
120 - high
121 type: string
122 type: object
123 type: array
124 v3StatsName:
125 type: string
126 required:
127 - auth_service
128 type: object
129 x-kubernetes-preserve-unknown-fields: true
130 type: object
131 served: true
132 storage: false
133 - name: v2
134 schema:
135 openAPIV3Schema:
136 description: AuthService is the Schema for the authservices API
137 properties:
138 apiVersion:
139 description: 'APIVersion defines the versioned schema of this representation
140 of an object. Servers should convert recognized schemas to the latest
141 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
142 type: string
143 kind:
144 description: 'Kind is a string value representing the REST resource this
145 object represents. Servers may infer this from the endpoint the client
146 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
147 type: string
148 metadata:
149 type: object
150 spec:
151 description: AuthServiceSpec defines the desired state of AuthService
152 properties:
153 add_auth_headers:
154 additionalProperties:
155 type: string
156 type: object
157 add_linkerd_headers:
158 type: boolean
159 allow_request_body:
160 type: boolean
161 allowed_authorization_headers:
162 items:
163 type: string
164 type: array
165 allowed_request_headers:
166 items:
167 type: string
168 type: array
169 auth_service:
170 type: string
171 failure_mode_allow:
172 type: boolean
173 include_body:
174 properties:
175 allow_partial:
176 type: boolean
177 max_bytes:
178 description: These aren't pointer types because they are required.
179 type: integer
180 required:
181 - allow_partial
182 - max_bytes
183 type: object
184 path_prefix:
185 type: string
186 proto:
187 enum:
188 - http
189 - grpc
190 type: string
191 protocol_version:
192 enum:
193 - v2
194 - v3
195 type: string
196 status_on_error:
197 description: Why isn't this just an int??
198 properties:
199 code:
200 type: integer
201 type: object
202 timeout_ms:
203 type: integer
204 v3CircuitBreakers:
205 items:
206 properties:
207 max_connections:
208 type: integer
209 max_pending_requests:
210 type: integer
211 max_requests:
212 type: integer
213 max_retries:
214 type: integer
215 priority:
216 enum:
217 - default
218 - high
219 type: string
220 type: object
221 type: array
222 v3StatsName:
223 type: string
224 required:
225 - auth_service
226 type: object
227 x-kubernetes-preserve-unknown-fields: true
228 type: object
229 served: true
230 storage: true
231 - name: v3alpha1
232 schema:
233 openAPIV3Schema:
234 description: AuthService is the Schema for the authservices API
235 properties:
236 apiVersion:
237 description: 'APIVersion defines the versioned schema of this representation
238 of an object. Servers should convert recognized schemas to the latest
239 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
240 type: string
241 kind:
242 description: 'Kind is a string value representing the REST resource this
243 object represents. Servers may infer this from the endpoint the client
244 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
245 type: string
246 metadata:
247 type: object
248 spec:
249 description: AuthServiceSpec defines the desired state of AuthService
250 properties:
251 add_auth_headers:
252 additionalProperties:
253 type: string
254 type: object
255 add_linkerd_headers:
256 type: boolean
257 allow_request_body:
258 type: boolean
259 allowed_authorization_headers:
260 items:
261 type: string
262 type: array
263 allowed_request_headers:
264 items:
265 type: string
266 type: array
267 ambassador_id:
268 description: "AmbassadorID declares which Ambassador instances should
269 pay attention to this resource. If no value is provided, the default
270 is: \n ambassador_id: - \"default\""
271 items:
272 type: string
273 type: array
274 auth_service:
275 type: string
276 circuit_breakers:
277 items:
278 properties:
279 max_connections:
280 type: integer
281 max_pending_requests:
282 type: integer
283 max_requests:
284 type: integer
285 max_retries:
286 type: integer
287 priority:
288 enum:
289 - default
290 - high
291 type: string
292 type: object
293 type: array
294 failure_mode_allow:
295 type: boolean
296 include_body:
297 properties:
298 allow_partial:
299 type: boolean
300 max_bytes:
301 description: These aren't pointer types because they are required.
302 type: integer
303 required:
304 - allow_partial
305 - max_bytes
306 type: object
307 path_prefix:
308 type: string
309 proto:
310 enum:
311 - http
312 - grpc
313 type: string
314 protocol_version:
315 description: ProtocolVersion is the envoy api transport protocol version
316 enum:
317 - v2
318 - v3
319 type: string
320 stats_name:
321 type: string
322 status_on_error:
323 properties:
324 code:
325 type: integer
326 type: object
327 timeout_ms:
328 type: integer
329 tls:
330 type: string
331 v2ExplicitTLS:
332 description: V2ExplicitTLS controls some vanity/stylistic elements
333 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
334 should not in any way affect the runtime operation of Emissary;
335 except that it may affect internal names in the Envoy config, which
336 may in turn affect stats names. But it should not affect any end-user
337 observable behavior.
338 properties:
339 serviceScheme:
340 description: "ServiceScheme specifies how to spell and capitalize
341 the scheme-part of the service URL. \n Acceptable values are
342 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
343 or \"\". The value is used if it agrees with whether or not
344 this resource enables TLS origination, or if something else
345 in the resource overrides the scheme."
346 pattern: ^([hH][tT][tT][pP][sS]?://)?$
347 type: string
348 tls:
349 description: "TLS controls whether and how to represent the \"tls\"
350 field when its value could be implied by the \"service\" field.
351 \ In v2, there were a lot of different ways to spell an \"empty\"
352 value, and this field specifies which way to spell it (and will
353 therefore only be used if the value will indeed be empty). \n
354 | Value | Representation | Meaning
355 of representation | |--------------+---------------------------------------+------------------------------------|
356 | \"\" | omit the field | defer
357 to service (no TLSContext) | | \"null\" | store an explicit
358 \"null\" in the field | defer to service (no TLSContext) |
359 | \"string\" | store an empty string in the field | defer
360 to service (no TLSContext) | | \"bool:false\" | store a Boolean
361 \"false\" in the field | defer to service (no TLSContext) |
362 | \"bool:true\" | store a Boolean \"true\" in the field |
363 originate TLS (no TLSContext) | \n If the meaning of the
364 representation contradicts anything else (if a TLSContext is
365 to be used, or in the case of \"bool:true\" if TLS is not to
366 be originated), then this field is ignored."
367 enum:
368 - ""
369 - "null"
370 - bool:true
371 - bool:false
372 - string
373 type: string
374 type: object
375 required:
376 - auth_service
377 type: object
378 type: object
379 served: true
380 storage: false
381---
382apiVersion: apiextensions.k8s.io/v1
383kind: CustomResourceDefinition
384metadata:
385 annotations:
386 controller-gen.kubebuilder.io/version: v0.13.0
387 labels:
388 app.kubernetes.io/instance: emissary-apiext
389 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
390 app.kubernetes.io/name: emissary-apiext
391 app.kubernetes.io/part-of: emissary-apiext
392 name: consulresolvers.getambassador.io
393spec:
394 conversion:
395 strategy: Webhook
396 webhook:
397 clientConfig:
398 service:
399 name: emissary-apiext
400 namespace: emissary-system
401 conversionReviewVersions:
402 - v1
403 group: getambassador.io
404 names:
405 categories:
406 - ambassador-crds
407 kind: ConsulResolver
408 listKind: ConsulResolverList
409 plural: consulresolvers
410 singular: consulresolver
411 preserveUnknownFields: false
412 scope: Namespaced
413 versions:
414 - name: v1
415 schema:
416 openAPIV3Schema:
417 description: ConsulResolver is the Schema for the ConsulResolver API
418 properties:
419 apiVersion:
420 description: 'APIVersion defines the versioned schema of this representation
421 of an object. Servers should convert recognized schemas to the latest
422 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
423 type: string
424 kind:
425 description: 'Kind is a string value representing the REST resource this
426 object represents. Servers may infer this from the endpoint the client
427 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
428 type: string
429 metadata:
430 type: object
431 spec:
432 description: ConsulResolver tells Ambassador to use Consul to resolve
433 services. In addition to the AmbassadorID, it needs information about
434 which Consul server and DC to use.
435 properties:
436 address:
437 type: string
438 datacenter:
439 type: string
440 type: object
441 x-kubernetes-preserve-unknown-fields: true
442 type: object
443 served: true
444 storage: false
445 - name: v2
446 schema:
447 openAPIV3Schema:
448 description: ConsulResolver is the Schema for the ConsulResolver API
449 properties:
450 apiVersion:
451 description: 'APIVersion defines the versioned schema of this representation
452 of an object. Servers should convert recognized schemas to the latest
453 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
454 type: string
455 kind:
456 description: 'Kind is a string value representing the REST resource this
457 object represents. Servers may infer this from the endpoint the client
458 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
459 type: string
460 metadata:
461 type: object
462 spec:
463 description: ConsulResolver tells Ambassador to use Consul to resolve
464 services. In addition to the AmbassadorID, it needs information about
465 which Consul server and DC to use.
466 properties:
467 address:
468 type: string
469 datacenter:
470 type: string
471 type: object
472 x-kubernetes-preserve-unknown-fields: true
473 type: object
474 served: true
475 storage: true
476 - name: v3alpha1
477 schema:
478 openAPIV3Schema:
479 description: ConsulResolver is the Schema for the ConsulResolver API
480 properties:
481 apiVersion:
482 description: 'APIVersion defines the versioned schema of this representation
483 of an object. Servers should convert recognized schemas to the latest
484 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
485 type: string
486 kind:
487 description: 'Kind is a string value representing the REST resource this
488 object represents. Servers may infer this from the endpoint the client
489 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
490 type: string
491 metadata:
492 type: object
493 spec:
494 description: ConsulResolver tells Ambassador to use Consul to resolve
495 services. In addition to the AmbassadorID, it needs information about
496 which Consul server and DC to use.
497 properties:
498 address:
499 type: string
500 ambassador_id:
501 description: "AmbassadorID declares which Ambassador instances should
502 pay attention to this resource. If no value is provided, the default
503 is: \n ambassador_id: - \"default\""
504 items:
505 type: string
506 type: array
507 datacenter:
508 type: string
509 type: object
510 type: object
511 served: true
512 storage: false
513---
514apiVersion: apiextensions.k8s.io/v1
515kind: CustomResourceDefinition
516metadata:
517 annotations:
518 controller-gen.kubebuilder.io/version: v0.13.0
519 labels:
520 app.kubernetes.io/instance: emissary-apiext
521 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
522 app.kubernetes.io/name: emissary-apiext
523 app.kubernetes.io/part-of: emissary-apiext
524 name: devportals.getambassador.io
525spec:
526 conversion:
527 strategy: Webhook
528 webhook:
529 clientConfig:
530 service:
531 name: emissary-apiext
532 namespace: emissary-system
533 conversionReviewVersions:
534 - v1
535 group: getambassador.io
536 names:
537 categories:
538 - ambassador-crds
539 kind: DevPortal
540 listKind: DevPortalList
541 plural: devportals
542 singular: devportal
543 preserveUnknownFields: false
544 scope: Namespaced
545 versions:
546 - name: v1
547 schema:
548 openAPIV3Schema:
549 description: "DevPortal is the Schema for the DevPortals API \n DevPortal
550 resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what`
551 is in a DevPortal can be controlled with \n - a `selector`, that can be
552 used for filtering `Mappings`. \n - a `docs` listing of (services, url)
553 \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository
554 with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the
555 cluster, and the Dev Portal server will show them at different endpoints.
556 A `DevPortal` resource with a special name, `ambassador`, will be used for
557 configuring the default Dev Portal (served at `/docs/` by default)."
558 properties:
559 apiVersion:
560 description: 'APIVersion defines the versioned schema of this representation
561 of an object. Servers should convert recognized schemas to the latest
562 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
563 type: string
564 kind:
565 description: 'Kind is a string value representing the REST resource this
566 object represents. Servers may infer this from the endpoint the client
567 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
568 type: string
569 metadata:
570 type: object
571 spec:
572 description: DevPortalSpec defines the desired state of DevPortal
573 properties:
574 content:
575 description: Content specifies where the content shown in the DevPortal
576 come from
577 properties:
578 branch:
579 type: string
580 dir:
581 type: string
582 url:
583 type: string
584 type: object
585 default:
586 description: Default must be true when this is the default DevPortal
587 type: boolean
588 docs:
589 description: Docs is a static docs definition
590 items:
591 description: 'DevPortalDocsSpec is a static documentation definition:
592 instead of using a Selector for finding documentation for services,
593 users can provide a static list of <service>:<URL> tuples. These
594 services will be shown in the Dev Portal with the documentation
595 obtained from this URL.'
596 properties:
597 service:
598 description: Service is the service being documented
599 type: string
600 timeout_ms:
601 description: Timeout specifies the amount of time devportal
602 will wait for the downstream service to report an openapi
603 spec back
604 type: integer
605 url:
606 description: URL is the URL used for obtaining docs
607 type: string
608 type: object
609 type: array
610 naming_scheme:
611 description: Describes how to display "services" in the DevPortal.
612 Default namespace.name
613 enum:
614 - namespace.name
615 - name.prefix
616 type: string
617 preserve_servers:
618 description: Configures this DevPortal to use server definitions from
619 the openAPI doc instead of rewriting them based on the url used
620 for the connection.
621 type: boolean
622 search:
623 description: DevPortalSearchSpec allows configuration over search
624 functionality for the DevPortal
625 properties:
626 enabled:
627 type: boolean
628 type:
629 description: 'Type of search. "title-only" does a fuzzy search
630 over openapi and page titles "all-content" will fuzzy search
631 over all openapi and page content. "title-only" is the default.
632 warning: using all-content may incur a larger memory footprint'
633 enum:
634 - title-only
635 - all-content
636 type: string
637 type: object
638 selector:
639 description: Selector is used for choosing what is shown in the DevPortal
640 properties:
641 matchLabels:
642 additionalProperties:
643 type: string
644 description: MatchLabels specifies the list of labels that must
645 be present in Mappings for being present in this DevPortal.
646 type: object
647 matchNamespaces:
648 description: MatchNamespaces is a list of namespaces that will
649 be included in this DevPortal.
650 items:
651 type: string
652 type: array
653 type: object
654 type: object
655 x-kubernetes-preserve-unknown-fields: true
656 type: object
657 served: true
658 storage: false
659 - name: v2
660 schema:
661 openAPIV3Schema:
662 description: "DevPortal is the Schema for the DevPortals API \n DevPortal
663 resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what`
664 is in a DevPortal can be controlled with \n - a `selector`, that can be
665 used for filtering `Mappings`. \n - a `docs` listing of (services, url)
666 \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository
667 with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the
668 cluster, and the Dev Portal server will show them at different endpoints.
669 A `DevPortal` resource with a special name, `ambassador`, will be used for
670 configuring the default Dev Portal (served at `/docs/` by default)."
671 properties:
672 apiVersion:
673 description: 'APIVersion defines the versioned schema of this representation
674 of an object. Servers should convert recognized schemas to the latest
675 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
676 type: string
677 kind:
678 description: 'Kind is a string value representing the REST resource this
679 object represents. Servers may infer this from the endpoint the client
680 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
681 type: string
682 metadata:
683 type: object
684 spec:
685 description: DevPortalSpec defines the desired state of DevPortal
686 properties:
687 content:
688 description: Content specifies where the content shown in the DevPortal
689 come from
690 properties:
691 branch:
692 type: string
693 dir:
694 type: string
695 url:
696 type: string
697 type: object
698 default:
699 description: Default must be true when this is the default DevPortal
700 type: boolean
701 docs:
702 description: Docs is a static docs definition
703 items:
704 description: 'DevPortalDocsSpec is a static documentation definition:
705 instead of using a Selector for finding documentation for services,
706 users can provide a static list of <service>:<URL> tuples. These
707 services will be shown in the Dev Portal with the documentation
708 obtained from this URL.'
709 properties:
710 service:
711 description: Service is the service being documented
712 type: string
713 timeout_ms:
714 description: Timeout specifies the amount of time devportal
715 will wait for the downstream service to report an openapi
716 spec back
717 type: integer
718 url:
719 description: URL is the URL used for obtaining docs
720 type: string
721 type: object
722 type: array
723 naming_scheme:
724 description: Describes how to display "services" in the DevPortal.
725 Default namespace.name
726 enum:
727 - namespace.name
728 - name.prefix
729 type: string
730 preserve_servers:
731 description: Configures this DevPortal to use server definitions from
732 the openAPI doc instead of rewriting them based on the url used
733 for the connection.
734 type: boolean
735 search:
736 description: DevPortalSearchSpec allows configuration over search
737 functionality for the DevPortal
738 properties:
739 enabled:
740 type: boolean
741 type:
742 description: 'Type of search. "title-only" does a fuzzy search
743 over openapi and page titles "all-content" will fuzzy search
744 over all openapi and page content. "title-only" is the default.
745 warning: using all-content may incur a larger memory footprint'
746 enum:
747 - title-only
748 - all-content
749 type: string
750 type: object
751 selector:
752 description: Selector is used for choosing what is shown in the DevPortal
753 properties:
754 matchLabels:
755 additionalProperties:
756 type: string
757 description: MatchLabels specifies the list of labels that must
758 be present in Mappings for being present in this DevPortal.
759 type: object
760 matchNamespaces:
761 description: MatchNamespaces is a list of namespaces that will
762 be included in this DevPortal.
763 items:
764 type: string
765 type: array
766 type: object
767 type: object
768 x-kubernetes-preserve-unknown-fields: true
769 type: object
770 served: true
771 storage: true
772 - name: v3alpha1
773 schema:
774 openAPIV3Schema:
775 description: "DevPortal is the Schema for the DevPortals API \n DevPortal
776 resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what`
777 is in a DevPortal can be controlled with \n - a `selector`, that can be
778 used for filtering `Mappings`. \n - a `docs` listing of (services, url)
779 \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository
780 with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the
781 cluster, and the Dev Portal server will show them at different endpoints.
782 A `DevPortal` resource with a special name, `ambassador`, will be used for
783 configuring the default Dev Portal (served at `/docs/` by default)."
784 properties:
785 apiVersion:
786 description: 'APIVersion defines the versioned schema of this representation
787 of an object. Servers should convert recognized schemas to the latest
788 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
789 type: string
790 kind:
791 description: 'Kind is a string value representing the REST resource this
792 object represents. Servers may infer this from the endpoint the client
793 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
794 type: string
795 metadata:
796 type: object
797 spec:
798 description: DevPortalSpec defines the desired state of DevPortal
799 properties:
800 ambassador_id:
801 description: "AmbassadorID declares which Ambassador instances should
802 pay attention to this resource. If no value is provided, the default
803 is: \n ambassador_id: - \"default\""
804 items:
805 type: string
806 type: array
807 content:
808 description: Content specifies where the content shown in the DevPortal
809 come from
810 properties:
811 branch:
812 type: string
813 dir:
814 type: string
815 url:
816 type: string
817 type: object
818 default:
819 description: Default must be true when this is the default DevPortal
820 type: boolean
821 docs:
822 description: Docs is a static docs definition
823 items:
824 description: 'DevPortalDocsSpec is a static documentation definition:
825 instead of using a Selector for finding documentation for services,
826 users can provide a static list of <service>:<URL> tuples. These
827 services will be shown in the Dev Portal with the documentation
828 obtained from this URL.'
829 properties:
830 service:
831 description: Service is the service being documented
832 type: string
833 timeout_ms:
834 description: Timeout specifies the amount of time devportal
835 will wait for the downstream service to report an openapi
836 spec back
837 type: integer
838 url:
839 description: URL is the URL used for obtaining docs
840 type: string
841 type: object
842 type: array
843 naming_scheme:
844 description: Describes how to display "services" in the DevPortal.
845 Default namespace.name
846 enum:
847 - namespace.name
848 - name.prefix
849 type: string
850 preserve_servers:
851 description: Configures this DevPortal to use server definitions from
852 the openAPI doc instead of rewriting them based on the url used
853 for the connection.
854 type: boolean
855 search:
856 description: DevPortalSearchSpec allows configuration over search
857 functionality for the DevPortal
858 properties:
859 enabled:
860 type: boolean
861 type:
862 description: 'Type of search. "title-only" does a fuzzy search
863 over openapi and page titles "all-content" will fuzzy search
864 over all openapi and page content. "title-only" is the default.
865 warning: using all-content may incur a larger memory footprint'
866 enum:
867 - title-only
868 - all-content
869 type: string
870 type: object
871 selector:
872 description: Selector is used for choosing what is shown in the DevPortal
873 properties:
874 matchLabels:
875 additionalProperties:
876 type: string
877 description: MatchLabels specifies the list of labels that must
878 be present in Mappings for being present in this DevPortal.
879 type: object
880 matchNamespaces:
881 description: MatchNamespaces is a list of namespaces that will
882 be included in this DevPortal.
883 items:
884 type: string
885 type: array
886 type: object
887 type: object
888 type: object
889 served: true
890 storage: false
891---
892apiVersion: apiextensions.k8s.io/v1
893kind: CustomResourceDefinition
894metadata:
895 annotations:
896 controller-gen.kubebuilder.io/version: v0.13.0
897 labels:
898 app.kubernetes.io/instance: emissary-apiext
899 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
900 app.kubernetes.io/name: emissary-apiext
901 app.kubernetes.io/part-of: emissary-apiext
902 name: hosts.getambassador.io
903spec:
904 conversion:
905 strategy: Webhook
906 webhook:
907 clientConfig:
908 service:
909 name: emissary-apiext
910 namespace: emissary-system
911 conversionReviewVersions:
912 - v1
913 group: getambassador.io
914 names:
915 categories:
916 - ambassador-crds
917 kind: Host
918 listKind: HostList
919 plural: hosts
920 singular: host
921 preserveUnknownFields: false
922 scope: Namespaced
923 versions:
924 - additionalPrinterColumns:
925 - jsonPath: .spec.hostname
926 name: Hostname
927 type: string
928 - jsonPath: .status.state
929 name: State
930 type: string
931 - jsonPath: .status.phaseCompleted
932 name: Phase Completed
933 type: string
934 - jsonPath: .status.phasePending
935 name: Phase Pending
936 type: string
937 - jsonPath: .metadata.creationTimestamp
938 name: Age
939 type: date
940 name: v2
941 schema:
942 openAPIV3Schema:
943 description: Host is the Schema for the hosts API
944 properties:
945 apiVersion:
946 description: 'APIVersion defines the versioned schema of this representation
947 of an object. Servers should convert recognized schemas to the latest
948 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
949 type: string
950 kind:
951 description: 'Kind is a string value representing the REST resource this
952 object represents. Servers may infer this from the endpoint the client
953 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
954 type: string
955 metadata:
956 type: object
957 spec:
958 description: HostSpec defines the desired state of Host
959 properties:
960 acmeProvider:
961 description: Specifies whether/who to talk ACME with to automatically
962 manage the $tlsSecret.
963 properties:
964 authority:
965 description: Specifies who to talk ACME with to get certs. Defaults
966 to Let's Encrypt; if "none" (case-insensitive), do not try to
967 do ACME for this Host.
968 type: string
969 email:
970 type: string
971 privateKeySecret:
972 description: "Specifies the Kubernetes Secret to use to store
973 the private key of the ACME account (essentially, where to store
974 the auto-generated password for the auto-created ACME account).
975 \ You should not normally need to set this--the default value
976 is based on a combination of the ACME authority being registered
977 wit and the email address associated with the account. \n Note
978 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
979 not an Ambassador-style `{name}.{namespace}` string. Because
980 we're opinionated, it does not support referencing a Secret
981 in another namespace (because most native Kubernetes resources
982 don't support that), but if we ever abandon that opinion and
983 decide to support non-local references it, it would be by adding
984 a `namespace:` field by changing it from a core.v1.LocalObjectReference
985 to a core.v1.SecretReference, not by adopting the `{name}.{namespace}`
986 notation."
987 properties:
988 name:
989 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
990 TODO: Add other useful fields. apiVersion, kind, uid?'
991 type: string
992 type: object
993 x-kubernetes-map-type: atomic
994 registration:
995 description: This is normally set automatically
996 type: string
997 type: object
998 hostname:
999 description: Hostname by which the Ambassador can be reached.
1000 type: string
1001 previewUrl:
1002 description: Configuration for the Preview URL feature of Service
1003 Preview. Defaults to preview URLs not enabled.
1004 properties:
1005 enabled:
1006 description: Is the Preview URL feature enabled?
1007 type: boolean
1008 type:
1009 description: What type of Preview URL is allowed?
1010 enum:
1011 - Path
1012 type: string
1013 type: object
1014 requestPolicy:
1015 description: Request policy definition.
1016 properties:
1017 insecure:
1018 properties:
1019 action:
1020 enum:
1021 - Redirect
1022 - Reject
1023 - Route
1024 type: string
1025 additionalPort:
1026 type: integer
1027 type: object
1028 type: object
1029 selector:
1030 description: Selector by which we can find further configuration.
1031 Defaults to hostname=$hostname
1032 properties:
1033 matchExpressions:
1034 description: matchExpressions is a list of label selector requirements.
1035 The requirements are ANDed.
1036 items:
1037 description: A label selector requirement is a selector that
1038 contains values, a key, and an operator that relates the key
1039 and values.
1040 properties:
1041 key:
1042 description: key is the label key that the selector applies
1043 to.
1044 type: string
1045 operator:
1046 description: operator represents a key's relationship to
1047 a set of values. Valid operators are In, NotIn, Exists
1048 and DoesNotExist.
1049 type: string
1050 values:
1051 description: values is an array of string values. If the
1052 operator is In or NotIn, the values array must be non-empty.
1053 If the operator is Exists or DoesNotExist, the values
1054 array must be empty. This array is replaced during a strategic
1055 merge patch.
1056 items:
1057 type: string
1058 type: array
1059 required:
1060 - key
1061 - operator
1062 type: object
1063 type: array
1064 matchLabels:
1065 additionalProperties:
1066 type: string
1067 description: matchLabels is a map of {key,value} pairs. A single
1068 {key,value} in the matchLabels map is equivalent to an element
1069 of matchExpressions, whose key field is "key", the operator
1070 is "In", and the values array contains only "value". The requirements
1071 are ANDed.
1072 type: object
1073 type: object
1074 x-kubernetes-map-type: atomic
1075 tls:
1076 description: TLS configuration. It is not valid to specify both `tlsContext`
1077 and `tls`.
1078 properties:
1079 alpn_protocols:
1080 type: string
1081 ca_secret:
1082 type: string
1083 cacert_chain_file:
1084 type: string
1085 cert_chain_file:
1086 type: string
1087 cert_required:
1088 type: boolean
1089 cipher_suites:
1090 items:
1091 type: string
1092 type: array
1093 ecdh_curves:
1094 items:
1095 type: string
1096 type: array
1097 max_tls_version:
1098 type: string
1099 min_tls_version:
1100 type: string
1101 private_key_file:
1102 type: string
1103 redirect_cleartext_from:
1104 type: integer
1105 sni:
1106 type: string
1107 v3CRLSecret:
1108 type: string
1109 type: object
1110 tlsContext:
1111 description: "Name of the TLSContext the Host resource is linked with.
1112 It is not valid to specify both `tlsContext` and `tls`. \n Note
1113 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
1114 not an Ambassador-style `{name}.{namespace}` string. Because we're
1115 opinionated, it does not support referencing a Secret in another
1116 namespace (because most native Kubernetes resources don't support
1117 that), but if we ever abandon that opinion and decide to support
1118 non-local references it, it would be by adding a `namespace:` field
1119 by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference,
1120 not by adopting the `{name}.{namespace}` notation."
1121 properties:
1122 name:
1123 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1124 TODO: Add other useful fields. apiVersion, kind, uid?'
1125 type: string
1126 type: object
1127 x-kubernetes-map-type: atomic
1128 tlsSecret:
1129 description: Name of the Kubernetes secret into which to save generated
1130 certificates. If ACME is enabled (see $acmeProvider), then the
1131 default is $hostname; otherwise the default is "". If the value
1132 is "", then we do not do TLS for this Host.
1133 properties:
1134 name:
1135 description: name is unique within a namespace to reference a
1136 secret resource.
1137 type: string
1138 namespace:
1139 description: namespace defines the space within which the secret
1140 name must be unique.
1141 type: string
1142 type: object
1143 x-kubernetes-map-type: atomic
1144 type: object
1145 x-kubernetes-preserve-unknown-fields: true
1146 status:
1147 description: HostStatus defines the observed state of Host
1148 properties:
1149 errorBackoff:
1150 type: string
1151 errorReason:
1152 description: errorReason, errorTimestamp, and errorBackoff are valid
1153 when state==Error.
1154 type: string
1155 errorTimestamp:
1156 format: date-time
1157 type: string
1158 phaseCompleted:
1159 description: phaseCompleted and phasePending are valid when state==Pending
1160 or state==Error.
1161 enum:
1162 - NA
1163 - DefaultsFilled
1164 - ACMEUserPrivateKeyCreated
1165 - ACMEUserRegistered
1166 - ACMECertificateChallenge
1167 type: string
1168 phasePending:
1169 description: phaseCompleted and phasePending are valid when state==Pending
1170 or state==Error.
1171 enum:
1172 - NA
1173 - DefaultsFilled
1174 - ACMEUserPrivateKeyCreated
1175 - ACMEUserRegistered
1176 - ACMECertificateChallenge
1177 type: string
1178 state:
1179 enum:
1180 - Initial
1181 - Pending
1182 - Ready
1183 - Error
1184 type: string
1185 tlsCertificateSource:
1186 enum:
1187 - Unknown
1188 - None
1189 - Other
1190 - ACME
1191 type: string
1192 type: object
1193 type: object
1194 served: true
1195 storage: true
1196 subresources:
1197 status: {}
1198 - additionalPrinterColumns:
1199 - jsonPath: .spec.hostname
1200 name: Hostname
1201 type: string
1202 - jsonPath: .status.state
1203 name: State
1204 type: string
1205 - jsonPath: .status.phaseCompleted
1206 name: Phase Completed
1207 type: string
1208 - jsonPath: .status.phasePending
1209 name: Phase Pending
1210 type: string
1211 - jsonPath: .metadata.creationTimestamp
1212 name: Age
1213 type: date
1214 name: v3alpha1
1215 schema:
1216 openAPIV3Schema:
1217 description: Host is the Schema for the hosts API
1218 properties:
1219 apiVersion:
1220 description: 'APIVersion defines the versioned schema of this representation
1221 of an object. Servers should convert recognized schemas to the latest
1222 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1223 type: string
1224 kind:
1225 description: 'Kind is a string value representing the REST resource this
1226 object represents. Servers may infer this from the endpoint the client
1227 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1228 type: string
1229 metadata:
1230 type: object
1231 spec:
1232 description: HostSpec defines the desired state of Host
1233 properties:
1234 acmeProvider:
1235 description: Specifies whether/who to talk ACME with to automatically
1236 manage the $tlsSecret.
1237 properties:
1238 authority:
1239 description: Specifies who to talk ACME with to get certs. Defaults
1240 to Let's Encrypt; if "none" (case-insensitive), do not try to
1241 do ACME for this Host.
1242 type: string
1243 email:
1244 type: string
1245 privateKeySecret:
1246 description: "Specifies the Kubernetes Secret to use to store
1247 the private key of the ACME account (essentially, where to store
1248 the auto-generated password for the auto-created ACME account).
1249 \ You should not normally need to set this--the default value
1250 is based on a combination of the ACME authority being registered
1251 wit and the email address associated with the account. \n Note
1252 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
1253 not an Ambassador-style `{name}.{namespace}` string. Because
1254 we're opinionated, it does not support referencing a Secret
1255 in another namespace (because most native Kubernetes resources
1256 don't support that), but if we ever abandon that opinion and
1257 decide to support non-local references it, it would be by adding
1258 a `namespace:` field by changing it from a core.v1.LocalObjectReference
1259 to a core.v1.SecretReference, not by adopting the `{name}.{namespace}`
1260 notation."
1261 properties:
1262 name:
1263 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1264 TODO: Add other useful fields. apiVersion, kind, uid?'
1265 type: string
1266 type: object
1267 x-kubernetes-map-type: atomic
1268 registration:
1269 description: This is normally set automatically
1270 type: string
1271 type: object
1272 ambassador_id:
1273 description: Common to all Ambassador objects (and optional).
1274 items:
1275 type: string
1276 type: array
1277 hostname:
1278 description: Hostname by which the Ambassador can be reached.
1279 type: string
1280 mappingSelector:
1281 description: Selector for Mappings we'll associate with this Host.
1282 At the moment, Selector and MappingSelector are synonyms, but that
1283 will change soon.
1284 properties:
1285 matchExpressions:
1286 description: matchExpressions is a list of label selector requirements.
1287 The requirements are ANDed.
1288 items:
1289 description: A label selector requirement is a selector that
1290 contains values, a key, and an operator that relates the key
1291 and values.
1292 properties:
1293 key:
1294 description: key is the label key that the selector applies
1295 to.
1296 type: string
1297 operator:
1298 description: operator represents a key's relationship to
1299 a set of values. Valid operators are In, NotIn, Exists
1300 and DoesNotExist.
1301 type: string
1302 values:
1303 description: values is an array of string values. If the
1304 operator is In or NotIn, the values array must be non-empty.
1305 If the operator is Exists or DoesNotExist, the values
1306 array must be empty. This array is replaced during a strategic
1307 merge patch.
1308 items:
1309 type: string
1310 type: array
1311 required:
1312 - key
1313 - operator
1314 type: object
1315 type: array
1316 matchLabels:
1317 additionalProperties:
1318 type: string
1319 description: matchLabels is a map of {key,value} pairs. A single
1320 {key,value} in the matchLabels map is equivalent to an element
1321 of matchExpressions, whose key field is "key", the operator
1322 is "In", and the values array contains only "value". The requirements
1323 are ANDed.
1324 type: object
1325 type: object
1326 x-kubernetes-map-type: atomic
1327 previewUrl:
1328 description: Configuration for the Preview URL feature of Service
1329 Preview. Defaults to preview URLs not enabled.
1330 properties:
1331 enabled:
1332 description: Is the Preview URL feature enabled?
1333 type: boolean
1334 type:
1335 description: What type of Preview URL is allowed?
1336 enum:
1337 - Path
1338 type: string
1339 type: object
1340 requestPolicy:
1341 description: Request policy definition.
1342 properties:
1343 insecure:
1344 properties:
1345 action:
1346 enum:
1347 - Redirect
1348 - Reject
1349 - Route
1350 type: string
1351 additionalPort:
1352 type: integer
1353 type: object
1354 type: object
1355 selector:
1356 description: 'DEPRECATED: Selector by which we can find further configuration.
1357 Use MappingSelector instead.'
1358 properties:
1359 matchExpressions:
1360 description: matchExpressions is a list of label selector requirements.
1361 The requirements are ANDed.
1362 items:
1363 description: A label selector requirement is a selector that
1364 contains values, a key, and an operator that relates the key
1365 and values.
1366 properties:
1367 key:
1368 description: key is the label key that the selector applies
1369 to.
1370 type: string
1371 operator:
1372 description: operator represents a key's relationship to
1373 a set of values. Valid operators are In, NotIn, Exists
1374 and DoesNotExist.
1375 type: string
1376 values:
1377 description: values is an array of string values. If the
1378 operator is In or NotIn, the values array must be non-empty.
1379 If the operator is Exists or DoesNotExist, the values
1380 array must be empty. This array is replaced during a strategic
1381 merge patch.
1382 items:
1383 type: string
1384 type: array
1385 required:
1386 - key
1387 - operator
1388 type: object
1389 type: array
1390 matchLabels:
1391 additionalProperties:
1392 type: string
1393 description: matchLabels is a map of {key,value} pairs. A single
1394 {key,value} in the matchLabels map is equivalent to an element
1395 of matchExpressions, whose key field is "key", the operator
1396 is "In", and the values array contains only "value". The requirements
1397 are ANDed.
1398 type: object
1399 type: object
1400 x-kubernetes-map-type: atomic
1401 tls:
1402 description: TLS configuration. It is not valid to specify both `tlsContext`
1403 and `tls`.
1404 properties:
1405 alpn_protocols:
1406 type: string
1407 ca_secret:
1408 type: string
1409 cacert_chain_file:
1410 type: string
1411 cert_chain_file:
1412 type: string
1413 cert_required:
1414 type: boolean
1415 cipher_suites:
1416 items:
1417 type: string
1418 type: array
1419 crl_secret:
1420 type: string
1421 ecdh_curves:
1422 items:
1423 type: string
1424 type: array
1425 max_tls_version:
1426 type: string
1427 min_tls_version:
1428 type: string
1429 private_key_file:
1430 type: string
1431 redirect_cleartext_from:
1432 type: integer
1433 sni:
1434 type: string
1435 type: object
1436 tlsContext:
1437 description: "Name of the TLSContext the Host resource is linked with.
1438 It is not valid to specify both `tlsContext` and `tls`. \n Note
1439 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
1440 not an Ambassador-style `{name}.{namespace}` string. Because we're
1441 opinionated, it does not support referencing a Secret in another
1442 namespace (because most native Kubernetes resources don't support
1443 that), but if we ever abandon that opinion and decide to support
1444 non-local references it, it would be by adding a `namespace:` field
1445 by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference,
1446 not by adopting the `{name}.{namespace}` notation."
1447 properties:
1448 name:
1449 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1450 TODO: Add other useful fields. apiVersion, kind, uid?'
1451 type: string
1452 type: object
1453 x-kubernetes-map-type: atomic
1454 tlsSecret:
1455 description: Name of the Kubernetes secret into which to save generated
1456 certificates. If ACME is enabled (see $acmeProvider), then the
1457 default is $hostname; otherwise the default is "". If the value
1458 is "", then we do not do TLS for this Host.
1459 properties:
1460 name:
1461 description: name is unique within a namespace to reference a
1462 secret resource.
1463 type: string
1464 namespace:
1465 description: namespace defines the space within which the secret
1466 name must be unique.
1467 type: string
1468 type: object
1469 x-kubernetes-map-type: atomic
1470 type: object
1471 status:
1472 description: HostStatus defines the observed state of Host
1473 properties:
1474 errorBackoff:
1475 type: string
1476 errorReason:
1477 description: errorReason, errorTimestamp, and errorBackoff are valid
1478 when state==Error.
1479 type: string
1480 errorTimestamp:
1481 format: date-time
1482 type: string
1483 phaseCompleted:
1484 description: phaseCompleted and phasePending are valid when state==Pending
1485 or state==Error.
1486 enum:
1487 - NA
1488 - DefaultsFilled
1489 - ACMEUserPrivateKeyCreated
1490 - ACMEUserRegistered
1491 - ACMECertificateChallenge
1492 type: string
1493 phasePending:
1494 description: phaseCompleted and phasePending are valid when state==Pending
1495 or state==Error.
1496 enum:
1497 - NA
1498 - DefaultsFilled
1499 - ACMEUserPrivateKeyCreated
1500 - ACMEUserRegistered
1501 - ACMECertificateChallenge
1502 type: string
1503 state:
1504 enum:
1505 - Initial
1506 - Pending
1507 - Ready
1508 - Error
1509 type: string
1510 tlsCertificateSource:
1511 enum:
1512 - Unknown
1513 - None
1514 - Other
1515 - ACME
1516 type: string
1517 type: object
1518 type: object
1519 served: true
1520 storage: false
1521 subresources:
1522 status: {}
1523---
1524apiVersion: apiextensions.k8s.io/v1
1525kind: CustomResourceDefinition
1526metadata:
1527 annotations:
1528 controller-gen.kubebuilder.io/version: v0.13.0
1529 labels:
1530 app.kubernetes.io/instance: emissary-apiext
1531 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1532 app.kubernetes.io/name: emissary-apiext
1533 app.kubernetes.io/part-of: emissary-apiext
1534 name: kubernetesendpointresolvers.getambassador.io
1535spec:
1536 conversion:
1537 strategy: Webhook
1538 webhook:
1539 clientConfig:
1540 service:
1541 name: emissary-apiext
1542 namespace: emissary-system
1543 conversionReviewVersions:
1544 - v1
1545 group: getambassador.io
1546 names:
1547 categories:
1548 - ambassador-crds
1549 kind: KubernetesEndpointResolver
1550 listKind: KubernetesEndpointResolverList
1551 plural: kubernetesendpointresolvers
1552 singular: kubernetesendpointresolver
1553 preserveUnknownFields: false
1554 scope: Namespaced
1555 versions:
1556 - name: v1
1557 schema:
1558 openAPIV3Schema:
1559 description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver
1560 API
1561 properties:
1562 apiVersion:
1563 description: 'APIVersion defines the versioned schema of this representation
1564 of an object. Servers should convert recognized schemas to the latest
1565 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1566 type: string
1567 kind:
1568 description: 'Kind is a string value representing the REST resource this
1569 object represents. Servers may infer this from the endpoint the client
1570 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1571 type: string
1572 metadata:
1573 type: object
1574 spec:
1575 description: KubernetesEndpointResolver tells Ambassador to use Kubernetes
1576 Endpoints resources to resolve services. It actually has no spec other
1577 than the AmbassadorID.
1578 type: object
1579 x-kubernetes-preserve-unknown-fields: true
1580 type: object
1581 served: true
1582 storage: false
1583 - name: v2
1584 schema:
1585 openAPIV3Schema:
1586 description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver
1587 API
1588 properties:
1589 apiVersion:
1590 description: 'APIVersion defines the versioned schema of this representation
1591 of an object. Servers should convert recognized schemas to the latest
1592 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1593 type: string
1594 kind:
1595 description: 'Kind is a string value representing the REST resource this
1596 object represents. Servers may infer this from the endpoint the client
1597 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1598 type: string
1599 metadata:
1600 type: object
1601 spec:
1602 description: KubernetesEndpointResolver tells Ambassador to use Kubernetes
1603 Endpoints resources to resolve services. It actually has no spec other
1604 than the AmbassadorID.
1605 type: object
1606 x-kubernetes-preserve-unknown-fields: true
1607 type: object
1608 served: true
1609 storage: true
1610 - name: v3alpha1
1611 schema:
1612 openAPIV3Schema:
1613 description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver
1614 API
1615 properties:
1616 apiVersion:
1617 description: 'APIVersion defines the versioned schema of this representation
1618 of an object. Servers should convert recognized schemas to the latest
1619 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1620 type: string
1621 kind:
1622 description: 'Kind is a string value representing the REST resource this
1623 object represents. Servers may infer this from the endpoint the client
1624 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1625 type: string
1626 metadata:
1627 type: object
1628 spec:
1629 description: KubernetesEndpointResolver tells Ambassador to use Kubernetes
1630 Endpoints resources to resolve services. It actually has no spec other
1631 than the AmbassadorID.
1632 properties:
1633 ambassador_id:
1634 description: "AmbassadorID declares which Ambassador instances should
1635 pay attention to this resource. If no value is provided, the default
1636 is: \n ambassador_id: - \"default\""
1637 items:
1638 type: string
1639 type: array
1640 type: object
1641 type: object
1642 served: true
1643 storage: false
1644---
1645apiVersion: apiextensions.k8s.io/v1
1646kind: CustomResourceDefinition
1647metadata:
1648 annotations:
1649 controller-gen.kubebuilder.io/version: v0.13.0
1650 labels:
1651 app.kubernetes.io/instance: emissary-apiext
1652 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1653 app.kubernetes.io/name: emissary-apiext
1654 app.kubernetes.io/part-of: emissary-apiext
1655 name: kubernetesserviceresolvers.getambassador.io
1656spec:
1657 conversion:
1658 strategy: Webhook
1659 webhook:
1660 clientConfig:
1661 service:
1662 name: emissary-apiext
1663 namespace: emissary-system
1664 conversionReviewVersions:
1665 - v1
1666 group: getambassador.io
1667 names:
1668 categories:
1669 - ambassador-crds
1670 kind: KubernetesServiceResolver
1671 listKind: KubernetesServiceResolverList
1672 plural: kubernetesserviceresolvers
1673 singular: kubernetesserviceresolver
1674 preserveUnknownFields: false
1675 scope: Namespaced
1676 versions:
1677 - name: v1
1678 schema:
1679 openAPIV3Schema:
1680 description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver
1681 API
1682 properties:
1683 apiVersion:
1684 description: 'APIVersion defines the versioned schema of this representation
1685 of an object. Servers should convert recognized schemas to the latest
1686 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1687 type: string
1688 kind:
1689 description: 'Kind is a string value representing the REST resource this
1690 object represents. Servers may infer this from the endpoint the client
1691 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1692 type: string
1693 metadata:
1694 type: object
1695 spec:
1696 description: KubernetesServiceResolver tells Ambassador to use Kubernetes
1697 Service resources to resolve services. It actually has no spec other
1698 than the AmbassadorID.
1699 type: object
1700 x-kubernetes-preserve-unknown-fields: true
1701 type: object
1702 served: true
1703 storage: false
1704 - name: v2
1705 schema:
1706 openAPIV3Schema:
1707 description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver
1708 API
1709 properties:
1710 apiVersion:
1711 description: 'APIVersion defines the versioned schema of this representation
1712 of an object. Servers should convert recognized schemas to the latest
1713 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1714 type: string
1715 kind:
1716 description: 'Kind is a string value representing the REST resource this
1717 object represents. Servers may infer this from the endpoint the client
1718 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1719 type: string
1720 metadata:
1721 type: object
1722 spec:
1723 description: KubernetesServiceResolver tells Ambassador to use Kubernetes
1724 Service resources to resolve services. It actually has no spec other
1725 than the AmbassadorID.
1726 type: object
1727 x-kubernetes-preserve-unknown-fields: true
1728 type: object
1729 served: true
1730 storage: true
1731 - name: v3alpha1
1732 schema:
1733 openAPIV3Schema:
1734 description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver
1735 API
1736 properties:
1737 apiVersion:
1738 description: 'APIVersion defines the versioned schema of this representation
1739 of an object. Servers should convert recognized schemas to the latest
1740 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1741 type: string
1742 kind:
1743 description: 'Kind is a string value representing the REST resource this
1744 object represents. Servers may infer this from the endpoint the client
1745 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1746 type: string
1747 metadata:
1748 type: object
1749 spec:
1750 description: KubernetesServiceResolver tells Ambassador to use Kubernetes
1751 Service resources to resolve services. It actually has no spec other
1752 than the AmbassadorID.
1753 properties:
1754 ambassador_id:
1755 description: "AmbassadorID declares which Ambassador instances should
1756 pay attention to this resource. If no value is provided, the default
1757 is: \n ambassador_id: - \"default\""
1758 items:
1759 type: string
1760 type: array
1761 type: object
1762 type: object
1763 served: true
1764 storage: false
1765---
1766apiVersion: apiextensions.k8s.io/v1
1767kind: CustomResourceDefinition
1768metadata:
1769 annotations:
1770 controller-gen.kubebuilder.io/version: v0.13.0
1771 labels:
1772 app.kubernetes.io/instance: emissary-apiext
1773 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1774 app.kubernetes.io/name: emissary-apiext
1775 app.kubernetes.io/part-of: emissary-apiext
1776 name: listeners.getambassador.io
1777spec:
1778 group: getambassador.io
1779 names:
1780 categories:
1781 - ambassador-crds
1782 kind: Listener
1783 listKind: ListenerList
1784 plural: listeners
1785 singular: listener
1786 preserveUnknownFields: false
1787 scope: Namespaced
1788 versions:
1789 - additionalPrinterColumns:
1790 - jsonPath: .spec.port
1791 name: Port
1792 type: string
1793 - jsonPath: .spec.protocol
1794 name: Protocol
1795 type: string
1796 - jsonPath: .spec.protocolStack
1797 name: Stack
1798 type: string
1799 - jsonPath: .spec.statsPrefix
1800 name: StatsPrefix
1801 type: string
1802 - jsonPath: .spec.securityModel
1803 name: Security
1804 type: string
1805 - jsonPath: .spec.l7Depth
1806 name: L7Depth
1807 type: string
1808 name: v3alpha1
1809 schema:
1810 openAPIV3Schema:
1811 description: Listener is the Schema for the hosts API
1812 properties:
1813 apiVersion:
1814 description: 'APIVersion defines the versioned schema of this representation
1815 of an object. Servers should convert recognized schemas to the latest
1816 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1817 type: string
1818 kind:
1819 description: 'Kind is a string value representing the REST resource this
1820 object represents. Servers may infer this from the endpoint the client
1821 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1822 type: string
1823 metadata:
1824 type: object
1825 spec:
1826 description: ListenerSpec defines the desired state of this Port
1827 properties:
1828 ambassador_id:
1829 description: "AmbassadorID declares which Ambassador instances should
1830 pay attention to this resource. If no value is provided, the default
1831 is: \n ambassador_id: - \"default\""
1832 items:
1833 type: string
1834 type: array
1835 hostBinding:
1836 description: HostBinding allows restricting which Hosts will be used
1837 for this Listener.
1838 properties:
1839 namespace:
1840 description: NamespaceBindingType defines we we specify which
1841 namespaces to look for Hosts in.
1842 properties:
1843 from:
1844 description: NamespaceFromType defines how we evaluate a NamespaceBindingType.
1845 enum:
1846 - SELF
1847 - ALL
1848 - SELECTOR
1849 type: string
1850 type: object
1851 selector:
1852 description: A label selector is a label query over a set of resources.
1853 The result of matchLabels and matchExpressions are ANDed. An
1854 empty label selector matches all objects. A null label selector
1855 matches no objects.
1856 properties:
1857 matchExpressions:
1858 description: matchExpressions is a list of label selector
1859 requirements. The requirements are ANDed.
1860 items:
1861 description: A label selector requirement is a selector
1862 that contains values, a key, and an operator that relates
1863 the key and values.
1864 properties:
1865 key:
1866 description: key is the label key that the selector
1867 applies to.
1868 type: string
1869 operator:
1870 description: operator represents a key's relationship
1871 to a set of values. Valid operators are In, NotIn,
1872 Exists and DoesNotExist.
1873 type: string
1874 values:
1875 description: values is an array of string values. If
1876 the operator is In or NotIn, the values array must
1877 be non-empty. If the operator is Exists or DoesNotExist,
1878 the values array must be empty. This array is replaced
1879 during a strategic merge patch.
1880 items:
1881 type: string
1882 type: array
1883 required:
1884 - key
1885 - operator
1886 type: object
1887 type: array
1888 matchLabels:
1889 additionalProperties:
1890 type: string
1891 description: matchLabels is a map of {key,value} pairs. A
1892 single {key,value} in the matchLabels map is equivalent
1893 to an element of matchExpressions, whose key field is "key",
1894 the operator is "In", and the values array contains only
1895 "value". The requirements are ANDed.
1896 type: object
1897 type: object
1898 x-kubernetes-map-type: atomic
1899 type: object
1900 l7Depth:
1901 description: L7Depth specifies how many layer 7 load balancers are
1902 between us and the edge of the network.
1903 format: int32
1904 type: integer
1905 port:
1906 description: Port is the network port. Only one Listener can use a
1907 given port.
1908 format: int32
1909 maximum: 65535
1910 minimum: 1
1911 type: integer
1912 protocol:
1913 description: Protocol is a shorthand for certain predefined stacks.
1914 Exactly one of Protocol or ProtocolStack must be supplied.
1915 enum:
1916 - HTTP
1917 - HTTPS
1918 - HTTPPROXY
1919 - HTTPSPROXY
1920 - TCP
1921 - TLS
1922 - UDP
1923 type: string
1924 protocolStack:
1925 description: ProtocolStack explicitly specifies the protocol stack
1926 to set up. Exactly one of Protocol or ProtocolStack must be supplied.
1927 items:
1928 description: ProtocolStackElement defines specific layers that may
1929 be combined in a protocol stack for processing connections to
1930 a port.
1931 enum:
1932 - HTTP
1933 - PROXY
1934 - TLS
1935 - TCP
1936 - UDP
1937 type: string
1938 type: array
1939 securityModel:
1940 description: SecurityModel specifies how to determine whether connections
1941 to this port are secure or insecure.
1942 enum:
1943 - XFP
1944 - SECURE
1945 - INSECURE
1946 type: string
1947 statsPrefix:
1948 description: 'StatsPrefix specifies the prefix for statistics sent
1949 by Envoy about this Listener. The default depends on the protocol:
1950 "ingress-http", "ingress-https", "ingress-tls-$port", or "ingress-$port".'
