1# GENERATED FILE: edits made by hand will not be preserved.
2---
3apiVersion: apiextensions.k8s.io/v1
4kind: CustomResourceDefinition
5metadata:
6 annotations:
7 controller-gen.kubebuilder.io/version: v0.6.2
8 labels:
9 app.kubernetes.io/instance: emissary-apiext
10 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
11 app.kubernetes.io/name: emissary-apiext
12 app.kubernetes.io/part-of: emissary-apiext
13 name: authservices.getambassador.io
14spec:
15 conversion:
16 strategy: Webhook
17 webhook:
18 clientConfig:
19 service:
20 name: emissary-apiext
21 namespace: emissary-system
22 conversionReviewVersions:
23 - v1beta1
24 group: getambassador.io
25 names:
26 categories:
27 - ambassador-crds
28 kind: AuthService
29 listKind: AuthServiceList
30 plural: authservices
31 singular: authservice
32 preserveUnknownFields: false
33 scope: Namespaced
34 versions:
35 - name: v1
36 schema:
37 openAPIV3Schema:
38 description: AuthService is the Schema for the authservices API
39 properties:
40 apiVersion:
41 description: 'APIVersion defines the versioned schema of this representation
42 of an object. Servers should convert recognized schemas to the latest
43 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
44 type: string
45 kind:
46 description: 'Kind is a string value representing the REST resource this
47 object represents. Servers may infer this from the endpoint the client
48 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
49 type: string
50 metadata:
51 type: object
52 spec:
53 description: AuthServiceSpec defines the desired state of AuthService
54 properties:
55 add_auth_headers:
56 additionalProperties:
57 type: string
58 type: object
59 add_linkerd_headers:
60 type: boolean
61 allow_request_body:
62 type: boolean
63 allowed_authorization_headers:
64 items:
65 type: string
66 type: array
67 allowed_request_headers:
68 items:
69 type: string
70 type: array
71 auth_service:
72 type: string
73 failure_mode_allow:
74 type: boolean
75 include_body:
76 properties:
77 allow_partial:
78 type: boolean
79 max_bytes:
80 description: These aren't pointer types because they are required.
81 type: integer
82 required:
83 - allow_partial
84 - max_bytes
85 type: object
86 path_prefix:
87 type: string
88 proto:
89 enum:
90 - http
91 - grpc
92 type: string
93 protocol_version:
94 enum:
95 - v2
96 - v3
97 type: string
98 status_on_error:
99 description: Why isn't this just an int??
100 properties:
101 code:
102 type: integer
103 type: object
104 timeout_ms:
105 type: integer
106 v3CircuitBreakers:
107 items:
108 properties:
109 max_connections:
110 type: integer
111 max_pending_requests:
112 type: integer
113 max_requests:
114 type: integer
115 max_retries:
116 type: integer
117 priority:
118 enum:
119 - default
120 - high
121 type: string
122 type: object
123 type: array
124 v3StatsName:
125 type: string
126 required:
127 - auth_service
128 type: object
129 x-kubernetes-preserve-unknown-fields: true
130 type: object
131 served: true
132 storage: false
133 - name: v2
134 schema:
135 openAPIV3Schema:
136 description: AuthService is the Schema for the authservices API
137 properties:
138 apiVersion:
139 description: 'APIVersion defines the versioned schema of this representation
140 of an object. Servers should convert recognized schemas to the latest
141 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
142 type: string
143 kind:
144 description: 'Kind is a string value representing the REST resource this
145 object represents. Servers may infer this from the endpoint the client
146 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
147 type: string
148 metadata:
149 type: object
150 spec:
151 description: AuthServiceSpec defines the desired state of AuthService
152 properties:
153 add_auth_headers:
154 additionalProperties:
155 type: string
156 type: object
157 add_linkerd_headers:
158 type: boolean
159 allow_request_body:
160 type: boolean
161 allowed_authorization_headers:
162 items:
163 type: string
164 type: array
165 allowed_request_headers:
166 items:
167 type: string
168 type: array
169 auth_service:
170 type: string
171 failure_mode_allow:
172 type: boolean
173 include_body:
174 properties:
175 allow_partial:
176 type: boolean
177 max_bytes:
178 description: These aren't pointer types because they are required.
179 type: integer
180 required:
181 - allow_partial
182 - max_bytes
183 type: object
184 path_prefix:
185 type: string
186 proto:
187 enum:
188 - http
189 - grpc
190 type: string
191 protocol_version:
192 enum:
193 - v2
194 - v3
195 type: string
196 status_on_error:
197 description: Why isn't this just an int??
198 properties:
199 code:
200 type: integer
201 type: object
202 timeout_ms:
203 type: integer
204 v3CircuitBreakers:
205 items:
206 properties:
207 max_connections:
208 type: integer
209 max_pending_requests:
210 type: integer
211 max_requests:
212 type: integer
213 max_retries:
214 type: integer
215 priority:
216 enum:
217 - default
218 - high
219 type: string
220 type: object
221 type: array
222 v3StatsName:
223 type: string
224 required:
225 - auth_service
226 type: object
227 x-kubernetes-preserve-unknown-fields: true
228 type: object
229 served: true
230 storage: true
231 - name: v3alpha1
232 schema:
233 openAPIV3Schema:
234 description: AuthService is the Schema for the authservices API
235 properties:
236 apiVersion:
237 description: 'APIVersion defines the versioned schema of this representation
238 of an object. Servers should convert recognized schemas to the latest
239 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
240 type: string
241 kind:
242 description: 'Kind is a string value representing the REST resource this
243 object represents. Servers may infer this from the endpoint the client
244 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
245 type: string
246 metadata:
247 type: object
248 spec:
249 description: AuthServiceSpec defines the desired state of AuthService
250 properties:
251 add_auth_headers:
252 additionalProperties:
253 type: string
254 type: object
255 add_linkerd_headers:
256 type: boolean
257 allow_request_body:
258 description: 'TODO(lukeshu): In v3alpha2, drop allow_request_body
259 in favor of include_body. allow_request_body has been deprecated
260 for a long time.'
261 type: boolean
262 allowed_authorization_headers:
263 items:
264 type: string
265 type: array
266 allowed_request_headers:
267 items:
268 type: string
269 type: array
270 ambassador_id:
271 description: "AmbassadorID declares which Ambassador instances should
272 pay attention to this resource. If no value is provided, the default
273 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
274 consider renaming all of the `ambassador_id` (singular) fields to
275 `ambassador_ids` (plural)."
276 items:
277 type: string
278 type: array
279 auth_service:
280 description: 'TODO(lukeshu): In v3alpha2, consider renameing `auth_service`
281 to just `service`, for consistency with the other resource types.'
282 type: string
283 circuit_breakers:
284 items:
285 properties:
286 max_connections:
287 type: integer
288 max_pending_requests:
289 type: integer
290 max_requests:
291 type: integer
292 max_retries:
293 type: integer
294 priority:
295 enum:
296 - default
297 - high
298 type: string
299 type: object
300 type: array
301 failure_mode_allow:
302 type: boolean
303 include_body:
304 properties:
305 allow_partial:
306 type: boolean
307 max_bytes:
308 description: These aren't pointer types because they are required.
309 type: integer
310 required:
311 - allow_partial
312 - max_bytes
313 type: object
314 path_prefix:
315 type: string
316 proto:
317 enum:
318 - http
319 - grpc
320 type: string
321 protocol_version:
322 description: ProtocolVersion is the envoy api transport protocol version
323 enum:
324 - v2
325 - v3
326 type: string
327 stats_name:
328 type: string
329 status_on_error:
330 description: 'TODO(lukeshu): In v3alpha2, consider getting rid of
331 this struct type in favor of just using an int (i.e. `statusOnError:
332 500` instead of the current `statusOnError: { code: 500 }`).'
333 properties:
334 code:
335 type: integer
336 type: object
337 timeout_ms:
338 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
339 fields to `{foo}`/`metav1.Duration`.'
340 type: integer
341 tls:
342 type: string
343 v2ExplicitTLS:
344 description: V2ExplicitTLS controls some vanity/stylistic elements
345 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
346 should not in any way affect the runtime operation of Emissary;
347 except that it may affect internal names in the Envoy config, which
348 may in turn affect stats names. But it should not affect any end-user
349 observable behavior.
350 properties:
351 serviceScheme:
352 description: "ServiceScheme specifies how to spell and capitalize
353 the scheme-part of the service URL. \n Acceptable values are
354 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
355 or \"\". The value is used if it agrees with whether or not
356 this resource enables TLS origination, or if something else
357 in the resource overrides the scheme."
358 pattern: ^([hH][tT][tT][pP][sS]?://)?$
359 type: string
360 tls:
361 description: "TLS controls whether and how to represent the \"tls\"
362 field when its value could be implied by the \"service\" field.
363 \ In v2, there were a lot of different ways to spell an \"empty\"
364 value, and this field specifies which way to spell it (and will
365 therefore only be used if the value will indeed be empty). \n
366 \ | Value | Representation | Meaning
367 of representation | |--------------+---------------------------------------+------------------------------------|
368 \ | \"\" | omit the field |
369 defer to service (no TLSContext) | | \"null\" | store
370 an explicit \"null\" in the field | defer to service (no TLSContext)
371 \ | | \"string\" | store an empty string in the field
372 \ | defer to service (no TLSContext) | | \"bool:false\"
373 | store a Boolean \"false\" in the field | defer to service
374 (no TLSContext) | | \"bool:true\" | store a Boolean \"true\"
375 in the field | originate TLS (no TLSContext) | \n If
376 the meaning of the representation contradicts anything else
377 (if a TLSContext is to be used, or in the case of \"bool:true\"
378 if TLS is not to be originated), then this field is ignored."
379 enum:
380 - ""
381 - "null"
382 - bool:true
383 - bool:false
384 - string
385 type: string
386 type: object
387 required:
388 - auth_service
389 type: object
390 type: object
391 served: true
392 storage: false
393---
394apiVersion: apiextensions.k8s.io/v1
395kind: CustomResourceDefinition
396metadata:
397 annotations:
398 controller-gen.kubebuilder.io/version: v0.6.2
399 labels:
400 app.kubernetes.io/instance: emissary-apiext
401 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
402 app.kubernetes.io/name: emissary-apiext
403 app.kubernetes.io/part-of: emissary-apiext
404 name: consulresolvers.getambassador.io
405spec:
406 conversion:
407 strategy: Webhook
408 webhook:
409 clientConfig:
410 service:
411 name: emissary-apiext
412 namespace: emissary-system
413 conversionReviewVersions:
414 - v1beta1
415 group: getambassador.io
416 names:
417 categories:
418 - ambassador-crds
419 kind: ConsulResolver
420 listKind: ConsulResolverList
421 plural: consulresolvers
422 singular: consulresolver
423 preserveUnknownFields: false
424 scope: Namespaced
425 versions:
426 - name: v1
427 schema:
428 openAPIV3Schema:
429 description: ConsulResolver is the Schema for the ConsulResolver API
430 properties:
431 apiVersion:
432 description: 'APIVersion defines the versioned schema of this representation
433 of an object. Servers should convert recognized schemas to the latest
434 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
435 type: string
436 kind:
437 description: 'Kind is a string value representing the REST resource this
438 object represents. Servers may infer this from the endpoint the client
439 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
440 type: string
441 metadata:
442 type: object
443 spec:
444 description: ConsulResolver tells Ambassador to use Consul to resolve
445 services. In addition to the AmbassadorID, it needs information about
446 which Consul server and DC to use.
447 properties:
448 address:
449 type: string
450 datacenter:
451 type: string
452 type: object
453 x-kubernetes-preserve-unknown-fields: true
454 type: object
455 served: true
456 storage: false
457 - name: v2
458 schema:
459 openAPIV3Schema:
460 description: ConsulResolver is the Schema for the ConsulResolver API
461 properties:
462 apiVersion:
463 description: 'APIVersion defines the versioned schema of this representation
464 of an object. Servers should convert recognized schemas to the latest
465 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
466 type: string
467 kind:
468 description: 'Kind is a string value representing the REST resource this
469 object represents. Servers may infer this from the endpoint the client
470 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
471 type: string
472 metadata:
473 type: object
474 spec:
475 description: ConsulResolver tells Ambassador to use Consul to resolve
476 services. In addition to the AmbassadorID, it needs information about
477 which Consul server and DC to use.
478 properties:
479 address:
480 type: string
481 datacenter:
482 type: string
483 type: object
484 x-kubernetes-preserve-unknown-fields: true
485 type: object
486 served: true
487 storage: true
488 - name: v3alpha1
489 schema:
490 openAPIV3Schema:
491 description: ConsulResolver is the Schema for the ConsulResolver API
492 properties:
493 apiVersion:
494 description: 'APIVersion defines the versioned schema of this representation
495 of an object. Servers should convert recognized schemas to the latest
496 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
497 type: string
498 kind:
499 description: 'Kind is a string value representing the REST resource this
500 object represents. Servers may infer this from the endpoint the client
501 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
502 type: string
503 metadata:
504 type: object
505 spec:
506 description: ConsulResolver tells Ambassador to use Consul to resolve
507 services. In addition to the AmbassadorID, it needs information about
508 which Consul server and DC to use.
509 properties:
510 address:
511 type: string
512 ambassador_id:
513 description: "AmbassadorID declares which Ambassador instances should
514 pay attention to this resource. If no value is provided, the default
515 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
516 consider renaming all of the `ambassador_id` (singular) fields to
517 `ambassador_ids` (plural)."
518 items:
519 type: string
520 type: array
521 datacenter:
522 type: string
523 type: object
524 type: object
525 served: true
526 storage: false
527---
528apiVersion: apiextensions.k8s.io/v1
529kind: CustomResourceDefinition
530metadata:
531 annotations:
532 controller-gen.kubebuilder.io/version: v0.6.2
533 labels:
534 app.kubernetes.io/instance: emissary-apiext
535 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
536 app.kubernetes.io/name: emissary-apiext
537 app.kubernetes.io/part-of: emissary-apiext
538 name: devportals.getambassador.io
539spec:
540 conversion:
541 strategy: Webhook
542 webhook:
543 clientConfig:
544 service:
545 name: emissary-apiext
546 namespace: emissary-system
547 conversionReviewVersions:
548 - v1beta1
549 group: getambassador.io
550 names:
551 categories:
552 - ambassador-crds
553 kind: DevPortal
554 listKind: DevPortalList
555 plural: devportals
556 singular: devportal
557 preserveUnknownFields: false
558 scope: Namespaced
559 versions:
560 - name: v1
561 schema:
562 openAPIV3Schema:
563 description: "DevPortal is the Schema for the DevPortals API \n DevPortal
564 resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what`
565 is in a DevPortal can be controlled with \n - a `selector`, that can
566 be used for filtering `Mappings`. \n - a `docs` listing of (services,
567 url) \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository
568 \ with go-templates/markdown/css). \n Multiple `DevPortal`s can exist
569 in the cluster, and the Dev Portal server will show them at different endpoints.
570 A `DevPortal` resource with a special name, `ambassador`, will be used for
571 configuring the default Dev Portal (served at `/docs/` by default)."
