1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/dcl2crd: "true"
23 cnrm.cloud.google.com/managed-by-kcc: "true"
24 cnrm.cloud.google.com/stability-level: stable
25 cnrm.cloud.google.com/system: "true"
26 name: computepacketmirrorings.compute.cnrm.cloud.google.com
27spec:
28 group: compute.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: ComputePacketMirroring
33 plural: computepacketmirrorings
34 shortNames:
35 - gcpcomputepacketmirroring
36 - gcpcomputepacketmirrorings
37 singular: computepacketmirroring
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1beta1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 collectorIlb:
75 description: The Forwarding Rule resource of type `loadBalancingScheme=INTERNAL`
76 that will be used as collector for mirrored traffic. The specified
77 forwarding rule must have `isMirroringCollector` set to true.
78 properties:
79 urlRef:
80 oneOf:
81 - not:
82 required:
83 - external
84 required:
85 - name
86 - not:
87 anyOf:
88 - required:
89 - name
90 - required:
91 - namespace
92 required:
93 - external
94 properties:
95 external:
96 description: |-
97 Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
98
99 Allowed value: The `selfLink` field of a `ComputeForwardingRule` resource.
100 type: string
101 name:
102 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
103 type: string
104 namespace:
105 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
106 type: string
107 type: object
108 required:
109 - urlRef
110 type: object
111 description:
112 description: An optional description of this resource. Provide this
113 property when you create the resource.
114 type: string
115 enable:
116 description: Indicates whether or not this packet mirroring takes
117 effect. If set to FALSE, this packet mirroring policy will not be
118 enforced on the network. The default is TRUE.
119 type: string
120 filter:
121 description: Filter for mirrored traffic. If unspecified, all traffic
122 is mirrored.
123 properties:
124 cidrRanges:
125 description: IP CIDR ranges that apply as filter on the source
126 (ingress) or destination (egress) IP in the IP header. Only
127 IPv4 is supported. If no ranges are specified, all traffic that
128 matches the specified IPProtocols is mirrored. If neither cidrRanges
129 nor IPProtocols is specified, all traffic is mirrored.
130 items:
131 type: string
132 type: array
133 direction:
134 description: Direction of traffic to mirror, either INGRESS, EGRESS,
135 or BOTH. The default is BOTH.
136 type: string
137 ipProtocols:
138 description: Protocols that apply as filter on mirrored traffic.
139 If no protocols are specified, all traffic that matches the
140 specified CIDR ranges is mirrored. If neither cidrRanges nor
141 IPProtocols is specified, all traffic is mirrored.
142 items:
143 type: string
144 type: array
145 type: object
146 location:
147 description: Immutable. The location for the resource
148 type: string
149 mirroredResources:
150 description: PacketMirroring mirroredResourceInfos. MirroredResourceInfo
151 specifies a set of mirrored VM instances, subnetworks and/or tags
152 for which traffic from/to all VM instances will be mirrored.
153 properties:
154 instances:
155 description: A set of virtual machine instances that are being
156 mirrored. They must live in zones contained in the same region
157 as this packetMirroring. Note that this config will apply only
158 to those network interfaces of the Instances that belong to
159 the network specified in this packetMirroring. You may specify
160 a maximum of 50 Instances.
161 items:
162 properties:
163 canonicalUrl:
164 description: Immutable. Output only. Unique identifier for
165 the instance; defined by the server.
166 type: string
167 urlRef:
168 oneOf:
169 - not:
170 required:
171 - external
172 required:
173 - name
174 - not:
175 anyOf:
176 - required:
177 - name
178 - required:
179 - namespace
180 required:
181 - external
182 properties:
183 external:
184 description: |-
185 Resource URL to the virtual machine instance which is being mirrored.
186
187 Allowed value: The `selfLink` field of a `ComputeInstance` resource.
188 type: string
189 name:
190 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
191 type: string
192 namespace:
193 description: 'Namespace of the referent. More info:
194 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
195 type: string
196 type: object
197 type: object
198 type: array
199 subnetworks:
200 description: Immutable. A set of subnetworks for which traffic
201 from/to all VM instances will be mirrored. They must live in
202 the same region as this packetMirroring. You may specify a maximum
203 of 5 subnetworks.
204 items:
205 properties:
206 canonicalUrl:
207 description: Immutable. Output only. Unique identifier for
208 the subnetwork; defined by the server.
209 type: string
210 urlRef:
211 description: Immutable.