1951 type: string
1952 required:
1953 - hostBinding
1954 - port
1955 - securityModel
1956 type: object
1957 type: object
1958 served: true
1959 storage: true
1960 subresources: {}
1961---
1962apiVersion: apiextensions.k8s.io/v1
1963kind: CustomResourceDefinition
1964metadata:
1965 annotations:
1966 controller-gen.kubebuilder.io/version: v0.13.0
1967 labels:
1968 app.kubernetes.io/instance: emissary-apiext
1969 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1970 app.kubernetes.io/name: emissary-apiext
1971 app.kubernetes.io/part-of: emissary-apiext
1972 name: logservices.getambassador.io
1973spec:
1974 conversion:
1975 strategy: Webhook
1976 webhook:
1977 clientConfig:
1978 service:
1979 name: emissary-apiext
1980 namespace: emissary-system
1981 conversionReviewVersions:
1982 - v1
1983 group: getambassador.io
1984 names:
1985 categories:
1986 - ambassador-crds
1987 kind: LogService
1988 listKind: LogServiceList
1989 plural: logservices
1990 singular: logservice
1991 preserveUnknownFields: false
1992 scope: Namespaced
1993 versions:
1994 - name: v1
1995 schema:
1996 openAPIV3Schema:
1997 description: LogService is the Schema for the logservices API
1998 properties:
1999 apiVersion:
2000 description: 'APIVersion defines the versioned schema of this representation
2001 of an object. Servers should convert recognized schemas to the latest
2002 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2003 type: string
2004 kind:
2005 description: 'Kind is a string value representing the REST resource this
2006 object represents. Servers may infer this from the endpoint the client
2007 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2008 type: string
2009 metadata:
2010 type: object
2011 spec:
2012 description: LogServiceSpec defines the desired state of LogService
2013 properties:
2014 driver:
2015 enum:
2016 - tcp
2017 - http
2018 type: string
2019 driver_config:
2020 properties:
2021 additional_log_headers:
2022 items:
2023 properties:
2024 during_request:
2025 type: boolean
2026 during_response:
2027 type: boolean
2028 during_trailer:
2029 type: boolean
2030 header_name:
2031 type: string
2032 type: object
2033 type: array
2034 type: object
2035 flush_interval_byte_size:
2036 type: integer
2037 flush_interval_time:
2038 type: integer
2039 grpc:
2040 type: boolean
2041 service:
2042 type: string
2043 v3ProtocolVersion:
2044 enum:
2045 - v2
2046 - v3
2047 type: string
2048 v3StatsName:
2049 type: string
2050 type: object
2051 x-kubernetes-preserve-unknown-fields: true
2052 type: object
2053 served: true
2054 storage: false
2055 - name: v2
2056 schema:
2057 openAPIV3Schema:
2058 description: LogService is the Schema for the logservices API
2059 properties:
2060 apiVersion:
2061 description: 'APIVersion defines the versioned schema of this representation
2062 of an object. Servers should convert recognized schemas to the latest
2063 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2064 type: string
2065 kind:
2066 description: 'Kind is a string value representing the REST resource this
2067 object represents. Servers may infer this from the endpoint the client
2068 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2069 type: string
2070 metadata:
2071 type: object
2072 spec:
2073 description: LogServiceSpec defines the desired state of LogService
2074 properties:
2075 driver:
2076 enum:
2077 - tcp
2078 - http
2079 type: string
2080 driver_config:
2081 properties:
2082 additional_log_headers:
2083 items:
2084 properties:
2085 during_request:
2086 type: boolean
2087 during_response:
2088 type: boolean
2089 during_trailer:
2090 type: boolean
2091 header_name:
2092 type: string
2093 type: object
2094 type: array
2095 type: object
2096 flush_interval_byte_size:
2097 type: integer
2098 flush_interval_time:
2099 type: integer
2100 grpc:
2101 type: boolean
2102 service:
2103 type: string
2104 v3ProtocolVersion:
2105 enum:
2106 - v2
2107 - v3
2108 type: string
2109 v3StatsName:
2110 type: string
2111 type: object
2112 x-kubernetes-preserve-unknown-fields: true
2113 type: object
2114 served: true
2115 storage: true
2116 - name: v3alpha1
2117 schema:
2118 openAPIV3Schema:
2119 description: LogService is the Schema for the logservices API
2120 properties:
2121 apiVersion:
2122 description: 'APIVersion defines the versioned schema of this representation
2123 of an object. Servers should convert recognized schemas to the latest
2124 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2125 type: string
2126 kind:
2127 description: 'Kind is a string value representing the REST resource this
2128 object represents. Servers may infer this from the endpoint the client
2129 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2130 type: string
2131 metadata:
2132 type: object
2133 spec:
2134 description: LogServiceSpec defines the desired state of LogService
2135 properties:
2136 ambassador_id:
2137 description: "AmbassadorID declares which Ambassador instances should
2138 pay attention to this resource. If no value is provided, the default
2139 is: \n ambassador_id: - \"default\""
2140 items:
2141 type: string
2142 type: array
2143 driver:
2144 enum:
2145 - tcp
2146 - http
2147 type: string
2148 driver_config:
2149 properties:
2150 additional_log_headers:
2151 items:
2152 properties:
2153 during_request:
2154 type: boolean
2155 during_response:
2156 type: boolean
2157 during_trailer:
2158 type: boolean
2159 header_name:
2160 type: string
2161 type: object
2162 type: array
2163 type: object
2164 flush_interval_byte_size:
2165 type: integer
2166 flush_interval_time:
2167 type: integer
2168 grpc:
2169 type: boolean
2170 protocol_version:
2171 description: ProtocolVersion is the envoy api transport protocol version
2172 enum:
2173 - v2
2174 - v3
2175 type: string
2176 service:
2177 type: string
2178 stats_name:
2179 type: string
2180 type: object
2181 type: object
2182 served: true
2183 storage: false
2184---
2185apiVersion: apiextensions.k8s.io/v1
2186kind: CustomResourceDefinition
2187metadata:
2188 annotations:
2189 controller-gen.kubebuilder.io/version: v0.13.0
2190 labels:
2191 app.kubernetes.io/instance: emissary-apiext
2192 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
2193 app.kubernetes.io/name: emissary-apiext
2194 app.kubernetes.io/part-of: emissary-apiext
2195 name: mappings.getambassador.io
2196spec:
2197 conversion:
2198 strategy: Webhook
2199 webhook:
2200 clientConfig:
2201 service:
2202 name: emissary-apiext
2203 namespace: emissary-system
2204 conversionReviewVersions:
2205 - v1
2206 group: getambassador.io
2207 names:
2208 categories:
2209 - ambassador-crds
2210 kind: Mapping
2211 listKind: MappingList
2212 plural: mappings
2213 singular: mapping
2214 preserveUnknownFields: false
2215 scope: Namespaced
2216 versions:
2217 - additionalPrinterColumns:
2218 - jsonPath: .spec.host
2219 name: Source Host
2220 type: string
2221 - jsonPath: .spec.prefix
2222 name: Source Prefix
2223 type: string
2224 - jsonPath: .spec.service
2225 name: Dest Service
2226 type: string
2227 - jsonPath: .status.state
2228 name: State
2229 type: string
2230 - jsonPath: .status.reason
2231 name: Reason
2232 type: string
2233 name: v1
2234 schema:
2235 openAPIV3Schema:
2236 description: Mapping is the Schema for the mappings API
2237 properties:
2238 apiVersion:
2239 description: 'APIVersion defines the versioned schema of this representation
2240 of an object. Servers should convert recognized schemas to the latest
2241 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2242 type: string
2243 kind:
2244 description: 'Kind is a string value representing the REST resource this
2245 object represents. Servers may infer this from the endpoint the client
2246 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2247 type: string
2248 metadata:
2249 type: object
2250 spec:
2251 description: MappingSpec defines the desired state of Mapping
2252 properties:
2253 add_linkerd_headers:
2254 type: boolean
2255 add_request_headers:
2256 type: object
2257 x-kubernetes-preserve-unknown-fields: true
2258 add_response_headers:
2259 type: object
2260 x-kubernetes-preserve-unknown-fields: true
2261 allow_upgrade:
2262 description: "A case-insensitive list of the non-HTTP protocols to
2263 allow \"upgrading\" to from HTTP via the \"Connection: upgrade\"
2264 mechanism[1]. After the upgrade, Ambassador does not interpret
2265 the traffic, and behaves similarly to how it does for TCPMappings.
2266 \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example,
2267 if your upstream service supports WebSockets, you would write \n
2268 allow_upgrade: - websocket \n Or if your upstream service supports
2269 upgrading from HTTP to SPDY (as the Kubernetes apiserver does for
2270 `kubectl exec` functionality), you would write \n allow_upgrade:
2271 - spdy/3.1"
2272 items:
2273 type: string
2274 type: array
2275 auth_context_extensions:
2276 additionalProperties:
2277 type: string
2278 type: object
2279 auto_host_rewrite:
2280 type: boolean
2281 bypass_auth:
2282 type: boolean
2283 bypass_error_response_overrides:
2284 description: If true, bypasses any `error_response_overrides` set
2285 on the Ambassador module.
2286 type: boolean
2287 case_sensitive:
2288 type: boolean
2289 circuit_breakers:
2290 items:
2291 properties:
2292 max_connections:
2293 type: integer
2294 max_pending_requests:
2295 type: integer
2296 max_requests:
2297 type: integer
2298 max_retries:
2299 type: integer
2300 priority:
2301 enum:
2302 - default
2303 - high
2304 type: string
2305 type: object
2306 type: array
2307 cluster_idle_timeout_ms:
2308 type: integer
2309 cluster_max_connection_lifetime_ms:
2310 type: integer
2311 cluster_tag:
2312 type: string
2313 connect_timeout_ms:
2314 type: integer
2315 cors:
2316 properties:
2317 credentials:
2318 type: boolean
2319 max_age:
2320 type: string
2321 type: object
2322 x-kubernetes-preserve-unknown-fields: true
2323 dns_type:
2324 type: string
2325 docs:
2326 description: DocsInfo provides some extra information about the docs
2327 for the Mapping (used by the Dev Portal)
2328 properties:
2329 display_name:
2330 type: string
2331 ignored:
2332 type: boolean
2333 path:
2334 type: string
2335 timeout_ms:
2336 type: integer
2337 url:
2338 type: string
2339 type: object
2340 enable_ipv4:
2341 type: boolean
2342 enable_ipv6:
2343 type: boolean
2344 envoy_override:
2345 type: object
2346 x-kubernetes-preserve-unknown-fields: true
2347 error_response_overrides:
2348 description: Error response overrides for this Mapping. Replaces all
2349 of the `error_response_overrides` set on the Ambassador module,
2350 if any.
2351 items:
2352 description: A response rewrite for an HTTP error response
2353 properties:
2354 body:
2355 description: The new response body
2356 properties:
2357 content_type:
2358 description: The content type to set on the error response
2359 body when using text_format or text_format_source. Defaults
2360 to 'text/plain'.
2361 type: string
2362 json_format:
2363 additionalProperties:
2364 type: string
2365 description: 'A JSON response with content-type: application/json.
2366 The values can contain format text like in text_format.'
2367 type: object
2368 text_format:
2369 description: A format string representing a text response
2370 body. Content-Type can be set using the `content_type`
2371 field below.
2372 type: string
2373 text_format_source:
2374 description: A format string sourced from a file on the
2375 Ambassador container. Useful for larger response bodies
2376 that should not be placed inline in configuration.
2377 properties:
2378 filename:
2379 description: The name of a file on the Ambassador pod
2380 that contains a format text string.
2381 type: string
2382 type: object
2383 type: object
2384 on_status_code:
2385 description: The status code to match on -- not a pointer because
2386 it's required.
2387 maximum: 599
2388 minimum: 400
2389 type: integer
2390 required:
2391 - body
2392 - on_status_code
2393 type: object
2394 minItems: 1
2395 type: array
2396 grpc:
2397 type: boolean
2398 headers:
2399 type: object
2400 x-kubernetes-preserve-unknown-fields: true
2401 host:
2402 type: string
2403 host_redirect:
2404 type: boolean
2405 host_regex:
2406 type: boolean
2407 host_rewrite:
2408 type: string
2409 idle_timeout_ms:
2410 type: integer
2411 keepalive:
2412 properties:
2413 idle_time:
2414 type: integer
2415 interval:
2416 type: integer
2417 probes:
2418 type: integer
2419 type: object
2420 labels:
2421 additionalProperties:
2422 description: A MappingLabelGroupsArray is an array of MappingLabelGroups.
2423 I know, complex.
2424 items:
2425 description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray:
2426 a second map, where the key is a human-readable name that identifies
2427 the group.'
2428 maxProperties: 1
2429 minProperties: 1
2430 type: object
2431 x-kubernetes-preserve-unknown-fields: true
2432 type: array
2433 description: A DomainMap is the overall Mapping.spec.Labels type.
2434 It maps domains (kind of like namespaces for Mapping labels) to
2435 arrays of label groups.
2436 type: object
2437 load_balancer:
2438 properties:
2439 cookie:
2440 properties:
2441 name:
2442 type: string
2443 path:
2444 type: string
2445 ttl:
2446 type: string
2447 required:
2448 - name
2449 type: object
2450 header:
2451 type: string
2452 policy:
2453 enum:
2454 - round_robin
2455 - ring_hash
2456 - maglev
2457 - least_request
2458 type: string
2459 source_ip:
2460 type: boolean
2461 required:
2462 - policy
2463 type: object
2464 method:
2465 type: string
2466 method_regex:
2467 type: boolean
2468 modules:
2469 items:
2470 type: object
2471 x-kubernetes-preserve-unknown-fields: true
2472 type: array
2473 outlier_detection:
2474 type: string
2475 path_redirect:
2476 description: Path replacement to use when generating an HTTP redirect.
2477 Used with `host_redirect`.
2478 type: string
2479 precedence:
2480 type: integer
2481 prefix:
2482 type: string
2483 prefix_exact:
2484 type: boolean
2485 prefix_redirect:
2486 description: Prefix rewrite to use when generating an HTTP redirect.
2487 Used with `host_redirect`.
2488 type: string
2489 prefix_regex:
2490 type: boolean
2491 priority:
2492 type: string
2493 query_parameters:
2494 type: object
2495 x-kubernetes-preserve-unknown-fields: true
2496 redirect_response_code:
2497 description: The response code to use when generating an HTTP redirect.
2498 Defaults to 301. Used with `host_redirect`.
2499 enum:
2500 - 301
2501 - 302
2502 - 303
2503 - 307
2504 - 308
2505 type: integer
2506 regex_headers:
2507 additionalProperties:
2508 type: string
2509 type: object
2510 regex_query_parameters:
2511 additionalProperties:
2512 type: string
2513 type: object
2514 regex_redirect:
2515 description: Prefix regex rewrite to use when generating an HTTP redirect.
2516 Used with `host_redirect`.
2517 properties:
2518 pattern:
2519 type: string
2520 substitution:
2521 type: string
2522 type: object
2523 regex_rewrite:
2524 properties:
2525 pattern:
2526 type: string
2527 substitution:
2528 type: string
2529 type: object
2530 resolver:
2531 type: string
2532 respect_dns_ttl:
2533 type: boolean
2534 retry_policy:
2535 properties:
2536 num_retries:
2537 type: integer
2538 per_try_timeout:
2539 type: string
2540 retry_on:
2541 enum:
2542 - 5xx
2543 - gateway-error
2544 - connect-failure
2545 - retriable-4xx
2546 - refused-stream
2547 - retriable-status-codes
2548 type: string
2549 type: object
2550 rewrite:
2551 type: string
2552 service:
2553 type: string
2554 shadow:
2555 type: boolean
2556 timeout_ms:
2557 description: The timeout for requests that use this Mapping. Overrides
2558 `cluster_request_timeout_ms` set on the Ambassador Module, if it
2559 exists.
2560 type: integer
2561 use_websocket:
2562 description: 'use_websocket is deprecated, and is equivlaent to setting
2563 `allow_upgrade: ["websocket"]`'
2564 type: boolean
2565 v3StatsName:
2566 type: string
2567 v3health_checks:
2568 items:
2569 description: HealthCheck specifies settings for performing active
2570 health checking on upstreams
2571 properties:
2572 health_check:
2573 description: Configuration for where the healthcheck request
2574 should be made to
2575 maxProperties: 1
2576 minProperties: 1
2577 properties:
2578 grpc:
2579 description: HealthCheck for gRPC upstreams. Only one of
2580 grpc_health_check or http_health_check may be specified
2581 properties:
2582 authority:
2583 description: The value of the :authority header in the
2584 gRPC health check request. If left empty the upstream
2585 name will be used.
2586 type: string
2587 upstream_name:
2588 description: The upstream name parameter which will
2589 be sent to gRPC service in the health check message
2590 type: string
2591 required:
2592 - upstream_name
2593 type: object
2594 http:
2595 description: HealthCheck for HTTP upstreams. Only one of
2596 http_health_check or grpc_health_check may be specified
2597 properties:
2598 add_request_headers:
2599 additionalProperties:
2600 properties:
2601 append:
2602 type: boolean
2603 v2Representation:
2604 enum:
2605 - ""
2606 - string
2607 - "null"
2608 type: string
2609 value:
2610 type: string
2611 type: object
2612 type: object
2613 expected_statuses:
2614 items:
2615 description: A range of response statuses from Start
2616 to End inclusive
2617 properties:
2618 max:
2619 description: End of the statuses to include. Must
2620 be between 100 and 599 (inclusive)
2621 maximum: 599
2622 minimum: 100
2623 type: integer
2624 min:
2625 description: Start of the statuses to include.
2626 Must be between 100 and 599 (inclusive)
2627 maximum: 599
2628 minimum: 100
2629 type: integer
2630 required:
2631 - max
2632 - min
2633 type: object
2634 type: array
2635 hostname:
2636 type: string
2637 path:
2638 type: string
2639 remove_request_headers:
2640 items:
2641 type: string
2642 type: array
2643 required:
2644 - path
2645 type: object
2646 type: object
2647 healthy_threshold:
2648 description: Number of expected responses for the upstream to
2649 be considered healthy. Defaults to 1.
2650 type: integer
2651 interval:
2652 description: Interval between health checks. Defaults to every
2653 5 seconds.
2654 type: string
2655 timeout:
2656 description: Timeout for connecting to the health checking endpoint.
2657 Defaults to 3 seconds.
2658 type: string
2659 unhealthy_threshold:
2660 description: Number of non-expected responses for the upstream
2661 to be considered unhealthy. A single 503 will mark the upstream
2662 as unhealthy regardless of the threshold. Defaults to 2.
2663 type: integer
2664 required:
2665 - health_check
2666 type: object
2667 minItems: 1
2668 type: array
2669 weight:
2670 type: integer
2671 required:
2672 - prefix
2673 - service
2674 type: object
2675 x-kubernetes-preserve-unknown-fields: true
2676 status:
2677 description: MappingStatus defines the observed state of Mapping
2678 properties:
2679 reason:
2680 type: string
2681 state:
2682 enum:
2683 - ""
2684 - Inactive
2685 - Running
2686 type: string
2687 type: object
2688 type: object
2689 served: true
2690 storage: false
2691 subresources:
2692 status: {}
2693 - additionalPrinterColumns:
2694 - jsonPath: .spec.host
2695 name: Source Host
2696 type: string
2697 - jsonPath: .spec.prefix
2698 name: Source Prefix
2699 type: string
2700 - jsonPath: .spec.service
2701 name: Dest Service
2702 type: string
2703 - jsonPath: .status.state
2704 name: State
2705 type: string
2706 - jsonPath: .status.reason
2707 name: Reason
2708 type: string
2709 name: v2
2710 schema:
2711 openAPIV3Schema:
2712 description: Mapping is the Schema for the mappings API
2713 properties:
2714 apiVersion:
2715 description: 'APIVersion defines the versioned schema of this representation
2716 of an object. Servers should convert recognized schemas to the latest
2717 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2718 type: string
2719 kind:
2720 description: 'Kind is a string value representing the REST resource this
2721 object represents. Servers may infer this from the endpoint the client
2722 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2723 type: string
2724 metadata:
2725 type: object
2726 spec:
2727 description: MappingSpec defines the desired state of Mapping
2728 properties:
2729 add_linkerd_headers:
2730 type: boolean
2731 add_request_headers:
2732 type: object
2733 x-kubernetes-preserve-unknown-fields: true
2734 add_response_headers:
2735 type: object
2736 x-kubernetes-preserve-unknown-fields: true
2737 allow_upgrade:
2738 description: "A case-insensitive list of the non-HTTP protocols to
2739 allow \"upgrading\" to from HTTP via the \"Connection: upgrade\"
2740 mechanism[1]. After the upgrade, Ambassador does not interpret
2741 the traffic, and behaves similarly to how it does for TCPMappings.
2742 \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example,
2743 if your upstream service supports WebSockets, you would write \n
2744 allow_upgrade: - websocket \n Or if your upstream service supports
2745 upgrading from HTTP to SPDY (as the Kubernetes apiserver does for
2746 `kubectl exec` functionality), you would write \n allow_upgrade:
2747 - spdy/3.1"
2748 items:
2749 type: string
2750 type: array
2751 auth_context_extensions:
2752 additionalProperties:
2753 type: string
2754 type: object
2755 auto_host_rewrite:
2756 type: boolean
2757 bypass_auth:
2758 type: boolean
2759 bypass_error_response_overrides:
2760 description: If true, bypasses any `error_response_overrides` set
2761 on the Ambassador module.
2762 type: boolean
2763 case_sensitive:
2764 type: boolean
2765 circuit_breakers:
2766 items:
2767 properties:
2768 max_connections:
2769 type: integer
2770 max_pending_requests:
2771 type: integer
2772 max_requests:
2773 type: integer
2774 max_retries:
2775 type: integer
2776 priority:
2777 enum:
2778 - default
2779 - high
2780 type: string
2781 type: object
2782 type: array
2783 cluster_idle_timeout_ms:
2784 type: integer
2785 cluster_max_connection_lifetime_ms:
2786 type: integer
2787 cluster_tag:
2788 type: string
2789 connect_timeout_ms:
2790 type: integer
2791 cors:
2792 properties:
2793 credentials:
2794 type: boolean
2795 max_age:
2796 type: string
2797 type: object
2798 x-kubernetes-preserve-unknown-fields: true
2799 dns_type:
2800 type: string
2801 docs:
2802 description: DocsInfo provides some extra information about the docs
2803 for the Mapping (used by the Dev Portal)
2804 properties:
2805 display_name:
2806 type: string
2807 ignored:
2808 type: boolean
2809 path:
2810 type: string
2811 timeout_ms:
2812 type: integer
2813 url:
2814 type: string
2815 type: object
2816 enable_ipv4:
2817 type: boolean
2818 enable_ipv6:
2819 type: boolean
2820 envoy_override:
2821 type: object
2822 x-kubernetes-preserve-unknown-fields: true
2823 error_response_overrides:
2824 description: Error response overrides for this Mapping. Replaces all
2825 of the `error_response_overrides` set on the Ambassador module,
2826 if any.
2827 items:
2828 description: A response rewrite for an HTTP error response
2829 properties:
2830 body:
2831 description: The new response body
2832 properties:
2833 content_type:
2834 description: The content type to set on the error response
2835 body when using text_format or text_format_source. Defaults
2836 to 'text/plain'.
2837 type: string
2838 json_format:
2839 additionalProperties:
2840 type: string
2841 description: 'A JSON response with content-type: application/json.
2842 The values can contain format text like in text_format.'
2843 type: object
2844 text_format:
2845 description: A format string representing a text response
2846 body. Content-Type can be set using the `content_type`
2847 field below.
2848 type: string
2849 text_format_source:
2850 description: A format string sourced from a file on the
2851 Ambassador container. Useful for larger response bodies
2852 that should not be placed inline in configuration.
2853 properties:
2854 filename:
2855 description: The name of a file on the Ambassador pod
2856 that contains a format text string.
2857 type: string
2858 type: object
2859 type: object
2860 on_status_code:
2861 description: The status code to match on -- not a pointer because
2862 it's required.
2863 maximum: 599
2864 minimum: 400
2865 type: integer
2866 required:
2867 - body
2868 - on_status_code
2869 type: object
2870 minItems: 1
2871 type: array
2872 grpc:
2873 type: boolean
2874 headers:
2875 type: object
2876 x-kubernetes-preserve-unknown-fields: true
2877 host:
2878 type: string
2879 host_redirect:
2880 type: boolean
2881 host_regex:
2882 type: boolean
2883 host_rewrite:
2884 type: string
2885 idle_timeout_ms:
2886 type: integer
2887 keepalive:
2888 properties:
2889 idle_time:
2890 type: integer
2891 interval:
2892 type: integer
2893 probes:
2894 type: integer
2895 type: object
2896 labels:
2897 additionalProperties:
2898 description: A MappingLabelGroupsArray is an array of MappingLabelGroups.
2899 I know, complex.
2900 items:
2901 description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray:
2902 a second map, where the key is a human-readable name that identifies
2903 the group.'
2904 maxProperties: 1
2905 minProperties: 1
2906 type: object
2907 x-kubernetes-preserve-unknown-fields: true
2908 type: array
2909 description: A DomainMap is the overall Mapping.spec.Labels type.
2910 It maps domains (kind of like namespaces for Mapping labels) to
2911 arrays of label groups.
2912 type: object
2913 load_balancer:
2914 properties:
2915 cookie:
2916 properties:
2917 name:
2918 type: string
2919 path:
2920 type: string
2921 ttl:
2922 type: string
2923 required:
2924 - name
2925 type: object
2926 header:
2927 type: string
2928 policy:
2929 enum:
2930 - round_robin
2931 - ring_hash
2932 - maglev
2933 - least_request
2934 type: string
2935 source_ip:
2936 type: boolean
2937 required:
2938 - policy
2939 type: object
2940 method:
2941 type: string
2942 method_regex:
2943 type: boolean
2944 modules:
2945 items:
2946 type: object
2947 x-kubernetes-preserve-unknown-fields: true
2948 type: array
2949 outlier_detection:
2950 type: string
2951 path_redirect:
2952 description: Path replacement to use when generating an HTTP redirect.
2953 Used with `host_redirect`.
2954 type: string
2955 precedence:
2956 type: integer
2957 prefix:
2958 type: string
2959 prefix_exact:
2960 type: boolean
2961 prefix_redirect:
2962 description: Prefix rewrite to use when generating an HTTP redirect.
2963 Used with `host_redirect`.
2964 type: string
2965 prefix_regex:
2966 type: boolean
2967 priority:
2968 type: string
2969 query_parameters:
2970 type: object
2971 x-kubernetes-preserve-unknown-fields: true
2972 redirect_response_code:
2973 description: The response code to use when generating an HTTP redirect.
2974 Defaults to 301. Used with `host_redirect`.
2975 enum:
2976 - 301
2977 - 302
2978 - 303
2979 - 307
2980 - 308
2981 type: integer
2982 regex_headers:
2983 additionalProperties:
2984 type: string
2985 type: object
2986 regex_query_parameters:
2987 additionalProperties:
2988 type: string
2989 type: object
2990 regex_redirect:
2991 description: Prefix regex rewrite to use when generating an HTTP redirect.
2992 Used with `host_redirect`.
2993 properties:
2994 pattern:
2995 type: string
2996 substitution:
2997 type: string
2998 type: object
2999 regex_rewrite:
3000 properties:
3001 pattern:
3002 type: string
3003 substitution:
3004 type: string
3005 type: object
3006 resolver:
3007 type: string
3008 respect_dns_ttl:
3009 type: boolean
3010 retry_policy:
3011 properties:
3012 num_retries:
3013 type: integer
3014 per_try_timeout:
3015 type: string
3016 retry_on:
3017 enum:
3018 - 5xx
3019 - gateway-error
3020 - connect-failure
3021 - retriable-4xx
3022 - refused-stream
3023 - retriable-status-codes
3024 type: string
3025 type: object
3026 rewrite:
3027 type: string
3028 service:
3029 type: string
3030 shadow:
3031 type: boolean
3032 timeout_ms:
3033 description: The timeout for requests that use this Mapping. Overrides
3034 `cluster_request_timeout_ms` set on the Ambassador Module, if it
3035 exists.
3036 type: integer
3037 use_websocket:
3038 description: 'use_websocket is deprecated, and is equivlaent to setting
3039 `allow_upgrade: ["websocket"]`'
3040 type: boolean
3041 v3StatsName:
3042 type: string
3043 v3health_checks:
3044 items:
3045 description: HealthCheck specifies settings for performing active
3046 health checking on upstreams
3047 properties:
3048 health_check:
3049 description: Configuration for where the healthcheck request
3050 should be made to
3051 maxProperties: 1
3052 minProperties: 1
3053 properties:
3054 grpc:
3055 description: HealthCheck for gRPC upstreams. Only one of
3056 grpc_health_check or http_health_check may be specified
3057 properties:
3058 authority:
3059 description: The value of the :authority header in the
3060 gRPC health check request. If left empty the upstream
3061 name will be used.
3062 type: string
3063 upstream_name:
3064 description: The upstream name parameter which will
3065 be sent to gRPC service in the health check message
3066 type: string
3067 required:
3068 - upstream_name
3069 type: object
3070 http:
3071 description: HealthCheck for HTTP upstreams. Only one of
3072 http_health_check or grpc_health_check may be specified
3073 properties:
3074 add_request_headers:
3075 additionalProperties:
3076 properties:
3077 append:
3078 type: boolean
3079 v2Representation:
3080 enum:
3081 - ""
3082 - string
3083 - "null"
3084 type: string
3085 value:
3086 type: string
3087 type: object
3088 type: object
3089 expected_statuses:
3090 items:
3091 description: A range of response statuses from Start
3092 to End inclusive
3093 properties:
3094 max:
3095 description: End of the statuses to include. Must
3096 be between 100 and 599 (inclusive)
3097 maximum: 599
3098 minimum: 100
3099 type: integer
3100 min:
3101 description: Start of the statuses to include.
3102 Must be between 100 and 599 (inclusive)
3103 maximum: 599
3104 minimum: 100
3105 type: integer
3106 required:
3107 - max
3108 - min
3109 type: object
3110 type: array
3111 hostname:
3112 type: string
3113 path:
3114 type: string
3115 remove_request_headers:
3116 items:
3117 type: string
3118 type: array
3119 required:
3120 - path
3121 type: object
3122 type: object
3123 healthy_threshold:
3124 description: Number of expected responses for the upstream to
3125 be considered healthy. Defaults to 1.
3126 type: integer
3127 interval:
3128 description: Interval between health checks. Defaults to every
3129 5 seconds.
3130 type: string
3131 timeout:
3132 description: Timeout for connecting to the health checking endpoint.
3133 Defaults to 3 seconds.
3134 type: string
3135 unhealthy_threshold:
3136 description: Number of non-expected responses for the upstream
3137 to be considered unhealthy. A single 503 will mark the upstream
3138 as unhealthy regardless of the threshold. Defaults to 2.
3139 type: integer
3140 required:
3141 - health_check
3142 type: object
3143 minItems: 1
3144 type: array
3145 weight:
3146 type: integer
3147 required:
3148 - prefix
3149 - service
3150 type: object
3151 x-kubernetes-preserve-unknown-fields: true
3152 status:
3153 description: MappingStatus defines the observed state of Mapping
3154 properties:
3155 reason:
3156 type: string
3157 state:
3158 enum:
3159 - ""
3160 - Inactive
3161 - Running
3162 type: string
3163 type: object
3164 type: object
3165 served: true
3166 storage: true
3167 subresources:
3168 status: {}
3169 - additionalPrinterColumns:
3170 - jsonPath: .spec.host
3171 name: Source Host
3172 type: string
3173 - jsonPath: .spec.prefix
3174 name: Source Prefix
3175 type: string
3176 - jsonPath: .spec.service
3177 name: Dest Service
3178 type: string
3179 - jsonPath: .status.state
3180 name: State
3181 type: string
3182 - jsonPath: .status.reason
3183 name: Reason
3184 type: string
3185 name: v3alpha1
3186 schema:
3187 openAPIV3Schema:
3188 description: Mapping is the Schema for the mappings API
3189 properties:
3190 apiVersion:
3191 description: 'APIVersion defines the versioned schema of this representation
3192 of an object. Servers should convert recognized schemas to the latest
3193 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3194 type: string
3195 kind:
3196 description: 'Kind is a string value representing the REST resource this
3197 object represents. Servers may infer this from the endpoint the client
3198 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3199 type: string
3200 metadata:
3201 type: object
3202 spec:
3203 description: MappingSpec defines the desired state of Mapping
3204 properties:
3205 add_linkerd_headers:
3206 type: boolean
3207 add_request_headers:
3208 additionalProperties:
3209 properties:
3210 append:
3211 type: boolean
3212 v2Representation:
3213 enum:
3214 - ""
3215 - string
3216 - "null"
3217 type: string
3218 value:
3219 type: string
3220 type: object
3221 type: object
3222 add_response_headers:
3223 additionalProperties:
3224 properties:
3225 append:
3226 type: boolean
3227 v2Representation:
3228 enum:
3229 - ""
3230 - string
3231 - "null"
3232 type: string
3233 value:
3234 type: string
3235 type: object
3236 type: object
3237 allow_upgrade:
3238 description: "A case-insensitive list of the non-HTTP protocols to
3239 allow \"upgrading\" to from HTTP via the \"Connection: upgrade\"
3240 mechanism[1]. After the upgrade, Ambassador does not interpret
3241 the traffic, and behaves similarly to how it does for TCPMappings.
3242 \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example,
3243 if your upstream service supports WebSockets, you would write \n
3244 allow_upgrade: - websocket \n Or if your upstream service supports
3245 upgrading from HTTP to SPDY (as the Kubernetes apiserver does for
3246 `kubectl exec` functionality), you would write \n allow_upgrade:
3247 - spdy/3.1"
3248 items:
3249 type: string
3250 type: array
3251 ambassador_id:
3252 description: "AmbassadorID declares which Ambassador instances should
3253 pay attention to this resource. If no value is provided, the default
3254 is: \n ambassador_id: - \"default\""
3255 items:
3256 type: string
3257 type: array
3258 auth_context_extensions:
3259 additionalProperties:
3260 type: string
3261 type: object
3262 auto_host_rewrite:
3263 type: boolean
3264 bypass_auth:
3265 type: boolean
3266 bypass_error_response_overrides:
3267 description: If true, bypasses any `error_response_overrides` set
3268 on the Ambassador module.
3269 type: boolean
3270 case_sensitive:
3271 type: boolean
3272 circuit_breakers:
3273 items:
3274 properties:
3275 max_connections:
3276 type: integer
3277 max_pending_requests:
3278 type: integer
3279 max_requests:
3280 type: integer
3281 max_retries:
3282 type: integer
3283 priority:
3284 enum:
3285 - default
3286 - high
3287 type: string
3288 type: object
3289 type: array
3290 cluster_idle_timeout_ms:
3291 type: integer
3292 cluster_max_connection_lifetime_ms:
3293 type: integer
3294 cluster_tag:
3295 type: string
3296 connect_timeout_ms:
3297 type: integer
3298 cors:
3299 properties:
3300 credentials:
3301 type: boolean
3302 exposed_headers:
3303 items:
3304 type: string
3305 type: array
3306 headers:
3307 items:
3308 type: string
3309 type: array
3310 max_age:
3311 type: string
3312 methods:
3313 items:
3314 type: string
3315 type: array
3316 origins:
3317 items:
3318 type: string
3319 type: array
3320 v2CommaSeparatedOrigins:
3321 type: boolean
3322 type: object
3323 dns_type:
3324 type: string
3325 docs:
3326 description: DocsInfo provides some extra information about the docs
3327 for the Mapping. Docs is used by both the agent and the DevPortal.
3328 properties:
3329 display_name:
3330 type: string
3331 ignored:
3332 type: boolean
3333 path:
3334 type: string
3335 timeout_ms:
3336 type: integer
3337 url:
3338 type: string
3339 type: object
3340 enable_ipv4:
3341 type: boolean
3342 enable_ipv6:
3343 type: boolean
3344 envoy_override:
3345 type: object
3346 x-kubernetes-preserve-unknown-fields: true
3347 error_response_overrides:
3348 description: Error response overrides for this Mapping. Replaces all
3349 of the `error_response_overrides` set on the Ambassador module,
3350 if any.
3351 items:
3352 description: A response rewrite for an HTTP error response
3353 properties:
3354 body:
3355 description: The new response body
3356 properties:
3357 content_type:
3358 description: The content type to set on the error response
3359 body when using text_format or text_format_source. Defaults
3360 to 'text/plain'.
3361 type: string
3362 json_format:
3363 additionalProperties:
3364 type: string
3365 description: 'A JSON response with content-type: application/json.
3366 The values can contain format text like in text_format.'
3367 type: object
3368 text_format:
3369 description: A format string representing a text response
3370 body. Content-Type can be set using the `content_type`
3371 field below.
3372 type: string
3373 text_format_source:
3374 description: A format string sourced from a file on the
3375 Ambassador container. Useful for larger response bodies
3376 that should not be placed inline in configuration.
3377 properties:
3378 filename:
3379 description: The name of a file on the Ambassador pod
3380 that contains a format text string.
3381 type: string
3382 type: object
3383 type: object
3384 on_status_code:
3385 description: The status code to match on -- not a pointer because
3386 it's required.
3387 maximum: 599
3388 minimum: 400
3389 type: integer
3390 required:
3391 - body
3392 - on_status_code
3393 type: object
3394 minItems: 1
3395 type: array
3396 grpc:
3397 type: boolean
3398 headers:
3399 additionalProperties:
3400 type: string
3401 type: object
3402 health_checks:
3403 items:
3404 description: HealthCheck specifies settings for performing active
3405 health checking on upstreams
3406 properties:
3407 health_check:
3408 description: Configuration for where the healthcheck request
3409 should be made to
3410 maxProperties: 1
3411 minProperties: 1
3412 properties:
3413 grpc:
3414 description: HealthCheck for gRPC upstreams. Only one of
3415 grpc_health_check or http_health_check may be specified
3416 properties:
3417 authority:
3418 description: The value of the :authority header in the
3419 gRPC health check request. If left empty the upstream
3420 name will be used.