572 properties:
573 apiVersion:
574 description: 'APIVersion defines the versioned schema of this representation
575 of an object. Servers should convert recognized schemas to the latest
576 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
577 type: string
578 kind:
579 description: 'Kind is a string value representing the REST resource this
580 object represents. Servers may infer this from the endpoint the client
581 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
582 type: string
583 metadata:
584 type: object
585 spec:
586 description: DevPortalSpec defines the desired state of DevPortal
587 properties:
588 content:
589 description: Content specifies where the content shown in the DevPortal
590 come from
591 properties:
592 branch:
593 type: string
594 dir:
595 type: string
596 url:
597 type: string
598 type: object
599 default:
600 description: Default must be true when this is the default DevPortal
601 type: boolean
602 docs:
603 description: Docs is a static docs definition
604 items:
605 description: 'DevPortalDocsSpec is a static documentation definition:
606 instead of using a Selector for finding documentation for services,
607 users can provide a static list of <service>:<URL> tuples. These
608 services will be shown in the Dev Portal with the documentation
609 obtained from this URL.'
610 properties:
611 service:
612 description: Service is the service being documented
613 type: string
614 timeout_ms:
615 description: Timeout specifies the amount of time devportal
616 will wait for the downstream service to report an openapi
617 spec back
618 type: integer
619 url:
620 description: URL is the URL used for obtaining docs
621 type: string
622 type: object
623 type: array
624 naming_scheme:
625 description: Describes how to display "services" in the DevPortal.
626 Default namespace.name
627 enum:
628 - namespace.name
629 - name.prefix
630 type: string
631 preserve_servers:
632 description: Configures this DevPortal to use server definitions from
633 the openAPI doc instead of rewriting them based on the url used
634 for the connection.
635 type: boolean
636 search:
637 description: DevPortalSearchSpec allows configuration over search
638 functionality for the DevPortal
639 properties:
640 enabled:
641 type: boolean
642 type:
643 description: 'Type of search. "title-only" does a fuzzy search
644 over openapi and page titles "all-content" will fuzzy search
645 over all openapi and page content. "title-only" is the default.
646 warning: using all-content may incur a larger memory footprint'
647 enum:
648 - title-only
649 - all-content
650 type: string
651 type: object
652 selector:
653 description: Selector is used for choosing what is shown in the DevPortal
654 properties:
655 matchLabels:
656 additionalProperties:
657 type: string
658 description: MatchLabels specifies the list of labels that must
659 be present in Mappings for being present in this DevPortal.
660 type: object
661 matchNamespaces:
662 description: MatchNamespaces is a list of namespaces that will
663 be included in this DevPortal.
664 items:
665 type: string
666 type: array
667 type: object
668 type: object
669 x-kubernetes-preserve-unknown-fields: true
670 type: object
671 served: true
672 storage: false
673 - name: v2
674 schema:
675 openAPIV3Schema:
676 description: "DevPortal is the Schema for the DevPortals API \n DevPortal
677 resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what`
678 is in a DevPortal can be controlled with \n - a `selector`, that can
679 be used for filtering `Mappings`. \n - a `docs` listing of (services,
680 url) \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository
681 \ with go-templates/markdown/css). \n Multiple `DevPortal`s can exist
682 in the cluster, and the Dev Portal server will show them at different endpoints.
683 A `DevPortal` resource with a special name, `ambassador`, will be used for
684 configuring the default Dev Portal (served at `/docs/` by default)."
685 properties:
686 apiVersion:
687 description: 'APIVersion defines the versioned schema of this representation
688 of an object. Servers should convert recognized schemas to the latest
689 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
690 type: string
691 kind:
692 description: 'Kind is a string value representing the REST resource this
693 object represents. Servers may infer this from the endpoint the client
694 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
695 type: string
696 metadata:
697 type: object
698 spec:
699 description: DevPortalSpec defines the desired state of DevPortal
700 properties:
701 content:
702 description: Content specifies where the content shown in the DevPortal
703 come from
704 properties:
705 branch:
706 type: string
707 dir:
708 type: string
709 url:
710 type: string
711 type: object
712 default:
713 description: Default must be true when this is the default DevPortal
714 type: boolean
715 docs:
716 description: Docs is a static docs definition
717 items:
718 description: 'DevPortalDocsSpec is a static documentation definition:
719 instead of using a Selector for finding documentation for services,
720 users can provide a static list of <service>:<URL> tuples. These
721 services will be shown in the Dev Portal with the documentation
722 obtained from this URL.'
723 properties:
724 service:
725 description: Service is the service being documented
726 type: string
727 timeout_ms:
728 description: Timeout specifies the amount of time devportal
729 will wait for the downstream service to report an openapi
730 spec back
731 type: integer
732 url:
733 description: URL is the URL used for obtaining docs
734 type: string
735 type: object
736 type: array
737 naming_scheme:
738 description: Describes how to display "services" in the DevPortal.
739 Default namespace.name
740 enum:
741 - namespace.name
742 - name.prefix
743 type: string
744 preserve_servers:
745 description: Configures this DevPortal to use server definitions from
746 the openAPI doc instead of rewriting them based on the url used
747 for the connection.
748 type: boolean
749 search:
750 description: DevPortalSearchSpec allows configuration over search
751 functionality for the DevPortal
752 properties:
753 enabled:
754 type: boolean
755 type:
756 description: 'Type of search. "title-only" does a fuzzy search
757 over openapi and page titles "all-content" will fuzzy search
758 over all openapi and page content. "title-only" is the default.
759 warning: using all-content may incur a larger memory footprint'
760 enum:
761 - title-only
762 - all-content
763 type: string
764 type: object
765 selector:
766 description: Selector is used for choosing what is shown in the DevPortal
767 properties:
768 matchLabels:
769 additionalProperties:
770 type: string
771 description: MatchLabels specifies the list of labels that must
772 be present in Mappings for being present in this DevPortal.
773 type: object
774 matchNamespaces:
775 description: MatchNamespaces is a list of namespaces that will
776 be included in this DevPortal.
777 items:
778 type: string
779 type: array
780 type: object
781 type: object
782 x-kubernetes-preserve-unknown-fields: true
783 type: object
784 served: true
785 storage: true
786 - name: v3alpha1
787 schema:
788 openAPIV3Schema:
789 description: "DevPortal is the Schema for the DevPortals API \n DevPortal
790 resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what`
791 is in a DevPortal can be controlled with \n - a `selector`, that can
792 be used for filtering `Mappings`. \n - a `docs` listing of (services,
793 url) \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository
794 \ with go-templates/markdown/css). \n Multiple `DevPortal`s can exist
795 in the cluster, and the Dev Portal server will show them at different endpoints.
796 A `DevPortal` resource with a special name, `ambassador`, will be used for
797 configuring the default Dev Portal (served at `/docs/` by default)."
798 properties:
799 apiVersion:
800 description: 'APIVersion defines the versioned schema of this representation
801 of an object. Servers should convert recognized schemas to the latest
802 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
803 type: string
804 kind:
805 description: 'Kind is a string value representing the REST resource this
806 object represents. Servers may infer this from the endpoint the client
807 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
808 type: string
809 metadata:
810 type: object
811 spec:
812 description: DevPortalSpec defines the desired state of DevPortal
813 properties:
814 ambassador_id:
815 description: "AmbassadorID declares which Ambassador instances should
816 pay attention to this resource. If no value is provided, the default
817 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
818 consider renaming all of the `ambassador_id` (singular) fields to
819 `ambassador_ids` (plural)."
820 items:
821 type: string
822 type: array
823 content:
824 description: Content specifies where the content shown in the DevPortal
825 come from
826 properties:
827 branch:
828 type: string
829 dir:
830 type: string
831 url:
832 type: string
833 type: object
834 default:
835 description: Default must be true when this is the default DevPortal
836 type: boolean
837 docs:
838 description: Docs is a static docs definition
839 items:
840 description: 'DevPortalDocsSpec is a static documentation definition:
841 instead of using a Selector for finding documentation for services,
842 users can provide a static list of <service>:<URL> tuples. These
843 services will be shown in the Dev Portal with the documentation
844 obtained from this URL.'
845 properties:
846 service:
847 description: Service is the service being documented
848 type: string
849 timeout_ms:
850 description: Timeout specifies the amount of time devportal
851 will wait for the downstream service to report an openapi
852 spec back
853 type: integer
854 url:
855 description: URL is the URL used for obtaining docs
856 type: string
857 type: object
858 type: array
859 naming_scheme:
860 description: Describes how to display "services" in the DevPortal.
861 Default namespace.name
862 enum:
863 - namespace.name
864 - name.prefix
865 type: string
866 preserve_servers:
867 description: Configures this DevPortal to use server definitions from
868 the openAPI doc instead of rewriting them based on the url used
869 for the connection.
870 type: boolean
871 search:
872 description: DevPortalSearchSpec allows configuration over search
873 functionality for the DevPortal
874 properties:
875 enabled:
876 type: boolean
877 type:
878 description: 'Type of search. "title-only" does a fuzzy search
879 over openapi and page titles "all-content" will fuzzy search
880 over all openapi and page content. "title-only" is the default.
881 warning: using all-content may incur a larger memory footprint'
882 enum:
883 - title-only
884 - all-content
885 type: string
886 type: object
887 selector:
888 description: Selector is used for choosing what is shown in the DevPortal
889 properties:
890 matchLabels:
891 additionalProperties:
892 type: string
893 description: MatchLabels specifies the list of labels that must
894 be present in Mappings for being present in this DevPortal.
895 type: object
896 matchNamespaces:
897 description: MatchNamespaces is a list of namespaces that will
898 be included in this DevPortal.
899 items:
900 type: string
901 type: array
902 type: object
903 type: object
904 type: object
905 served: true
906 storage: false
907---
908apiVersion: apiextensions.k8s.io/v1
909kind: CustomResourceDefinition
910metadata:
911 annotations:
912 controller-gen.kubebuilder.io/version: v0.6.2
913 labels:
914 app.kubernetes.io/instance: emissary-apiext
915 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
916 app.kubernetes.io/name: emissary-apiext
917 app.kubernetes.io/part-of: emissary-apiext
918 name: hosts.getambassador.io
919spec:
920 conversion:
921 strategy: Webhook
922 webhook:
923 clientConfig:
924 service:
925 name: emissary-apiext
926 namespace: emissary-system
927 conversionReviewVersions:
928 - v1beta1
929 group: getambassador.io
930 names:
931 categories:
932 - ambassador-crds
933 kind: Host
934 listKind: HostList
935 plural: hosts
936 singular: host
937 preserveUnknownFields: false
938 scope: Namespaced
939 versions:
940 - additionalPrinterColumns:
941 - jsonPath: .spec.hostname
942 name: Hostname
943 type: string
944 - jsonPath: .status.state
945 name: State
946 type: string
947 - jsonPath: .status.phaseCompleted
948 name: Phase Completed
949 type: string
950 - jsonPath: .status.phasePending
951 name: Phase Pending
952 type: string
953 - jsonPath: .metadata.creationTimestamp
954 name: Age
955 type: date
956 name: v2
957 schema:
958 openAPIV3Schema:
959 description: Host is the Schema for the hosts API
960 properties:
961 apiVersion:
962 description: 'APIVersion defines the versioned schema of this representation
963 of an object. Servers should convert recognized schemas to the latest
964 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
965 type: string
966 kind:
967 description: 'Kind is a string value representing the REST resource this
968 object represents. Servers may infer this from the endpoint the client
969 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
970 type: string
971 metadata:
972 type: object
973 spec:
974 description: HostSpec defines the desired state of Host
975 properties:
976 acmeProvider:
977 description: Specifies whether/who to talk ACME with to automatically
978 manage the $tlsSecret.
979 properties:
980 authority:
981 description: Specifies who to talk ACME with to get certs. Defaults
982 to Let's Encrypt; if "none" (case-insensitive), do not try to
983 do ACME for this Host.
984 type: string
985 email:
986 type: string
987 privateKeySecret:
988 description: "Specifies the Kubernetes Secret to use to store
989 the private key of the ACME account (essentially, where to store
990 the auto-generated password for the auto-created ACME account).
991 \ You should not normally need to set this--the default value
992 is based on a combination of the ACME authority being registered
993 wit and the email address associated with the account. \n Note
994 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
995 not an Ambassador-style `{name}.{namespace}` string. Because
996 we're opinionated, it does not support referencing a Secret
997 in another namespace (because most native Kubernetes resources
998 don't support that), but if we ever abandon that opinion and
999 decide to support non-local references it, it would be by adding
1000 a `namespace:` field by changing it from a core.v1.LocalObjectReference
1001 to a core.v1.SecretReference, not by adopting the `{name}.{namespace}`
1002 notation."
1003 properties:
1004 name:
1005 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1006 TODO: Add other useful fields. apiVersion, kind, uid?'
1007 type: string
1008 type: object
1009 registration:
1010 description: This is normally set automatically
1011 type: string
1012 type: object
1013 hostname:
1014 description: Hostname by which the Ambassador can be reached.
1015 type: string
1016 previewUrl:
1017 description: Configuration for the Preview URL feature of Service
1018 Preview. Defaults to preview URLs not enabled.
1019 properties:
1020 enabled:
1021 description: Is the Preview URL feature enabled?
1022 type: boolean
1023 type:
1024 description: What type of Preview URL is allowed?
1025 enum:
1026 - Path
1027 type: string
1028 type: object
1029 requestPolicy:
1030 description: Request policy definition.
1031 properties:
1032 insecure:
1033 properties:
1034 action:
1035 enum:
1036 - Redirect
1037 - Reject
1038 - Route
1039 type: string
1040 additionalPort:
1041 type: integer
1042 type: object
1043 type: object
1044 selector:
1045 description: Selector by which we can find further configuration.
1046 Defaults to hostname=$hostname
1047 properties:
1048 matchExpressions:
1049 description: matchExpressions is a list of label selector requirements.
1050 The requirements are ANDed.
1051 items:
1052 description: A label selector requirement is a selector that
1053 contains values, a key, and an operator that relates the key
1054 and values.
1055 properties:
1056 key:
1057 description: key is the label key that the selector applies
1058 to.
1059 type: string
1060 operator:
1061 description: operator represents a key's relationship to
1062 a set of values. Valid operators are In, NotIn, Exists
1063 and DoesNotExist.
1064 type: string
1065 values:
1066 description: values is an array of string values. If the
1067 operator is In or NotIn, the values array must be non-empty.
1068 If the operator is Exists or DoesNotExist, the values
1069 array must be empty. This array is replaced during a strategic
1070 merge patch.
1071 items:
1072 type: string
1073 type: array
1074 required:
1075 - key
1076 - operator
1077 type: object
1078 type: array
1079 matchLabels:
1080 additionalProperties:
1081 type: string
1082 description: matchLabels is a map of {key,value} pairs. A single
1083 {key,value} in the matchLabels map is equivalent to an element
1084 of matchExpressions, whose key field is "key", the operator
1085 is "In", and the values array contains only "value". The requirements
1086 are ANDed.
1087 type: object
1088 type: object
1089 tls:
1090 description: TLS configuration. It is not valid to specify both `tlsContext`
1091 and `tls`.
1092 properties:
1093 alpn_protocols:
1094 type: string
1095 ca_secret:
1096 type: string
1097 cacert_chain_file:
1098 type: string
1099 cert_chain_file:
1100 type: string
1101 cert_required:
1102 type: boolean
1103 cipher_suites:
1104 items:
1105 type: string
1106 type: array
1107 ecdh_curves:
1108 items:
1109 type: string
1110 type: array
1111 max_tls_version:
1112 type: string
1113 min_tls_version:
1114 type: string
1115 private_key_file:
1116 type: string
1117 redirect_cleartext_from:
1118 type: integer
1119 sni:
1120 type: string
1121 v3CRLSecret:
1122 type: string
1123 type: object
1124 tlsContext:
1125 description: "Name of the TLSContext the Host resource is linked with.
1126 It is not valid to specify both `tlsContext` and `tls`. \n Note
1127 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
1128 not an Ambassador-style `{name}.{namespace}` string. Because we're
1129 opinionated, it does not support referencing a Secret in another
1130 namespace (because most native Kubernetes resources don't support
1131 that), but if we ever abandon that opinion and decide to support
1132 non-local references it, it would be by adding a `namespace:` field
1133 by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference,
1134 not by adopting the `{name}.{namespace}` notation."
1135 properties:
1136 name:
1137 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1138 TODO: Add other useful fields. apiVersion, kind, uid?'
1139 type: string
1140 type: object
1141 tlsSecret:
1142 description: Name of the Kubernetes secret into which to save generated
1143 certificates. If ACME is enabled (see $acmeProvider), then the
1144 default is $hostname; otherwise the default is "". If the value
1145 is "", then we do not do TLS for this Host.
1146 properties:
1147 name:
1148 description: Name is unique within a namespace to reference a
1149 secret resource.
1150 type: string
1151 namespace:
1152 description: Namespace defines the space within which the secret
1153 name must be unique.
1154 type: string
1155 type: object
1156 type: object
1157 x-kubernetes-preserve-unknown-fields: true
1158 status:
1159 description: HostStatus defines the observed state of Host
1160 properties:
1161 errorBackoff:
1162 type: string
1163 errorReason:
1164 description: errorReason, errorTimestamp, and errorBackoff are valid
1165 when state==Error.
1166 type: string
1167 errorTimestamp:
1168 format: date-time
1169 type: string
1170 phaseCompleted:
1171 description: phaseCompleted and phasePending are valid when state==Pending
1172 or state==Error.
1173 enum:
1174 - NA
1175 - DefaultsFilled
1176 - ACMEUserPrivateKeyCreated
1177 - ACMEUserRegistered
1178 - ACMECertificateChallenge
1179 type: string
1180 phasePending:
1181 description: phaseCompleted and phasePending are valid when state==Pending
1182 or state==Error.
1183 enum:
1184 - NA
1185 - DefaultsFilled
1186 - ACMEUserPrivateKeyCreated
1187 - ACMEUserRegistered
1188 - ACMECertificateChallenge
1189 type: string
1190 state:
1191 description: The first value listed in the Enum marker becomes the
1192 "zero" value, and it would be great if "Pending" could be the default
1193 value; but it's Important that the "zero" value be able to be shown
1194 as empty/omitted from display, and we really do want `kubectl get
1195 hosts` to say "Pending" in the "STATE" column, and not leave the
1196 column empty.
1197 enum:
1198 - Initial
1199 - Pending
1200 - Ready
1201 - Error
1202 type: string
1203 tlsCertificateSource:
1204 enum:
1205 - Unknown
1206 - None
1207 - Other
1208 - ACME
1209 type: string
1210 type: object
1211 type: object
1212 served: true
1213 storage: true
1214 subresources:
1215 status: {}
1216 - additionalPrinterColumns:
1217 - jsonPath: .spec.hostname
1218 name: Hostname
1219 type: string
1220 - jsonPath: .status.state
1221 name: State
1222 type: string
1223 - jsonPath: .status.phaseCompleted
1224 name: Phase Completed
1225 type: string
1226 - jsonPath: .status.phasePending
1227 name: Phase Pending
1228 type: string
1229 - jsonPath: .metadata.creationTimestamp
1230 name: Age
1231 type: date
1232 name: v3alpha1
1233 schema:
1234 openAPIV3Schema:
1235 description: Host is the Schema for the hosts API
1236 properties:
1237 apiVersion:
1238 description: 'APIVersion defines the versioned schema of this representation
1239 of an object. Servers should convert recognized schemas to the latest
1240 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1241 type: string
1242 kind:
1243 description: 'Kind is a string value representing the REST resource this
1244 object represents. Servers may infer this from the endpoint the client
1245 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1246 type: string
1247 metadata:
1248 type: object
1249 spec:
1250 description: HostSpec defines the desired state of Host
1251 properties:
1252 acmeProvider:
1253 description: Specifies whether/who to talk ACME with to automatically
1254 manage the $tlsSecret.
1255 properties:
1256 authority:
1257 description: Specifies who to talk ACME with to get certs. Defaults
1258 to Let's Encrypt; if "none" (case-insensitive), do not try to
1259 do ACME for this Host.
1260 type: string
1261 email:
1262 type: string
1263 privateKeySecret:
1264 description: "Specifies the Kubernetes Secret to use to store
1265 the private key of the ACME account (essentially, where to store
1266 the auto-generated password for the auto-created ACME account).
1267 \ You should not normally need to set this--the default value
1268 is based on a combination of the ACME authority being registered
1269 wit and the email address associated with the account. \n Note
1270 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
1271 not an Ambassador-style `{name}.{namespace}` string. Because
1272 we're opinionated, it does not support referencing a Secret
1273 in another namespace (because most native Kubernetes resources
1274 don't support that), but if we ever abandon that opinion and
1275 decide to support non-local references it, it would be by adding
1276 a `namespace:` field by changing it from a core.v1.LocalObjectReference
1277 to a core.v1.SecretReference, not by adopting the `{name}.{namespace}`
1278 notation."
1279 properties:
1280 name:
1281 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1282 TODO: Add other useful fields. apiVersion, kind, uid?'
1283 type: string
1284 type: object
1285 registration:
1286 description: This is normally set automatically
1287 type: string
1288 type: object
1289 ambassador_id:
1290 description: Common to all Ambassador objects (and optional).
1291 items:
1292 type: string
1293 type: array
1294 hostname:
1295 description: Hostname by which the Ambassador can be reached.
1296 type: string
1297 mappingSelector:
1298 description: Selector for Mappings we'll associate with this Host.
1299 At the moment, Selector and MappingSelector are synonyms, but that
1300 will change soon.
1301 properties:
1302 matchExpressions:
1303 description: matchExpressions is a list of label selector requirements.
1304 The requirements are ANDed.
1305 items:
1306 description: A label selector requirement is a selector that
1307 contains values, a key, and an operator that relates the key
1308 and values.
1309 properties:
1310 key:
1311 description: key is the label key that the selector applies
1312 to.
1313 type: string
1314 operator:
1315 description: operator represents a key's relationship to
1316 a set of values. Valid operators are In, NotIn, Exists
1317 and DoesNotExist.
1318 type: string
1319 values:
1320 description: values is an array of string values. If the
1321 operator is In or NotIn, the values array must be non-empty.
1322 If the operator is Exists or DoesNotExist, the values
1323 array must be empty. This array is replaced during a strategic
1324 merge patch.
1325 items:
1326 type: string
1327 type: array
1328 required:
1329 - key
1330 - operator
1331 type: object
1332 type: array
1333 matchLabels:
1334 additionalProperties:
1335 type: string
1336 description: matchLabels is a map of {key,value} pairs. A single
1337 {key,value} in the matchLabels map is equivalent to an element
1338 of matchExpressions, whose key field is "key", the operator
1339 is "In", and the values array contains only "value". The requirements
1340 are ANDed.
1341 type: object
1342 type: object
1343 previewUrl:
1344 description: Configuration for the Preview URL feature of Service
1345 Preview. Defaults to preview URLs not enabled.
1346 properties:
1347 enabled:
1348 description: Is the Preview URL feature enabled?
1349 type: boolean
1350 type:
1351 description: What type of Preview URL is allowed?
1352 enum:
1353 - Path
1354 type: string
1355 type: object
1356 requestPolicy:
1357 description: Request policy definition.
1358 properties:
1359 insecure:
1360 properties:
1361 action:
1362 enum:
1363 - Redirect
1364 - Reject
1365 - Route
1366 type: string
1367 additionalPort:
1368 type: integer
1369 type: object
1370 type: object
1371 selector:
1372 description: "DEPRECATED: Selector by which we can find further configuration.
1373 Use MappingSelector instead. \n TODO(lukeshu): In v3alpha2, figure
1374 out how to get rid of HostSpec.DeprecatedSelector."
1375 properties:
1376 matchExpressions:
1377 description: matchExpressions is a list of label selector requirements.
1378 The requirements are ANDed.
1379 items:
1380 description: A label selector requirement is a selector that
1381 contains values, a key, and an operator that relates the key
1382 and values.
1383 properties:
1384 key:
1385 description: key is the label key that the selector applies
1386 to.
1387 type: string
1388 operator:
1389 description: operator represents a key's relationship to
1390 a set of values. Valid operators are In, NotIn, Exists
1391 and DoesNotExist.
1392 type: string
1393 values:
1394 description: values is an array of string values. If the
1395 operator is In or NotIn, the values array must be non-empty.
1396 If the operator is Exists or DoesNotExist, the values
1397 array must be empty. This array is replaced during a strategic
1398 merge patch.
1399 items:
1400 type: string
1401 type: array
1402 required:
1403 - key
1404 - operator
1405 type: object
1406 type: array
1407 matchLabels:
1408 additionalProperties:
1409 type: string
1410 description: matchLabels is a map of {key,value} pairs. A single
1411 {key,value} in the matchLabels map is equivalent to an element
1412 of matchExpressions, whose key field is "key", the operator
1413 is "In", and the values array contains only "value". The requirements
1414 are ANDed.
1415 type: object
1416 type: object
1417 tls:
1418 description: TLS configuration. It is not valid to specify both `tlsContext`
1419 and `tls`.
1420 properties:
1421 alpn_protocols:
1422 type: string
1423 ca_secret:
1424 type: string
1425 cacert_chain_file:
1426 type: string
1427 cert_chain_file:
1428 type: string
1429 cert_required:
1430 type: boolean
1431 cipher_suites:
1432 items:
1433 type: string
1434 type: array
1435 crl_secret:
1436 type: string
1437 ecdh_curves:
1438 items:
1439 type: string
1440 type: array
1441 max_tls_version:
1442 type: string
1443 min_tls_version:
1444 type: string
1445 private_key_file:
1446 type: string
1447 redirect_cleartext_from:
1448 type: integer
1449 sni:
1450 type: string
1451 type: object
1452 tlsContext:
1453 description: "Name of the TLSContext the Host resource is linked with.
1454 It is not valid to specify both `tlsContext` and `tls`. \n Note
1455 that this is a native-Kubernetes-style core.v1.LocalObjectReference,
1456 not an Ambassador-style `{name}.{namespace}` string. Because we're
1457 opinionated, it does not support referencing a Secret in another
1458 namespace (because most native Kubernetes resources don't support
1459 that), but if we ever abandon that opinion and decide to support
1460 non-local references it, it would be by adding a `namespace:` field
1461 by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference,
1462 not by adopting the `{name}.{namespace}` notation."
1463 properties:
1464 name:
1465 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1466 TODO: Add other useful fields. apiVersion, kind, uid?'
1467 type: string
1468 type: object
1469 tlsSecret:
1470 description: Name of the Kubernetes secret into which to save generated
1471 certificates. If ACME is enabled (see $acmeProvider), then the
1472 default is $hostname; otherwise the default is "". If the value
1473 is "", then we do not do TLS for this Host.
1474 properties:
1475 name:
1476 description: Name is unique within a namespace to reference a
1477 secret resource.
1478 type: string
1479 namespace:
1480 description: Namespace defines the space within which the secret
1481 name must be unique.
1482 type: string
1483 type: object
1484 type: object
1485 status:
1486 description: HostStatus defines the observed state of Host
1487 properties:
1488 errorBackoff:
1489 type: string
1490 errorReason:
1491 description: errorReason, errorTimestamp, and errorBackoff are valid
1492 when state==Error.
1493 type: string
1494 errorTimestamp:
1495 format: date-time
1496 type: string
1497 phaseCompleted:
1498 description: phaseCompleted and phasePending are valid when state==Pending
1499 or state==Error.
1500 enum:
1501 - NA
1502 - DefaultsFilled
1503 - ACMEUserPrivateKeyCreated
1504 - ACMEUserRegistered
1505 - ACMECertificateChallenge
1506 type: string
1507 phasePending:
1508 description: phaseCompleted and phasePending are valid when state==Pending
1509 or state==Error.
1510 enum:
1511 - NA
1512 - DefaultsFilled
1513 - ACMEUserPrivateKeyCreated
1514 - ACMEUserRegistered
1515 - ACMECertificateChallenge
1516 type: string
1517 state:
1518 description: The first value listed in the Enum marker becomes the
1519 "zero" value, and it would be great if "Pending" could be the default
1520 value; but it's Important that the "zero" value be able to be shown
1521 as empty/omitted from display, and we really do want `kubectl get
1522 hosts` to say "Pending" in the "STATE" column, and not leave the
1523 column empty.
1524 enum:
1525 - Initial
1526 - Pending
1527 - Ready
1528 - Error
1529 type: string
1530 tlsCertificateSource:
1531 enum:
1532 - Unknown
1533 - None
1534 - Other
1535 - ACME
1536 type: string
1537 type: object
1538 type: object
1539 served: true
1540 storage: false
1541 subresources:
1542 status: {}
1543---
1544apiVersion: apiextensions.k8s.io/v1
1545kind: CustomResourceDefinition
1546metadata:
1547 annotations:
1548 controller-gen.kubebuilder.io/version: v0.6.2
1549 labels:
1550 app.kubernetes.io/instance: emissary-apiext
1551 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1552 app.kubernetes.io/name: emissary-apiext
1553 app.kubernetes.io/part-of: emissary-apiext
1554 name: kubernetesendpointresolvers.getambassador.io
1555spec:
1556 conversion:
1557 strategy: Webhook
1558 webhook:
1559 clientConfig:
1560 service:
1561 name: emissary-apiext
1562 namespace: emissary-system
1563 conversionReviewVersions:
1564 - v1beta1
1565 group: getambassador.io
1566 names:
1567 categories:
1568 - ambassador-crds
1569 kind: KubernetesEndpointResolver
1570 listKind: KubernetesEndpointResolverList
1571 plural: kubernetesendpointresolvers
1572 singular: kubernetesendpointresolver
1573 preserveUnknownFields: false
1574 scope: Namespaced
1575 versions:
1576 - name: v1
1577 schema:
1578 openAPIV3Schema:
1579 description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver
1580 API
1581 properties:
1582 apiVersion:
1583 description: 'APIVersion defines the versioned schema of this representation
1584 of an object. Servers should convert recognized schemas to the latest
1585 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1586 type: string
1587 kind:
1588 description: 'Kind is a string value representing the REST resource this
1589 object represents. Servers may infer this from the endpoint the client
1590 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1591 type: string
1592 metadata:
1593 type: object
1594 spec:
1595 description: KubernetesEndpointResolver tells Ambassador to use Kubernetes
1596 Endpoints resources to resolve services. It actually has no spec other
1597 than the AmbassadorID.
1598 type: object
1599 x-kubernetes-preserve-unknown-fields: true
1600 type: object
1601 served: true
1602 storage: false
1603 - name: v2
1604 schema:
1605 openAPIV3Schema:
1606 description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver
1607 API
1608 properties:
1609 apiVersion:
1610 description: 'APIVersion defines the versioned schema of this representation
1611 of an object. Servers should convert recognized schemas to the latest
1612 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1613 type: string
1614 kind:
1615 description: 'Kind is a string value representing the REST resource this
1616 object represents. Servers may infer this from the endpoint the client
1617 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1618 type: string
1619 metadata:
1620 type: object
1621 spec:
1622 description: KubernetesEndpointResolver tells Ambassador to use Kubernetes
1623 Endpoints resources to resolve services. It actually has no spec other
1624 than the AmbassadorID.
1625 type: object
1626 x-kubernetes-preserve-unknown-fields: true
1627 type: object
1628 served: true
1629 storage: true
1630 - name: v3alpha1
1631 schema:
1632 openAPIV3Schema:
1633 description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver
1634 API
1635 properties:
1636 apiVersion:
1637 description: 'APIVersion defines the versioned schema of this representation
1638 of an object. Servers should convert recognized schemas to the latest
1639 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1640 type: string
1641 kind:
1642 description: 'Kind is a string value representing the REST resource this
1643 object represents. Servers may infer this from the endpoint the client
1644 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1645 type: string
1646 metadata:
1647 type: object
1648 spec:
1649 description: KubernetesEndpointResolver tells Ambassador to use Kubernetes
1650 Endpoints resources to resolve services. It actually has no spec other
1651 than the AmbassadorID.
1652 properties:
1653 ambassador_id:
1654 description: "AmbassadorID declares which Ambassador instances should
1655 pay attention to this resource. If no value is provided, the default
1656 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
1657 consider renaming all of the `ambassador_id` (singular) fields to
1658 `ambassador_ids` (plural)."
1659 items:
1660 type: string
1661 type: array
1662 type: object
1663 type: object
1664 served: true
1665 storage: false
1666---
1667apiVersion: apiextensions.k8s.io/v1
1668kind: CustomResourceDefinition
1669metadata:
1670 annotations:
1671 controller-gen.kubebuilder.io/version: v0.6.2
1672 labels:
1673 app.kubernetes.io/instance: emissary-apiext
1674 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1675 app.kubernetes.io/name: emissary-apiext
1676 app.kubernetes.io/part-of: emissary-apiext
1677 name: kubernetesserviceresolvers.getambassador.io
1678spec:
1679 conversion:
1680 strategy: Webhook
1681 webhook:
1682 clientConfig:
1683 service:
1684 name: emissary-apiext
1685 namespace: emissary-system
1686 conversionReviewVersions:
1687 - v1beta1
1688 group: getambassador.io
1689 names:
1690 categories:
1691 - ambassador-crds
1692 kind: KubernetesServiceResolver
1693 listKind: KubernetesServiceResolverList
1694 plural: kubernetesserviceresolvers
1695 singular: kubernetesserviceresolver
1696 preserveUnknownFields: false
1697 scope: Namespaced
1698 versions:
1699 - name: v1
1700 schema:
1701 openAPIV3Schema:
1702 description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver
1703 API
1704 properties:
1705 apiVersion:
1706 description: 'APIVersion defines the versioned schema of this representation
1707 of an object. Servers should convert recognized schemas to the latest
1708 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1709 type: string
1710 kind:
1711 description: 'Kind is a string value representing the REST resource this
1712 object represents. Servers may infer this from the endpoint the client
1713 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1714 type: string
1715 metadata:
1716 type: object
1717 spec:
1718 description: KubernetesServiceResolver tells Ambassador to use Kubernetes
1719 Service resources to resolve services. It actually has no spec other
1720 than the AmbassadorID.
1721 type: object
1722 x-kubernetes-preserve-unknown-fields: true
1723 type: object
1724 served: true
1725 storage: false
1726 - name: v2
1727 schema:
1728 openAPIV3Schema:
1729 description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver
1730 API
1731 properties:
1732 apiVersion:
1733 description: 'APIVersion defines the versioned schema of this representation
1734 of an object. Servers should convert recognized schemas to the latest
1735 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1736 type: string
1737 kind:
1738 description: 'Kind is a string value representing the REST resource this
1739 object represents. Servers may infer this from the endpoint the client
1740 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1741 type: string
1742 metadata:
1743 type: object
1744 spec:
1745 description: KubernetesServiceResolver tells Ambassador to use Kubernetes
1746 Service resources to resolve services. It actually has no spec other
1747 than the AmbassadorID.
1748 type: object
1749 x-kubernetes-preserve-unknown-fields: true
1750 type: object
1751 served: true
1752 storage: true
1753 - name: v3alpha1
1754 schema:
1755 openAPIV3Schema:
1756 description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver
1757 API
1758 properties:
1759 apiVersion:
1760 description: 'APIVersion defines the versioned schema of this representation
1761 of an object. Servers should convert recognized schemas to the latest
1762 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1763 type: string
1764 kind:
1765 description: 'Kind is a string value representing the REST resource this
1766 object represents. Servers may infer this from the endpoint the client
1767 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1768 type: string
1769 metadata:
1770 type: object
1771 spec:
1772 description: KubernetesServiceResolver tells Ambassador to use Kubernetes
1773 Service resources to resolve services. It actually has no spec other
1774 than the AmbassadorID.
1775 properties:
1776 ambassador_id:
1777 description: "AmbassadorID declares which Ambassador instances should
1778 pay attention to this resource. If no value is provided, the default
1779 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
1780 consider renaming all of the `ambassador_id` (singular) fields to
1781 `ambassador_ids` (plural)."
1782 items:
1783 type: string
1784 type: array
1785 type: object
1786 type: object
1787 served: true
1788 storage: false
1789---
1790apiVersion: apiextensions.k8s.io/v1
1791kind: CustomResourceDefinition
1792metadata:
1793 annotations:
1794 controller-gen.kubebuilder.io/version: v0.6.2
1795 labels:
1796 app.kubernetes.io/instance: emissary-apiext
1797 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1798 app.kubernetes.io/name: emissary-apiext
1799 app.kubernetes.io/part-of: emissary-apiext
1800 name: listeners.getambassador.io
1801spec:
1802 group: getambassador.io
1803 names:
1804 categories:
1805 - ambassador-crds
1806 kind: Listener
1807 listKind: ListenerList
1808 plural: listeners
1809 singular: listener
1810 preserveUnknownFields: false
1811 scope: Namespaced
1812 versions:
1813 - additionalPrinterColumns:
1814 - jsonPath: .spec.port
1815 name: Port
1816 type: string
1817 - jsonPath: .spec.protocol
1818 name: Protocol
1819 type: string
1820 - jsonPath: .spec.protocolStack
1821 name: Stack
1822 type: string
1823 - jsonPath: .spec.statsPrefix
1824 name: StatsPrefix
1825 type: string
1826 - jsonPath: .spec.securityModel
1827 name: Security
1828 type: string
1829 - jsonPath: .spec.l7Depth
1830 name: L7Depth
1831 type: string
1832 name: v3alpha1
1833 schema:
1834 openAPIV3Schema:
1835 description: Listener is the Schema for the hosts API
1836 properties:
1837 apiVersion:
1838 description: 'APIVersion defines the versioned schema of this representation
1839 of an object. Servers should convert recognized schemas to the latest
1840 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1841 type: string
1842 kind:
1843 description: 'Kind is a string value representing the REST resource this
1844 object represents. Servers may infer this from the endpoint the client
1845 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1846 type: string
1847 metadata:
1848 type: object
1849 spec:
1850 description: ListenerSpec defines the desired state of this Port
1851 properties:
1852 ambassador_id:
1853 description: "AmbassadorID declares which Ambassador instances should
1854 pay attention to this resource. If no value is provided, the default
1855 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
1856 consider renaming all of the `ambassador_id` (singular) fields to
1857 `ambassador_ids` (plural)."
1858 items:
1859 type: string
1860 type: array
1861 hostBinding:
1862 description: HostBinding allows restricting which Hosts will be used
1863 for this Listener.
1864 properties:
1865 namespace:
1866 description: NamespaceBindingType defines we we specify which
1867 namespaces to look for Hosts in.
1868 properties:
1869 from:
1870 description: NamespaceFromType defines how we evaluate a NamespaceBindingType.
1871 enum:
1872 - SELF
1873 - ALL
1874 - SELECTOR
1875 type: string
1876 type: object
1877 selector:
1878 description: A label selector is a label query over a set of resources.
1879 The result of matchLabels and matchExpressions are ANDed. An
1880 empty label selector matches all objects. A null label selector
1881 matches no objects.
1882 properties:
1883 matchExpressions:
1884 description: matchExpressions is a list of label selector
1885 requirements. The requirements are ANDed.
1886 items:
1887 description: A label selector requirement is a selector
1888 that contains values, a key, and an operator that relates
1889 the key and values.
1890 properties:
1891 key:
1892 description: key is the label key that the selector
1893 applies to.
1894 type: string
1895 operator:
1896 description: operator represents a key's relationship
1897 to a set of values. Valid operators are In, NotIn,
1898 Exists and DoesNotExist.
1899 type: string
1900 values:
1901 description: values is an array of string values. If
1902 the operator is In or NotIn, the values array must
1903 be non-empty. If the operator is Exists or DoesNotExist,
1904 the values array must be empty. This array is replaced
1905 during a strategic merge patch.
1906 items:
1907 type: string
1908 type: array
1909 required:
1910 - key
1911 - operator
1912 type: object
1913 type: array
1914 matchLabels:
1915 additionalProperties:
1916 type: string
1917 description: matchLabels is a map of {key,value} pairs. A
1918 single {key,value} in the matchLabels map is equivalent
1919 to an element of matchExpressions, whose key field is "key",
1920 the operator is "In", and the values array contains only
1921 "value". The requirements are ANDed.
1922 type: object
1923 type: object
1924 type: object
1925 l7Depth:
1926 description: L7Depth specifies how many layer 7 load balancers are
1927 between us and the edge of the network.
1928 format: int32
1929 type: integer
1930 port:
1931 description: Port is the network port. Only one Listener can use a
1932 given port.
1933 format: int32
1934 maximum: 65535
1935 minimum: 1
1936 type: integer
1937 protocol:
1938 description: Protocol is a shorthand for certain predefined stacks.
1939 Exactly one of Protocol or ProtocolStack must be supplied.
1940 enum:
1941 - HTTP
1942 - HTTPS
1943 - HTTPPROXY
1944 - HTTPSPROXY
1945 - TCP
1946 - TLS
1947 - UDP
1948 type: string
1949 protocolStack:
1950 description: ProtocolStack explicitly specifies the protocol stack
1951 to set up. Exactly one of Protocol or ProtocolStack must be supplied.
1952 items:
1953 description: ProtocolStackElement defines specific layers that may
1954 be combined in a protocol stack for processing connections to
1955 a port.
1956 enum:
1957 - HTTP
1958 - PROXY
1959 - TLS
1960 - TCP
1961 - UDP
1962 type: string
1963 type: array
1964 securityModel:
1965 description: SecurityModel specifies how to determine whether connections
1966 to this port are secure or insecure.
1967 enum:
1968 - XFP
1969 - SECURE
1970 - INSECURE
1971 type: string
1972 statsPrefix:
1973 description: 'StatsPrefix specifies the prefix for statistics sent
1974 by Envoy about this Listener. The default depends on the protocol:
1975 "ingress-http", "ingress-https", "ingress-tls-$port", or "ingress-$port".'
1976 type: string
1977 required:
1978 - hostBinding
1979 - port
1980 - securityModel
1981 type: object
1982 type: object
1983 served: true
1984 storage: true
1985 subresources: {}
1986---
1987apiVersion: apiextensions.k8s.io/v1
1988kind: CustomResourceDefinition
1989metadata:
1990 annotations:
1991 controller-gen.kubebuilder.io/version: v0.6.2
1992 labels:
1993 app.kubernetes.io/instance: emissary-apiext
1994 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
1995 app.kubernetes.io/name: emissary-apiext
1996 app.kubernetes.io/part-of: emissary-apiext
1997 name: logservices.getambassador.io
1998spec:
1999 conversion:
2000 strategy: Webhook
2001 webhook:
2002 clientConfig:
2003 service:
2004 name: emissary-apiext
2005 namespace: emissary-system
2006 conversionReviewVersions:
2007 - v1beta1
2008 group: getambassador.io
2009 names:
2010 categories:
2011 - ambassador-crds
2012 kind: LogService
2013 listKind: LogServiceList
2014 plural: logservices
2015 singular: logservice
2016 preserveUnknownFields: false
2017 scope: Namespaced
2018 versions:
2019 - name: v1
2020 schema:
2021 openAPIV3Schema:
2022 description: LogService is the Schema for the logservices API
2023 properties:
2024 apiVersion:
2025 description: 'APIVersion defines the versioned schema of this representation
2026 of an object. Servers should convert recognized schemas to the latest
2027 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2028 type: string
2029 kind:
2030 description: 'Kind is a string value representing the REST resource this
2031 object represents. Servers may infer this from the endpoint the client
2032 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2033 type: string
2034 metadata:
2035 type: object
2036 spec:
2037 description: LogServiceSpec defines the desired state of LogService
2038 properties:
2039 driver:
2040 enum:
2041 - tcp
2042 - http
2043 type: string
2044 driver_config:
2045 properties:
2046 additional_log_headers:
2047 items:
2048 properties:
2049 during_request:
2050 type: boolean
2051 during_response:
2052 type: boolean
2053 during_trailer:
2054 type: boolean
2055 header_name:
2056 type: string
2057 type: object
2058 type: array
2059 type: object
2060 flush_interval_byte_size:
2061 type: integer
2062 flush_interval_time:
2063 type: integer
2064 grpc:
2065 type: boolean
2066 service:
2067 type: string
2068 v3ProtocolVersion:
2069 enum:
2070 - v2
2071 - v3
2072 type: string
2073 v3StatsName:
2074 type: string
2075 type: object
2076 x-kubernetes-preserve-unknown-fields: true
2077 type: object
2078 served: true
2079 storage: false
2080 - name: v2
2081 schema:
2082 openAPIV3Schema:
2083 description: LogService is the Schema for the logservices API
2084 properties:
2085 apiVersion:
2086 description: 'APIVersion defines the versioned schema of this representation
2087 of an object. Servers should convert recognized schemas to the latest
2088 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2089 type: string
2090 kind:
2091 description: 'Kind is a string value representing the REST resource this
2092 object represents. Servers may infer this from the endpoint the client
2093 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2094 type: string
2095 metadata:
2096 type: object
2097 spec:
2098 description: LogServiceSpec defines the desired state of LogService
2099 properties:
2100 driver:
2101 enum:
2102 - tcp
2103 - http
2104 type: string
2105 driver_config:
2106 properties:
2107 additional_log_headers:
2108 items:
2109 properties:
2110 during_request:
2111 type: boolean
2112 during_response:
2113 type: boolean
2114 during_trailer:
2115 type: boolean
2116 header_name:
2117 type: string
2118 type: object
2119 type: array
2120 type: object
2121 flush_interval_byte_size:
2122 type: integer
2123 flush_interval_time:
2124 type: integer
2125 grpc:
2126 type: boolean
2127 service:
2128 type: string
2129 v3ProtocolVersion:
2130 enum:
2131 - v2
2132 - v3
2133 type: string
2134 v3StatsName:
2135 type: string
2136 type: object
2137 x-kubernetes-preserve-unknown-fields: true
2138 type: object
2139 served: true
2140 storage: true
2141 - name: v3alpha1
2142 schema:
2143 openAPIV3Schema:
2144 description: LogService is the Schema for the logservices API
2145 properties:
2146 apiVersion:
2147 description: 'APIVersion defines the versioned schema of this representation
2148 of an object. Servers should convert recognized schemas to the latest
2149 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2150 type: string
2151 kind:
2152 description: 'Kind is a string value representing the REST resource this
2153 object represents. Servers may infer this from the endpoint the client
2154 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2155 type: string
2156 metadata:
2157 type: object
2158 spec:
2159 description: LogServiceSpec defines the desired state of LogService
2160 properties:
2161 ambassador_id:
2162 description: "AmbassadorID declares which Ambassador instances should
2163 pay attention to this resource. If no value is provided, the default
2164 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
2165 consider renaming all of the `ambassador_id` (singular) fields to
2166 `ambassador_ids` (plural)."
2167 items:
2168 type: string
2169 type: array
2170 driver:
2171 enum:
2172 - tcp
2173 - http
2174 type: string
2175 driver_config:
2176 properties:
2177 additional_log_headers:
2178 items:
2179 properties:
2180 during_request:
2181 type: boolean
2182 during_response:
2183 type: boolean
2184 during_trailer:
2185 type: boolean
2186 header_name:
2187 type: string
2188 type: object
2189 type: array
2190 type: object
2191 flush_interval_byte_size:
2192 type: integer
2193 flush_interval_time:
2194 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}s`/`SecondDuration`
2195 fields to `{foo}`/`metav1.Duration`.'
2196 type: integer
2197 grpc:
2198 description: 'TODO(lukeshu): In v3alpha2, drop this LogService.spec.grpc. Due
2199 to sloppy implementation it is required to be present, and required
2200 to be ''true''. It is silly to have a required field with only
2201 one valid value, we should just remove the thing.'
2202 type: boolean
2203 protocol_version:
2204 description: ProtocolVersion is the envoy api transport protocol version
2205 enum:
2206 - v2
2207 - v3
2208 type: string
2209 service:
2210 type: string
2211 stats_name:
2212 type: string
2213 type: object
2214 type: object
2215 served: true
2216 storage: false
2217---
2218apiVersion: apiextensions.k8s.io/v1
2219kind: CustomResourceDefinition
2220metadata:
2221 annotations:
2222 controller-gen.kubebuilder.io/version: v0.6.2
2223 labels:
2224 app.kubernetes.io/instance: emissary-apiext
2225 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
2226 app.kubernetes.io/name: emissary-apiext
2227 app.kubernetes.io/part-of: emissary-apiext
2228 name: mappings.getambassador.io
2229spec:
2230 conversion:
2231 strategy: Webhook
2232 webhook:
2233 clientConfig:
2234 service:
2235 name: emissary-apiext
2236 namespace: emissary-system
2237 conversionReviewVersions:
2238 - v1beta1
2239 group: getambassador.io
2240 names:
2241 categories:
2242 - ambassador-crds
2243 kind: Mapping
2244 listKind: MappingList
2245 plural: mappings
2246 singular: mapping
2247 preserveUnknownFields: false
2248 scope: Namespaced
2249 versions:
2250 - additionalPrinterColumns:
2251 - jsonPath: .spec.host
2252 name: Source Host
2253 type: string
2254 - jsonPath: .spec.prefix
2255 name: Source Prefix
2256 type: string
2257 - jsonPath: .spec.service
2258 name: Dest Service
2259 type: string
2260 - jsonPath: .status.state
2261 name: State
2262 type: string
2263 - jsonPath: .status.reason
2264 name: Reason
2265 type: string
2266 name: v1
2267 schema:
2268 openAPIV3Schema:
2269 description: Mapping is the Schema for the mappings API
2270 properties:
2271 apiVersion:
2272 description: 'APIVersion defines the versioned schema of this representation
2273 of an object. Servers should convert recognized schemas to the latest
2274 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2275 type: string
2276 kind:
2277 description: 'Kind is a string value representing the REST resource this
2278 object represents. Servers may infer this from the endpoint the client
2279 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2280 type: string
2281 metadata:
2282 type: object
2283 spec:
2284 description: MappingSpec defines the desired state of Mapping
2285 properties:
2286 add_linkerd_headers:
2287 type: boolean
2288 add_request_headers:
2289 type: object
2290 x-kubernetes-preserve-unknown-fields: true
2291 add_response_headers:
2292 type: object
2293 x-kubernetes-preserve-unknown-fields: true
2294 allow_upgrade:
2295 description: "A case-insensitive list of the non-HTTP protocols to
2296 allow \"upgrading\" to from HTTP via the \"Connection: upgrade\"
2297 mechanism[1]. After the upgrade, Ambassador does not interpret
2298 the traffic, and behaves similarly to how it does for TCPMappings.
2299 \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example,
2300 if your upstream service supports WebSockets, you would write \n
2301 \ allow_upgrade: - websocket \n Or if your upstream service
2302 supports upgrading from HTTP to SPDY (as the Kubernetes apiserver
2303 does for `kubectl exec` functionality), you would write \n allow_upgrade:
2304 \ - spdy/3.1"
2305 items:
2306 type: string
2307 type: array
2308 auth_context_extensions:
2309 additionalProperties:
2310 type: string
2311 type: object
2312 auto_host_rewrite:
2313 type: boolean
2314 bypass_auth:
2315 type: boolean
2316 bypass_error_response_overrides:
2317 description: If true, bypasses any `error_response_overrides` set
2318 on the Ambassador module.
2319 type: boolean
2320 case_sensitive:
2321 type: boolean
2322 circuit_breakers:
2323 items:
2324 properties:
2325 max_connections:
2326 type: integer
2327 max_pending_requests:
2328 type: integer
2329 max_requests:
2330 type: integer
2331 max_retries:
2332 type: integer
2333 priority:
2334 enum:
2335 - default
2336 - high
2337 type: string
2338 type: object
2339 type: array
2340 cluster_idle_timeout_ms:
2341 type: integer
2342 cluster_max_connection_lifetime_ms:
2343 type: integer
2344 cluster_tag:
2345 type: string
2346 connect_timeout_ms:
2347 type: integer
2348 cors:
2349 properties:
2350 credentials:
2351 type: boolean
2352 max_age:
2353 type: string
2354 type: object
2355 x-kubernetes-preserve-unknown-fields: true
2356 dns_type:
2357 type: string
2358 docs:
2359 description: DocsInfo provides some extra information about the docs
2360 for the Mapping (used by the Dev Portal)
2361 properties:
2362 display_name:
2363 type: string
2364 ignored:
2365 type: boolean
2366 path:
2367 type: string
2368 timeout_ms:
2369 type: integer
2370 url:
2371 type: string
2372 type: object
2373 enable_ipv4:
2374 type: boolean
2375 enable_ipv6:
2376 type: boolean
2377 envoy_override:
2378 description: UntypedDict is relatively opaque as a Go type, but it
2379 preserves its contents in a roundtrippable way.
2380 type: object
2381 x-kubernetes-preserve-unknown-fields: true
2382 error_response_overrides:
2383 description: Error response overrides for this Mapping. Replaces all
2384 of the `error_response_overrides` set on the Ambassador module,
2385 if any.
2386 items:
2387 description: A response rewrite for an HTTP error response
2388 properties:
2389 body:
2390 description: The new response body
2391 properties:
2392 content_type:
2393 description: The content type to set on the error response
2394 body when using text_format or text_format_source. Defaults
2395 to 'text/plain'.
2396 type: string
2397 json_format:
2398 additionalProperties:
2399 type: string
2400 description: 'A JSON response with content-type: application/json.
2401 The values can contain format text like in text_format.'
2402 type: object
2403 text_format:
2404 description: A format string representing a text response
2405 body. Content-Type can be set using the `content_type`
2406 field below.
2407 type: string
2408 text_format_source:
2409 description: A format string sourced from a file on the
2410 Ambassador container. Useful for larger response bodies
2411 that should not be placed inline in configuration.
2412 properties:
2413 filename:
2414 description: The name of a file on the Ambassador pod
2415 that contains a format text string.
2416 type: string
2417 type: object
2418 type: object
2419 on_status_code:
2420 description: The status code to match on -- not a pointer because
2421 it's required.
2422 maximum: 599
2423 minimum: 400
2424 type: integer
2425 required:
2426 - body
2427 - on_status_code
2428 type: object
2429 minItems: 1
2430 type: array
2431 grpc:
2432 type: boolean
2433 headers:
2434 type: object
2435 x-kubernetes-preserve-unknown-fields: true
2436 host:
2437 type: string
2438 host_redirect:
2439 type: boolean
2440 host_regex:
2441 type: boolean
2442 host_rewrite:
2443 type: string
2444 idle_timeout_ms:
2445 type: integer
2446 keepalive:
2447 properties:
2448 idle_time:
2449 type: integer
2450 interval:
2451 type: integer
2452 probes:
2453 type: integer
2454 type: object
2455 labels:
2456 additionalProperties:
2457 description: A MappingLabelGroupsArray is an array of MappingLabelGroups.
2458 I know, complex.
2459 items:
2460 description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray:
2461 a second map, where the key is a human-readable name that identifies
2462 the group.'
2463 maxProperties: 1
2464 minProperties: 1
2465 type: object
2466 x-kubernetes-preserve-unknown-fields: true
2467 type: array
2468 description: A DomainMap is the overall Mapping.spec.Labels type.
2469 It maps domains (kind of like namespaces for Mapping labels) to
2470 arrays of label groups.
2471 type: object
2472 load_balancer:
2473 properties:
2474 cookie:
2475 properties:
2476 name:
2477 type: string
2478 path:
2479 type: string
2480 ttl:
2481 type: string
2482 required:
2483 - name
2484 type: object
2485 header:
2486 type: string
2487 policy:
2488 enum:
2489 - round_robin
2490 - ring_hash
2491 - maglev
2492 - least_request
2493 type: string
2494 source_ip:
2495 type: boolean
2496 required:
2497 - policy
2498 type: object
2499 method:
2500 type: string
2501 method_regex:
2502 type: boolean
2503 modules:
2504 items:
2505 description: UntypedDict is relatively opaque as a Go type, but
2506 it preserves its contents in a roundtrippable way.
2507 type: object
2508 x-kubernetes-preserve-unknown-fields: true
2509 type: array
2510 outlier_detection:
2511 type: string
2512 path_redirect:
2513 description: Path replacement to use when generating an HTTP redirect.
2514 Used with `host_redirect`.
2515 type: string
2516 precedence:
2517 type: integer
2518 prefix:
2519 type: string
2520 prefix_exact:
2521 type: boolean
2522 prefix_redirect:
2523 description: Prefix rewrite to use when generating an HTTP redirect.
2524 Used with `host_redirect`.
2525 type: string
2526 prefix_regex:
2527 type: boolean
2528 priority:
2529 type: string
2530 query_parameters:
2531 type: object
2532 x-kubernetes-preserve-unknown-fields: true
2533 redirect_response_code:
2534 description: The response code to use when generating an HTTP redirect.
2535 Defaults to 301. Used with `host_redirect`.
2536 enum:
2537 - 301
2538 - 302
2539 - 303
2540 - 307
2541 - 308
2542 type: integer
2543 regex_headers:
2544 additionalProperties:
2545 type: string
2546 type: object
2547 regex_query_parameters:
2548 additionalProperties:
2549 type: string
2550 type: object
2551 regex_redirect:
2552 description: Prefix regex rewrite to use when generating an HTTP redirect.
2553 Used with `host_redirect`.
2554 properties:
2555 pattern:
2556 type: string
2557 substitution:
2558 type: string
2559 type: object
2560 regex_rewrite:
2561 properties:
2562 pattern:
2563 type: string
2564 substitution:
2565 type: string
2566 type: object
2567 resolver:
2568 type: string
2569 respect_dns_ttl:
2570 type: boolean
2571 retry_policy:
2572 properties:
2573 num_retries:
2574 type: integer
2575 per_try_timeout:
2576 type: string
2577 retry_on:
2578 enum:
2579 - 5xx
2580 - gateway-error
2581 - connect-failure
2582 - retriable-4xx
2583 - refused-stream
2584 - retriable-status-codes
2585 type: string
2586 type: object
2587 rewrite:
2588 type: string
2589 service:
2590 type: string
2591 shadow:
2592 type: boolean
2593 timeout_ms:
2594 description: The timeout for requests that use this Mapping. Overrides
2595 `cluster_request_timeout_ms` set on the Ambassador Module, if it
2596 exists.
2597 type: integer
2598 use_websocket:
2599 description: 'use_websocket is deprecated, and is equivlaent to setting
2600 `allow_upgrade: ["websocket"]`'
2601 type: boolean
2602 v3StatsName:
2603 type: string
2604 v3health_checks:
2605 items:
2606 description: HealthCheck specifies settings for performing active
2607 health checking on upstreams
2608 properties:
2609 health_check:
2610 description: Configuration for where the healthcheck request
2611 should be made to
2612 maxProperties: 1
2613 minProperties: 1
2614 properties:
2615 grpc:
2616 description: HealthCheck for gRPC upstreams. Only one of
2617 grpc_health_check or http_health_check may be specified
2618 properties:
2619 authority:
2620 description: The value of the :authority header in the
2621 gRPC health check request. If left empty the upstream
2622 name will be used.
2623 type: string
2624 upstream_name:
2625 description: The upstream name parameter which will
2626 be sent to gRPC service in the health check message
2627 type: string
2628 required:
2629 - upstream_name
2630 type: object
2631 http:
2632 description: HealthCheck for HTTP upstreams. Only one of
2633 http_health_check or grpc_health_check may be specified
2634 properties:
2635 add_request_headers:
2636 additionalProperties:
2637 properties:
2638 append:
2639 type: boolean
2640 v2Representation:
2641 enum:
2642 - ""
2643 - string
2644 - "null"
2645 type: string
2646 value:
2647 type: string
2648 type: object
2649 type: object
2650 expected_statuses:
2651 items:
2652 description: A range of response statuses from Start
2653 to End inclusive
2654 properties:
2655 max:
2656 description: End of the statuses to include. Must
2657 be between 100 and 599 (inclusive)
2658 maximum: 599
2659 minimum: 100
2660 type: integer
2661 min:
2662 description: Start of the statuses to include.
2663 Must be between 100 and 599 (inclusive)
2664 maximum: 599
2665 minimum: 100
2666 type: integer
2667 required:
2668 - max
2669 - min
2670 type: object
2671 type: array
2672 hostname:
2673 type: string
2674 path:
2675 type: string
2676 remove_request_headers:
2677 items:
2678 type: string
2679 type: array
2680 required:
2681 - path
2682 type: object
2683 type: object
2684 healthy_threshold:
2685 description: Number of expected responses for the upstream to
2686 be considered healthy. Defaults to 1.
2687 type: integer
2688 interval:
2689 description: Interval between health checks. Defaults to every
2690 5 seconds.
2691 type: string
2692 timeout:
2693 description: Timeout for connecting to the health checking endpoint.
2694 Defaults to 3 seconds.
2695 type: string
2696 unhealthy_threshold:
2697 description: Number of non-expected responses for the upstream
2698 to be considered unhealthy. A single 503 will mark the upstream
2699 as unhealthy regardless of the threshold. Defaults to 2.
2700 type: integer
2701 required:
2702 - health_check
2703 type: object
2704 minItems: 1
2705 type: array
2706 weight:
2707 type: integer
2708 required:
2709 - prefix
2710 - service
2711 type: object
2712 x-kubernetes-preserve-unknown-fields: true
2713 status:
2714 description: MappingStatus defines the observed state of Mapping
2715 properties:
2716 reason:
2717 type: string
2718 state:
2719 enum:
2720 - ""
2721 - Inactive
2722 - Running
2723 type: string
2724 type: object
2725 type: object
2726 served: true
2727 storage: false
2728 subresources:
2729 status: {}
2730 - additionalPrinterColumns:
2731 - jsonPath: .spec.host
2732 name: Source Host
2733 type: string
2734 - jsonPath: .spec.prefix
2735 name: Source Prefix
2736 type: string
2737 - jsonPath: .spec.service
2738 name: Dest Service
2739 type: string
2740 - jsonPath: .status.state
2741 name: State
2742 type: string
2743 - jsonPath: .status.reason
2744 name: Reason
2745 type: string
2746 name: v2
2747 schema:
2748 openAPIV3Schema:
2749 description: Mapping is the Schema for the mappings API
2750 properties:
2751 apiVersion:
2752 description: 'APIVersion defines the versioned schema of this representation
2753 of an object. Servers should convert recognized schemas to the latest
2754 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2755 type: string
2756 kind:
2757 description: 'Kind is a string value representing the REST resource this
2758 object represents. Servers may infer this from the endpoint the client
2759 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2760 type: string
2761 metadata:
2762 type: object
2763 spec:
2764 description: MappingSpec defines the desired state of Mapping
2765 properties:
2766 add_linkerd_headers:
2767 type: boolean
2768 add_request_headers:
2769 type: object
2770 x-kubernetes-preserve-unknown-fields: true
2771 add_response_headers:
2772 type: object
2773 x-kubernetes-preserve-unknown-fields: true
2774 allow_upgrade:
2775 description: "A case-insensitive list of the non-HTTP protocols to
2776 allow \"upgrading\" to from HTTP via the \"Connection: upgrade\"
2777 mechanism[1]. After the upgrade, Ambassador does not interpret
2778 the traffic, and behaves similarly to how it does for TCPMappings.
2779 \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example,
2780 if your upstream service supports WebSockets, you would write \n
2781 \ allow_upgrade: - websocket \n Or if your upstream service
2782 supports upgrading from HTTP to SPDY (as the Kubernetes apiserver
2783 does for `kubectl exec` functionality), you would write \n allow_upgrade:
2784 \ - spdy/3.1"
2785 items:
2786 type: string
2787 type: array
2788 auth_context_extensions:
2789 additionalProperties:
2790 type: string
2791 type: object
2792 auto_host_rewrite:
2793 type: boolean
2794 bypass_auth:
2795 type: boolean
2796 bypass_error_response_overrides:
2797 description: If true, bypasses any `error_response_overrides` set
2798 on the Ambassador module.
2799 type: boolean
2800 case_sensitive:
2801 type: boolean
2802 circuit_breakers:
2803 items:
2804 properties:
2805 max_connections:
2806 type: integer
2807 max_pending_requests:
2808 type: integer
2809 max_requests:
2810 type: integer
2811 max_retries:
2812 type: integer
2813 priority:
2814 enum:
2815 - default
2816 - high
2817 type: string
2818 type: object
2819 type: array
2820 cluster_idle_timeout_ms:
2821 type: integer
2822 cluster_max_connection_lifetime_ms:
2823 type: integer
2824 cluster_tag:
2825 type: string
2826 connect_timeout_ms:
2827 type: integer
2828 cors:
2829 properties:
2830 credentials:
2831 type: boolean
2832 max_age:
2833 type: string
2834 type: object
2835 x-kubernetes-preserve-unknown-fields: true
2836 dns_type:
2837 type: string
2838 docs:
2839 description: DocsInfo provides some extra information about the docs
2840 for the Mapping (used by the Dev Portal)
2841 properties:
2842 display_name:
2843 type: string
2844 ignored:
2845 type: boolean
2846 path:
2847 type: string
2848 timeout_ms:
2849 type: integer
2850 url:
2851 type: string
2852 type: object
2853 enable_ipv4:
2854 type: boolean
2855 enable_ipv6:
2856 type: boolean
2857 envoy_override:
2858 description: UntypedDict is relatively opaque as a Go type, but it
2859 preserves its contents in a roundtrippable way.
2860 type: object
2861 x-kubernetes-preserve-unknown-fields: true
2862 error_response_overrides:
2863 description: Error response overrides for this Mapping. Replaces all
2864 of the `error_response_overrides` set on the Ambassador module,
2865 if any.
2866 items:
2867 description: A response rewrite for an HTTP error response
2868 properties:
2869 body:
2870 description: The new response body
2871 properties:
2872 content_type:
2873 description: The content type to set on the error response
2874 body when using text_format or text_format_source. Defaults
2875 to 'text/plain'.
2876 type: string
2877 json_format:
2878 additionalProperties:
2879 type: string
2880 description: 'A JSON response with content-type: application/json.
2881 The values can contain format text like in text_format.'
2882 type: object
2883 text_format:
2884 description: A format string representing a text response
2885 body. Content-Type can be set using the `content_type`
2886 field below.
2887 type: string
2888 text_format_source:
2889 description: A format string sourced from a file on the
2890 Ambassador container. Useful for larger response bodies
2891 that should not be placed inline in configuration.
2892 properties:
2893 filename:
2894 description: The name of a file on the Ambassador pod
2895 that contains a format text string.
2896 type: string
2897 type: object
2898 type: object
2899 on_status_code:
2900 description: The status code to match on -- not a pointer because
2901 it's required.
2902 maximum: 599
2903 minimum: 400
2904 type: integer
2905 required:
2906 - body
2907 - on_status_code
2908 type: object
2909 minItems: 1
2910 type: array
2911 grpc:
2912 type: boolean
2913 headers:
2914 type: object
2915 x-kubernetes-preserve-unknown-fields: true
2916 host:
2917 type: string
2918 host_redirect:
2919 type: boolean
2920 host_regex:
2921 type: boolean
2922 host_rewrite:
2923 type: string
2924 idle_timeout_ms:
2925 type: integer
2926 keepalive:
2927 properties:
2928 idle_time:
2929 type: integer
2930 interval:
2931 type: integer
2932 probes:
2933 type: integer
2934 type: object
2935 labels:
2936 additionalProperties:
2937 description: A MappingLabelGroupsArray is an array of MappingLabelGroups.
2938 I know, complex.
2939 items:
2940 description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray:
2941 a second map, where the key is a human-readable name that identifies
2942 the group.'
2943 maxProperties: 1
2944 minProperties: 1
2945 type: object
2946 x-kubernetes-preserve-unknown-fields: true
2947 type: array
2948 description: A DomainMap is the overall Mapping.spec.Labels type.
2949 It maps domains (kind of like namespaces for Mapping labels) to
2950 arrays of label groups.
2951 type: object
2952 load_balancer:
2953 properties:
2954 cookie:
2955 properties:
2956 name:
2957 type: string
2958 path:
2959 type: string
2960 ttl:
2961 type: string
2962 required:
2963 - name
2964 type: object
2965 header:
2966 type: string
2967 policy:
2968 enum:
2969 - round_robin
2970 - ring_hash
2971 - maglev
2972 - least_request
2973 type: string
2974 source_ip:
2975 type: boolean
2976 required:
2977 - policy
2978 type: object
2979 method:
2980 type: string
2981 method_regex:
2982 type: boolean
2983 modules:
2984 items:
2985 description: UntypedDict is relatively opaque as a Go type, but
2986 it preserves its contents in a roundtrippable way.
2987 type: object
2988 x-kubernetes-preserve-unknown-fields: true
2989 type: array
2990 outlier_detection:
2991 type: string
2992 path_redirect:
2993 description: Path replacement to use when generating an HTTP redirect.
2994 Used with `host_redirect`.
2995 type: string
2996 precedence:
2997 type: integer
2998 prefix:
2999 type: string
3000 prefix_exact:
3001 type: boolean
3002 prefix_redirect:
3003 description: Prefix rewrite to use when generating an HTTP redirect.
3004 Used with `host_redirect`.
3005 type: string
3006 prefix_regex:
3007 type: boolean
3008 priority:
3009 type: string
3010 query_parameters:
3011 type: object
3012 x-kubernetes-preserve-unknown-fields: true
3013 redirect_response_code:
3014 description: The response code to use when generating an HTTP redirect.
3015 Defaults to 301. Used with `host_redirect`.
3016 enum:
3017 - 301
3018 - 302
3019 - 303
3020 - 307
3021 - 308
3022 type: integer
3023 regex_headers:
3024 additionalProperties:
3025 type: string
3026 type: object
3027 regex_query_parameters:
3028 additionalProperties:
3029 type: string
3030 type: object
3031 regex_redirect:
3032 description: Prefix regex rewrite to use when generating an HTTP redirect.
3033 Used with `host_redirect`.
3034 properties:
3035 pattern:
3036 type: string
3037 substitution:
3038 type: string
3039 type: object
3040 regex_rewrite:
3041 properties:
3042 pattern:
3043 type: string
3044 substitution:
3045 type: string
3046 type: object
3047 resolver:
3048 type: string
3049 respect_dns_ttl:
3050 type: boolean
3051 retry_policy:
3052 properties:
3053 num_retries:
3054 type: integer
3055 per_try_timeout:
3056 type: string
3057 retry_on:
3058 enum:
3059 - 5xx
3060 - gateway-error
3061 - connect-failure
3062 - retriable-4xx
3063 - refused-stream
3064 - retriable-status-codes
3065 type: string
3066 type: object
3067 rewrite:
3068 type: string
3069 service:
3070 type: string
3071 shadow:
3072 type: boolean
3073 timeout_ms:
3074 description: The timeout for requests that use this Mapping. Overrides
3075 `cluster_request_timeout_ms` set on the Ambassador Module, if it
3076 exists.
3077 type: integer
3078 use_websocket:
3079 description: 'use_websocket is deprecated, and is equivlaent to setting
3080 `allow_upgrade: ["websocket"]`'
3081 type: boolean
3082 v3StatsName:
3083 type: string
3084 v3health_checks:
3085 items:
3086 description: HealthCheck specifies settings for performing active
3087 health checking on upstreams
3088 properties:
3089 health_check:
3090 description: Configuration for where the healthcheck request
3091 should be made to
3092 maxProperties: 1
3093 minProperties: 1
3094 properties:
3095 grpc:
3096 description: HealthCheck for gRPC upstreams. Only one of
3097 grpc_health_check or http_health_check may be specified
3098 properties:
3099 authority:
3100 description: The value of the :authority header in the
3101 gRPC health check request. If left empty the upstream
3102 name will be used.
3103 type: string
3104 upstream_name:
3105 description: The upstream name parameter which will
3106 be sent to gRPC service in the health check message
3107 type: string
3108 required:
3109 - upstream_name
3110 type: object
3111 http:
3112 description: HealthCheck for HTTP upstreams. Only one of
3113 http_health_check or grpc_health_check may be specified
3114 properties:
3115 add_request_headers:
3116 additionalProperties:
3117 properties:
3118 append:
3119 type: boolean
3120 v2Representation:
3121 enum:
3122 - ""
3123 - string
3124 - "null"
3125 type: string
3126 value:
3127 type: string
3128 type: object
3129 type: object
3130 expected_statuses:
3131 items:
3132 description: A range of response statuses from Start
3133 to End inclusive
3134 properties:
3135 max:
3136 description: End of the statuses to include. Must
3137 be between 100 and 599 (inclusive)
3138 maximum: 599
3139 minimum: 100
3140 type: integer
3141 min:
3142 description: Start of the statuses to include.
3143 Must be between 100 and 599 (inclusive)
3144 maximum: 599
3145 minimum: 100
3146 type: integer
3147 required:
3148 - max
3149 - min
3150 type: object
3151 type: array
3152 hostname:
3153 type: string
3154 path:
3155 type: string
3156 remove_request_headers:
3157 items:
3158 type: string
3159 type: array
3160 required:
3161 - path
3162 type: object
3163 type: object
3164 healthy_threshold:
3165 description: Number of expected responses for the upstream to
3166 be considered healthy. Defaults to 1.
3167 type: integer
3168 interval:
3169 description: Interval between health checks. Defaults to every
3170 5 seconds.
3171 type: string
3172 timeout:
3173 description: Timeout for connecting to the health checking endpoint.
3174 Defaults to 3 seconds.
3175 type: string
3176 unhealthy_threshold:
3177 description: Number of non-expected responses for the upstream
3178 to be considered unhealthy. A single 503 will mark the upstream
3179 as unhealthy regardless of the threshold. Defaults to 2.
3180 type: integer
3181 required:
3182 - health_check
3183 type: object
3184 minItems: 1
3185 type: array
3186 weight:
3187 type: integer
3188 required:
3189 - prefix
3190 - service
3191 type: object
3192 x-kubernetes-preserve-unknown-fields: true
3193 status:
3194 description: MappingStatus defines the observed state of Mapping
3195 properties:
3196 reason:
3197 type: string
3198 state:
3199 enum:
3200 - ""
3201 - Inactive
3202 - Running
3203 type: string
3204 type: object
3205 type: object
3206 served: true
3207 storage: true
3208 subresources:
3209 status: {}
3210 - additionalPrinterColumns:
3211 - jsonPath: .spec.host
3212 name: Source Host
3213 type: string
3214 - jsonPath: .spec.prefix
3215 name: Source Prefix
3216 type: string
3217 - jsonPath: .spec.service
3218 name: Dest Service
3219 type: string
3220 - jsonPath: .status.state
3221 name: State
3222 type: string
3223 - jsonPath: .status.reason
3224 name: Reason
3225 type: string
3226 name: v3alpha1
3227 schema:
3228 openAPIV3Schema:
3229 description: Mapping is the Schema for the mappings API
3230 properties:
3231 apiVersion:
3232 description: 'APIVersion defines the versioned schema of this representation
3233 of an object. Servers should convert recognized schemas to the latest
3234 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3235 type: string
3236 kind:
3237 description: 'Kind is a string value representing the REST resource this
3238 object represents. Servers may infer this from the endpoint the client
3239 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3240 type: string
3241 metadata:
3242 type: object
3243 spec:
3244 description: MappingSpec defines the desired state of Mapping
3245 properties:
3246 add_linkerd_headers:
3247 type: boolean
3248 add_request_headers:
3249 additionalProperties:
3250 properties:
3251 append:
3252 type: boolean
3253 v2Representation:
3254 enum:
3255 - ""
3256 - string
3257 - "null"
3258 type: string
3259 value:
3260 type: string
3261 type: object
3262 type: object
3263 add_response_headers:
3264 additionalProperties:
3265 properties:
3266 append:
3267 type: boolean
3268 v2Representation:
3269 enum:
3270 - ""
3271 - string
3272 - "null"
3273 type: string
3274 value:
3275 type: string
3276 type: object
3277 type: object
3278 allow_upgrade:
3279 description: "A case-insensitive list of the non-HTTP protocols to
3280 allow \"upgrading\" to from HTTP via the \"Connection: upgrade\"
3281 mechanism[1]. After the upgrade, Ambassador does not interpret
3282 the traffic, and behaves similarly to how it does for TCPMappings.
3283 \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example,
3284 if your upstream service supports WebSockets, you would write \n
3285 \ allow_upgrade: - websocket \n Or if your upstream service
3286 supports upgrading from HTTP to SPDY (as the Kubernetes apiserver
3287 does for `kubectl exec` functionality), you would write \n allow_upgrade:
3288 \ - spdy/3.1"
3289 items:
3290 type: string
3291 type: array
3292 ambassador_id:
3293 description: "AmbassadorID declares which Ambassador instances should
3294 pay attention to this resource. If no value is provided, the default
3295 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
3296 consider renaming all of the `ambassador_id` (singular) fields to
3297 `ambassador_ids` (plural)."
3298 items:
3299 type: string
3300 type: array
3301 auth_context_extensions:
3302 additionalProperties:
3303 type: string
3304 type: object
3305 auto_host_rewrite:
3306 type: boolean
3307 bypass_auth:
3308 type: boolean
3309 bypass_error_response_overrides:
3310 description: If true, bypasses any `error_response_overrides` set
3311 on the Ambassador module.
3312 type: boolean
3313 case_sensitive:
3314 type: boolean
3315 circuit_breakers:
3316 items:
3317 properties:
3318 max_connections:
3319 type: integer
3320 max_pending_requests:
3321 type: integer
3322 max_requests:
3323 type: integer
3324 max_retries:
3325 type: integer
3326 priority:
3327 enum:
3328 - default
3329 - high
3330 type: string
3331 type: object
3332 type: array
3333 cluster_idle_timeout_ms:
3334 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
3335 fields to `{foo}`/`metav1.Duration`.'
3336 type: integer
3337 cluster_max_connection_lifetime_ms:
3338 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
3339 fields to `{foo}`/`metav1.Duration`.'
3340 type: integer
3341 cluster_tag:
3342 type: string
3343 connect_timeout_ms:
3344 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
3345 fields to `{foo}`/`metav1.Duration`.'
3346 type: integer
3347 cors:
3348 properties:
3349 credentials:
3350 type: boolean
3351 exposed_headers:
3352 items:
3353 type: string
3354 type: array
3355 headers:
3356 items:
3357 type: string
3358 type: array
3359 max_age:
3360 type: string
3361 methods:
3362 items:
3363 type: string
3364 type: array
3365 origins:
3366 items:
3367 type: string
3368 type: array
3369 v2CommaSeparatedOrigins:
3370 type: boolean
3371 type: object
3372 dns_type:
3373 type: string
3374 docs:
3375 description: DocsInfo provides some extra information about the docs
3376 for the Mapping. Docs is used by both the agent and the DevPortal.
3377 properties:
3378 display_name:
3379 type: string
3380 ignored:
3381 type: boolean
3382 path:
3383 type: string
3384 timeout_ms:
3385 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
3386 fields to `{foo}`/`metav1.Duration`.'
3387 type: integer
3388 url:
3389 type: string
3390 type: object
3391 enable_ipv4:
3392 type: boolean
3393 enable_ipv6:
3394 type: boolean
3395 envoy_override:
3396 description: UntypedDict is relatively opaque as a Go type, but it
3397 preserves its contents in a roundtrippable way.
3398 type: object
3399 x-kubernetes-preserve-unknown-fields: true
3400 error_response_overrides:
3401 description: Error response overrides for this Mapping. Replaces all
3402 of the `error_response_overrides` set on the Ambassador module,
3403 if any.
3404 items:
3405 description: A response rewrite for an HTTP error response
3406 properties:
3407 body:
3408 description: The new response body
3409 properties:
3410 content_type:
3411 description: The content type to set on the error response
3412 body when using text_format or text_format_source. Defaults
3413 to 'text/plain'.
3414 type: string
3415 json_format:
3416 additionalProperties:
3417 type: string
3418 description: 'A JSON response with content-type: application/json.
3419 The values can contain format text like in text_format.'
3420 type: object
3421 text_format:
3422 description: A format string representing a text response
3423 body. Content-Type can be set using the `content_type`
3424 field below.
3425 type: string
3426 text_format_source:
3427 description: A format string sourced from a file on the
3428 Ambassador container. Useful for larger response bodies
3429 that should not be placed inline in configuration.
3430 properties:
3431 filename:
3432 description: The name of a file on the Ambassador pod
3433 that contains a format text string.
3434 type: string
3435 type: object
3436 type: object
3437 on_status_code:
3438 description: The status code to match on -- not a pointer because
3439 it's required.
3440 maximum: 599
3441 minimum: 400
3442 type: integer
3443 required:
3444 - body
3445 - on_status_code
3446 type: object
3447 minItems: 1
3448 type: array
3449 grpc:
3450 type: boolean
3451 headers:
3452 additionalProperties:
3453 type: string
3454 type: object
3455 health_checks:
3456 items:
3457 description: HealthCheck specifies settings for performing active
3458 health checking on upstreams
3459 properties:
3460 health_check:
3461 description: Configuration for where the healthcheck request
3462 should be made to
3463 maxProperties: 1
3464 minProperties: 1
3465 properties:
3466 grpc:
3467 description: HealthCheck for gRPC upstreams. Only one of
3468 grpc_health_check or http_health_check may be specified
3469 properties:
3470 authority:
3471 description: The value of the :authority header in the
3472 gRPC health check request. If left empty the upstream
3473 name will be used.
3474 type: string
3475 upstream_name:
3476 description: The upstream name parameter which will
3477 be sent to gRPC service in the health check message
3478 type: string
3479 required:
3480 - upstream_name
3481 type: object
3482 http:
3483 description: HealthCheck for HTTP upstreams. Only one of
3484 http_health_check or grpc_health_check may be specified
3485 properties:
3486 add_request_headers:
3487 additionalProperties:
3488 properties:
3489 append:
3490 type: boolean
3491 v2Representation:
3492 enum:
3493 - ""
3494 - string
3495 - "null"
3496 type: string
3497 value:
3498 type: string
3499 type: object
3500 type: object
3501 expected_statuses:
3502 items:
3503 description: A range of response statuses from Start
3504 to End inclusive
3505 properties:
3506 max:
3507 description: End of the statuses to include. Must
3508 be between 100 and 599 (inclusive)
3509 maximum: 599
3510 minimum: 100
3511 type: integer
3512 min:
3513 description: Start of the statuses to include.
3514 Must be between 100 and 599 (inclusive)
3515 maximum: 599
3516 minimum: 100
3517 type: integer
3518 required:
3519 - max
3520 - min
3521 type: object
3522 type: array
3523 hostname:
3524 type: string
3525 path:
3526 type: string
3527 remove_request_headers:
3528 items:
3529 type: string
3530 type: array
3531 required:
3532 - path
3533 type: object
3534 type: object
3535 healthy_threshold:
3536 description: Number of expected responses for the upstream to
3537 be considered healthy. Defaults to 1.
3538 type: integer
3539 interval:
3540 description: Interval between health checks. Defaults to every
3541 5 seconds.
3542 type: string
3543 timeout:
3544 description: Timeout for connecting to the health checking endpoint.
3545 Defaults to 3 seconds.
3546 type: string
3547 unhealthy_threshold:
3548 description: Number of non-expected responses for the upstream
3549 to be considered unhealthy. A single 503 will mark the upstream
3550 as unhealthy regardless of the threshold. Defaults to 2.
3551 type: integer
3552 required:
3553 - health_check
3554 type: object
3555 minItems: 1
3556 type: array
3557 host:
3558 description: "Exact match for the hostname of a request if HostRegex
3559 is false; regex match for the hostname if HostRegex is true. \n
3560 Host specifies both a match for the ':authority' header of a request,
3561 as well as a match criterion for Host CRDs: a Mapping that specifies
3562 Host will not associate with a Host that doesn't have a matching
3563 Hostname. \n If both Host and Hostname are set, an error is logged,
3564 Host is ignored, and Hostname is used. \n DEPRECATED: Host is either
3565 an exact match or a regex, depending on HostRegex. Use HostName
3566 instead. \n TODO(lukeshu): In v3alpha2, get rid of MappingSpec.host
3567 and MappingSpec.host_regex in favor of a MappingSpec.deprecated_hostname_regex."
3568 type: string
3569 host_redirect:
3570 type: boolean
3571 host_regex:
3572 description: "DEPRECATED: Host is either an exact match or a regex,
3573 depending on HostRegex. Use HostName instead. \n TODO(lukeshu):
3574 In v3alpha2, get rid of MappingSpec.host and MappingSpec.host_regex
3575 in favor of a MappingSpec.deprecated_hostname_regex."
3576 type: boolean
3577 host_rewrite:
3578 type: string
3579 hostname:
3580 description: "Hostname is a DNS glob specifying the hosts to which
3581 this Mapping applies. \n Hostname specifies both a match for the
3582 ':authority' header of a request, as well as a match criterion for
3583 Host CRDs: a Mapping that specifies Hostname will not associate
3584 with a Host that doesn't have a matching Hostname. \n If both Host
3585 and Hostname are set, an error is logged, Host is ignored, and Hostname
3586 is used."
3587 type: string
3588 idle_timeout_ms:
3589 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
3590 fields to `{foo}`/`metav1.Duration`.'
3591 type: integer
3592 keepalive:
3593 properties:
3594 idle_time:
3595 type: integer
3596 interval:
3597 type: integer
3598 probes:
3599 type: integer
3600 type: object
3601 labels:
3602 additionalProperties:
3603 description: A MappingLabelGroupsArray is an array of MappingLabelGroups.
3604 I know, complex.
3605 items:
3606 additionalProperties:
3607 description: 'A MappingLabelsArray is the value in the MappingLabelGroup:
3608 an array of label specifiers.'
3609 items:
3610 description: "A MappingLabelSpecifier (finally!) defines a
3611 single label. \n This mimics envoy/config/route/v3/route_components.proto:RateLimit:Action:action_specifier."
3612 maxProperties: 1
3613 minProperties: 1
3614 properties:
3615 destination_cluster:
3616 description: Sets the label "destination_cluster=«Envoy
3617 destination cluster name»".
3618 properties:
3619 key:
3620 enum:
3621 - destination_cluster
3622 type: string
3623 required:
3624 - key
3625 type: object
3626 generic_key:
3627 description: Sets the label "«key»=«value»" (where by
3628 default «key» is "generic_key").
3629 properties:
3630 key:
3631 description: The default is "generic_key".
3632 type: string
3633 v2Shorthand:
3634 type: boolean
3635 value:
3636 type: string
3637 required:
3638 - value
3639 type: object
3640 remote_address:
3641 description: Sets the label "remote_address=«IP address
3642 of the client»".
3643 properties:
3644 key:
3645 enum:
3646 - remote_address
3647 type: string
3648 required:
3649 - key
3650 type: object
3651 request_headers:
3652 description: If the «header_name» header is set, then
3653 set the label "«key»=«Value of the «header_name» header»";
3654 otherwise skip applying this label group.
3655 properties:
3656 header_name:
3657 type: string
3658 key:
3659 type: string
3660 omit_if_not_present:
3661 type: boolean
3662 required:
3663 - header_name
3664 - key
3665 type: object
3666 source_cluster:
3667 description: Sets the label "source_cluster=«Envoy source
3668 cluster name»".
3669 properties:
3670 key:
3671 enum:
3672 - source_cluster
3673 type: string
3674 required:
3675 - key
3676 type: object
3677 type: object
3678 type: array
3679 description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray:
3680 a second map, where the key is a human-readable name that identifies
3681 the group.'
3682 maxProperties: 1
3683 minProperties: 1
3684 type: object
3685 type: array
3686 description: A DomainMap is the overall Mapping.spec.Labels type.
3687 It maps domains (kind of like namespaces for Mapping labels) to
3688 arrays of label groups.
3689 type: object
3690 load_balancer:
3691 properties:
3692 cookie:
3693 properties:
3694 name:
3695 type: string
3696 path:
3697 type: string
3698 ttl:
3699 type: string
3700 required:
3701 - name
3702 type: object
3703 header:
3704 type: string
3705 policy:
3706 enum:
3707 - round_robin
3708 - ring_hash
3709 - maglev
3710 - least_request
3711 type: string
3712 source_ip:
3713 type: boolean
3714 required:
3715 - policy
3716 type: object
3717 method:
3718 type: string
3719 method_regex:
3720 type: boolean
3721 modules:
3722 items:
3723 description: UntypedDict is relatively opaque as a Go type, but
3724 it preserves its contents in a roundtrippable way.
3725 type: object
3726 x-kubernetes-preserve-unknown-fields: true
3727 type: array
3728 outlier_detection:
3729 type: string
3730 path_redirect:
3731 description: Path replacement to use when generating an HTTP redirect.
3732 Used with `host_redirect`.
3733 type: string
3734 precedence:
3735 type: integer
3736 prefix:
3737 type: string
3738 prefix_exact:
3739 type: boolean
3740 prefix_redirect:
3741 description: Prefix rewrite to use when generating an HTTP redirect.
3742 Used with `host_redirect`.
3743 type: string
3744 prefix_regex:
3745 type: boolean
3746 priority:
3747 type: string
3748 query_parameters:
3749 additionalProperties:
3750 type: string
3751 type: object
3752 redirect_response_code:
3753 description: The response code to use when generating an HTTP redirect.
3754 Defaults to 301. Used with `host_redirect`.
3755 enum:
3756 - 301
3757 - 302
3758 - 303
3759 - 307
3760 - 308
3761 type: integer
3762 regex_headers:
3763 additionalProperties:
3764 type: string
3765 type: object
3766 regex_query_parameters:
3767 additionalProperties:
3768 type: string
3769 type: object
3770 regex_redirect:
3771 description: Prefix regex rewrite to use when generating an HTTP redirect.
3772 Used with `host_redirect`.
3773 properties:
3774 pattern:
3775 type: string
3776 substitution:
3777 type: string
3778 type: object
3779 regex_rewrite:
3780 properties:
3781 pattern:
3782 type: string
3783 substitution:
3784 type: string
3785 type: object
3786 remove_request_headers:
3787 items:
3788 type: string
3789 type: array
3790 remove_response_headers:
3791 items:
3792 type: string
3793 type: array
3794 resolver:
3795 type: string
3796 respect_dns_ttl:
3797 type: boolean
3798 retry_policy:
3799 properties:
3800 num_retries:
3801 type: integer
3802 per_try_timeout:
3803 type: string
3804 retry_on:
3805 enum:
3806 - 5xx
3807 - gateway-error
3808 - connect-failure
3809 - retriable-4xx
3810 - refused-stream
3811 - retriable-status-codes
3812 type: string
3813 type: object
3814 rewrite:
3815 type: string
3816 service:
3817 type: string
3818 shadow:
3819 type: boolean
3820 stats_name:
3821 type: string
3822 timeout_ms:
3823 description: The timeout for requests that use this Mapping. Overrides
3824 `cluster_request_timeout_ms` set on the Ambassador Module, if it
3825 exists.
3826 type: integer
3827 tls:
3828 type: string
3829 use_websocket:
3830 description: "use_websocket is deprecated, and is equivlaent to setting
3831 `allow_upgrade: [\"websocket\"]` \n TODO(lukeshu): In v3alpha2,
3832 get rid of MappingSpec.DeprecatedUseWebsocket."
3833 type: boolean
3834 v2BoolHeaders:
3835 items:
3836 type: string
3837 type: array
3838 v2BoolQueryParameters:
3839 items:
3840 type: string
3841 type: array
3842 v2ExplicitTLS:
3843 description: V2ExplicitTLS controls some vanity/stylistic elements
3844 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
3845 should not in any way affect the runtime operation of Emissary;
3846 except that it may affect internal names in the Envoy config, which
3847 may in turn affect stats names. But it should not affect any end-user
3848 observable behavior.
3849 properties:
3850 serviceScheme:
3851 description: "ServiceScheme specifies how to spell and capitalize
3852 the scheme-part of the service URL. \n Acceptable values are
3853 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
3854 or \"\". The value is used if it agrees with whether or not
3855 this resource enables TLS origination, or if something else
3856 in the resource overrides the scheme."
3857 pattern: ^([hH][tT][tT][pP][sS]?://)?$
3858 type: string
3859 tls:
3860 description: "TLS controls whether and how to represent the \"tls\"
3861 field when its value could be implied by the \"service\" field.
3862 \ In v2, there were a lot of different ways to spell an \"empty\"
3863 value, and this field specifies which way to spell it (and will
3864 therefore only be used if the value will indeed be empty). \n
3865 \ | Value | Representation | Meaning
3866 of representation | |--------------+---------------------------------------+------------------------------------|
3867 \ | \"\" | omit the field |
3868 defer to service (no TLSContext) | | \"null\" | store
3869 an explicit \"null\" in the field | defer to service (no TLSContext)
3870 \ | | \"string\" | store an empty string in the field
3871 \ | defer to service (no TLSContext) | | \"bool:false\"
3872 | store a Boolean \"false\" in the field | defer to service
3873 (no TLSContext) | | \"bool:true\" | store a Boolean \"true\"
3874 in the field | originate TLS (no TLSContext) | \n If
3875 the meaning of the representation contradicts anything else
3876 (if a TLSContext is to be used, or in the case of \"bool:true\"
3877 if TLS is not to be originated), then this field is ignored."