212 oneOf:
213 - not:
214 required:
215 - external
216 required:
217 - name
218 - not:
219 anyOf:
220 - required:
221 - name
222 - required:
223 - namespace
224 required:
225 - external
226 properties:
227 external:
228 description: |-
229 Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
230
231 Allowed value: The `selfLink` field of a `ComputeSubnetwork` resource.
232 type: string
233 name:
234 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
235 type: string
236 namespace:
237 description: 'Namespace of the referent. More info:
238 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
239 type: string
240 type: object
241 type: object
242 type: array
243 tags:
244 description: A set of mirrored tags. Traffic from/to all VM instances
245 that have one or more of these tags will be mirrored.
246 items:
247 type: string
248 type: array
249 type: object
250 network:
251 description: Immutable. Specifies the mirrored VPC network. Only packets
252 in this network will be mirrored. All mirrored VMs should have a
253 NIC in the given network. All mirrored subnetworks should belong
254 to the given network.
255 properties:
256 urlRef:
257 description: Immutable.
258 oneOf:
259 - not:
260 required:
261 - external
262 required:
263 - name
264 - not:
265 anyOf:
266 - required:
267 - name
268 - required:
269 - namespace
270 required:
271 - external
272 properties:
273 external:
274 description: |-
275 URL of the network resource.
276
277 Allowed value: The `selfLink` field of a `ComputeNetwork` resource.
278 type: string
279 name:
280 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
281 type: string
282 namespace:
283 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
284 type: string
285 type: object
286 required:
287 - urlRef
288 type: object
289 priority:
290 description: The priority of applying this configuration. Priority
291 is used to break ties in cases where there is more than one matching
292 rule. In the case of two rules that apply for a given Instance,
293 the one with the lowest-numbered priority value wins. Default value
294 is 1000. Valid range is 0 through 65535.
295 format: int64
296 type: integer
297 projectRef:
298 description: Immutable. The Project that this resource belongs to.
299 oneOf:
300 - not:
301 required:
302 - external
303 required:
304 - name
305 - not:
306 anyOf:
307 - required:
308 - name
309 - required:
310 - namespace
311 required:
312 - external
313 properties:
314 external:
315 description: |-
316 The project for the resource
317
318 Allowed value: The Google Cloud resource name of a `Project` resource (format: `projects/{{name}}`).
319 type: string
320 name:
321 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
322 type: string
323 namespace:
324 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
325 type: string
326 type: object
327 resourceID:
328 description: Immutable. Optional. The name of the resource. Used for
329 creation and acquisition. When unset, the value of `metadata.name`
330 is used as the default.
331 type: string
332 required:
333 - collectorIlb
334 - location
335 - mirroredResources
336 - network
337 - projectRef
338 type: object
339 status:
340 properties:
341 collectorIlb:
342 properties:
343 canonicalUrl:
344 description: Output only. Unique identifier for the forwarding
345 rule; defined by the server.
346 type: string
347 type: object
348 conditions:
349 description: Conditions represent the latest available observation
350 of the resource's current state.
351 items:
352 properties:
353 lastTransitionTime:
354 description: Last time the condition transitioned from one status
355 to another.
356 type: string
357 message:
358 description: Human-readable message indicating details about
359 last transition.
360 type: string
361 reason:
362 description: Unique, one-word, CamelCase reason for the condition's
363 last transition.
364 type: string
365 status:
366 description: Status is the status of the condition. Can be True,
367 False, Unknown.
368 type: string
369 type:
370 description: Type is the type of the condition.
371 type: string
372 type: object
373 type: array
374 id:
375 description: Output only. The unique identifier for the resource.
376 This identifier is defined by the server.
377 format: int64
378 type: integer
379 network:
380 properties:
381 canonicalUrl:
382 description: Output only. Unique identifier for the network; defined
383 by the server.
384 type: string
385 type: object
386 observedGeneration:
387 description: ObservedGeneration is the generation of the resource
388 that was most recently observed by the Config Connector controller.
389 If this is equal to metadata.generation, then that means that the
390 current reported status reflects the most recent desired state of
391 the resource.
392 type: integer
393 region:
394 description: URI of the region where the packetMirroring resides.
395 type: string
396 selfLink:
397 description: Server-defined URL for the resource.
398 type: string
399 type: object
400 required:
401 - spec
402 type: object
403 served: true
404 storage: true
405 subresources:
406 status: {}
407status:
408 acceptedNames:
409 kind: ""
410 plural: ""
411 conditions: []
412 storedVersions: []
View as plain text