3421 type: string
3422 upstream_name:
3423 description: The upstream name parameter which will
3424 be sent to gRPC service in the health check message
3425 type: string
3426 required:
3427 - upstream_name
3428 type: object
3429 http:
3430 description: HealthCheck for HTTP upstreams. Only one of
3431 http_health_check or grpc_health_check may be specified
3432 properties:
3433 add_request_headers:
3434 additionalProperties:
3435 properties:
3436 append:
3437 type: boolean
3438 v2Representation:
3439 enum:
3440 - ""
3441 - string
3442 - "null"
3443 type: string
3444 value:
3445 type: string
3446 type: object
3447 type: object
3448 expected_statuses:
3449 items:
3450 description: A range of response statuses from Start
3451 to End inclusive
3452 properties:
3453 max:
3454 description: End of the statuses to include. Must
3455 be between 100 and 599 (inclusive)
3456 maximum: 599
3457 minimum: 100
3458 type: integer
3459 min:
3460 description: Start of the statuses to include.
3461 Must be between 100 and 599 (inclusive)
3462 maximum: 599
3463 minimum: 100
3464 type: integer
3465 required:
3466 - max
3467 - min
3468 type: object
3469 type: array
3470 hostname:
3471 type: string
3472 path:
3473 type: string
3474 remove_request_headers:
3475 items:
3476 type: string
3477 type: array
3478 required:
3479 - path
3480 type: object
3481 type: object
3482 healthy_threshold:
3483 description: Number of expected responses for the upstream to
3484 be considered healthy. Defaults to 1.
3485 type: integer
3486 interval:
3487 description: Interval between health checks. Defaults to every
3488 5 seconds.
3489 type: string
3490 timeout:
3491 description: Timeout for connecting to the health checking endpoint.
3492 Defaults to 3 seconds.
3493 type: string
3494 unhealthy_threshold:
3495 description: Number of non-expected responses for the upstream
3496 to be considered unhealthy. A single 503 will mark the upstream
3497 as unhealthy regardless of the threshold. Defaults to 2.
3498 type: integer
3499 required:
3500 - health_check
3501 type: object
3502 minItems: 1
3503 type: array
3504 host:
3505 description: "Exact match for the hostname of a request if HostRegex
3506 is false; regex match for the hostname if HostRegex is true. \n
3507 Host specifies both a match for the ':authority' header of a request,
3508 as well as a match criterion for Host CRDs: a Mapping that specifies
3509 Host will not associate with a Host that doesn't have a matching
3510 Hostname. \n If both Host and Hostname are set, an error is logged,
3511 Host is ignored, and Hostname is used. \n DEPRECATED: Host is either
3512 an exact match or a regex, depending on HostRegex. Use HostName
3513 instead."
3514 type: string
3515 host_redirect:
3516 type: boolean
3517 host_regex:
3518 description: 'DEPRECATED: Host is either an exact match or a regex,
3519 depending on HostRegex. Use HostName instead.'
3520 type: boolean
3521 host_rewrite:
3522 type: string
3523 hostname:
3524 description: "Hostname is a DNS glob specifying the hosts to which
3525 this Mapping applies. \n Hostname specifies both a match for the
3526 ':authority' header of a request, as well as a match criterion for
3527 Host CRDs: a Mapping that specifies Hostname will not associate
3528 with a Host that doesn't have a matching Hostname. \n If both Host
3529 and Hostname are set, an error is logged, Host is ignored, and Hostname
3530 is used."
3531 type: string
3532 idle_timeout_ms:
3533 type: integer
3534 keepalive:
3535 properties:
3536 idle_time:
3537 type: integer
3538 interval:
3539 type: integer
3540 probes:
3541 type: integer
3542 type: object
3543 labels:
3544 additionalProperties:
3545 description: A MappingLabelGroupsArray is an array of MappingLabelGroups.
3546 I know, complex.
3547 items:
3548 additionalProperties:
3549 description: 'A MappingLabelsArray is the value in the MappingLabelGroup:
3550 an array of label specifiers.'
3551 items:
3552 description: "A MappingLabelSpecifier (finally!) defines a
3553 single label. \n This mimics envoy/config/route/v3/route_components.proto:RateLimit:Action:action_specifier."
3554 maxProperties: 1
3555 minProperties: 1
3556 properties:
3557 destination_cluster:
3558 description: Sets the label "destination_cluster=«Envoy
3559 destination cluster name»".
3560 properties:
3561 key:
3562 enum:
3563 - destination_cluster
3564 type: string
3565 required:
3566 - key
3567 type: object
3568 generic_key:
3569 description: Sets the label "«key»=«value»" (where by
3570 default «key» is "generic_key").
3571 properties:
3572 key:
3573 description: The default is "generic_key".
3574 type: string
3575 v2Shorthand:
3576 type: boolean
3577 value:
3578 type: string
3579 required:
3580 - value
3581 type: object
3582 remote_address:
3583 description: Sets the label "remote_address=«IP address
3584 of the client»".
3585 properties:
3586 key:
3587 enum:
3588 - remote_address
3589 type: string
3590 required:
3591 - key
3592 type: object
3593 request_headers:
3594 description: If the «header_name» header is set, then
3595 set the label "«key»=«Value of the «header_name» header»";
3596 otherwise skip applying this label group.
3597 properties:
3598 header_name:
3599 type: string
3600 key:
3601 type: string
3602 omit_if_not_present:
3603 type: boolean
3604 required:
3605 - header_name
3606 - key
3607 type: object
3608 source_cluster:
3609 description: Sets the label "source_cluster=«Envoy source
3610 cluster name»".
3611 properties:
3612 key:
3613 enum:
3614 - source_cluster
3615 type: string
3616 required:
3617 - key
3618 type: object
3619 type: object
3620 type: array
3621 description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray:
3622 a second map, where the key is a human-readable name that identifies
3623 the group.'
3624 maxProperties: 1
3625 minProperties: 1
3626 type: object
3627 type: array
3628 description: A DomainMap is the overall Mapping.spec.Labels type.
3629 It maps domains (kind of like namespaces for Mapping labels) to
3630 arrays of label groups.
3631 type: object
3632 load_balancer:
3633 properties:
3634 cookie:
3635 properties:
3636 name:
3637 type: string
3638 path:
3639 type: string
3640 ttl:
3641 type: string
3642 required:
3643 - name
3644 type: object
3645 header:
3646 type: string
3647 policy:
3648 enum:
3649 - round_robin
3650 - ring_hash
3651 - maglev
3652 - least_request
3653 type: string
3654 source_ip:
3655 type: boolean
3656 required:
3657 - policy
3658 type: object
3659 method:
3660 type: string
3661 method_regex:
3662 type: boolean
3663 modules:
3664 items:
3665 type: object
3666 x-kubernetes-preserve-unknown-fields: true
3667 type: array
3668 outlier_detection:
3669 type: string
3670 path_redirect:
3671 description: Path replacement to use when generating an HTTP redirect.
3672 Used with `host_redirect`.
3673 type: string
3674 precedence:
3675 type: integer
3676 prefix:
3677 type: string
3678 prefix_exact:
3679 type: boolean
3680 prefix_redirect:
3681 description: Prefix rewrite to use when generating an HTTP redirect.
3682 Used with `host_redirect`.
3683 type: string
3684 prefix_regex:
3685 type: boolean
3686 priority:
3687 type: string
3688 query_parameters:
3689 additionalProperties:
3690 type: string
3691 type: object
3692 redirect_response_code:
3693 description: The response code to use when generating an HTTP redirect.
3694 Defaults to 301. Used with `host_redirect`.
3695 enum:
3696 - 301
3697 - 302
3698 - 303
3699 - 307
3700 - 308
3701 type: integer
3702 regex_headers:
3703 additionalProperties:
3704 type: string
3705 type: object
3706 regex_query_parameters:
3707 additionalProperties:
3708 type: string
3709 type: object
3710 regex_redirect:
3711 description: Prefix regex rewrite to use when generating an HTTP redirect.
3712 Used with `host_redirect`.
3713 properties:
3714 pattern:
3715 type: string
3716 substitution:
3717 type: string
3718 type: object
3719 regex_rewrite:
3720 properties:
3721 pattern:
3722 type: string
3723 substitution:
3724 type: string
3725 type: object
3726 remove_request_headers:
3727 items:
3728 type: string
3729 type: array
3730 remove_response_headers:
3731 items:
3732 type: string
3733 type: array
3734 resolver:
3735 type: string
3736 respect_dns_ttl:
3737 type: boolean
3738 retry_policy:
3739 properties:
3740 num_retries:
3741 type: integer
3742 per_try_timeout:
3743 type: string
3744 retry_on:
3745 enum:
3746 - 5xx
3747 - gateway-error
3748 - connect-failure
3749 - retriable-4xx
3750 - refused-stream
3751 - retriable-status-codes
3752 type: string
3753 type: object
3754 rewrite:
3755 type: string
3756 service:
3757 type: string
3758 shadow:
3759 type: boolean
3760 stats_name:
3761 type: string
3762 timeout_ms:
3763 description: The timeout for requests that use this Mapping. Overrides
3764 `cluster_request_timeout_ms` set on the Ambassador Module, if it
3765 exists.
3766 type: integer
3767 tls:
3768 type: string
3769 use_websocket:
3770 description: 'use_websocket is deprecated, and is equivlaent to setting
3771 `allow_upgrade: ["websocket"]`'
3772 type: boolean
3773 v2BoolHeaders:
3774 items:
3775 type: string
3776 type: array
3777 v2BoolQueryParameters:
3778 items:
3779 type: string
3780 type: array
3781 v2ExplicitTLS:
3782 description: V2ExplicitTLS controls some vanity/stylistic elements
3783 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
3784 should not in any way affect the runtime operation of Emissary;
3785 except that it may affect internal names in the Envoy config, which
3786 may in turn affect stats names. But it should not affect any end-user
3787 observable behavior.
3788 properties:
3789 serviceScheme:
3790 description: "ServiceScheme specifies how to spell and capitalize
3791 the scheme-part of the service URL. \n Acceptable values are
3792 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
3793 or \"\". The value is used if it agrees with whether or not
3794 this resource enables TLS origination, or if something else
3795 in the resource overrides the scheme."
3796 pattern: ^([hH][tT][tT][pP][sS]?://)?$
3797 type: string
3798 tls:
3799 description: "TLS controls whether and how to represent the \"tls\"
3800 field when its value could be implied by the \"service\" field.
3801 \ In v2, there were a lot of different ways to spell an \"empty\"
3802 value, and this field specifies which way to spell it (and will
3803 therefore only be used if the value will indeed be empty). \n
3804 | Value | Representation | Meaning
3805 of representation | |--------------+---------------------------------------+------------------------------------|
3806 | \"\" | omit the field | defer
3807 to service (no TLSContext) | | \"null\" | store an explicit
3808 \"null\" in the field | defer to service (no TLSContext) |
3809 | \"string\" | store an empty string in the field | defer
3810 to service (no TLSContext) | | \"bool:false\" | store a Boolean
3811 \"false\" in the field | defer to service (no TLSContext) |
3812 | \"bool:true\" | store a Boolean \"true\" in the field |
3813 originate TLS (no TLSContext) | \n If the meaning of the
3814 representation contradicts anything else (if a TLSContext is
3815 to be used, or in the case of \"bool:true\" if TLS is not to
3816 be originated), then this field is ignored."
3817 enum:
3818 - ""
3819 - "null"
3820 - bool:true
3821 - bool:false
3822 - string
3823 type: string
3824 type: object
3825 weight:
3826 type: integer
3827 required:
3828 - prefix
3829 - service
3830 type: object
3831 status:
3832 description: MappingStatus defines the observed state of Mapping
3833 properties:
3834 reason:
3835 type: string
3836 state:
3837 enum:
3838 - ""
3839 - Inactive
3840 - Running
3841 type: string
3842 type: object
3843 type: object
3844 served: true
3845 storage: false
3846 subresources:
3847 status: {}
3848---
3849apiVersion: apiextensions.k8s.io/v1
3850kind: CustomResourceDefinition
3851metadata:
3852 annotations:
3853 controller-gen.kubebuilder.io/version: v0.13.0
3854 labels:
3855 app.kubernetes.io/instance: emissary-apiext
3856 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
3857 app.kubernetes.io/name: emissary-apiext
3858 app.kubernetes.io/part-of: emissary-apiext
3859 name: modules.getambassador.io
3860spec:
3861 conversion:
3862 strategy: Webhook
3863 webhook:
3864 clientConfig:
3865 service:
3866 name: emissary-apiext
3867 namespace: emissary-system
3868 conversionReviewVersions:
3869 - v1
3870 group: getambassador.io
3871 names:
3872 categories:
3873 - ambassador-crds
3874 kind: Module
3875 listKind: ModuleList
3876 plural: modules
3877 singular: module
3878 preserveUnknownFields: false
3879 scope: Namespaced
3880 versions:
3881 - name: v1
3882 schema:
3883 openAPIV3Schema:
3884 description: "A Module defines system-wide configuration. The type of module
3885 is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\".
3886 \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module
3887 https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
3888 properties:
3889 apiVersion:
3890 description: 'APIVersion defines the versioned schema of this representation
3891 of an object. Servers should convert recognized schemas to the latest
3892 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3893 type: string
3894 kind:
3895 description: 'Kind is a string value representing the REST resource this
3896 object represents. Servers may infer this from the endpoint the client
3897 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3898 type: string
3899 metadata:
3900 type: object
3901 spec:
3902 properties:
3903 config:
3904 type: object
3905 x-kubernetes-preserve-unknown-fields: true
3906 type: object
3907 x-kubernetes-preserve-unknown-fields: true
3908 type: object
3909 served: true
3910 storage: false
3911 - name: v2
3912 schema:
3913 openAPIV3Schema:
3914 description: "A Module defines system-wide configuration. The type of module
3915 is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\".
3916 \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module
3917 https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
3918 properties:
3919 apiVersion:
3920 description: 'APIVersion defines the versioned schema of this representation
3921 of an object. Servers should convert recognized schemas to the latest
3922 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3923 type: string
3924 kind:
3925 description: 'Kind is a string value representing the REST resource this
3926 object represents. Servers may infer this from the endpoint the client
3927 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3928 type: string
3929 metadata:
3930 type: object
3931 spec:
3932 properties:
3933 config:
3934 type: object
3935 x-kubernetes-preserve-unknown-fields: true
3936 type: object
3937 x-kubernetes-preserve-unknown-fields: true
3938 type: object
3939 served: true
3940 storage: true
3941 - name: v3alpha1
3942 schema:
3943 openAPIV3Schema:
3944 description: "A Module defines system-wide configuration. The type of module
3945 is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\".
3946 \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module
3947 https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
3948 properties:
3949 apiVersion:
3950 description: 'APIVersion defines the versioned schema of this representation
3951 of an object. Servers should convert recognized schemas to the latest
3952 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3953 type: string
3954 kind:
3955 description: 'Kind is a string value representing the REST resource this
3956 object represents. Servers may infer this from the endpoint the client
3957 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3958 type: string
3959 metadata:
3960 type: object
3961 spec:
3962 properties:
3963 ambassador_id:
3964 description: "AmbassadorID declares which Ambassador instances should
3965 pay attention to this resource. If no value is provided, the default
3966 is: \n ambassador_id: - \"default\""
3967 items:
3968 type: string
3969 type: array
3970 config:
3971 type: object
3972 x-kubernetes-preserve-unknown-fields: true
3973 required:
3974 - config
3975 type: object
3976 type: object
3977 served: true
3978 storage: false
3979---
3980apiVersion: apiextensions.k8s.io/v1
3981kind: CustomResourceDefinition
3982metadata:
3983 annotations:
3984 controller-gen.kubebuilder.io/version: v0.13.0
3985 labels:
3986 app.kubernetes.io/instance: emissary-apiext
3987 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
3988 app.kubernetes.io/name: emissary-apiext
3989 app.kubernetes.io/part-of: emissary-apiext
3990 name: ratelimitservices.getambassador.io
3991spec:
3992 conversion:
3993 strategy: Webhook
3994 webhook:
3995 clientConfig:
3996 service:
3997 name: emissary-apiext
3998 namespace: emissary-system
3999 conversionReviewVersions:
4000 - v1
4001 group: getambassador.io
4002 names:
4003 categories:
4004 - ambassador-crds
4005 kind: RateLimitService
4006 listKind: RateLimitServiceList
4007 plural: ratelimitservices
4008 singular: ratelimitservice
4009 preserveUnknownFields: false
4010 scope: Namespaced
4011 versions:
4012 - name: v1
4013 schema:
4014 openAPIV3Schema:
4015 description: RateLimitService is the Schema for the ratelimitservices API
4016 properties:
4017 apiVersion:
4018 description: 'APIVersion defines the versioned schema of this representation
4019 of an object. Servers should convert recognized schemas to the latest
4020 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4021 type: string
4022 kind:
4023 description: 'Kind is a string value representing the REST resource this
4024 object represents. Servers may infer this from the endpoint the client
4025 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4026 type: string
4027 metadata:
4028 type: object
4029 spec:
4030 description: RateLimitServiceSpec defines the desired state of RateLimitService
4031 properties:
4032 domain:
4033 type: string
4034 failure_mode_deny:
4035 description: FailureModeDeny when set to true, envoy will deny traffic
4036 if it is unable to communicate with the rate limit service.
4037 type: boolean
4038 protocol_version:
4039 enum:
4040 - v2
4041 - v3
4042 type: string
4043 service:
4044 type: string
4045 timeout_ms:
4046 type: integer
4047 v3GRPC:
4048 properties:
4049 use_resource_exhausted_code:
4050 description: UseResourceExhaustedCode, when set to true, will
4051 cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead
4052 of the default `UNAVAILABLE` gRPC code.
4053 type: boolean
4054 type: object
4055 v3StatsName:
4056 type: string
4057 required:
4058 - service
4059 type: object
4060 x-kubernetes-preserve-unknown-fields: true
4061 type: object
4062 served: true
4063 storage: false
4064 - name: v2
4065 schema:
4066 openAPIV3Schema:
4067 description: RateLimitService is the Schema for the ratelimitservices API
4068 properties:
4069 apiVersion:
4070 description: 'APIVersion defines the versioned schema of this representation
4071 of an object. Servers should convert recognized schemas to the latest
4072 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4073 type: string
4074 kind:
4075 description: 'Kind is a string value representing the REST resource this
4076 object represents. Servers may infer this from the endpoint the client
4077 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4078 type: string
4079 metadata:
4080 type: object
4081 spec:
4082 description: RateLimitServiceSpec defines the desired state of RateLimitService
4083 properties:
4084 domain:
4085 type: string
4086 failure_mode_deny:
4087 description: FailureModeDeny when set to true, envoy will deny traffic
4088 if it is unable to communicate with the rate limit service.
4089 type: boolean
4090 protocol_version:
4091 enum:
4092 - v2
4093 - v3
4094 type: string
4095 service:
4096 type: string
4097 timeout_ms:
4098 type: integer
4099 v3GRPC:
4100 properties:
4101 use_resource_exhausted_code:
4102 description: UseResourceExhaustedCode, when set to true, will
4103 cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead
4104 of the default `UNAVAILABLE` gRPC code.
4105 type: boolean
4106 type: object
4107 v3StatsName:
4108 type: string
4109 required:
4110 - service
4111 type: object
4112 x-kubernetes-preserve-unknown-fields: true
4113 type: object
4114 served: true
4115 storage: true
4116 - name: v3alpha1
4117 schema:
4118 openAPIV3Schema:
4119 description: RateLimitService is the Schema for the ratelimitservices API
4120 properties:
4121 apiVersion:
4122 description: 'APIVersion defines the versioned schema of this representation
4123 of an object. Servers should convert recognized schemas to the latest
4124 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4125 type: string
4126 kind:
4127 description: 'Kind is a string value representing the REST resource this
4128 object represents. Servers may infer this from the endpoint the client
4129 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4130 type: string
4131 metadata:
4132 type: object
4133 spec:
4134 description: RateLimitServiceSpec defines the desired state of RateLimitService
4135 properties:
4136 ambassador_id:
4137 description: Common to all Ambassador objects.
4138 items:
4139 type: string
4140 type: array
4141 domain:
4142 type: string
4143 failure_mode_deny:
4144 description: FailureModeDeny when set to true, envoy will deny traffic
4145 if it is unable to communicate with the rate limit service.
4146 type: boolean
4147 grpc:
4148 properties:
4149 use_resource_exhausted_code:
4150 description: UseResourceExhaustedCode, when set to true, will
4151 cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead
4152 of the default `UNAVAILABLE` gRPC code.
4153 type: boolean
4154 type: object
4155 protocol_version:
4156 description: ProtocolVersion is the envoy api transport protocol version
4157 enum:
4158 - v2
4159 - v3
4160 type: string
4161 service:
4162 type: string
4163 stats_name:
4164 type: string
4165 timeout_ms:
4166 type: integer
4167 tls:
4168 type: string
4169 v2ExplicitTLS:
4170 description: V2ExplicitTLS controls some vanity/stylistic elements
4171 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
4172 should not in any way affect the runtime operation of Emissary;
4173 except that it may affect internal names in the Envoy config, which
4174 may in turn affect stats names. But it should not affect any end-user
4175 observable behavior.
4176 properties:
4177 serviceScheme:
4178 description: "ServiceScheme specifies how to spell and capitalize
4179 the scheme-part of the service URL. \n Acceptable values are
4180 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
4181 or \"\". The value is used if it agrees with whether or not
4182 this resource enables TLS origination, or if something else
4183 in the resource overrides the scheme."
4184 pattern: ^([hH][tT][tT][pP][sS]?://)?$
4185 type: string
4186 tls:
4187 description: "TLS controls whether and how to represent the \"tls\"
4188 field when its value could be implied by the \"service\" field.
4189 \ In v2, there were a lot of different ways to spell an \"empty\"
4190 value, and this field specifies which way to spell it (and will
4191 therefore only be used if the value will indeed be empty). \n
4192 | Value | Representation | Meaning
4193 of representation | |--------------+---------------------------------------+------------------------------------|
4194 | \"\" | omit the field | defer
4195 to service (no TLSContext) | | \"null\" | store an explicit
4196 \"null\" in the field | defer to service (no TLSContext) |
4197 | \"string\" | store an empty string in the field | defer
4198 to service (no TLSContext) | | \"bool:false\" | store a Boolean
4199 \"false\" in the field | defer to service (no TLSContext) |
4200 | \"bool:true\" | store a Boolean \"true\" in the field |
4201 originate TLS (no TLSContext) | \n If the meaning of the
4202 representation contradicts anything else (if a TLSContext is
4203 to be used, or in the case of \"bool:true\" if TLS is not to
4204 be originated), then this field is ignored."
4205 enum:
4206 - ""
4207 - "null"
4208 - bool:true
4209 - bool:false
4210 - string
4211 type: string
4212 type: object
4213 required:
4214 - service
4215 type: object
4216 type: object
4217 served: true
4218 storage: false
4219---
4220apiVersion: apiextensions.k8s.io/v1
4221kind: CustomResourceDefinition
4222metadata:
4223 annotations:
4224 controller-gen.kubebuilder.io/version: v0.13.0
4225 labels:
4226 app.kubernetes.io/instance: emissary-apiext
4227 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4228 app.kubernetes.io/name: emissary-apiext
4229 app.kubernetes.io/part-of: emissary-apiext
4230 name: tcpmappings.getambassador.io
4231spec:
4232 conversion:
4233 strategy: Webhook
4234 webhook:
4235 clientConfig:
4236 service:
4237 name: emissary-apiext
4238 namespace: emissary-system
4239 conversionReviewVersions:
4240 - v1
4241 group: getambassador.io
4242 names:
4243 categories:
4244 - ambassador-crds
4245 kind: TCPMapping
4246 listKind: TCPMappingList
4247 plural: tcpmappings
4248 singular: tcpmapping
4249 preserveUnknownFields: false
4250 scope: Namespaced
4251 versions:
4252 - name: v1
4253 schema:
4254 openAPIV3Schema:
4255 description: TCPMapping is the Schema for the tcpmappings API
4256 properties:
4257 apiVersion:
4258 description: 'APIVersion defines the versioned schema of this representation
4259 of an object. Servers should convert recognized schemas to the latest
4260 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4261 type: string
4262 kind:
4263 description: 'Kind is a string value representing the REST resource this
4264 object represents. Servers may infer this from the endpoint the client
4265 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4266 type: string
4267 metadata:
4268 type: object
4269 spec:
4270 description: TCPMappingSpec defines the desired state of TCPMapping
4271 properties:
4272 address:
4273 type: string
4274 circuit_breakers:
4275 items:
4276 properties:
4277 max_connections:
4278 type: integer
4279 max_pending_requests:
4280 type: integer
4281 max_requests:
4282 type: integer
4283 max_retries:
4284 type: integer
4285 priority:
4286 enum:
4287 - default
4288 - high
4289 type: string
4290 type: object
4291 type: array
4292 cluster_tag:
4293 type: string
4294 enable_ipv4:
4295 type: boolean
4296 enable_ipv6:
4297 type: boolean
4298 host:
4299 type: string
4300 idle_timeout_ms:
4301 type: string
4302 port:
4303 description: Port isn't a pointer because it's required.
4304 type: integer
4305 resolver:
4306 type: string
4307 service:
4308 type: string
4309 v3StatsName:
4310 type: string
4311 weight:
4312 type: integer
4313 required:
4314 - port
4315 - service
4316 type: object
4317 x-kubernetes-preserve-unknown-fields: true
4318 type: object
4319 served: true
4320 storage: false
4321 - name: v2
4322 schema:
4323 openAPIV3Schema:
4324 description: TCPMapping is the Schema for the tcpmappings API
4325 properties:
4326 apiVersion:
4327 description: 'APIVersion defines the versioned schema of this representation
4328 of an object. Servers should convert recognized schemas to the latest
4329 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4330 type: string
4331 kind:
4332 description: 'Kind is a string value representing the REST resource this
4333 object represents. Servers may infer this from the endpoint the client
4334 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4335 type: string
4336 metadata:
4337 type: object
4338 spec:
4339 description: TCPMappingSpec defines the desired state of TCPMapping
4340 properties:
4341 address:
4342 type: string
4343 circuit_breakers:
4344 items:
4345 properties:
4346 max_connections:
4347 type: integer
4348 max_pending_requests:
4349 type: integer
4350 max_requests:
4351 type: integer
4352 max_retries:
4353 type: integer
4354 priority:
4355 enum:
4356 - default
4357 - high
4358 type: string
4359 type: object
4360 type: array
4361 cluster_tag:
4362 type: string
4363 enable_ipv4:
4364 type: boolean
4365 enable_ipv6:
4366 type: boolean
4367 host:
4368 type: string
4369 idle_timeout_ms:
4370 type: string
4371 port:
4372 description: Port isn't a pointer because it's required.
4373 type: integer
4374 resolver:
4375 type: string
4376 service:
4377 type: string
4378 v3StatsName:
4379 type: string
4380 weight:
4381 type: integer
4382 required:
4383 - port
4384 - service
4385 type: object
4386 x-kubernetes-preserve-unknown-fields: true
4387 type: object
4388 served: true
4389 storage: true
4390 - name: v3alpha1
4391 schema:
4392 openAPIV3Schema:
4393 description: TCPMapping is the Schema for the tcpmappings API
4394 properties:
4395 apiVersion:
4396 description: 'APIVersion defines the versioned schema of this representation
4397 of an object. Servers should convert recognized schemas to the latest
4398 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4399 type: string
4400 kind:
4401 description: 'Kind is a string value representing the REST resource this
4402 object represents. Servers may infer this from the endpoint the client
4403 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4404 type: string
4405 metadata:
4406 type: object
4407 spec:
4408 description: TCPMappingSpec defines the desired state of TCPMapping
4409 properties:
4410 address:
4411 type: string
4412 ambassador_id:
4413 description: "AmbassadorID declares which Ambassador instances should
4414 pay attention to this resource. If no value is provided, the default
4415 is: \n ambassador_id: - \"default\""
4416 items:
4417 type: string
4418 type: array
4419 circuit_breakers:
4420 items:
4421 properties:
4422 max_connections:
4423 type: integer
4424 max_pending_requests:
4425 type: integer
4426 max_requests:
4427 type: integer
4428 max_retries:
4429 type: integer
4430 priority:
4431 enum:
4432 - default
4433 - high
4434 type: string
4435 type: object
4436 type: array
4437 cluster_tag:
4438 type: string
4439 enable_ipv4:
4440 type: boolean
4441 enable_ipv6:
4442 type: boolean
4443 host:
4444 type: string
4445 idle_timeout_ms:
4446 type: string
4447 port:
4448 description: Port isn't a pointer because it's required.
4449 type: integer
4450 resolver:
4451 type: string
4452 service:
4453 type: string
4454 stats_name:
4455 type: string
4456 tls:
4457 type: string
4458 v2ExplicitTLS:
4459 description: V2ExplicitTLS controls some vanity/stylistic elements
4460 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
4461 should not in any way affect the runtime operation of Emissary;
4462 except that it may affect internal names in the Envoy config, which
4463 may in turn affect stats names. But it should not affect any end-user
4464 observable behavior.
4465 properties:
4466 serviceScheme:
4467 description: "ServiceScheme specifies how to spell and capitalize
4468 the scheme-part of the service URL. \n Acceptable values are
4469 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
4470 or \"\". The value is used if it agrees with whether or not
4471 this resource enables TLS origination, or if something else
4472 in the resource overrides the scheme."
4473 pattern: ^([hH][tT][tT][pP][sS]?://)?$
4474 type: string
4475 tls:
4476 description: "TLS controls whether and how to represent the \"tls\"
4477 field when its value could be implied by the \"service\" field.
4478 \ In v2, there were a lot of different ways to spell an \"empty\"
4479 value, and this field specifies which way to spell it (and will
4480 therefore only be used if the value will indeed be empty). \n
4481 | Value | Representation | Meaning
4482 of representation | |--------------+---------------------------------------+------------------------------------|
4483 | \"\" | omit the field | defer
4484 to service (no TLSContext) | | \"null\" | store an explicit
4485 \"null\" in the field | defer to service (no TLSContext) |
4486 | \"string\" | store an empty string in the field | defer
4487 to service (no TLSContext) | | \"bool:false\" | store a Boolean
4488 \"false\" in the field | defer to service (no TLSContext) |
4489 | \"bool:true\" | store a Boolean \"true\" in the field |
4490 originate TLS (no TLSContext) | \n If the meaning of the
4491 representation contradicts anything else (if a TLSContext is
4492 to be used, or in the case of \"bool:true\" if TLS is not to
4493 be originated), then this field is ignored."
4494 enum:
4495 - ""
4496 - "null"
4497 - bool:true
4498 - bool:false
4499 - string
4500 type: string
4501 type: object
4502 weight:
4503 type: integer
4504 required:
4505 - port
4506 - service
4507 type: object
4508 type: object
4509 served: true
4510 storage: false
4511---
4512apiVersion: apiextensions.k8s.io/v1
4513kind: CustomResourceDefinition
4514metadata:
4515 annotations:
4516 controller-gen.kubebuilder.io/version: v0.13.0
4517 labels:
4518 app.kubernetes.io/instance: emissary-apiext
4519 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4520 app.kubernetes.io/name: emissary-apiext
4521 app.kubernetes.io/part-of: emissary-apiext
4522 name: tlscontexts.getambassador.io
4523spec:
4524 conversion:
4525 strategy: Webhook
4526 webhook:
4527 clientConfig:
4528 service:
4529 name: emissary-apiext
4530 namespace: emissary-system
4531 conversionReviewVersions:
4532 - v1
4533 group: getambassador.io
4534 names:
4535 categories:
4536 - ambassador-crds
4537 kind: TLSContext
4538 listKind: TLSContextList
4539 plural: tlscontexts
4540 singular: tlscontext
4541 preserveUnknownFields: false
4542 scope: Namespaced
4543 versions:
4544 - name: v1
4545 schema:
4546 openAPIV3Schema:
4547 description: TLSContext is the Schema for the tlscontexts API
4548 properties:
4549 apiVersion:
4550 description: 'APIVersion defines the versioned schema of this representation
4551 of an object. Servers should convert recognized schemas to the latest
4552 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4553 type: string
4554 kind:
4555 description: 'Kind is a string value representing the REST resource this
4556 object represents. Servers may infer this from the endpoint the client
4557 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4558 type: string
4559 metadata:
4560 type: object
4561 spec:
4562 description: TLSContextSpec defines the desired state of TLSContext
4563 properties:
4564 alpn_protocols:
4565 type: string
4566 ca_secret:
4567 type: string
4568 cacert_chain_file:
4569 type: string
4570 cert_chain_file:
4571 type: string
4572 cert_required:
4573 type: boolean
4574 cipher_suites:
4575 items:
4576 type: string
4577 type: array
4578 ecdh_curves:
4579 items:
4580 type: string
4581 type: array
4582 hosts:
4583 items:
4584 type: string
4585 type: array
4586 max_tls_version:
4587 enum:
4588 - v1.0
4589 - v1.1
4590 - v1.2
4591 - v1.3
4592 type: string
4593 min_tls_version:
4594 enum:
4595 - v1.0
4596 - v1.1
4597 - v1.2
4598 - v1.3
4599 type: string
4600 private_key_file:
4601 type: string
4602 redirect_cleartext_from:
4603 type: integer
4604 secret:
4605 type: string
4606 secret_namespacing:
4607 type: boolean
4608 sni:
4609 type: string
4610 v3CRLSecret:
4611 type: string
4612 type: object
4613 x-kubernetes-preserve-unknown-fields: true
4614 type: object
4615 served: true
4616 storage: false
4617 - name: v2
4618 schema:
4619 openAPIV3Schema:
4620 description: TLSContext is the Schema for the tlscontexts API
4621 properties:
4622 apiVersion:
4623 description: 'APIVersion defines the versioned schema of this representation
4624 of an object. Servers should convert recognized schemas to the latest
4625 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4626 type: string
4627 kind:
4628 description: 'Kind is a string value representing the REST resource this
4629 object represents. Servers may infer this from the endpoint the client
4630 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4631 type: string
4632 metadata:
4633 type: object
4634 spec:
4635 description: TLSContextSpec defines the desired state of TLSContext
4636 properties:
4637 alpn_protocols:
4638 type: string
4639 ca_secret:
4640 type: string
4641 cacert_chain_file:
4642 type: string
4643 cert_chain_file:
4644 type: string
4645 cert_required:
4646 type: boolean
4647 cipher_suites:
4648 items:
4649 type: string
4650 type: array
4651 ecdh_curves:
4652 items:
4653 type: string
4654 type: array
4655 hosts:
4656 items:
4657 type: string
4658 type: array
4659 max_tls_version:
4660 enum:
4661 - v1.0
4662 - v1.1
4663 - v1.2
4664 - v1.3
4665 type: string
4666 min_tls_version:
4667 enum:
4668 - v1.0
4669 - v1.1
4670 - v1.2
4671 - v1.3
4672 type: string
4673 private_key_file:
4674 type: string
4675 redirect_cleartext_from:
4676 type: integer
4677 secret:
4678 type: string
4679 secret_namespacing:
4680 type: boolean
4681 sni:
4682 type: string
4683 v3CRLSecret:
4684 type: string
4685 type: object
4686 x-kubernetes-preserve-unknown-fields: true
4687 type: object
4688 served: true
4689 storage: true
4690 - name: v3alpha1
4691 schema:
4692 openAPIV3Schema:
4693 description: TLSContext is the Schema for the tlscontexts API
4694 properties:
4695 apiVersion:
4696 description: 'APIVersion defines the versioned schema of this representation
4697 of an object. Servers should convert recognized schemas to the latest
4698 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4699 type: string
4700 kind:
4701 description: 'Kind is a string value representing the REST resource this
4702 object represents. Servers may infer this from the endpoint the client
4703 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4704 type: string
4705 metadata:
4706 type: object
4707 spec:
4708 description: TLSContextSpec defines the desired state of TLSContext
4709 properties:
4710 alpn_protocols:
4711 type: string
4712 ambassador_id:
4713 description: "AmbassadorID declares which Ambassador instances should
4714 pay attention to this resource. If no value is provided, the default
4715 is: \n ambassador_id: - \"default\""
4716 items:
4717 type: string
4718 type: array
4719 ca_secret:
4720 type: string
4721 cacert_chain_file:
4722 type: string
4723 cert_chain_file:
4724 type: string
4725 cert_required:
4726 type: boolean
4727 cipher_suites:
4728 items:
4729 type: string
4730 type: array
4731 crl_secret:
4732 type: string
4733 ecdh_curves:
4734 items:
4735 type: string
4736 type: array
4737 hosts:
4738 items:
4739 type: string
4740 type: array
4741 max_tls_version:
4742 enum:
4743 - v1.0
4744 - v1.1
4745 - v1.2
4746 - v1.3
4747 type: string
4748 min_tls_version:
4749 enum:
4750 - v1.0
4751 - v1.1
4752 - v1.2
4753 - v1.3
4754 type: string
4755 private_key_file:
4756 type: string
4757 redirect_cleartext_from:
4758 type: integer
4759 secret:
4760 type: string
4761 secret_namespacing:
4762 type: boolean
4763 sni:
4764 type: string
4765 type: object
4766 type: object
4767 served: true
4768 storage: false
4769---
4770apiVersion: apiextensions.k8s.io/v1
4771kind: CustomResourceDefinition
4772metadata:
4773 annotations:
4774 controller-gen.kubebuilder.io/version: v0.13.0
4775 labels:
4776 app.kubernetes.io/instance: emissary-apiext
4777 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4778 app.kubernetes.io/name: emissary-apiext
4779 app.kubernetes.io/part-of: emissary-apiext
4780 name: tracingservices.getambassador.io
4781spec:
4782 conversion:
4783 strategy: Webhook
4784 webhook:
4785 clientConfig:
4786 service:
4787 name: emissary-apiext
4788 namespace: emissary-system
4789 conversionReviewVersions:
4790 - v1
4791 group: getambassador.io
4792 names:
4793 categories:
4794 - ambassador-crds
4795 kind: TracingService
4796 listKind: TracingServiceList
4797 plural: tracingservices
4798 singular: tracingservice
4799 preserveUnknownFields: false
4800 scope: Namespaced
4801 versions:
4802 - name: v1
4803 schema:
4804 openAPIV3Schema:
4805 description: TracingService is the Schema for the tracingservices API
4806 properties:
4807 apiVersion:
4808 description: 'APIVersion defines the versioned schema of this representation
4809 of an object. Servers should convert recognized schemas to the latest
4810 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4811 type: string
4812 kind:
4813 description: 'Kind is a string value representing the REST resource this
4814 object represents. Servers may infer this from the endpoint the client
4815 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4816 type: string
4817 metadata:
4818 type: object
4819 spec:
4820 description: TracingServiceSpec defines the desired state of TracingService
4821 properties:
4822 config:
4823 properties:
4824 access_token_file:
4825 type: string
4826 collector_cluster:
4827 type: string
4828 collector_endpoint:
4829 type: string
4830 collector_endpoint_version:
4831 enum:
4832 - HTTP_JSON_V1
4833 - HTTP_JSON
4834 - HTTP_PROTO
4835 type: string
4836 collector_hostname:
4837 type: string
4838 service_name:
4839 type: string
4840 shared_span_context:
4841 type: boolean
4842 trace_id_128bit:
4843 type: boolean
4844 v3PropagationModes:
4845 items:
4846 enum:
4847 - ENVOY
4848 - LIGHTSTEP
4849 - B3
4850 - TRACE_CONTEXT
4851 type: string
4852 type: array
4853 type: object
4854 driver:
4855 enum:
4856 - lightstep
4857 - zipkin
4858 - datadog
4859 - opentelemetry
4860 type: string
4861 sampling:
4862 properties:
4863 client:
4864 type: integer
4865 overall:
4866 type: integer
4867 random:
4868 type: integer
4869 type: object
4870 service:
4871 type: string
4872 tag_headers:
4873 items:
4874 type: string
4875 type: array
4876 v3CustomTags:
4877 items:
4878 description: TracingCustomTag provides a data structure for capturing
4879 envoy's `type.tracing.v3.CustomTag`
4880 properties:
4881 environment:
4882 description: Environment explicitly specifies the protocol stack
4883 to set up. Exactly one of Literal, Environment or Header must
4884 be supplied.
4885 properties:
4886 default_value:
4887 type: string
4888 name:
4889 type: string
4890 required:
4891 - name
4892 type: object
4893 literal:
4894 description: Literal explicitly specifies the protocol stack
4895 to set up. Exactly one of Literal, Environment or Header must
4896 be supplied.
4897 properties:
4898 value:
4899 type: string
4900 required:
4901 - value
4902 type: object
4903 request_header:
4904 description: Header explicitly specifies the protocol stack
4905 to set up. Exactly one of Literal, Environment or Header must
4906 be supplied.
4907 properties:
4908 default_value:
4909 type: string
4910 name:
4911 type: string
4912 required:
4913 - name
4914 type: object
4915 tag:
4916 type: string
4917 required:
4918 - tag
4919 type: object
4920 type: array
4921 v3StatsName:
4922 type: string
4923 required:
4924 - driver
4925 - service
4926 type: object
4927 x-kubernetes-preserve-unknown-fields: true
4928 type: object
4929 served: true
4930 storage: false
4931 - name: v2
4932 schema:
4933 openAPIV3Schema:
4934 description: TracingService is the Schema for the tracingservices API
4935 properties:
4936 apiVersion:
4937 description: 'APIVersion defines the versioned schema of this representation
4938 of an object. Servers should convert recognized schemas to the latest
4939 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4940 type: string
4941 kind:
4942 description: 'Kind is a string value representing the REST resource this
4943 object represents. Servers may infer this from the endpoint the client
4944 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4945 type: string
4946 metadata:
4947 type: object
4948 spec:
4949 description: TracingServiceSpec defines the desired state of TracingService
4950 properties:
4951 config:
4952 properties:
4953 access_token_file:
4954 type: string
4955 collector_cluster:
4956 type: string
4957 collector_endpoint:
4958 type: string
4959 collector_endpoint_version:
4960 enum:
4961 - HTTP_JSON_V1
4962 - HTTP_JSON
4963 - HTTP_PROTO
4964 type: string
4965 collector_hostname:
4966 type: string
4967 service_name:
4968 type: string
4969 shared_span_context:
4970 type: boolean
4971 trace_id_128bit:
4972 type: boolean
4973 v3PropagationModes:
4974 items:
4975 enum:
4976 - ENVOY
4977 - LIGHTSTEP
4978 - B3
4979 - TRACE_CONTEXT
4980 type: string
4981 type: array
4982 type: object
4983 driver:
4984 enum:
4985 - lightstep
4986 - zipkin
4987 - datadog
4988 - opentelemetry
4989 type: string
4990 sampling:
4991 properties:
4992 client:
4993 type: integer
4994 overall:
4995 type: integer
4996 random:
4997 type: integer
4998 type: object
4999 service:
5000 type: string
5001 tag_headers:
5002 items:
5003 type: string
5004 type: array
5005 v3CustomTags:
5006 items:
5007 description: TracingCustomTag provides a data structure for capturing
5008 envoy's `type.tracing.v3.CustomTag`
5009 properties:
5010 environment:
5011 description: Environment explicitly specifies the protocol stack
5012 to set up. Exactly one of Literal, Environment or Header must
5013 be supplied.
5014 properties:
5015 default_value:
5016 type: string
5017 name:
5018 type: string
5019 required:
5020 - name
5021 type: object
5022 literal:
5023 description: Literal explicitly specifies the protocol stack
5024 to set up. Exactly one of Literal, Environment or Header must
5025 be supplied.
5026 properties:
5027 value:
5028 type: string
5029 required:
5030 - value
5031 type: object
5032 request_header:
5033 description: Header explicitly specifies the protocol stack
5034 to set up. Exactly one of Literal, Environment or Header must
5035 be supplied.
5036 properties:
5037 default_value:
5038 type: string
5039 name:
5040 type: string
5041 required:
5042 - name
5043 type: object
5044 tag:
5045 type: string
5046 required:
5047 - tag
5048 type: object
5049 type: array
5050 v3StatsName:
5051 type: string
5052 required:
5053 - driver
5054 - service
5055 type: object
5056 x-kubernetes-preserve-unknown-fields: true
5057 type: object
5058 served: true
5059 storage: true
5060 - name: v3alpha1
5061 schema:
5062 openAPIV3Schema:
5063 description: TracingService is the Schema for the tracingservices API
5064 properties:
5065 apiVersion:
5066 description: 'APIVersion defines the versioned schema of this representation
5067 of an object. Servers should convert recognized schemas to the latest
5068 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
5069 type: string
5070 kind:
5071 description: 'Kind is a string value representing the REST resource this
5072 object represents. Servers may infer this from the endpoint the client
5073 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
5074 type: string
5075 metadata:
5076 type: object
5077 spec:
5078 description: TracingServiceSpec defines the desired state of TracingService
5079 properties:
5080 ambassador_id:
5081 description: "AmbassadorID declares which Ambassador instances should
5082 pay attention to this resource. If no value is provided, the default
5083 is: \n ambassador_id: - \"default\""
5084 items:
5085 type: string
5086 type: array
5087 config:
5088 properties:
5089 access_token_file:
5090 type: string
5091 collector_cluster:
5092 type: string
5093 collector_endpoint:
5094 type: string
5095 collector_endpoint_version:
5096 enum:
5097 - HTTP_JSON_V1
5098 - HTTP_JSON
5099 - HTTP_PROTO
5100 type: string
5101 collector_hostname:
5102 type: string
5103 propagation_modes:
5104 items:
5105 enum:
5106 - ENVOY
5107 - LIGHTSTEP
5108 - B3
5109 - TRACE_CONTEXT
5110 type: string
5111 type: array
5112 service_name:
5113 type: string
5114 shared_span_context:
5115 type: boolean
5116 trace_id_128bit:
5117 type: boolean
5118 type: object
5119 custom_tags:
5120 items:
5121 description: TracingCustomTag provides a data structure for capturing
5122 envoy's `type.tracing.v3.CustomTag`
5123 properties:
5124 environment:
5125 description: Environment explicitly specifies the protocol stack
5126 to set up. Exactly one of Literal, Environment or Header must
5127 be supplied.
5128 properties:
5129 default_value:
5130 type: string
5131 name:
5132 type: string
5133 required:
5134 - name
5135 type: object
5136 literal:
5137 description: Literal explicitly specifies the protocol stack
5138 to set up. Exactly one of Literal, Environment or Header must
5139 be supplied.
5140 properties:
5141 value:
5142 type: string
5143 required:
5144 - value
5145 type: object
5146 request_header:
5147 description: Header explicitly specifies the protocol stack
5148 to set up. Exactly one of Literal, Environment or Header must
5149 be supplied.
5150 properties:
5151 default_value:
5152 type: string
5153 name:
5154 type: string
5155 required:
5156 - name
5157 type: object
5158 tag:
5159 type: string
5160 required:
5161 - tag
5162 type: object
5163 type: array
5164 driver:
5165 enum:
5166 - lightstep
5167 - zipkin
5168 - datadog
5169 - opentelemetry
5170 type: string
5171 sampling:
5172 properties:
5173 client:
5174 type: integer
5175 overall:
5176 type: integer
5177 random:
5178 type: integer
5179 type: object
5180 service:
5181 type: string
5182 stats_name:
5183 type: string
5184 tag_headers:
5185 description: 'Deprecated: tag_headers is deprecated. Use custom_tags
5186 instead. `tag_headers: ["header"]` can be defined as `custom_tags:
5187 [{"request_header": {"name": "header"}}]`.'
5188 items:
5189 type: string
5190 type: array
5191 required:
5192 - driver
5193 - service
5194 type: object
5195 type: object
5196 served: true
5197 storage: false
5198---
5199################################################################################
5200# Namespace #
5201################################################################################
5202---
5203apiVersion: v1
5204kind: Namespace
5205metadata:
5206 name: emissary-system
5207---
5208################################################################################
5209# ServiceAccount #
5210################################################################################
5211---
5212apiVersion: v1
5213kind: ServiceAccount
5214metadata:
5215 name: emissary-apiext
5216 namespace: emissary-system
5217 labels:
5218 app.kubernetes.io/instance: emissary-apiext
5219 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5220 app.kubernetes.io/name: emissary-apiext
5221 app.kubernetes.io/part-of: emissary-apiext
5222---
5223################################################################################
5224# Cluster permissions #
5225################################################################################
5226---
5227apiVersion: rbac.authorization.k8s.io/v1
5228kind: ClusterRole
5229metadata:
5230 name: emissary-apiext
5231 labels:
5232 app.kubernetes.io/instance: emissary-apiext
5233 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5234 app.kubernetes.io/name: emissary-apiext
5235 app.kubernetes.io/part-of: emissary-apiext
5236rules:
5237 - apiGroups: [ "apiextensions.k8s.io" ]
5238 resources: [ "customresourcedefinitions" ]
5239 verbs: [ "list", "watch" ]
5240 - apiGroups: [ "apiextensions.k8s.io" ]
5241 resources: [ "customresourcedefinitions" ]
5242 resourceNames:
5243 - authservices.getambassador.io
5244 - consulresolvers.getambassador.io
5245 - devportals.getambassador.io
5246 - hosts.getambassador.io
5247 - kubernetesendpointresolvers.getambassador.io
5248 - kubernetesserviceresolvers.getambassador.io
5249 - listeners.getambassador.io
5250 - logservices.getambassador.io
5251 - mappings.getambassador.io
5252 - modules.getambassador.io
5253 - ratelimitservices.getambassador.io
5254 - tcpmappings.getambassador.io
5255 - tlscontexts.getambassador.io
5256 - tracingservices.getambassador.io
5257 verbs: [ "update" ]
5258---
5259apiVersion: rbac.authorization.k8s.io/v1
5260kind: ClusterRoleBinding
5261metadata:
5262 name: emissary-apiext
5263 labels:
5264 app.kubernetes.io/instance: emissary-apiext
5265 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5266 app.kubernetes.io/name: emissary-apiext
5267 app.kubernetes.io/part-of: emissary-apiext
5268roleRef:
5269 apiGroup: rbac.authorization.k8s.io
5270 kind: ClusterRole
5271 name: emissary-apiext
5272subjects:
5273 - kind: ServiceAccount
5274 namespace: emissary-system
5275 name: emissary-apiext
5276---
5277################################################################################
5278# Namespaced permissions #
5279################################################################################
5280---
5281apiVersion: rbac.authorization.k8s.io/v1
5282kind: Role
5283metadata:
5284 name: emissary-apiext
5285 namespace: emissary-system
5286 labels:
5287 app.kubernetes.io/instance: emissary-apiext
5288 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5289 app.kubernetes.io/name: emissary-apiext
5290 app.kubernetes.io/part-of: emissary-apiext
5291rules:
5292 - apiGroups: [""]
5293 resources: ["secrets"]
5294 verbs: ["create"]
5295 - apiGroups: [""]
5296 resources: ["secrets"]
5297 resourceNames: ["emissary-ingress-webhook-ca"]
5298 verbs: ["get", "update"]
5299---
5300apiVersion: rbac.authorization.k8s.io/v1
5301kind: RoleBinding
5302metadata:
5303 name: emissary-apiext
5304 namespace: emissary-system
5305 labels:
5306 app.kubernetes.io/instance: emissary-apiext
5307 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5308 app.kubernetes.io/name: emissary-apiext
5309 app.kubernetes.io/part-of: emissary-apiext
5310roleRef:
5311 apiGroup: rbac.authorization.k8s.io
5312 kind: Role
5313 name: emissary-apiext
5314subjects:
5315- kind: ServiceAccount
5316 namespace: emissary-system
5317 name: emissary-apiext
5318---
5319################################################################################
5320# Main #
5321################################################################################
5322---
5323apiVersion: v1
5324kind: Service
5325metadata:
5326 name: emissary-apiext
5327 namespace: emissary-system
5328 labels:
5329 app.kubernetes.io/instance: emissary-apiext
5330 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5331 app.kubernetes.io/name: emissary-apiext
5332 app.kubernetes.io/part-of: emissary-apiext
5333spec:
5334 type: ClusterIP
5335 ports:
5336 - name: https
5337 port: 443
5338 targetPort: https
5339 selector:
5340 app.kubernetes.io/instance: emissary-apiext
5341 app.kubernetes.io/name: emissary-apiext
5342 app.kubernetes.io/part-of: emissary-apiext
5343---
5344apiVersion: apps/v1
5345kind: Deployment
5346metadata:
5347 name: emissary-apiext
5348 namespace: emissary-system
5349 labels:
5350 app.kubernetes.io/instance: emissary-apiext
5351 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5352 app.kubernetes.io/name: emissary-apiext
5353 app.kubernetes.io/part-of: emissary-apiext
5354spec:
5355 selector:
5356 matchLabels:
5357 app.kubernetes.io/instance: emissary-apiext
5358 app.kubernetes.io/name: emissary-apiext
5359 app.kubernetes.io/part-of: emissary-apiext
5360 replicas: 3
5361 template:
5362 metadata:
5363 labels:
5364 app.kubernetes.io/instance: emissary-apiext
5365 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5366 app.kubernetes.io/name: emissary-apiext
5367 app.kubernetes.io/part-of: emissary-apiext
5368 spec:
5369 serviceAccountName: emissary-apiext
5370 containers:
5371 - name: emissary-apiext
5372 image: docker.io/emissaryingress/emissary:3.9.1
5373 imagePullPolicy: IfNotPresent
5374 command: [ "apiext", "emissary-apiext" ]
5375 ports:
5376 - name: http
5377 containerPort: 8080
5378 - name: https
5379 containerPort: 8443
5380 startupProbe:
5381 httpGet:
5382 path: /probes/live
5383 port: 8080
5384 failureThreshold: 10
5385 periodSeconds: 3
5386 livenessProbe:
5387 httpGet:
5388 scheme: HTTP
5389 path: /probes/live
5390 port: 8080
5391 periodSeconds: 3
5392 failureThreshold: 3
5393 readinessProbe:
5394 httpGet:
5395 scheme: HTTP
5396 path: /probes/ready
5397 port: 8080
5398 periodSeconds: 3
5399 failureThreshold: 3
View as plain text