# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cnrm.cloud.google.com/version: 1.106.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" name: computepacketmirrorings.compute.cnrm.cloud.google.com spec: group: compute.cnrm.cloud.google.com names: categories: - gcp kind: ComputePacketMirroring plural: computepacketmirrorings shortNames: - gcpcomputepacketmirroring - gcpcomputepacketmirrorings singular: computepacketmirroring scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age type: date - description: When 'True', the most recent reconcile of the resource succeeded jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready type: string - description: The reason for the value in 'Ready' jsonPath: .status.conditions[?(@.type=='Ready')].reason name: Status type: string - description: The last transition time for the value in 'Status' jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date name: v1beta1 schema: openAPIV3Schema: properties: apiVersion: description: 'apiVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' type: string kind: description: 'kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: collectorIlb: description: The Forwarding Rule resource of type `loadBalancingScheme=INTERNAL` that will be used as collector for mirrored traffic. The specified forwarding rule must have `isMirroringCollector` set to true. properties: urlRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic. Allowed value: The `selfLink` field of a `ComputeForwardingRule` resource. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object required: - urlRef type: object description: description: An optional description of this resource. Provide this property when you create the resource. type: string enable: description: Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE. type: string filter: description: Filter for mirrored traffic. If unspecified, all traffic is mirrored. properties: cidrRanges: description: IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored. items: type: string type: array direction: description: Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH. type: string ipProtocols: description: Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored. items: type: string type: array type: object location: description: Immutable. The location for the resource type: string mirroredResources: description: PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored. properties: instances: description: A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances. items: properties: canonicalUrl: description: Immutable. Output only. Unique identifier for the instance; defined by the server. type: string urlRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- Resource URL to the virtual machine instance which is being mirrored. Allowed value: The `selfLink` field of a `ComputeInstance` resource. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: object type: array subnetworks: description: Immutable. A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks. items: properties: canonicalUrl: description: Immutable. Output only. Unique identifier for the subnetwork; defined by the server. type: string urlRef: description: Immutable. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored. Allowed value: The `selfLink` field of a `ComputeSubnetwork` resource. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: object type: array tags: description: A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored. items: type: string type: array type: object network: description: Immutable. Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. properties: urlRef: description: Immutable. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- URL of the network resource. Allowed value: The `selfLink` field of a `ComputeNetwork` resource. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object required: - urlRef type: object priority: description: The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535. format: int64 type: integer projectRef: description: Immutable. The Project that this resource belongs to. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- The project for the resource Allowed value: The Google Cloud resource name of a `Project` resource (format: `projects/{{name}}`). type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object resourceID: description: Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string required: - collectorIlb - location - mirroredResources - network - projectRef type: object status: properties: collectorIlb: properties: canonicalUrl: description: Output only. Unique identifier for the forwarding rule; defined by the server. type: string type: object conditions: description: Conditions represent the latest available observation of the resource's current state. items: properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. type: string message: description: Human-readable message indicating details about last transition. type: string reason: description: Unique, one-word, CamelCase reason for the condition's last transition. type: string status: description: Status is the status of the condition. Can be True, False, Unknown. type: string type: description: Type is the type of the condition. type: string type: object type: array id: description: Output only. The unique identifier for the resource. This identifier is defined by the server. format: int64 type: integer network: properties: canonicalUrl: description: Output only. Unique identifier for the network; defined by the server. type: string type: object observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. type: integer region: description: URI of the region where the packetMirroring resides. type: string selfLink: description: Server-defined URL for the resource. type: string type: object required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []