1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/managed-by-kcc: "true"
23 cnrm.cloud.google.com/stability-level: alpha
24 cnrm.cloud.google.com/system: "true"
25 cnrm.cloud.google.com/tf2crd: "true"
26 name: networkservicesedgecacheorigins.networkservices.cnrm.cloud.google.com
27spec:
28 group: networkservices.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: NetworkServicesEdgeCacheOrigin
33 plural: networkservicesedgecacheorigins
34 shortNames:
35 - gcpnetworkservicesedgecacheorigin
36 - gcpnetworkservicesedgecacheorigins
37 singular: networkservicesedgecacheorigin
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1alpha1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 awsV4Authentication:
75 description: Enable AWS Signature Version 4 origin authentication.
76 properties:
77 accessKeyId:
78 description: The access key ID your origin uses to identify the
79 key.
80 type: string
81 originRegion:
82 description: The name of the AWS region that your origin is in.
83 type: string
84 secretAccessKeyVersion:
85 description: |-
86 The Secret Manager secret version of the secret access key used by your origin.
87
88 This is the resource name of the secret version in the format 'projects/*/secrets/*/versions/*' where the '*' values are replaced by the project, secret, and version you require.
89 type: string
90 required:
91 - accessKeyId
92 - originRegion
93 - secretAccessKeyVersion
94 type: object
95 description:
96 description: A human-readable description of the resource.
97 type: string
98 failoverOrigin:
99 description: |-
100 The Origin resource to try when the current origin cannot be reached.
101 After maxAttempts is reached, the configured failoverOrigin will be used to fulfil the request.
102
103 The value of timeout.maxAttemptsTimeout dictates the timeout across all origins.
104 A reference to a Topic resource.
105 type: string
106 maxAttempts:
107 description: |-
108 The maximum number of attempts to cache fill from this origin. Another attempt is made when a cache fill fails with one of the retryConditions.
109
110 Once maxAttempts to this origin have failed the failoverOrigin will be used, if one is specified. That failoverOrigin may specify its own maxAttempts,
111 retryConditions and failoverOrigin to control its own cache fill failures.
112
113 The total number of allowed attempts to cache fill across this and failover origins is limited to four.
114 The total time allowed for cache fill attempts across this and failover origins can be controlled with maxAttemptsTimeout.
115
116 The last valid, non-retried response from all origins will be returned to the client.
117 If no origin returns a valid response, an HTTP 502 will be returned to the client.
118
119 Defaults to 1. Must be a value greater than 0 and less than 4.
120 type: integer
121 originAddress:
122 description: |-
123 A fully qualified domain name (FQDN) or IP address reachable over the public Internet, or the address of a Google Cloud Storage bucket.
124
125 This address will be used as the origin for cache requests - e.g. FQDN: media-backend.example.com, IPv4: 35.218.1.1, IPv6: 2607:f8b0:4012:809::200e, Cloud Storage: gs://bucketname
126
127 When providing an FQDN (hostname), it must be publicly resolvable (e.g. via Google public DNS) and IP addresses must be publicly routable. It must not contain a protocol (e.g., https://) and it must not contain any slashes.
128 If a Cloud Storage bucket is provided, it must be in the canonical "gs://bucketname" format. Other forms, such as "storage.googleapis.com", will be rejected.
129 type: string
130 originOverrideAction:
131 description: |-
132 The override actions, including url rewrites and header
133 additions, for requests that use this origin.
134 properties:
135 headerAction:
136 description: |-
137 The header actions, including adding and removing
138 headers, for request handled by this origin.
139 properties:
140 requestHeadersToAdd:
141 description: |-
142 Describes a header to add.
143
144 You may add a maximum of 25 request headers.
145 items:
146 properties:
147 headerName:
148 description: The name of the header to add.
149 type: string
150 headerValue:
151 description: The value of the header to add.
152 type: string
153 replace:
154 description: |-
155 Whether to replace all existing headers with the same name.
156
157 By default, added header values are appended
158 to the response or request headers with the
159 same field names. The added values are
160 separated by commas.
161
162 To overwrite existing values, set 'replace' to 'true'.
163 type: boolean
164 required:
165 - headerName
166 - headerValue
167 type: object
168 type: array
169 type: object
170 urlRewrite:
171 description: |-
172 The URL rewrite configuration for request that are
173 handled by this origin.
174 properties:
175 hostRewrite:
176 description: |-
177 Prior to forwarding the request to the selected
178 origin, the request's host header is replaced with
179 contents of the hostRewrite.
180
181 This value must be between 1 and 255 characters.
182 type: string
183 type: object
184 type: object
185 originRedirect:
186 description: Follow redirects from this origin.
187 properties:
188 redirectConditions:
189 description: |-
190 The set of redirect response codes that the CDN
191 follows. Values of
192 [RedirectConditions](https://cloud.google.com/media-cdn/docs/reference/rest/v1/projects.locations.edgeCacheOrigins#redirectconditions)
193 are accepted.
194 items:
195 type: string
196 type: array
197 type: object
198 port:
199 description: |-
200 The port to connect to the origin on.
201 Defaults to port 443 for HTTP2 and HTTPS protocols, and port 80 for HTTP.
202 type: integer
203 projectRef:
204 description: The project that this resource belongs to.
205 oneOf:
206 - not:
207 required:
208 - external
209 required:
210 - name
211 - not:
212 anyOf:
213 - required:
214 - name
215 - required:
216 - namespace
217 required:
218 - external
219 properties:
220 external:
221 description: 'Allowed value: The `name` field of a `Project` resource.'
222 type: string
223 name:
224 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
225 type: string
226 namespace:
227 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
228 type: string
229 type: object
230 protocol:
231 description: |-
232 The protocol to use to connect to the configured origin. Defaults to HTTP2, and it is strongly recommended that users use HTTP2 for both security & performance.
233
234 When using HTTP2 or HTTPS as the protocol, a valid, publicly-signed, unexpired TLS (SSL) certificate must be presented by the origin server. Possible values: ["HTTP2", "HTTPS", "HTTP"].
235 type: string
236 resourceID:
237 description: Immutable. Optional. The name of the resource. Used for
238 creation and acquisition. When unset, the value of `metadata.name`
239 is used as the default.
240 type: string
241 retryConditions:
242 description: |-
243 Specifies one or more retry conditions for the configured origin.
244
245 If the failure mode during a connection attempt to the origin matches the configured retryCondition(s),
246 the origin request will be retried up to maxAttempts times. The failoverOrigin, if configured, will then be used to satisfy the request.
247
248 The default retryCondition is "CONNECT_FAILURE".
249
250 retryConditions apply to this origin, and not subsequent failoverOrigin(s),
251 which may specify their own retryConditions and maxAttempts.
252
253 Valid values are:
254
255 - CONNECT_FAILURE: Retry on failures connecting to origins, for example due to connection timeouts.
256 - HTTP_5XX: Retry if the origin responds with any 5xx response code, or if the origin does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
257 - GATEWAY_ERROR: Similar to 5xx, but only applies to response codes 502, 503 or 504.
258 - RETRIABLE_4XX: Retry for retriable 4xx response codes, which include HTTP 409 (Conflict) and HTTP 429 (Too Many Requests)
259 - NOT_FOUND: Retry if the origin returns a HTTP 404 (Not Found). This can be useful when generating video content, and the segment is not available yet.
260 - FORBIDDEN: Retry if the origin returns a HTTP 403 (Forbidden). Possible values: ["CONNECT_FAILURE", "HTTP_5XX", "GATEWAY_ERROR", "RETRIABLE_4XX", "NOT_FOUND", "FORBIDDEN"].
261 items:
262 type: string
263 type: array
264 timeout:
265 description: The connection and HTTP timeout configuration for this
266 origin.
267 properties:
268 connectTimeout:
269 description: |-
270 The maximum duration to wait for a single origin connection to be established, including DNS lookup, TLS handshake and TCP/QUIC connection establishment.
271
272 Defaults to 5 seconds. The timeout must be a value between 1s and 15s.
273
274 The connectTimeout capped by the deadline set by the request's maxAttemptsTimeout. The last connection attempt may have a smaller connectTimeout in order to adhere to the overall maxAttemptsTimeout.
275 type: string
276 maxAttemptsTimeout:
277 description: |-
278 The maximum time across all connection attempts to the origin, including failover origins, before returning an error to the client. A HTTP 504 will be returned if the timeout is reached before a response is returned.
279
280 Defaults to 15 seconds. The timeout must be a value between 1s and 30s.
281
282 If a failoverOrigin is specified, the maxAttemptsTimeout of the first configured origin sets the deadline for all connection attempts across all failoverOrigins.
283 type: string
284 readTimeout:
285 description: |-
286 The maximum duration to wait between reads of a single HTTP connection/stream.
287
288 Defaults to 15 seconds. The timeout must be a value between 1s and 30s.
289
290 The readTimeout is capped by the responseTimeout. All reads of the HTTP connection/stream must be completed by the deadline set by the responseTimeout.
291
292 If the response headers have already been written to the connection, the response will be truncated and logged.
293 type: string
294 responseTimeout:
295 description: |-
296 The maximum duration to wait for the last byte of a response to arrive when reading from the HTTP connection/stream.
297
298 Defaults to 30 seconds. The timeout must be a value between 1s and 120s.
299
300 The responseTimeout starts after the connection has been established.
301
302 This also applies to HTTP Chunked Transfer Encoding responses, and/or when an open-ended Range request is made to the origin. Origins that take longer to write additional bytes to the response than the configured responseTimeout will result in an error being returned to the client.
303
304 If the response headers have already been written to the connection, the response will be truncated and logged.
305 type: string
306 type: object
307 required:
308 - originAddress
309 - projectRef
310 type: object
311 status:
312 properties:
313 conditions:
314 description: Conditions represent the latest available observation
315 of the resource's current state.
316 items:
317 properties:
318 lastTransitionTime:
319 description: Last time the condition transitioned from one status
320 to another.
321 type: string
322 message:
323 description: Human-readable message indicating details about
324 last transition.
325 type: string
326 reason:
327 description: Unique, one-word, CamelCase reason for the condition's
328 last transition.
329 type: string
330 status:
331 description: Status is the status of the condition. Can be True,
332 False, Unknown.
333 type: string
334 type:
335 description: Type is the type of the condition.
336 type: string
337 type: object
338 type: array
339 observedGeneration:
340 description: ObservedGeneration is the generation of the resource
341 that was most recently observed by the Config Connector controller.
342 If this is equal to metadata.generation, then that means that the
343 current reported status reflects the most recent desired state of
344 the resource.
345 type: integer
346 type: object
347 required:
348 - spec
349 type: object
350 served: true
351 storage: true
352 subresources:
353 status: {}
354status:
355 acceptedNames:
356 kind: ""
357 plural: ""
358 conditions: []
359 storedVersions: []
View as plain text