# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cnrm.cloud.google.com/version: 1.106.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" name: networkserviceshttproutes.networkservices.cnrm.cloud.google.com spec: group: networkservices.cnrm.cloud.google.com names: categories: - gcp kind: NetworkServicesHTTPRoute plural: networkserviceshttproutes shortNames: - gcpnetworkserviceshttproute - gcpnetworkserviceshttproutes singular: networkserviceshttproute scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age type: date - description: When 'True', the most recent reconcile of the resource succeeded jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready type: string - description: The reason for the value in 'Ready' jsonPath: .status.conditions[?(@.type=='Ready')].reason name: Status type: string - description: The last transition time for the value in 'Status' jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date name: v1beta1 schema: openAPIV3Schema: properties: apiVersion: description: 'apiVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' type: string kind: description: 'kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: description: description: Optional. A free-text description of the resource. Max length 1024 characters. type: string gateways: items: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `NetworkServicesGateway` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: array hostnames: description: Required. Hostnames define a set of hosts that should match against the HTTP host header to select a HttpRoute to process the request. Hostname is the fully qualified domain name of a network host, as defined by RFC 1123 with the exception that ip addresses are not allowed. Wildcard hosts are supported as "*" (no prefix or suffix allowed). items: type: string type: array location: description: Immutable. The location for the resource type: string meshes: items: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `NetworkServicesMesh` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: array projectRef: description: Immutable. The Project that this resource belongs to. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- The project for the resource Allowed value: The Google Cloud resource name of a `Project` resource (format: `projects/{{name}}`). type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object resourceID: description: Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string rules: description: Required. Rules that define how traffic is routed and handled. items: properties: action: description: The detailed rule defining how to route matched traffic. properties: corsPolicy: description: The specification for allowing client side cross-origin requests. properties: allowCredentials: description: In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default value is false. type: boolean allowHeaders: description: Specifies the content for Access-Control-Allow-Headers header. items: type: string type: array allowMethods: description: Specifies the content for Access-Control-Allow-Methods header. items: type: string type: array allowOriginRegexes: description: Specifies the regular expression patterns that match allowed origins. For regular expression grammar, please see https://github.com/google/re2/wiki/Syntax. items: type: string type: array allowOrigins: description: Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allow_origins or an item in allow_origin_regexes. items: type: string type: array disabled: description: If true, the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. type: boolean exposeHeaders: description: Specifies the content for Access-Control-Expose-Headers header. items: type: string type: array maxAge: description: Specifies how long result of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. type: string type: object destinations: description: The destination to which traffic should be forwarded. items: properties: serviceRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- The URL of a BackendService to route traffic to. Allowed value: The Google Cloud resource name of a `ComputeBackendService` resource (format: `projects/{{project}}/global/backendServices/{{name}}`). type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object weight: description: 'Specifies the proportion of requests forwarded to the backend referenced by the serviceName field. This is computed as: weight/Sum(weights in this destination list). For non-zero values, there may be some epsilon from the exact proportion defined here depending on the precision an implementation supports. If only one serviceName is specified and it has a weight greater than 0, 100% of the traffic is forwarded to that backend. If weights are specified for any one service name, they need to be specified for all of them. If weights are unspecified for all services, then, traffic is distributed in equal proportions to all of them.' format: int64 type: integer type: object type: array faultInjectionPolicy: description: The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy properties: abort: description: The specification for aborting to client requests. properties: httpStatus: description: The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. format: int64 type: integer percentage: description: The percentage of traffic which will be aborted. The value must be between [0, 100] format: int64 type: integer type: object delay: description: The specification for injecting delay to client requests. properties: fixedDelay: description: Specify a fixed delay before forwarding the request. type: string percentage: description: The percentage of traffic on which delay will be injected. The value must be between [0, 100] format: int64 type: integer type: object type: object redirect: description: If set, the request is directed as configured by this field. properties: hostRedirect: description: The host that will be used in the redirect response instead of the one that was supplied in the request. type: string httpsRedirect: description: If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. The default is set to false. type: boolean pathRedirect: description: The path that will be used in the redirect response instead of the one that was supplied in the request. path_redirect can not be supplied together with prefix_redirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. type: string portRedirect: description: The port that will be used in the redirected request instead of the one that was supplied in the request. format: int64 type: integer prefixRewrite: description: Indicates that during redirection, the matched prefix (or path) should be swapped with this value. This option allows URLs be dynamically created based on the request. type: string responseCode: description: 'The HTTP Status code to use for the redirect. Possible values: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT' type: string stripQuery: description: if set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. type: boolean type: object requestHeaderModifier: description: The specification for modifying the headers of a matching request prior to delivery of the request to the destination. properties: add: additionalProperties: type: string description: Add the headers with given map where key is the name of the header, value is the value of the header. type: object remove: description: Remove headers (matching by header names) specified in the list. items: type: string type: array set: additionalProperties: type: string description: Completely overwrite/replace the headers with given map where key is the name of the header, value is the value of the header. type: object type: object requestMirrorPolicy: description: Specifies the policy on how requests intended for the routes destination are shadowed to a separate mirrored destination. Proxy will not wait for the shadow destination to respond before returning the response. Prior to sending traffic to the shadow service, the host/authority header is suffixed with -shadow. properties: destination: description: The destination the requests will be mirrored to. The weight of the destination will be ignored. properties: serviceRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: |- The URL of a BackendService to route traffic to. Allowed value: The Google Cloud resource name of a `ComputeBackendService` resource (format: `projects/{{project}}/global/backendServices/{{name}}`). type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object weight: description: 'Specifies the proportion of requests forwarded to the backend referenced by the serviceName field. This is computed as: weight/Sum(weights in this destination list). For non-zero values, there may be some epsilon from the exact proportion defined here depending on the precision an implementation supports. If only one serviceName is specified and it has a weight greater than 0, 100% of the traffic is forwarded to that backend. If weights are specified for any one service name, they need to be specified for all of them. If weights are unspecified for all services, then, traffic is distributed in equal proportions to all of them.' format: int64 type: integer type: object type: object responseHeaderModifier: description: The specification for modifying the headers of a response prior to sending the response back to the client. properties: add: additionalProperties: type: string description: Add the headers with given map where key is the name of the header, value is the value of the header. type: object remove: description: Remove headers (matching by header names) specified in the list. items: type: string type: array set: additionalProperties: type: string description: Completely overwrite/replace the headers with given map where key is the name of the header, value is the value of the header. type: object type: object retryPolicy: description: Specifies the retry policy associated with this route. properties: numRetries: description: Specifies the allowed number of retries. This number must be > 0. If not specified, default to 1. format: int64 type: integer perTryTimeout: description: Specifies a non-zero timeout per retry attempt. type: string retryConditions: description: 'Specifies one or more conditions when this retry policy applies. Valid values are: 5xx: Proxy will attempt a retry if the destination service responds with any 5xx response code, of if the destination service does not respond at all, example: disconnect, reset, read timeout, connection failure and refused streams. gateway-error: Similar to 5xx, but only applies to response codes 502, 503, 504. reset: Proxy will attempt a retry if the destination service does not respond at all (disconnect/reset/read timeout) connect-failure: Proxy will retry on failures connecting to destination for example due to connection timeouts. retriable-4xx: Proxy will retry fro retriable 4xx response codes. Currently the only retriable error supported is 409. refused-stream: Proxy will retry if the destination resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.' items: type: string type: array type: object timeout: description: Specifies the timeout for selected route. Timeout is computed from the time the request has been fully processed (i.e. end of stream) up until the response has been completely processed. Timeout includes all retries. type: string urlRewrite: description: The specification for rewrite URL before forwarding requests to the destination. properties: hostRewrite: description: Prior to forwarding the request to the selected destination, the requests host header is replaced by this value. type: string pathPrefixRewrite: description: Prior to forwarding the request to the selected destination, the matching portion of the requests path is replaced by this value. type: string type: object type: object matches: description: A list of matches define conditions used for matching the rule against incoming HTTP requests. Each match is independent, i.e. this rule will be matched if ANY one of the matches is satisfied. items: properties: fullPathMatch: description: The HTTP request path value should exactly match this value. Only one of full_path_match, prefix_match, or regex_match should be used. type: string headers: description: Specifies a list of HTTP request headers to match against. ALL of the supplied headers must be matched. items: properties: exactMatch: description: The value of the header should match exactly the content of exact_match. type: string header: description: The name of the HTTP header to match against. type: string invertMatch: description: If specified, the match result will be inverted before checking. Default value is set to false. type: boolean prefixMatch: description: The value of the header must start with the contents of prefix_match. type: string presentMatch: description: A header with header_name must exist. The match takes place whether or not the header has a value. type: boolean rangeMatch: description: If specified, the rule will match if the request header value is within the range. properties: end: description: End of the range (exclusive) format: int64 type: integer start: description: Start of the range (inclusive) format: int64 type: integer type: object regexMatch: description: 'The value of the header must match the regular expression specified in regex_match. For regular expression grammar, please see: https://github.com/google/re2/wiki/Syntax' type: string suffixMatch: description: The value of the header must end with the contents of suffix_match. type: string type: object type: array ignoreCase: description: Specifies if prefix_match and full_path_match matches are case sensitive. The default value is false. type: boolean prefixMatch: description: The HTTP request path value must begin with specified prefix_match. prefix_match must begin with a /. Only one of full_path_match, prefix_match, or regex_match should be used. type: string queryParameters: description: Specifies a list of query parameters to match against. ALL of the query parameters must be matched. items: properties: exactMatch: description: The value of the query parameter must exactly match the contents of exact_match. Only one of exact_match, regex_match, or present_match must be set. type: string presentMatch: description: Specifies that the QueryParameterMatcher matches if request contains query parameter, irrespective of whether the parameter has a value or not. Only one of exact_match, regex_match, or present_match must be set. type: boolean queryParameter: description: The name of the query parameter to match. type: string regexMatch: description: The value of the query parameter must match the regular expression specified by regex_match. For regular expression grammar, please see https://github.com/google/re2/wiki/Syntax Only one of exact_match, regex_match, or present_match must be set. type: string type: object type: array regexMatch: description: The HTTP request path value must satisfy the regular expression specified by regex_match after removing any query parameters and anchor supplied with the original URL. For regular expression grammar, please see https://github.com/google/re2/wiki/Syntax Only one of full_path_match, prefix_match, or regex_match should be used. type: string type: object type: array type: object type: array required: - hostnames - location - projectRef - rules type: object status: properties: conditions: description: Conditions represent the latest available observation of the resource's current state. items: properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. type: string message: description: Human-readable message indicating details about last transition. type: string reason: description: Unique, one-word, CamelCase reason for the condition's last transition. type: string status: description: Status is the status of the condition. Can be True, False, Unknown. type: string type: description: Type is the type of the condition. type: string type: object type: array createTime: description: Output only. The timestamp when the resource was created. format: date-time type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. type: integer selfLink: description: Output only. Server-defined URL of this resource type: string updateTime: description: Output only. The timestamp when the resource was updated. format: date-time type: string type: object required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []