1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/managed-by-kcc: "true"
23 cnrm.cloud.google.com/stability-level: stable
24 cnrm.cloud.google.com/system: "true"
25 cnrm.cloud.google.com/tf2crd: "true"
26 name: computeurlmaps.compute.cnrm.cloud.google.com
27spec:
28 group: compute.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: ComputeURLMap
33 plural: computeurlmaps
34 shortNames:
35 - gcpcomputeurlmap
36 - gcpcomputeurlmaps
37 singular: computeurlmap
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1beta1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 defaultRouteAction:
75 description: |-
76 defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices.
77 Only one of defaultRouteAction or defaultUrlRedirect must be set.
78 URL maps for Classic external HTTP(S) load balancers only support the urlRewrite action within defaultRouteAction.
79 defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true.
80 properties:
81 corsPolicy:
82 description: |-
83 The specification for allowing client side cross-origin requests. Please see
84 [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/).
85 properties:
86 allowCredentials:
87 description: |-
88 In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header.
89 Default is false.
90 type: boolean
91 allowHeaders:
92 description: Specifies the content for the Access-Control-Allow-Headers
93 header.
94 items:
95 type: string
96 type: array
97 allowMethods:
98 description: Specifies the content for the Access-Control-Allow-Methods
99 header.
100 items:
101 type: string
102 type: array
103 allowOriginRegexes:
104 description: |-
105 Specifies the regualar expression patterns that match allowed origins. For regular expression grammar
106 please see en.cppreference.com/w/cpp/regex/ecmascript
107 An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
108 items:
109 type: string
110 type: array
111 allowOrigins:
112 description: |-
113 Specifies the list of origins that will be allowed to do CORS requests.
114 An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
115 items:
116 type: string
117 type: array
118 disabled:
119 description: If true, the setting specifies the CORS policy
120 is disabled. The default value of false, which indicates
121 that the CORS policy is in effect.
122 type: boolean
123 exposeHeaders:
124 description: Specifies the content for the Access-Control-Expose-Headers
125 header.
126 items:
127 type: string
128 type: array
129 maxAge:
130 description: |-
131 Specifies how long results of a preflight request can be cached in seconds.
132 This translates to the Access-Control-Max-Age header.
133 type: integer
134 type: object
135 faultInjectionPolicy:
136 description: |-
137 The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure.
138 As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service.
139 Similarly requests from clients can be aborted by the load balancer for a percentage of requests.
140 timeout and retryPolicy is ignored by clients that are configured with a faultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection.
141 Fault injection is not supported with the global external HTTP(S) load balancer (classic). To see which load balancers support fault injection, see Load balancing: [Routing and traffic management features](https://cloud.google.com/load-balancing/docs/features#routing-traffic-management).
142 properties:
143 abort:
144 description: The specification for how client requests are
145 aborted as part of fault injection.
146 properties:
147 httpStatus:
148 description: |-
149 The HTTP status code used to abort the request.
150 The value must be between 200 and 599 inclusive.
151 type: integer
152 percentage:
153 description: |-
154 The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
155 The value must be between 0.0 and 100.0 inclusive.
156 type: number
157 type: object
158 delay:
159 description: The specification for how client requests are
160 delayed as part of fault injection, before being sent to
161 a backend service.
162 properties:
163 fixedDelay:
164 description: Specifies the value of the fixed delay interval.
165 properties:
166 nanos:
167 description: |-
168 Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are
169 represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
170 type: integer
171 seconds:
172 description: |-
173 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
174 Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.
175 type: string
176 type: object
177 percentage:
178 description: |-
179 The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
180 The value must be between 0.0 and 100.0 inclusive.
181 type: number
182 type: object
183 type: object
184 requestMirrorPolicy:
185 description: |-
186 Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service.
187 The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
188 Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true.
189 properties:
190 backendServiceRef:
191 description: |-
192 The backend service resource being mirrored to.
193 The backend service configured for a mirroring policy must reference
194 backends that are of the same type as the original backend service
195 matched in the URL map.
196 Serverless NEG backends are not currently supported as a mirrored
197 backend service.
198 oneOf:
199 - not:
200 required:
201 - external
202 required:
203 - name
204 - not:
205 anyOf:
206 - required:
207 - name
208 - required:
209 - namespace
210 required:
211 - external
212 properties:
213 external:
214 description: 'Allowed value: The `selfLink` field of a
215 `ComputeBackendService` resource.'
216 type: string
217 name:
218 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
219 type: string
220 namespace:
221 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
222 type: string
223 type: object
224 type: object
225 retryPolicy:
226 description: Specifies the retry policy associated with this route.
227 properties:
228 numRetries:
229 description: Specifies the allowed number retries. This number
230 must be > 0. If not specified, defaults to 1.
231 type: integer
232 perTryTimeout:
233 description: |-
234 Specifies a non-zero timeout per retry attempt.
235
236 If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set,
237 will use the largest timeout among all backend services associated with the route.
238 properties:
239 nanos:
240 description: |-
241 Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are
242 represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
243 type: integer
244 seconds:
245 description: |-
246 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
247 Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.
248 type: string
249 type: object
250 retryConditions:
251 description: |-
252 Specifies one or more conditions when this retry policy applies.
253 Valid values are listed below. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true: cancelled, deadline-exceeded, internal, resource-exhausted, unavailable.
254 - 5xx : retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams.
255 - gateway-error : Similar to 5xx, but only applies to response codes 502, 503 or 504.
256 - connect-failure : a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts.
257 - retriable-4xx : a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409.
258 - refused-stream : a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
259 - cancelled : a retry is attempted if the gRPC status code in the response header is set to cancelled.
260 - deadline-exceeded : a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded.
261 - internal : a retry is attempted if the gRPC status code in the response header is set to internal.
262 - resource-exhausted : a retry is attempted if the gRPC status code in the response header is set to resource-exhausted.
263 - unavailable : a retry is attempted if the gRPC status code in the response header is set to unavailable.
264 items:
265 type: string
266 type: array
267 type: object
268 timeout:
269 description: |-
270 Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as end-of-stream) up until the response has been processed. Timeout includes all retries.
271 If not specified, this field uses the largest timeout among all backend services associated with the route.
272 Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true.
273 properties:
274 nanos:
275 description: Span of time that's a fraction of a second at
276 nanosecond resolution. Durations less than one second are
277 represented with a 0 seconds field and a positive nanos
278 field. Must be from 0 to 999,999,999 inclusive.
279 type: integer
280 seconds:
281 description: 'Span of time at a resolution of a second. Must
282 be from 0 to 315,576,000,000 inclusive. Note: these bounds
283 are computed from: 60 sec/min * 60 min/hr * 24 hr/day *
284 365.25 days/year * 10000 years.'
285 type: string
286 type: object
287 urlRewrite:
288 description: |-
289 The spec to modify the URL of the request, before forwarding the request to the matched service.
290 urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
291 Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true.
292 properties:
293 hostRewrite:
294 description: |-
295 Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
296 The value must be from 1 to 255 characters.
297 type: string
298 pathPrefixRewrite:
299 description: |-
300 Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
301 The value must be from 1 to 1024 characters.
302 type: string
303 type: object
304 weightedBackendServices:
305 description: |-
306 A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number.
307 After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
308 items:
309 properties:
310 backendServiceRef:
311 description: |-
312 The default backend service resource.
313 Before forwarding the request to backendService, the loadbalancer
314 applies any relevant headerActions specified as part of this
315 backendServiceWeight.
316 oneOf:
317 - not:
318 required:
319 - external
320 required:
321 - name
322 - not:
323 anyOf:
324 - required:
325 - name
326 - required:
327 - namespace
328 required:
329 - external
330 properties:
331 external:
332 description: 'Allowed value: The `selfLink` field of
333 a `ComputeBackendService` resource.'
334 type: string
335 name:
336 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
337 type: string
338 namespace:
339 description: 'Namespace of the referent. More info:
340 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
341 type: string
342 type: object
343 headerAction:
344 description: |-
345 Specifies changes to request and response headers that need to take effect for the selected backendService.
346 headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
347 headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL.
348 Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true.
349 properties:
350 requestHeadersToAdd:
351 description: Headers to add to a matching request before
352 forwarding the request to the backendService.
353 items:
354 properties:
355 headerName:
356 description: The name of the header.
357 type: string
358 headerValue:
359 description: The value of the header to add.
360 type: string
361 replace:
362 description: |-
363 If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
364 The default value is false.
365 type: boolean
366 type: object
367 type: array
368 requestHeadersToRemove:
369 description: A list of header names for headers that
370 need to be removed from the request before forwarding
371 the request to the backendService.
372 items:
373 type: string
374 type: array
375 responseHeadersToAdd:
376 description: Headers to add the response before sending
377 the response back to the client.
378 items:
379 properties:
380 headerName:
381 description: The name of the header.
382 type: string
383 headerValue:
384 description: The value of the header to add.
385 type: string
386 replace:
387 description: |-
388 If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
389 The default value is false.
390 type: boolean
391 type: object
392 type: array
393 responseHeadersToRemove:
394 description: A list of header names for headers that
395 need to be removed from the response before sending
396 the response back to the client.
397 items:
398 type: string
399 type: array
400 type: object
401 weight:
402 description: |-
403 Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) .
404 The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy.
405 The value must be from 0 to 1000.
406 type: integer
407 type: object
408 type: array
409 type: object
410 defaultService:
411 description: |-
412 The defaultService resource to which traffic is directed if none of
413 the hostRules match.
414 For the Global URL Map, it should be a reference to the backend
415 service or backend bucket.
416 For the Regional URL Map, it should be a reference to the backend
417 service.
418 If defaultRouteAction is additionally specified, advanced routing
419 actions like URL Rewrites, etc. take effect prior to sending the
420 request to the backend. However, if defaultService is specified,
421 defaultRouteAction cannot contain any weightedBackendServices.
422 Conversely, if routeAction specifies any weightedBackendServices,
423 service must not be specified. Only one of defaultService,
424 defaultUrlRedirect or defaultRouteAction.weightedBackendService
425 must be set.
426 oneOf:
427 - required:
428 - backendBucketRef
429 - required:
430 - backendServiceRef
431 properties:
432 backendBucketRef:
433 oneOf:
434 - not:
435 required:
436 - external
437 required:
438 - name
439 - not:
440 anyOf:
441 - required:
442 - name
443 - required:
444 - namespace
445 required:
446 - external
447 properties:
448 external:
449 description: 'Allowed value: The `selfLink` field of a `ComputeBackendBucket`
450 resource.'
451 type: string
452 name:
453 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
454 type: string
455 namespace:
456 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
457 type: string
458 type: object
459 backendServiceRef:
460 oneOf:
461 - not:
462 required:
463 - external
464 required:
465 - name
466 - not:
467 anyOf:
468 - required:
469 - name
470 - required:
471 - namespace
472 required:
473 - external
474 properties:
475 external:
476 description: 'Allowed value: The `selfLink` field of a `ComputeBackendService`
477 resource.'
478 type: string
479 name:
480 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
481 type: string
482 namespace:
483 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
484 type: string
485 type: object
486 type: object
487 defaultUrlRedirect:
488 description: |-
489 When none of the specified hostRules match, the request is redirected to a URL specified
490 by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or
491 defaultRouteAction must not be set.
492 properties:
493 hostRedirect:
494 description: |-
495 The host that will be used in the redirect response instead of the one that was
496 supplied in the request. The value must be between 1 and 255 characters.
497 type: string
498 httpsRedirect:
499 description: |-
500 If set to true, the URL scheme in the redirected request is set to https. If set to
501 false, the URL scheme of the redirected request will remain the same as that of the
502 request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this
503 true for TargetHttpsProxy is not permitted. The default is set to false.
504 type: boolean
505 pathRedirect:
506 description: |-
507 The path that will be used in the redirect response instead of the one that was
508 supplied in the request. pathRedirect cannot be supplied together with
509 prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the
510 original request will be used for the redirect. The value must be between 1 and 1024
511 characters.
512 type: string
513 prefixRedirect:
514 description: |-
515 The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch,
516 retaining the remaining portion of the URL before redirecting the request.
517 prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or
518 neither. If neither is supplied, the path of the original request will be used for
519 the redirect. The value must be between 1 and 1024 characters.
520 type: string
521 redirectResponseCode:
522 description: |-
523 The HTTP Status code to use for this RedirectAction. Supported values are:
524
525 * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
526
527 * FOUND, which corresponds to 302.
528
529 * SEE_OTHER which corresponds to 303.
530
531 * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method
532 will be retained.
533
534 * PERMANENT_REDIRECT, which corresponds to 308. In this case,
535 the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"].
536 type: string
537 stripQuery:
538 description: |-
539 If set to true, any accompanying query portion of the original URL is removed prior
540 to redirecting the request. If set to false, the query portion of the original URL is
541 retained.
542 This field is required to ensure an empty block is not set. The normal default value is false.
543 type: boolean
544 required:
545 - stripQuery
546 type: object
547 description:
548 description: |-
549 An optional description of this resource. Provide this property when
550 you create the resource.
551 type: string
552 headerAction:
553 description: |-
554 Specifies changes to request and response headers that need to take effect for
555 the selected backendService. The headerAction specified here take effect after
556 headerAction specified under pathMatcher.
557 properties:
558 requestHeadersToAdd:
559 description: |-
560 Headers to add to a matching request prior to forwarding the request to the
561 backendService.
562 items:
563 properties:
564 headerName:
565 description: The name of the header.
566 type: string
567 headerValue:
568 description: The value of the header to add.
569 type: string
570 replace:
571 description: |-
572 If false, headerValue is appended to any values that already exist for the
573 header. If true, headerValue is set for the header, discarding any values that
574 were set for that header.
575 type: boolean
576 required:
577 - headerName
578 - headerValue
579 - replace
580 type: object
581 type: array
582 requestHeadersToRemove:
583 description: |-
584 A list of header names for headers that need to be removed from the request
585 prior to forwarding the request to the backendService.
586 items:
587 type: string
588 type: array
589 responseHeadersToAdd:
590 description: Headers to add the response prior to sending the
591 response back to the client.
592 items:
593 properties:
594 headerName:
595 description: The name of the header.
596 type: string
597 headerValue:
598 description: The value of the header to add.
599 type: string
600 replace:
601 description: |-
602 If false, headerValue is appended to any values that already exist for the
603 header. If true, headerValue is set for the header, discarding any values that
604 were set for that header.
605 type: boolean
606 required:
607 - headerName
608 - headerValue
609 - replace
610 type: object
611 type: array
612 responseHeadersToRemove:
613 description: |-
614 A list of header names for headers that need to be removed from the response
615 prior to sending the response back to the client.
616 items:
617 type: string
618 type: array
619 type: object
620 hostRule:
621 description: The list of HostRules to use against the URL.
622 items:
623 properties:
624 description:
625 description: |-
626 An optional description of this HostRule. Provide this property
627 when you create the resource.
628 type: string
629 hosts:
630 description: |-
631 The list of host patterns to match. They must be valid
632 hostnames, except * will match any string of ([a-z0-9-.]*). In
633 that case, * must be the first character and must be followed in
634 the pattern by either - or ..
635 items:
636 type: string
637 type: array
638 pathMatcher:
639 description: |-
640 The name of the PathMatcher to use to match the path portion of
641 the URL if the hostRule matches the URL's host portion.
642 type: string
643 required:
644 - hosts
645 - pathMatcher
646 type: object
647 type: array
648 location:
649 description: 'Location represents the geographical location of the
650 ComputeURLMap. Specify a region name or "global" for global resources.
651 Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)'
652 type: string
653 pathMatcher:
654 description: The list of named PathMatchers to use against the URL.
655 items:
656 properties:
657 defaultRouteAction:
658 description: |-
659 defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs
660 advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request
661 to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set.
662 Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices.
663
664 Only one of defaultRouteAction or defaultUrlRedirect must be set.
665 properties:
666 corsPolicy:
667 description: |-
668 The specification for allowing client side cross-origin requests. Please see
669 [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/).
670 properties:
671 allowCredentials:
672 description: |-
673 In response to a preflight request, setting this to true indicates that the actual request can include user credentials.
674 This translates to the Access-Control-Allow-Credentials header.
675 type: boolean
676 allowHeaders:
677 description: Specifies the content for the Access-Control-Allow-Headers
678 header.
679 items:
680 type: string
681 type: array
682 allowMethods:
683 description: Specifies the content for the Access-Control-Allow-Methods
684 header.
685 items:
686 type: string
687 type: array
688 allowOriginRegexes:
689 description: |-
690 Specifies the regular expression patterns that match allowed origins. For regular expression grammar
691 please see en.cppreference.com/w/cpp/regex/ecmascript
692 An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
693 items:
694 type: string
695 type: array
696 allowOrigins:
697 description: |-
698 Specifies the list of origins that will be allowed to do CORS requests.
699 An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
700 items:
701 type: string
702 type: array
703 disabled:
704 description: If true, specifies the CORS policy is disabled.
705 The default value is false, which indicates that the
706 CORS policy is in effect.
707 type: boolean
708 exposeHeaders:
709 description: Specifies the content for the Access-Control-Expose-Headers
710 header.
711 items:
712 type: string
713 type: array
714 maxAge:
715 description: |-
716 Specifies how long results of a preflight request can be cached in seconds.
717 This translates to the Access-Control-Max-Age header.
718 type: integer
719 type: object
720 faultInjectionPolicy:
721 description: |-
722 The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure.
723 As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a
724 percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted
725 by the Loadbalancer for a percentage of requests.
726
727 timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy.
728 properties:
729 abort:
730 description: The specification for how client requests
731 are aborted as part of fault injection.
732 properties:
733 httpStatus:
734 description: |-
735 The HTTP status code used to abort the request.
736 The value must be between 200 and 599 inclusive.
737 type: integer
738 percentage:
739 description: |-
740 The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
741 The value must be between 0.0 and 100.0 inclusive.
742 type: number
743 type: object
744 delay:
745 description: The specification for how client requests
746 are delayed as part of fault injection, before being
747 sent to a backend service.
748 properties:
749 fixedDelay:
750 description: Specifies the value of the fixed delay
751 interval.
752 properties:
753 nanos:
754 description: |-
755 Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are
756 represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
757 type: integer
758 seconds:
759 description: |-
760 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
761 Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.
762 type: string
763 type: object
764 percentage:
765 description: |-
766 The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
767 The value must be between 0.0 and 100.0 inclusive.
768 type: number
769 type: object
770 type: object
771 requestMirrorPolicy:
772 description: |-
773 Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service.
774 Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service,
775 the host / authority header is suffixed with -shadow.
776 properties:
777 backendServiceRef:
778 description: Required. The backend service resource
779 being mirrored to.
780 oneOf:
781 - not:
782 required:
783 - external
784 required:
785 - name
786 - not:
787 anyOf:
788 - required:
789 - name
790 - required:
791 - namespace
792 required:
793 - external
794 properties:
795 external:
796 description: 'Allowed value: The `selfLink` field
797 of a `ComputeBackendService` resource.'
798 type: string
799 name:
800 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
801 type: string
802 namespace:
803 description: 'Namespace of the referent. More info:
804 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
805 type: string
806 type: object
807 required:
808 - backendServiceRef
809 type: object
810 retryPolicy:
811 description: Specifies the retry policy associated with
812 this route.
813 properties:
814 numRetries:
815 description: Specifies the allowed number retries. This
816 number must be > 0. If not specified, defaults to
817 1.
818 type: integer
819 perTryTimeout:
820 description: |-
821 Specifies a non-zero timeout per retry attempt.
822
823 If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set,
824 will use the largest timeout among all backend services associated with the route.
825 properties:
826 nanos:
827 description: |-
828 Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are
829 represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
830 type: integer
831 seconds:
832 description: |-
833 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
834 Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.
835 type: string
836 type: object
837 retryConditions:
838 description: |-
839 Specfies one or more conditions when this retry rule applies. Valid values are:
840
841 * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code,
842 or if the backend service does not respond at all, example: disconnects, reset, read timeout,
843 * connection failure, and refused streams.
844 * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
845 * connect-failure: Loadbalancer will retry on failures connecting to backend services,
846 for example due to connection timeouts.
847 * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes.
848 Currently the only retriable error supported is 409.
849 * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code.
850 This reset type indicates that it is safe to retry.
851 * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled
852 * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
853 * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
854 * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable.
855 items:
856 type: string
857 type: array
858 type: object
859 timeout:
860 description: |-
861 Specifies the timeout for the selected route. Timeout is computed from the time the request has been
862 fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
863
864 If not specified, will use the largest timeout among all backend services associated with the route.
865 properties:
866 nanos:
867 description: |-
868 Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented
869 with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
870 type: integer
871 seconds:
872 description: |-
873 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
874 Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.
875 type: string
876 type: object
877 urlRewrite:
878 description: The spec to modify the URL of the request,
879 prior to forwarding the request to the matched service.
880 properties:
881 hostRewrite:
882 description: |-
883 Prior to forwarding the request to the selected service, the request's host header is replaced
884 with contents of hostRewrite.
885
886 The value must be between 1 and 255 characters.
887 type: string
888 pathPrefixRewrite:
889 description: |-
890 Prior to forwarding the request to the selected backend service, the matching portion of the
891 request's path is replaced by pathPrefixRewrite.
892
893 The value must be between 1 and 1024 characters.
894 type: string
895 type: object
896 weightedBackendServices:
897 description: |-
898 A list of weighted backend services to send traffic to when a route match occurs.
899 The weights determine the fraction of traffic that flows to their corresponding backend service.
900 If all traffic needs to go to a single backend service, there must be one weightedBackendService
901 with weight set to a non 0 number.
902
903 Once a backendService is identified and before forwarding the request to the backend service,
904 advanced routing actions like Url rewrites and header transformations are applied depending on
905 additional settings specified in this HttpRouteAction.
906 items:
907 properties:
908 backendServiceRef:
909 description: |-
910 The default backend service resource.
911 Before forwarding the request to backendService, the loadbalancer
912 applies any relevant headerActions specified as part of this
913 backendServiceWeight.
914 oneOf:
915 - not:
916 required:
917 - external
918 required:
919 - name
920 - not:
921 anyOf:
922 - required:
923 - name
924 - required:
925 - namespace
926 required:
927 - external
928 properties:
929 external:
930 description: 'Allowed value: The `selfLink` field
931 of a `ComputeBackendService` resource.'
932 type: string
933 name:
934 description: 'Name of the referent. More info:
935 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
936 type: string
937 namespace:
938 description: 'Namespace of the referent. More
939 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
940 type: string
941 type: object
942 headerAction:
943 description: |-
944 Specifies changes to request and response headers that need to take effect for
945 the selected backendService.
946
947 headerAction specified here take effect before headerAction in the enclosing
948 HttpRouteRule, PathMatcher and UrlMap.
949 properties:
950 requestHeadersToAdd:
951 description: Headers to add to a matching request
952 prior to forwarding the request to the backendService.
953 items:
954 properties:
955 headerName:
956 description: The name of the header to add.
957 type: string
958 headerValue:
959 description: The value of the header to
960 add.
961 type: string
962 replace:
963 description: |-
964 If false, headerValue is appended to any values that already exist for the header.
965 If true, headerValue is set for the header, discarding any values that were set for that header.
966 type: boolean
967 type: object
968 type: array
969 requestHeadersToRemove:
970 description: |-
971 A list of header names for headers that need to be removed from the request prior to
972 forwarding the request to the backendService.
973 items:
974 type: string
975 type: array
976 responseHeadersToAdd:
977 description: Headers to add the response prior
978 to sending the response back to the client.
979 items:
980 properties:
981 headerName:
982 description: The name of the header to add.
983 type: string
984 headerValue:
985 description: The value of the header to
986 add.
987 type: string
988 replace:
989 description: |-
990 If false, headerValue is appended to any values that already exist for the header.
991 If true, headerValue is set for the header, discarding any values that were set for that header.
992 type: boolean
993 type: object
994 type: array
995 responseHeadersToRemove:
996 description: |-
997 A list of header names for headers that need to be removed from the response prior to sending the
998 response back to the client.
999 items:
1000 type: string
1001 type: array
1002 type: object
1003 weight:
1004 description: |-
1005 Specifies the fraction of traffic sent to backendService, computed as
1006 weight / (sum of all weightedBackendService weights in routeAction) .
1007
1008 The selection of a backend service is determined only for new traffic. Once a user's request
1009 has been directed to a backendService, subsequent requests will be sent to the same backendService
1010 as determined by the BackendService's session affinity policy.
1011
1012 The value must be between 0 and 1000.
1013 type: integer
1014 type: object
1015 type: array
1016 type: object
1017 defaultService:
1018 description: |-
1019 The default service to use if none of the pathRules defined by this
1020 PathMatcher is matched by the URL's path portion.
1021 For the Global URL Map, it should be a reference to the backend
1022 service or backend bucket.
1023 For the Regional URL Map, it should be a reference to the backend
1024 service.
1025 oneOf:
1026 - required:
1027 - backendBucketRef
1028 - required:
1029 - backendServiceRef
1030 properties:
1031 backendBucketRef:
1032 oneOf:
1033 - not:
1034 required:
1035 - external
1036 required:
1037 - name
1038 - not:
1039 anyOf:
1040 - required:
1041 - name
1042 - required:
1043 - namespace
1044 required:
1045 - external
1046 properties:
1047 external:
1048 description: 'Allowed value: The `selfLink` field of
1049 a `ComputeBackendBucket` resource.'
1050 type: string
1051 name:
1052 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
1053 type: string
1054 namespace:
1055 description: 'Namespace of the referent. More info:
1056 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
1057 type: string
1058 type: object
1059 backendServiceRef:
1060 oneOf:
1061 - not:
1062 required:
1063 - external
1064 required:
1065 - name
1066 - not:
1067 anyOf:
1068 - required:
1069 - name
1070 - required:
1071 - namespace
1072 required:
1073 - external
1074 properties:
1075 external:
1076 description: 'Allowed value: The `selfLink` field of
1077 a `ComputeBackendService` resource.'
1078 type: string
1079 name:
1080 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
1081 type: string
1082 namespace:
1083 description: 'Namespace of the referent. More info:
1084 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
1085 type: string
1086 type: object
1087 type: object
1088 defaultUrlRedirect:
1089 description: |-
1090 When none of the specified hostRules match, the request is redirected to a URL specified
1091 by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or
1092 defaultRouteAction must not be set.
1093 properties:
1094 hostRedirect:
1095 description: |-
1096 The host that will be used in the redirect response instead of the one that was
1097 supplied in the request. The value must be between 1 and 255 characters.
1098 type: string
1099 httpsRedirect:
1100 description: |-
1101 If set to true, the URL scheme in the redirected request is set to https. If set to
1102 false, the URL scheme of the redirected request will remain the same as that of the
1103 request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this
1104 true for TargetHttpsProxy is not permitted. The default is set to false.
1105 type: boolean
1106 pathRedirect:
1107 description: |-
1108 The path that will be used in the redirect response instead of the one that was
1109 supplied in the request. pathRedirect cannot be supplied together with
1110 prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the
1111 original request will be used for the redirect. The value must be between 1 and 1024
1112 characters.
1113 type: string
1114 prefixRedirect:
1115 description: |-
1116 The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch,
1117 retaining the remaining portion of the URL before redirecting the request.
1118 prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or
1119 neither. If neither is supplied, the path of the original request will be used for
1120 the redirect. The value must be between 1 and 1024 characters.
1121 type: string
1122 redirectResponseCode:
1123 description: |-
1124 The HTTP Status code to use for this RedirectAction. Supported values are:
1125
1126 * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
1127
1128 * FOUND, which corresponds to 302.
1129
1130 * SEE_OTHER which corresponds to 303.
1131
1132 * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method
1133 will be retained.
1134
1135 * PERMANENT_REDIRECT, which corresponds to 308. In this case,
1136 the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"].
1137 type: string
1138 stripQuery:
1139 description: |-
1140 If set to true, any accompanying query portion of the original URL is removed prior
1141 to redirecting the request. If set to false, the query portion of the original URL is
1142 retained.
1143 This field is required to ensure an empty block is not set. The normal default value is false.
1144 type: boolean
1145 required:
1146 - stripQuery
1147 type: object
1148 description:
1149 description: An optional description of this resource.
1150 type: string
1151 headerAction:
1152 description: |-
1153 Specifies changes to request and response headers that need to take effect for
1154 the selected backendService. HeaderAction specified here are applied after the
1155 matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap.
1156 properties:
1157 requestHeadersToAdd:
1158 description: |-
1159 Headers to add to a matching request prior to forwarding the request to the
1160 backendService.
1161 items:
1162 properties:
1163 headerName:
1164 description: The name of the header.
1165 type: string
1166 headerValue:
1167 description: The value of the header to add.
1168 type: string
1169 replace:
1170 description: |-
1171 If false, headerValue is appended to any values that already exist for the
1172 header. If true, headerValue is set for the header, discarding any values that
1173 were set for that header.
1174 type: boolean
1175 required:
1176 - headerName
1177 - headerValue
1178 - replace
1179 type: object
1180 type: array
1181 requestHeadersToRemove:
1182 description: |-
1183 A list of header names for headers that need to be removed from the request
1184 prior to forwarding the request to the backendService.
1185 items:
1186 type: string
1187 type: array
1188 responseHeadersToAdd:
1189 description: Headers to add the response prior to sending
1190 the response back to the client.
1191 items:
1192 properties:
1193 headerName:
1194 description: The name of the header.
1195 type: string
1196 headerValue:
1197 description: The value of the header to add.
1198 type: string
1199 replace:
1200 description: |-
1201 If false, headerValue is appended to any values that already exist for the
1202 header. If true, headerValue is set for the header, discarding any values that
1203 were set for that header.
1204 type: boolean
1205 required:
1206 - headerName
1207 - headerValue
1208 - replace
1209 type: object
1210 type: array
1211 responseHeadersToRemove:
1212 description: |-
1213 A list of header names for headers that need to be removed from the response
1214 prior to sending the response back to the client.
1215 items:
1216 type: string
1217 type: array
1218 type: object
1219 name:
1220 description: The name to which this PathMatcher is referred
1221 by the HostRule.
1222 type: string
1223 pathRule:
1224 description: |-
1225 The list of path rules. Use this list instead of routeRules when routing based
1226 on simple path matching is all that's required. The order by which path rules
1227 are specified does not matter. Matches are always done on the longest-path-first
1228 basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/*
1229 irrespective of the order in which those paths appear in this list. Within a
1230 given pathMatcher, only one of pathRules or routeRules must be set.
1231 items:
1232 properties:
1233 paths:
1234 description: |-
1235 The list of path patterns to match. Each must start with / and the only place a
1236 \* is allowed is at the end following a /. The string fed to the path matcher
1237 does not include any text after the first ? or #, and those chars are not
1238 allowed here.
1239 items:
1240 type: string
1241 type: array
1242 routeAction:
1243 description: |-
1244 In response to a matching path, the load balancer performs advanced routing
1245 actions like URL rewrites, header transformations, etc. prior to forwarding the
1246 request to the selected backend. If routeAction specifies any
1247 weightedBackendServices, service must not be set. Conversely if service is set,
1248 routeAction cannot contain any weightedBackendServices. Only one of routeAction
1249 or urlRedirect must be set.
1250 properties:
1251 corsPolicy:
1252 description: |-
1253 The specification for allowing client side cross-origin requests. Please see W3C
1254 Recommendation for Cross Origin Resource Sharing.
1255 properties:
1256 allowCredentials:
1257 description: |-
1258 In response to a preflight request, setting this to true indicates that the
1259 actual request can include user credentials. This translates to the Access-
1260 Control-Allow-Credentials header. Defaults to false.
1261 type: boolean
1262 allowHeaders:
1263 description: Specifies the content for the Access-Control-Allow-Headers
1264 header.
1265 items:
1266 type: string
1267 type: array
1268 allowMethods:
1269 description: Specifies the content for the Access-Control-Allow-Methods
1270 header.
1271 items:
1272 type: string
1273 type: array
1274 allowOriginRegexes:
1275 description: |-
1276 Specifies the regular expression patterns that match allowed origins. For
1277 regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript
1278 An origin is allowed if it matches either allow_origins or allow_origin_regex.
1279 items:
1280 type: string
1281 type: array
1282 allowOrigins:
1283 description: |-
1284 Specifies the list of origins that will be allowed to do CORS requests. An
1285 origin is allowed if it matches either allow_origins or allow_origin_regex.
1286 items:
1287 type: string
1288 type: array
1289 disabled:
1290 description: If true, specifies the CORS policy
1291 is disabled.
1292 type: boolean
1293 exposeHeaders:
1294 description: Specifies the content for the Access-Control-Expose-Headers
1295 header.
1296 items:
1297 type: string
1298 type: array
1299 maxAge:
1300 description: |-
1301 Specifies how long the results of a preflight request can be cached. This
1302 translates to the content for the Access-Control-Max-Age header.
1303 type: integer
1304 required:
1305 - disabled
1306 type: object
1307 faultInjectionPolicy:
1308 description: |-
1309 The specification for fault injection introduced into traffic to test the
1310 resiliency of clients to backend service failure. As part of fault injection,
1311 when clients send requests to a backend service, delays can be introduced by
1312 Loadbalancer on a percentage of requests before sending those request to the
1313 backend service. Similarly requests from clients can be aborted by the
1314 Loadbalancer for a percentage of requests. timeout and retry_policy will be
1315 ignored by clients that are configured with a fault_injection_policy.
1316 properties:
1317 abort:
1318 description: |-
1319 The specification for how client requests are aborted as part of fault
1320 injection.
1321 properties:
1322 httpStatus:
1323 description: |-
1324 The HTTP status code used to abort the request. The value must be between 200
1325 and 599 inclusive.
1326 type: integer
1327 percentage:
1328 description: |-
1329 The percentage of traffic (connections/operations/requests) which will be
1330 aborted as part of fault injection. The value must be between 0.0 and 100.0
1331 inclusive.
1332 type: number
1333 required:
1334 - httpStatus
1335 - percentage
1336 type: object
1337 delay:
1338 description: |-
1339 The specification for how client requests are delayed as part of fault
1340 injection, before being sent to a backend service.
1341 properties:
1342 fixedDelay:
1343 description: Specifies the value of the fixed
1344 delay interval.
1345 properties:
1346 nanos:
1347 description: |-
1348 Span of time that's a fraction of a second at nanosecond resolution. Durations
1349 less than one second are represented with a 0 'seconds' field and a positive
1350 'nanos' field. Must be from 0 to 999,999,999 inclusive.
1351 type: integer
1352 seconds:
1353 description: |-
1354 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000
1355 inclusive.
1356 type: string
1357 required:
1358 - seconds
1359 type: object
1360 percentage:
1361 description: |-
1362 The percentage of traffic (connections/operations/requests) on which delay will
1363 be introduced as part of fault injection. The value must be between 0.0 and
1364 100.0 inclusive.
1365 type: number
1366 required:
1367 - fixedDelay
1368 - percentage
1369 type: object
1370 type: object
1371 requestMirrorPolicy:
1372 description: |-
1373 Specifies the policy on how requests intended for the route's backends are
1374 shadowed to a separate mirrored backend service. Loadbalancer does not wait for
1375 responses from the shadow service. Prior to sending traffic to the shadow
1376 service, the host / authority header is suffixed with -shadow.
1377 properties:
1378 backendServiceRef:
1379 description: Required. The backend service resource
1380 being mirrored to.
1381 oneOf:
1382 - not:
1383 required:
1384 - external
1385 required:
1386 - name
1387 - not:
1388 anyOf:
1389 - required:
1390 - name
1391 - required:
1392 - namespace
1393 required:
1394 - external
1395 properties:
1396 external:
1397 description: 'Allowed value: The `selfLink`
1398 field of a `ComputeBackendService` resource.'
1399 type: string
1400 name:
1401 description: 'Name of the referent. More info:
1402 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
1403 type: string
1404 namespace:
1405 description: 'Namespace of the referent. More
1406 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
1407 type: string
1408 type: object
1409 required:
1410 - backendServiceRef
1411 type: object
1412 retryPolicy:
1413 description: Specifies the retry policy associated
1414 with this route.
1415 properties:
1416 numRetries:
1417 description: Specifies the allowed number retries.
1418 This number must be > 0.
1419 type: integer
1420 perTryTimeout:
1421 description: Specifies a non-zero timeout per
1422 retry attempt.
1423 properties:
1424 nanos:
1425 description: |-
1426 Span of time that's a fraction of a second at nanosecond resolution. Durations
1427 less than one second are represented with a 0 'seconds' field and a positive
1428 'nanos' field. Must be from 0 to 999,999,999 inclusive.
1429 type: integer
1430 seconds:
1431 description: |-
1432 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000
1433 inclusive.
1434 type: string
1435 required:
1436 - seconds
1437 type: object
1438 retryConditions:
1439 description: |-
1440 Specifies one or more conditions when this retry rule applies. Valid values are:
1441
1442 - 5xx: Loadbalancer will attempt a retry if the backend service responds with
1443 any 5xx response code, or if the backend service does not respond at all,
1444 example: disconnects, reset, read timeout, connection failure, and refused
1445 streams.
1446 - gateway-error: Similar to 5xx, but only applies to response codes
1447 502, 503 or 504.
1448 - connect-failure: Loadbalancer will retry on failures
1449 connecting to backend services, for example due to connection timeouts.
1450 - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes.
1451 Currently the only retriable error supported is 409.
1452 - refused-stream: Loadbalancer will retry if the backend service resets the stream with a
1453 REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
1454 - cancelled: Loadbalancer will retry if the gRPC status code in the response
1455 header is set to cancelled
1456 - deadline-exceeded: Loadbalancer will retry if the
1457 gRPC status code in the response header is set to deadline-exceeded
1458 - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response
1459 header is set to resource-exhausted
1460 - unavailable: Loadbalancer will retry if
1461 the gRPC status code in the response header is set to unavailable.
1462 items:
1463 type: string
1464 type: array
1465 type: object
1466 timeout:
1467 description: |-
1468 Specifies the timeout for the selected route. Timeout is computed from the time
1469 the request is has been fully processed (i.e. end-of-stream) up until the
1470 response has been completely processed. Timeout includes all retries. If not
1471 specified, the default value is 15 seconds.
1472 properties:
1473 nanos:
1474 description: |-
1475 Span of time that's a fraction of a second at nanosecond resolution. Durations
1476 less than one second are represented with a 0 'seconds' field and a positive
1477 'nanos' field. Must be from 0 to 999,999,999 inclusive.
1478 type: integer
1479 seconds:
1480 description: |-
1481 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000
1482 inclusive.
1483 type: string
1484 required:
1485 - seconds
1486 type: object
1487 urlRewrite:
1488 description: |-
1489 The spec to modify the URL of the request, prior to forwarding the request to
1490 the matched service.
1491 properties:
1492 hostRewrite:
1493 description: |-
1494 Prior to forwarding the request to the selected service, the request's host
1495 header is replaced with contents of hostRewrite. The value must be between 1 and
1496 255 characters.
1497 type: string
1498 pathPrefixRewrite:
1499 description: |-
1500 Prior to forwarding the request to the selected backend service, the matching
1501 portion of the request's path is replaced by pathPrefixRewrite. The value must
1502 be between 1 and 1024 characters.
1503 type: string
1504 type: object
1505 weightedBackendServices:
1506 description: |-
1507 A list of weighted backend services to send traffic to when a route match
1508 occurs. The weights determine the fraction of traffic that flows to their
1509 corresponding backend service. If all traffic needs to go to a single backend
1510 service, there must be one weightedBackendService with weight set to a non 0
1511 number. Once a backendService is identified and before forwarding the request to
1512 the backend service, advanced routing actions like Url rewrites and header
1513 transformations are applied depending on additional settings specified in this
1514 HttpRouteAction.
1515 items:
1516 properties:
1517 backendServiceRef:
1518 description: |-
1519 Required. The default backend service resource. Before forwarding
1520 the request to backendService, the loadbalancer applies any relevant
1521 headerActions specified as part of this backendServiceWeight.
1522 oneOf:
1523 - not:
1524 required:
1525 - external
1526 required:
1527 - name
1528 - not:
1529 anyOf:
1530 - required:
1531 - name
1532 - required:
1533 - namespace
1534 required:
1535 - external
1536 properties:
1537 external:
1538 description: 'Allowed value: The `selfLink`
1539 field of a `ComputeBackendService` resource.'
1540 type: string
1541 name:
1542 description: 'Name of the referent. More
1543 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
1544 type: string
1545 namespace:
1546 description: 'Namespace of the referent.
1547 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
1548 type: string
1549 type: object
1550 headerAction:
1551 description: |-
1552 Specifies changes to request and response headers that need to take effect for
1553 the selected backendService. headerAction specified here take effect before
1554 headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
1555 properties:
1556 requestHeadersToAdd:
1557 description: |-
1558 Headers to add to a matching request prior to forwarding the request to the
1559 backendService.
1560 items:
1561 properties:
1562 headerName:
1563 description: The name of the header.
1564 type: string
1565 headerValue:
1566 description: The value of the header
1567 to add.
1568 type: string
1569 replace:
1570 description: |-
1571 If false, headerValue is appended to any values that already exist for the
1572 header. If true, headerValue is set for the header, discarding any values that
1573 were set for that header.
1574 type: boolean
1575 required:
1576 - headerName
1577 - headerValue
1578 - replace
1579 type: object
1580 type: array
1581 requestHeadersToRemove:
1582 description: |-
1583 A list of header names for headers that need to be removed from the request
1584 prior to forwarding the request to the backendService.
1585 items:
1586 type: string
1587 type: array
1588 responseHeadersToAdd:
1589 description: Headers to add the response
1590 prior to sending the response back to
1591 the client.
1592 items:
1593 properties:
1594 headerName:
1595 description: The name of the header.
1596 type: string
1597 headerValue:
1598 description: The value of the header
1599 to add.
1600 type: string
1601 replace:
1602 description: |-
1603 If false, headerValue is appended to any values that already exist for the
1604 header. If true, headerValue is set for the header, discarding any values that
1605 were set for that header.
1606 type: boolean
1607 required:
1608 - headerName
1609 - headerValue
1610 - replace
1611 type: object
1612 type: array
1613 responseHeadersToRemove:
1614 description: |-
1615 A list of header names for headers that need to be removed from the response
1616 prior to sending the response back to the client.
1617 items:
1618 type: string
1619 type: array
1620 type: object
1621 weight:
1622 description: |-
1623 Specifies the fraction of traffic sent to backendService, computed as weight /
1624 (sum of all weightedBackendService weights in routeAction) . The selection of a
1625 backend service is determined only for new traffic. Once a user's request has
1626 been directed to a backendService, subsequent requests will be sent to the same
1627 backendService as determined by the BackendService's session affinity policy.
1628 The value must be between 0 and 1000.
1629 type: integer
1630 required:
1631 - backendServiceRef
1632 - weight
1633 type: object
1634 type: array
1635 type: object
1636 service:
1637 description: |-
1638 The backend service to which traffic is directed if this rule is
1639 matched.
1640 For the Global URL Map, it should be a reference to the backend
1641 service or backend bucket.
1642 For the Regional URL Map, it should be a reference to the backend
1643 service.
1644 If routeAction is additionally specified, advanced routing actions
1645 like URL Rewrites, etc. take effect prior to sending the request to
1646 the backend. However, if service is specified, routeAction cannot
1647 contain any weightedBackendServices. Conversely, if routeAction
1648 specifies any weightedBackendServices, service must not be
1649 specified. Only one of urlRedirect, service or
1650 routeAction.weightedBackendService must be set.
1651 oneOf:
1652 - required:
1653 - backendBucketRef
1654 - required:
1655 - backendServiceRef
1656 properties:
1657 backendBucketRef:
1658 oneOf:
1659 - not:
1660 required:
1661 - external
1662 required:
1663 - name
1664 - not:
1665 anyOf:
1666 - required:
1667 - name
1668 - required:
1669 - namespace
1670 required:
1671 - external
1672 properties:
1673 external:
1674 description: 'Allowed value: The `selfLink` field
1675 of a `ComputeBackendBucket` resource.'
1676 type: string
1677 name:
1678 description: 'Name of the referent. More info:
1679 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
1680 type: string
1681 namespace:
1682 description: 'Namespace of the referent. More
1683 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
1684 type: string
1685 type: object
1686 backendServiceRef:
1687 oneOf:
1688 - not:
1689 required:
1690 - external
1691 required:
1692 - name
1693 - not:
1694 anyOf:
1695 - required:
1696 - name
1697 - required:
1698 - namespace
1699 required:
1700 - external
1701 properties:
1702 external:
1703 description: 'Allowed value: The `selfLink` field
1704 of a `ComputeBackendService` resource.'
1705 type: string
1706 name:
1707 description: 'Name of the referent. More info:
1708 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
1709 type: string
1710 namespace:
1711 description: 'Namespace of the referent. More
1712 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
1713 type: string
1714 type: object
1715 type: object
1716 urlRedirect:
1717 description: |-
1718 When a path pattern is matched, the request is redirected to a URL specified
1719 by urlRedirect. If urlRedirect is specified, service or routeAction must not
1720 be set.
1721 properties:
1722 hostRedirect:
1723 description: |-
1724 The host that will be used in the redirect response instead of the one
1725 that was supplied in the request. The value must be between 1 and 255
1726 characters.
1727 type: string
1728 httpsRedirect:
1729 description: |-
1730 If set to true, the URL scheme in the redirected request is set to https.
1731 If set to false, the URL scheme of the redirected request will remain the
1732 same as that of the request. This must only be set for UrlMaps used in
1733 TargetHttpProxys. Setting this true for TargetHttpsProxy is not
1734 permitted. The default is set to false.
1735 type: boolean
1736 pathRedirect:
1737 description: |-
1738 The path that will be used in the redirect response instead of the one
1739 that was supplied in the request. pathRedirect cannot be supplied
1740 together with prefixRedirect. Supply one alone or neither. If neither is
1741 supplied, the path of the original request will be used for the redirect.
1742 The value must be between 1 and 1024 characters.
1743 type: string
1744 prefixRedirect:
1745 description: |-
1746 The prefix that replaces the prefixMatch specified in the
1747 HttpRouteRuleMatch, retaining the remaining portion of the URL before
1748 redirecting the request. prefixRedirect cannot be supplied together with
1749 pathRedirect. Supply one alone or neither. If neither is supplied, the
1750 path of the original request will be used for the redirect. The value
1751 must be between 1 and 1024 characters.
1752 type: string
1753 redirectResponseCode:
1754 description: |-
1755 The HTTP Status code to use for this RedirectAction. Supported values are:
1756
1757 * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
1758
1759 * FOUND, which corresponds to 302.
1760
1761 * SEE_OTHER which corresponds to 303.
1762
1763 * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method
1764 will be retained.
1765
1766 * PERMANENT_REDIRECT, which corresponds to 308. In this case,
1767 the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"].
1768 type: string
1769 stripQuery:
1770 description: |-
1771 If set to true, any accompanying query portion of the original URL is removed
1772 prior to redirecting the request. If set to false, the query portion of the
1773 original URL is retained.
1774 This field is required to ensure an empty block is not set. The normal default value is false.
1775 type: boolean
1776 required:
1777 - stripQuery
1778 type: object
1779 required:
1780 - paths
1781 type: object
1782 type: array
1783 routeRules:
1784 description: |-
1785 The list of ordered HTTP route rules. Use this list instead of pathRules when
1786 advanced route matching and routing actions are desired. The order of specifying
1787 routeRules matters: the first rule that matches will cause its specified routing
1788 action to take effect. Within a given pathMatcher, only one of pathRules or
1789 routeRules must be set. routeRules are not supported in UrlMaps intended for
1790 External load balancers.
1791 items:
1792 properties:
1793 headerAction:
1794 description: |-
1795 Specifies changes to request and response headers that need to take effect for
1796 the selected backendService. The headerAction specified here are applied before
1797 the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r
1798 outeAction.weightedBackendService.backendServiceWeightAction[].headerAction.
1799 properties:
1800 requestHeadersToAdd:
1801 description: |-
1802 Headers to add to a matching request prior to forwarding the request to the
1803 backendService.
1804 items:
1805 properties:
1806 headerName:
1807 description: The name of the header.
1808 type: string
1809 headerValue:
1810 description: The value of the header to add.
1811 type: string
1812 replace:
1813 description: |-
1814 If false, headerValue is appended to any values that already exist for the
1815 header. If true, headerValue is set for the header, discarding any values that
1816 were set for that header.
1817 type: boolean
1818 required:
1819 - headerName
1820 - headerValue
1821 - replace
1822 type: object
1823 type: array
1824 requestHeadersToRemove:
1825 description: |-
1826 A list of header names for headers that need to be removed from the request
1827 prior to forwarding the request to the backendService.
1828 items:
1829 type: string
1830 type: array
1831 responseHeadersToAdd:
1832 description: Headers to add the response prior to
1833 sending the response back to the client.
1834 items:
1835 properties:
1836 headerName:
1837 description: The name of the header.
1838 type: string
1839 headerValue:
1840 description: The value of the header to add.
1841 type: string
1842 replace:
1843 description: |-
1844 If false, headerValue is appended to any values that already exist for the
1845 header. If true, headerValue is set for the header, discarding any values that
1846 were set for that header.
1847 type: boolean
1848 required:
1849 - headerName
1850 - headerValue
1851 - replace
1852 type: object
1853 type: array
1854 responseHeadersToRemove:
1855 description: |-
1856 A list of header names for headers that need to be removed from the response
1857 prior to sending the response back to the client.
1858 items:
1859 type: string
1860 type: array
1861 type: object
1862 matchRules:
1863 description: The rules for determining a match.
1864 items:
1865 properties:
1866 fullPathMatch:
1867 description: |-
1868 For satisfying the matchRule condition, the path of the request must exactly
1869 match the value specified in fullPathMatch after removing any query parameters
1870 and anchor that may be part of the original URL. FullPathMatch must be between 1
1871 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must
1872 be specified.
1873 type: string
1874 headerMatches:
1875 description: |-
1876 Specifies a list of header match criteria, all of which must match corresponding
1877 headers in the request.
1878 items:
1879 properties:
1880 exactMatch:
1881 description: |-
1882 The value should exactly match contents of exactMatch. Only one of exactMatch,
1883 prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
1884 type: string
1885 headerName:
1886 description: |-
1887 The name of the HTTP header to match. For matching against the HTTP request's
1888 authority, use a headerMatch with the header name ":authority". For matching a
1889 request's method, use the headerName ":method".
1890 type: string
1891 invertMatch:
1892 description: |-
1893 If set to false, the headerMatch is considered a match if the match criteria
1894 above are met. If set to true, the headerMatch is considered a match if the
1895 match criteria above are NOT met. Defaults to false.
1896 type: boolean
1897 prefixMatch:
1898 description: |-
1899 The value of the header must start with the contents of prefixMatch. Only one of
1900 exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch
1901 must be set.
1902 type: string
1903 presentMatch:
1904 description: |-
1905 A header with the contents of headerName must exist. The match takes place
1906 whether or not the request's header has a value or not. Only one of exactMatch,
1907 prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
1908 type: boolean
1909 rangeMatch:
1910 description: |-
1911 The header value must be an integer and its value must be in the range specified
1912 in rangeMatch. If the header does not contain an integer, number or is empty,
1913 the match fails. For example for a range [-5, 0]
1914
1915 * -3 will match
1916 * 0 will not match
1917 * 0.25 will not match
1918 * -3someString will not match.
1919
1920 Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or
1921 rangeMatch must be set.
1922 properties:
1923 rangeEnd:
1924 description: The end of the range (exclusive).
1925 type: integer
1926 rangeStart:
1927 description: The start of the range (inclusive).
1928 type: integer
1929 required:
1930 - rangeEnd
1931 - rangeStart
1932 type: object
1933 regexMatch:
1934 description: |-
1935 The value of the header must match the regular expression specified in
1936 regexMatch. For regular expression grammar, please see:
1937 en.cppreference.com/w/cpp/regex/ecmascript For matching against a port
1938 specified in the HTTP request, use a headerMatch with headerName set to PORT and
1939 a regular expression that satisfies the RFC2616 Host header's port specifier.
1940 Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or
1941 rangeMatch must be set.
1942 type: string
1943 suffixMatch:
1944 description: |-
1945 The value of the header must end with the contents of suffixMatch. Only one of
1946 exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch
1947 must be set.
1948 type: string
1949 required:
1950 - headerName
1951 type: object
1952 type: array
1953 ignoreCase:
1954 description: |-
1955 Specifies that prefixMatch and fullPathMatch matches are case sensitive.
1956 Defaults to false.
1957 type: boolean
1958 metadataFilters:
1959 description: |-
1960 Opaque filter criteria used by Loadbalancer to restrict routing configuration to
1961 a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS
1962 clients present node metadata. If a match takes place, the relevant routing
1963 configuration is made available to those proxies. For each metadataFilter in
1964 this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the
1965 filterLabels must match the corresponding label provided in the metadata. If its
1966 filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match
1967 with corresponding labels in the provided metadata. metadataFilters specified
1968 here can be overrides those specified in ForwardingRule that refers to this
1969 UrlMap. metadataFilters only applies to Loadbalancers that have their
1970 loadBalancingScheme set to INTERNAL_SELF_MANAGED.
1971 items:
1972 properties:
1973 filterLabels:
1974 description: |-
1975 The list of label value pairs that must match labels in the provided metadata
1976 based on filterMatchCriteria This list must not be empty and can have at the
1977 most 64 entries.
1978 items:
1979 properties:
1980 name:
1981 description: |-
1982 Name of metadata label. The name can have a maximum length of 1024 characters
1983 and must be at least 1 character long.
1984 type: string
1985 value:
1986 description: |-
1987 The value of the label must match the specified value. value can have a maximum
1988 length of 1024 characters.
1989 type: string
1990 required:
1991 - name
1992 - value
1993 type: object
1994 type: array
1995 filterMatchCriteria:
1996 description: |-
1997 Specifies how individual filterLabel matches within the list of filterLabels
1998 contribute towards the overall metadataFilter match. Supported values are:
1999
2000 * MATCH_ANY: At least one of the filterLabels must have a matching label in the
2001 provided metadata.
2002 * MATCH_ALL: All filterLabels must have matching labels in
2003 the provided metadata. Possible values: ["MATCH_ALL", "MATCH_ANY"].
2004 type: string
2005 required:
2006 - filterLabels
2007 - filterMatchCriteria
2008 type: object
2009 type: array
2010 prefixMatch:
2011 description: |-
2012 For satisfying the matchRule condition, the request's path must begin with the
2013 specified prefixMatch. prefixMatch must begin with a /. The value must be
2014 between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or
2015 regexMatch must be specified.
2016 type: string
2017 queryParameterMatches:
2018 description: |-
2019 Specifies a list of query parameter match criteria, all of which must match
2020 corresponding query parameters in the request.
2021 items:
2022 properties:
2023 exactMatch:
2024 description: |-
2025 The queryParameterMatch matches if the value of the parameter exactly matches
2026 the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch
2027 must be set.
2028 type: string
2029 name:
2030 description: |-
2031 The name of the query parameter to match. The query parameter must exist in the
2032 request, in the absence of which the request match fails.
2033 type: string
2034 presentMatch:
2035 description: |-
2036 Specifies that the queryParameterMatch matches if the request contains the query
2037 parameter, irrespective of whether the parameter has a value or not. Only one of
2038 presentMatch, exactMatch and regexMatch must be set.
2039 type: boolean
2040 regexMatch:
2041 description: |-
2042 The queryParameterMatch matches if the value of the parameter matches the
2043 regular expression specified by regexMatch. For the regular expression grammar,
2044 please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch,
2045 exactMatch and regexMatch must be set.
2046 type: string
2047 required:
2048 - name
2049 type: object
2050 type: array
2051 regexMatch:
2052 description: |-
2053 For satisfying the matchRule condition, the path of the request must satisfy the
2054 regular expression specified in regexMatch after removing any query parameters
2055 and anchor supplied with the original URL. For regular expression grammar please
2056 see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch,
2057 fullPathMatch or regexMatch must be specified.
2058 type: string
2059 type: object
2060 type: array
2061 priority:
2062 description: |-
2063 For routeRules within a given pathMatcher, priority determines the order
2064 in which load balancer will interpret routeRules. RouteRules are evaluated
2065 in order of priority, from the lowest to highest number. The priority of
2066 a rule decreases as its number increases (1, 2, 3, N+1). The first rule
2067 that matches the request is applied.
2068
2069 You cannot configure two or more routeRules with the same priority.
2070 Priority for each rule must be set to a number between 0 and
2071 2147483647 inclusive.
2072
2073 Priority numbers can have gaps, which enable you to add or remove rules
2074 in the future without affecting the rest of the rules. For example,
2075 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which
2076 you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the
2077 future without any impact on existing rules.
2078 type: integer
2079 routeAction:
2080 description: |-
2081 In response to a matching matchRule, the load balancer performs advanced routing
2082 actions like URL rewrites, header transformations, etc. prior to forwarding the
2083 request to the selected backend. If routeAction specifies any
2084 weightedBackendServices, service must not be set. Conversely if service is set,
2085 routeAction cannot contain any weightedBackendServices. Only one of routeAction
2086 or urlRedirect must be set.
2087 properties:
2088 corsPolicy:
2089 description: |-
2090 The specification for allowing client side cross-origin requests. Please see W3C
2091 Recommendation for Cross Origin Resource Sharing.
2092 properties:
2093 allowCredentials:
2094 description: |-
2095 In response to a preflight request, setting this to true indicates that the
2096 actual request can include user credentials. This translates to the Access-
2097 Control-Allow-Credentials header. Defaults to false.
2098 type: boolean
2099 allowHeaders:
2100 description: Specifies the content for the Access-Control-Allow-Headers
2101 header.
2102 items:
2103 type: string
2104 type: array
2105 allowMethods:
2106 description: Specifies the content for the Access-Control-Allow-Methods
2107 header.
2108 items:
2109 type: string
2110 type: array
2111 allowOriginRegexes:
2112 description: |-
2113 Specifies the regular expression patterns that match allowed origins. For
2114 regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript
2115 An origin is allowed if it matches either allow_origins or allow_origin_regex.
2116 items:
2117 type: string
2118 type: array
2119 allowOrigins:
2120 description: |-
2121 Specifies the list of origins that will be allowed to do CORS requests. An
2122 origin is allowed if it matches either allow_origins or allow_origin_regex.
2123 items:
2124 type: string
2125 type: array
2126 disabled:
2127 description: |-
2128 If true, specifies the CORS policy is disabled.
2129 which indicates that the CORS policy is in effect. Defaults to false.
2130 type: boolean
2131 exposeHeaders:
2132 description: Specifies the content for the Access-Control-Expose-Headers
2133 header.
2134 items:
2135 type: string
2136 type: array
2137 maxAge:
2138 description: |-
2139 Specifies how long the results of a preflight request can be cached. This
2140 translates to the content for the Access-Control-Max-Age header.
2141 type: integer
2142 type: object
2143 faultInjectionPolicy:
2144 description: |-
2145 The specification for fault injection introduced into traffic to test the
2146 resiliency of clients to backend service failure. As part of fault injection,
2147 when clients send requests to a backend service, delays can be introduced by
2148 Loadbalancer on a percentage of requests before sending those request to the
2149 backend service. Similarly requests from clients can be aborted by the
2150 Loadbalancer for a percentage of requests. timeout and retry_policy will be
2151 ignored by clients that are configured with a fault_injection_policy.
2152 properties:
2153 abort:
2154 description: |-
2155 The specification for how client requests are aborted as part of fault
2156 injection.
2157 properties:
2158 httpStatus:
2159 description: |-
2160 The HTTP status code used to abort the request. The value must be between 200
2161 and 599 inclusive.
2162 type: integer
2163 percentage:
2164 description: |-
2165 The percentage of traffic (connections/operations/requests) which will be
2166 aborted as part of fault injection. The value must be between 0.0 and 100.0
2167 inclusive.
2168 type: number
2169 type: object
2170 delay:
2171 description: |-
2172 The specification for how client requests are delayed as part of fault
2173 injection, before being sent to a backend service.
2174 properties:
2175 fixedDelay:
2176 description: Specifies the value of the fixed
2177 delay interval.
2178 properties:
2179 nanos:
2180 description: |-
2181 Span of time that's a fraction of a second at nanosecond resolution. Durations
2182 less than one second are represented with a 0 'seconds' field and a positive
2183 'nanos' field. Must be from 0 to 999,999,999 inclusive.
2184 type: integer
2185 seconds:
2186 description: |-
2187 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000
2188 inclusive.
2189 type: string
2190 required:
2191 - seconds
2192 type: object
2193 percentage:
2194 description: |-
2195 The percentage of traffic (connections/operations/requests) on which delay will
2196 be introduced as part of fault injection. The value must be between 0.0 and
2197 100.0 inclusive.
2198 type: number
2199 type: object
2200 type: object
2201 requestMirrorPolicy:
2202 description: |-
2203 Specifies the policy on how requests intended for the route's backends are
2204 shadowed to a separate mirrored backend service. Loadbalancer does not wait for
2205 responses from the shadow service. Prior to sending traffic to the shadow
2206 service, the host / authority header is suffixed with -shadow.
2207 properties:
2208 backendServiceRef:
2209 description: Required. The backend service resource
2210 being mirrored to.
2211 oneOf:
2212 - not:
2213 required:
2214 - external
2215 required:
2216 - name
2217 - not:
2218 anyOf:
2219 - required:
2220 - name
2221 - required:
2222 - namespace
2223 required:
2224 - external
2225 properties:
2226 external:
2227 description: 'Allowed value: The `selfLink`
2228 field of a `ComputeBackendService` resource.'
2229 type: string
2230 name:
2231 description: 'Name of the referent. More info:
2232 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
2233 type: string
2234 namespace:
2235 description: 'Namespace of the referent. More
2236 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
2237 type: string
2238 type: object
2239 required:
2240 - backendServiceRef
2241 type: object
2242 retryPolicy:
2243 description: Specifies the retry policy associated
2244 with this route.
2245 properties:
2246 numRetries:
2247 description: Specifies the allowed number retries.
2248 This number must be > 0.
2249 type: integer
2250 perTryTimeout:
2251 description: Specifies a non-zero timeout per
2252 retry attempt.
2253 properties:
2254 nanos:
2255 description: |-
2256 Span of time that's a fraction of a second at nanosecond resolution. Durations
2257 less than one second are represented with a 0 'seconds' field and a positive
2258 'nanos' field. Must be from 0 to 999,999,999 inclusive.
2259 type: integer
2260 seconds:
2261 description: |-
2262 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000
2263 inclusive.
2264 type: string
2265 required:
2266 - seconds
2267 type: object
2268 retryConditions:
2269 description: |-
2270 Specifies one or more conditions when this retry rule applies. Valid values are:
2271
2272 * 5xx: Loadbalancer will attempt a retry if the backend service responds with
2273 any 5xx response code, or if the backend service does not respond at all,
2274 example: disconnects, reset, read timeout, connection failure, and refused
2275 streams.
2276 * gateway-error: Similar to 5xx, but only applies to response codes
2277 502, 503 or 504.
2278 * connect-failure: Loadbalancer will retry on failures
2279 connecting to backend services, for example due to connection timeouts.
2280 * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes.
2281 Currently the only retriable error supported is 409.
2282 * refused-stream: Loadbalancer will retry if the backend service resets the stream with a
2283 REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
2284 * cancelled: Loadbalancer will retry if the gRPC status code in the response
2285 header is set to cancelled
2286 * deadline-exceeded: Loadbalancer will retry if the
2287 gRPC status code in the response header is set to deadline-exceeded
2288 * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response
2289 header is set to resource-exhausted
2290 * unavailable: Loadbalancer will retry if the gRPC status code in
2291 the response header is set to unavailable.
2292 items:
2293 type: string
2294 type: array
2295 required:
2296 - numRetries
2297 type: object
2298 timeout:
2299 description: |-
2300 Specifies the timeout for the selected route. Timeout is computed from the time
2301 the request is has been fully processed (i.e. end-of-stream) up until the
2302 response has been completely processed. Timeout includes all retries. If not
2303 specified, the default value is 15 seconds.
2304 properties:
2305 nanos:
2306 description: |-
2307 Span of time that's a fraction of a second at nanosecond resolution. Durations
2308 less than one second are represented with a 0 'seconds' field and a positive
2309 'nanos' field. Must be from 0 to 999,999,999 inclusive.
2310 type: integer
2311 seconds:
2312 description: |-
2313 Span of time at a resolution of a second. Must be from 0 to 315,576,000,000
2314 inclusive.
2315 type: string
2316 required:
2317 - seconds
2318 type: object
2319 urlRewrite:
2320 description: |-
2321 The spec to modify the URL of the request, prior to forwarding the request to
2322 the matched service.
2323 properties:
2324 hostRewrite:
2325 description: |-
2326 Prior to forwarding the request to the selected service, the request's host
2327 header is replaced with contents of hostRewrite. The value must be between 1 and
2328 255 characters.
2329 type: string
2330 pathPrefixRewrite:
2331 description: |-
2332 Prior to forwarding the request to the selected backend service, the matching
2333 portion of the request's path is replaced by pathPrefixRewrite. The value must
2334 be between 1 and 1024 characters.
2335 type: string
2336 type: object
2337 weightedBackendServices:
2338 description: |-
2339 A list of weighted backend services to send traffic to when a route match
2340 occurs. The weights determine the fraction of traffic that flows to their
2341 corresponding backend service. If all traffic needs to go to a single backend
2342 service, there must be one weightedBackendService with weight set to a non 0
2343 number. Once a backendService is identified and before forwarding the request to
2344 the backend service, advanced routing actions like Url rewrites and header
2345 transformations are applied depending on additional settings specified in this
2346 HttpRouteAction.
2347 items:
2348 properties:
2349 backendServiceRef:
2350 description: |-
2351 Required. The default backend service resource. Before forwarding
2352 the request to backendService, the loadbalancer applies any relevant
2353 headerActions specified as part of this backendServiceWeight.
2354 oneOf:
2355 - not:
2356 required:
2357 - external
2358 required:
2359 - name
2360 - not:
2361 anyOf:
2362 - required:
2363 - name
2364 - required:
2365 - namespace
2366 required:
2367 - external
2368 properties:
2369 external:
2370 description: 'Allowed value: The `selfLink`
2371 field of a `ComputeBackendService` resource.'
2372 type: string
2373 name:
2374 description: 'Name of the referent. More
2375 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
2376 type: string
2377 namespace:
2378 description: 'Namespace of the referent.
2379 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
2380 type: string
2381 type: object
2382 headerAction:
2383 description: |-
2384 Specifies changes to request and response headers that need to take effect for
2385 the selected backendService. headerAction specified here take effect before
2386 headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
2387 properties:
2388 requestHeadersToAdd:
2389 description: |-
2390 Headers to add to a matching request prior to forwarding the request to the
2391 backendService.
2392 items:
2393 properties:
2394 headerName:
2395 description: The name of the header.
2396 type: string
2397 headerValue:
2398 description: The value of the header
2399 to add.
2400 type: string
2401 replace:
2402 description: |-
2403 If false, headerValue is appended to any values that already exist for the
2404 header. If true, headerValue is set for the header, discarding any values that
2405 were set for that header.
2406 type: boolean
2407 required:
2408 - headerName
2409 - headerValue
2410 - replace
2411 type: object
2412 type: array
2413 requestHeadersToRemove:
2414 description: |-
2415 A list of header names for headers that need to be removed from the request
2416 prior to forwarding the request to the backendService.
2417 items:
2418 type: string
2419 type: array
2420 responseHeadersToAdd:
2421 description: Headers to add the response
2422 prior to sending the response back to
2423 the client.
2424 items:
2425 properties:
2426 headerName:
2427 description: The name of the header.
2428 type: string
2429 headerValue:
2430 description: The value of the header
2431 to add.
2432 type: string
2433 replace:
2434 description: |-
2435 If false, headerValue is appended to any values that already exist for the
2436 header. If true, headerValue is set for the header, discarding any values that
2437 were set for that header.
2438 type: boolean
2439 required:
2440 - headerName
2441 - headerValue
2442 - replace
2443 type: object
2444 type: array
2445 responseHeadersToRemove:
2446 description: |-
2447 A list of header names for headers that need to be removed from the response
2448 prior to sending the response back to the client.
2449 items:
2450 type: string
2451 type: array
2452 type: object
2453 weight:
2454 description: |-
2455 Specifies the fraction of traffic sent to backendService, computed as weight /
2456 (sum of all weightedBackendService weights in routeAction) . The selection of a
2457 backend service is determined only for new traffic. Once a user's request has
2458 been directed to a backendService, subsequent requests will be sent to the same
2459 backendService as determined by the BackendService's session affinity policy.
2460 The value must be between 0 and 1000.
2461 type: integer
2462 required:
2463 - backendServiceRef
2464 - weight
2465 type: object
2466 type: array
2467 type: object
2468 service:
2469 description: |-
2470 The region backend service resource to which traffic is
2471 directed if this rule is matched. If routeAction is additionally specified,
2472 advanced routing actions like URL Rewrites, etc. take effect prior to sending
2473 the request to the backend. However, if service is specified, routeAction cannot
2474 contain any weightedBackendService s. Conversely, if routeAction specifies any
2475 weightedBackendServices, service must not be specified. Only one of urlRedirect,
2476 service or routeAction.weightedBackendService must be set.
2477 type: string
2478 urlRedirect:
2479 description: |-
2480 When this rule is matched, the request is redirected to a URL specified by
2481 urlRedirect. If urlRedirect is specified, service or routeAction must not be
2482 set.
2483 properties:
2484 hostRedirect:
2485 description: |-
2486 The host that will be used in the redirect response instead of the one
2487 that was supplied in the request. The value must be between 1 and 255
2488 characters.
2489 type: string
2490 httpsRedirect:
2491 description: |-
2492 If set to true, the URL scheme in the redirected request is set to https.
2493 If set to false, the URL scheme of the redirected request will remain the
2494 same as that of the request. This must only be set for UrlMaps used in
2495 TargetHttpProxys. Setting this true for TargetHttpsProxy is not
2496 permitted. The default is set to false.
2497 type: boolean
2498 pathRedirect:
2499 description: |-
2500 The path that will be used in the redirect response instead of the one
2501 that was supplied in the request. pathRedirect cannot be supplied
2502 together with prefixRedirect. Supply one alone or neither. If neither is
2503 supplied, the path of the original request will be used for the redirect.
2504 The value must be between 1 and 1024 characters.
2505 type: string
2506 prefixRedirect:
2507 description: |-
2508 The prefix that replaces the prefixMatch specified in the
2509 HttpRouteRuleMatch, retaining the remaining portion of the URL before
2510 redirecting the request. prefixRedirect cannot be supplied together with
2511 pathRedirect. Supply one alone or neither. If neither is supplied, the
2512 path of the original request will be used for the redirect. The value
2513 must be between 1 and 1024 characters.
2514 type: string
2515 redirectResponseCode:
2516 description: |-
2517 The HTTP Status code to use for this RedirectAction. Supported values are:
2518
2519 * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
2520
2521 * FOUND, which corresponds to 302.
2522
2523 * SEE_OTHER which corresponds to 303.
2524
2525 * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method
2526 will be retained.
2527
2528 * PERMANENT_REDIRECT, which corresponds to 308. In this case,
2529 the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"].
2530 type: string
2531 stripQuery:
2532 description: |-
2533 If set to true, any accompanying query portion of the original URL is
2534 removed prior to redirecting the request. If set to false, the query
2535 portion of the original URL is retained. The default value is false.
2536 type: boolean
2537 type: object
2538 required:
2539 - priority
2540 type: object
2541 type: array
2542 required:
2543 - name
2544 type: object
2545 type: array
2546 resourceID:
2547 description: Immutable. Optional. The name of the resource. Used for
2548 creation and acquisition. When unset, the value of `metadata.name`
2549 is used as the default.
2550 type: string
2551 test:
2552 description: |-
2553 The list of expected URL mappings. Requests to update this UrlMap will
2554 succeed only if all of the test cases pass.
2555 items:
2556 properties:
2557 description:
2558 description: Description of this test case.
2559 type: string
2560 host:
2561 description: Host portion of the URL.
2562 type: string
2563 path:
2564 description: Path portion of the URL.
2565 type: string
2566 service:
2567 description: |-
2568 The backend service resource that should be matched by this test.
2569 For the Global URL Map, it should be a reference to the backend
2570 service or backend bucket.
2571 For the Regional URL Map, it should be a reference to the backend
2572 service.
2573 oneOf:
2574 - required:
2575 - backendBucketRef
2576 - required:
2577 - backendServiceRef
2578 properties:
2579 backendBucketRef:
2580 oneOf:
2581 - not:
2582 required:
2583 - external
2584 required:
2585 - name
2586 - not:
2587 anyOf:
2588 - required:
2589 - name
2590 - required:
2591 - namespace
2592 required:
2593 - external
2594 properties:
2595 external:
2596 description: 'Allowed value: The `selfLink` field of
2597 a `ComputeBackendBucket` resource.'
2598 type: string
2599 name:
2600 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
2601 type: string
2602 namespace:
2603 description: 'Namespace of the referent. More info:
2604 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
2605 type: string
2606 type: object
2607 backendServiceRef:
2608 oneOf:
2609 - not:
2610 required:
2611 - external
2612 required:
2613 - name
2614 - not:
2615 anyOf:
2616 - required:
2617 - name
2618 - required:
2619 - namespace
2620 required:
2621 - external
2622 properties:
2623 external:
2624 description: 'Allowed value: The `selfLink` field of
2625 a `ComputeBackendService` resource.'
2626 type: string
2627 name:
2628 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
2629 type: string
2630 namespace:
2631 description: 'Namespace of the referent. More info:
2632 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
2633 type: string
2634 type: object
2635 type: object
2636 required:
2637 - host
2638 - path
2639 - service
2640 type: object
2641 type: array
2642 required:
2643 - location
2644 type: object
2645 status:
2646 properties:
2647 conditions:
2648 description: Conditions represent the latest available observation
2649 of the resource's current state.
2650 items:
2651 properties:
2652 lastTransitionTime:
2653 description: Last time the condition transitioned from one status
2654 to another.
2655 type: string
2656 message:
2657 description: Human-readable message indicating details about
2658 last transition.
2659 type: string
2660 reason:
2661 description: Unique, one-word, CamelCase reason for the condition's
2662 last transition.
2663 type: string
2664 status:
2665 description: Status is the status of the condition. Can be True,
2666 False, Unknown.
2667 type: string
2668 type:
2669 description: Type is the type of the condition.
2670 type: string
2671 type: object
2672 type: array
2673 creationTimestamp:
2674 description: Creation timestamp in RFC3339 text format.
2675 type: string
2676 fingerprint:
2677 description: |-
2678 Fingerprint of this resource. This field is used internally during
2679 updates of this resource.
2680 type: string
2681 mapId:
2682 description: The unique identifier for the resource.
2683 type: integer
2684 observedGeneration:
2685 description: ObservedGeneration is the generation of the resource
2686 that was most recently observed by the Config Connector controller.
2687 If this is equal to metadata.generation, then that means that the
2688 current reported status reflects the most recent desired state of
2689 the resource.
2690 type: integer
2691 selfLink:
2692 type: string
2693 type: object
2694 required:
2695 - spec
2696 type: object
2697 served: true
2698 storage: true
2699 subresources:
2700 status: {}
2701status:
2702 acceptedNames:
2703 kind: ""
2704 plural: ""
2705 conditions: []
2706 storedVersions: []
View as plain text