3878 enum:
3879 - ""
3880 - "null"
3881 - bool:true
3882 - bool:false
3883 - string
3884 type: string
3885 type: object
3886 weight:
3887 type: integer
3888 required:
3889 - prefix
3890 - service
3891 type: object
3892 status:
3893 description: MappingStatus defines the observed state of Mapping
3894 properties:
3895 reason:
3896 type: string
3897 state:
3898 enum:
3899 - ""
3900 - Inactive
3901 - Running
3902 type: string
3903 type: object
3904 type: object
3905 served: true
3906 storage: false
3907 subresources:
3908 status: {}
3909---
3910apiVersion: apiextensions.k8s.io/v1
3911kind: CustomResourceDefinition
3912metadata:
3913 annotations:
3914 controller-gen.kubebuilder.io/version: v0.6.2
3915 labels:
3916 app.kubernetes.io/instance: emissary-apiext
3917 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
3918 app.kubernetes.io/name: emissary-apiext
3919 app.kubernetes.io/part-of: emissary-apiext
3920 name: modules.getambassador.io
3921spec:
3922 conversion:
3923 strategy: Webhook
3924 webhook:
3925 clientConfig:
3926 service:
3927 name: emissary-apiext
3928 namespace: emissary-system
3929 conversionReviewVersions:
3930 - v1beta1
3931 group: getambassador.io
3932 names:
3933 categories:
3934 - ambassador-crds
3935 kind: Module
3936 listKind: ModuleList
3937 plural: modules
3938 singular: module
3939 preserveUnknownFields: false
3940 scope: Namespaced
3941 versions:
3942 - name: v1
3943 schema:
3944 openAPIV3Schema:
3945 description: "A Module defines system-wide configuration. The type of module
3946 is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\".
3947 \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module
3948 https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
3949 properties:
3950 apiVersion:
3951 description: 'APIVersion defines the versioned schema of this representation
3952 of an object. Servers should convert recognized schemas to the latest
3953 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3954 type: string
3955 kind:
3956 description: 'Kind is a string value representing the REST resource this
3957 object represents. Servers may infer this from the endpoint the client
3958 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3959 type: string
3960 metadata:
3961 type: object
3962 spec:
3963 properties:
3964 config:
3965 description: UntypedDict is relatively opaque as a Go type, but it
3966 preserves its contents in a roundtrippable way.
3967 type: object
3968 x-kubernetes-preserve-unknown-fields: true
3969 type: object
3970 x-kubernetes-preserve-unknown-fields: true
3971 type: object
3972 served: true
3973 storage: false
3974 - name: v2
3975 schema:
3976 openAPIV3Schema:
3977 description: "A Module defines system-wide configuration. The type of module
3978 is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\".
3979 \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module
3980 https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
3981 properties:
3982 apiVersion:
3983 description: 'APIVersion defines the versioned schema of this representation
3984 of an object. Servers should convert recognized schemas to the latest
3985 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3986 type: string
3987 kind:
3988 description: 'Kind is a string value representing the REST resource this
3989 object represents. Servers may infer this from the endpoint the client
3990 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3991 type: string
3992 metadata:
3993 type: object
3994 spec:
3995 properties:
3996 config:
3997 description: UntypedDict is relatively opaque as a Go type, but it
3998 preserves its contents in a roundtrippable way.
3999 type: object
4000 x-kubernetes-preserve-unknown-fields: true
4001 type: object
4002 x-kubernetes-preserve-unknown-fields: true
4003 type: object
4004 served: true
4005 storage: true
4006 - name: v3alpha1
4007 schema:
4008 openAPIV3Schema:
4009 description: "A Module defines system-wide configuration. The type of module
4010 is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\".
4011 \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module
4012 https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
4013 properties:
4014 apiVersion:
4015 description: 'APIVersion defines the versioned schema of this representation
4016 of an object. Servers should convert recognized schemas to the latest
4017 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4018 type: string
4019 kind:
4020 description: 'Kind is a string value representing the REST resource this
4021 object represents. Servers may infer this from the endpoint the client
4022 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4023 type: string
4024 metadata:
4025 type: object
4026 spec:
4027 description: 'TODO(lukeshu): In v3alpha2, get rid of unnecessary nesting
4028 and move `ModuleSpec.config.*` to `ModuleSpec.*`.'
4029 properties:
4030 ambassador_id:
4031 description: "AmbassadorID declares which Ambassador instances should
4032 pay attention to this resource. If no value is provided, the default
4033 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
4034 consider renaming all of the `ambassador_id` (singular) fields to
4035 `ambassador_ids` (plural)."
4036 items:
4037 type: string
4038 type: array
4039 config:
4040 description: "TODO(lukeshu): In v3alpha2, change the default from
4041 `diagnostics.enabled=true` to `diagnostics.enabled=false`. This
4042 needs conversion support in apiext. See the related comment in
4043 irambassador.py. \n TODO(lukeshu): Structurally type ModuleSpec.Config."
4044 type: object
4045 x-kubernetes-preserve-unknown-fields: true
4046 required:
4047 - config
4048 type: object
4049 type: object
4050 served: true
4051 storage: false
4052---
4053apiVersion: apiextensions.k8s.io/v1
4054kind: CustomResourceDefinition
4055metadata:
4056 annotations:
4057 controller-gen.kubebuilder.io/version: v0.6.2
4058 labels:
4059 app.kubernetes.io/instance: emissary-apiext
4060 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4061 app.kubernetes.io/name: emissary-apiext
4062 app.kubernetes.io/part-of: emissary-apiext
4063 name: ratelimitservices.getambassador.io
4064spec:
4065 conversion:
4066 strategy: Webhook
4067 webhook:
4068 clientConfig:
4069 service:
4070 name: emissary-apiext
4071 namespace: emissary-system
4072 conversionReviewVersions:
4073 - v1beta1
4074 group: getambassador.io
4075 names:
4076 categories:
4077 - ambassador-crds
4078 kind: RateLimitService
4079 listKind: RateLimitServiceList
4080 plural: ratelimitservices
4081 singular: ratelimitservice
4082 preserveUnknownFields: false
4083 scope: Namespaced
4084 versions:
4085 - name: v1
4086 schema:
4087 openAPIV3Schema:
4088 description: RateLimitService is the Schema for the ratelimitservices API
4089 properties:
4090 apiVersion:
4091 description: 'APIVersion defines the versioned schema of this representation
4092 of an object. Servers should convert recognized schemas to the latest
4093 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4094 type: string
4095 kind:
4096 description: 'Kind is a string value representing the REST resource this
4097 object represents. Servers may infer this from the endpoint the client
4098 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4099 type: string
4100 metadata:
4101 type: object
4102 spec:
4103 description: RateLimitServiceSpec defines the desired state of RateLimitService
4104 properties:
4105 domain:
4106 type: string
4107 failure_mode_deny:
4108 description: FailureModeDeny when set to true, envoy will deny traffic
4109 if it is unable to communicate with the rate limit service.
4110 type: boolean
4111 protocol_version:
4112 enum:
4113 - v2
4114 - v3
4115 type: string
4116 service:
4117 type: string
4118 timeout_ms:
4119 type: integer
4120 v3StatsName:
4121 type: string
4122 required:
4123 - service
4124 type: object
4125 x-kubernetes-preserve-unknown-fields: true
4126 type: object
4127 served: true
4128 storage: false
4129 - name: v2
4130 schema:
4131 openAPIV3Schema:
4132 description: RateLimitService is the Schema for the ratelimitservices API
4133 properties:
4134 apiVersion:
4135 description: 'APIVersion defines the versioned schema of this representation
4136 of an object. Servers should convert recognized schemas to the latest
4137 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4138 type: string
4139 kind:
4140 description: 'Kind is a string value representing the REST resource this
4141 object represents. Servers may infer this from the endpoint the client
4142 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4143 type: string
4144 metadata:
4145 type: object
4146 spec:
4147 description: RateLimitServiceSpec defines the desired state of RateLimitService
4148 properties:
4149 domain:
4150 type: string
4151 failure_mode_deny:
4152 description: FailureModeDeny when set to true, envoy will deny traffic
4153 if it is unable to communicate with the rate limit service.
4154 type: boolean
4155 protocol_version:
4156 enum:
4157 - v2
4158 - v3
4159 type: string
4160 service:
4161 type: string
4162 timeout_ms:
4163 type: integer
4164 v3StatsName:
4165 type: string
4166 required:
4167 - service
4168 type: object
4169 x-kubernetes-preserve-unknown-fields: true
4170 type: object
4171 served: true
4172 storage: true
4173 - name: v3alpha1
4174 schema:
4175 openAPIV3Schema:
4176 description: RateLimitService is the Schema for the ratelimitservices API
4177 properties:
4178 apiVersion:
4179 description: 'APIVersion defines the versioned schema of this representation
4180 of an object. Servers should convert recognized schemas to the latest
4181 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4182 type: string
4183 kind:
4184 description: 'Kind is a string value representing the REST resource this
4185 object represents. Servers may infer this from the endpoint the client
4186 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4187 type: string
4188 metadata:
4189 type: object
4190 spec:
4191 description: RateLimitServiceSpec defines the desired state of RateLimitService
4192 properties:
4193 ambassador_id:
4194 description: Common to all Ambassador objects.
4195 items:
4196 type: string
4197 type: array
4198 domain:
4199 type: string
4200 failure_mode_deny:
4201 description: FailureModeDeny when set to true, envoy will deny traffic
4202 if it is unable to communicate with the rate limit service.
4203 type: boolean
4204 protocol_version:
4205 description: ProtocolVersion is the envoy api transport protocol version
4206 enum:
4207 - v2
4208 - v3
4209 type: string
4210 service:
4211 type: string
4212 stats_name:
4213 type: string
4214 timeout_ms:
4215 description: 'TODO(lukeshu): In v3alpha2, change all of the `{foo}_ms`/`MillisecondDuration`
4216 fields to `{foo}`/`metav1.Duration`.'
4217 type: integer
4218 tls:
4219 type: string
4220 v2ExplicitTLS:
4221 description: V2ExplicitTLS controls some vanity/stylistic elements
4222 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
4223 should not in any way affect the runtime operation of Emissary;
4224 except that it may affect internal names in the Envoy config, which
4225 may in turn affect stats names. But it should not affect any end-user
4226 observable behavior.
4227 properties:
4228 serviceScheme:
4229 description: "ServiceScheme specifies how to spell and capitalize
4230 the scheme-part of the service URL. \n Acceptable values are
4231 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
4232 or \"\". The value is used if it agrees with whether or not
4233 this resource enables TLS origination, or if something else
4234 in the resource overrides the scheme."
4235 pattern: ^([hH][tT][tT][pP][sS]?://)?$
4236 type: string
4237 tls:
4238 description: "TLS controls whether and how to represent the \"tls\"
4239 field when its value could be implied by the \"service\" field.
4240 \ In v2, there were a lot of different ways to spell an \"empty\"
4241 value, and this field specifies which way to spell it (and will
4242 therefore only be used if the value will indeed be empty). \n
4243 \ | Value | Representation | Meaning
4244 of representation | |--------------+---------------------------------------+------------------------------------|
4245 \ | \"\" | omit the field |
4246 defer to service (no TLSContext) | | \"null\" | store
4247 an explicit \"null\" in the field | defer to service (no TLSContext)
4248 \ | | \"string\" | store an empty string in the field
4249 \ | defer to service (no TLSContext) | | \"bool:false\"
4250 | store a Boolean \"false\" in the field | defer to service
4251 (no TLSContext) | | \"bool:true\" | store a Boolean \"true\"
4252 in the field | originate TLS (no TLSContext) | \n If
4253 the meaning of the representation contradicts anything else
4254 (if a TLSContext is to be used, or in the case of \"bool:true\"
4255 if TLS is not to be originated), then this field is ignored."
4256 enum:
4257 - ""
4258 - "null"
4259 - bool:true
4260 - bool:false
4261 - string
4262 type: string
4263 type: object
4264 required:
4265 - service
4266 type: object
4267 type: object
4268 served: true
4269 storage: false
4270---
4271apiVersion: apiextensions.k8s.io/v1
4272kind: CustomResourceDefinition
4273metadata:
4274 annotations:
4275 controller-gen.kubebuilder.io/version: v0.6.2
4276 labels:
4277 app.kubernetes.io/instance: emissary-apiext
4278 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4279 app.kubernetes.io/name: emissary-apiext
4280 app.kubernetes.io/part-of: emissary-apiext
4281 name: tcpmappings.getambassador.io
4282spec:
4283 conversion:
4284 strategy: Webhook
4285 webhook:
4286 clientConfig:
4287 service:
4288 name: emissary-apiext
4289 namespace: emissary-system
4290 conversionReviewVersions:
4291 - v1beta1
4292 group: getambassador.io
4293 names:
4294 categories:
4295 - ambassador-crds
4296 kind: TCPMapping
4297 listKind: TCPMappingList
4298 plural: tcpmappings
4299 singular: tcpmapping
4300 preserveUnknownFields: false
4301 scope: Namespaced
4302 versions:
4303 - name: v1
4304 schema:
4305 openAPIV3Schema:
4306 description: TCPMapping is the Schema for the tcpmappings API
4307 properties:
4308 apiVersion:
4309 description: 'APIVersion defines the versioned schema of this representation
4310 of an object. Servers should convert recognized schemas to the latest
4311 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4312 type: string
4313 kind:
4314 description: 'Kind is a string value representing the REST resource this
4315 object represents. Servers may infer this from the endpoint the client
4316 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4317 type: string
4318 metadata:
4319 type: object
4320 spec:
4321 description: TCPMappingSpec defines the desired state of TCPMapping
4322 properties:
4323 address:
4324 type: string
4325 circuit_breakers:
4326 items:
4327 properties:
4328 max_connections:
4329 type: integer
4330 max_pending_requests:
4331 type: integer
4332 max_requests:
4333 type: integer
4334 max_retries:
4335 type: integer
4336 priority:
4337 enum:
4338 - default
4339 - high
4340 type: string
4341 type: object
4342 type: array
4343 cluster_tag:
4344 type: string
4345 enable_ipv4:
4346 type: boolean
4347 enable_ipv6:
4348 type: boolean
4349 host:
4350 type: string
4351 idle_timeout_ms:
4352 description: 'FIXME(lukeshu): Surely this should be an ''int''?'
4353 type: string
4354 port:
4355 description: Port isn't a pointer because it's required.
4356 type: integer
4357 resolver:
4358 type: string
4359 service:
4360 type: string
4361 v3StatsName:
4362 type: string
4363 weight:
4364 type: integer
4365 required:
4366 - port
4367 - service
4368 type: object
4369 x-kubernetes-preserve-unknown-fields: true
4370 type: object
4371 served: true
4372 storage: false
4373 - name: v2
4374 schema:
4375 openAPIV3Schema:
4376 description: TCPMapping is the Schema for the tcpmappings API
4377 properties:
4378 apiVersion:
4379 description: 'APIVersion defines the versioned schema of this representation
4380 of an object. Servers should convert recognized schemas to the latest
4381 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4382 type: string
4383 kind:
4384 description: 'Kind is a string value representing the REST resource this
4385 object represents. Servers may infer this from the endpoint the client
4386 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4387 type: string
4388 metadata:
4389 type: object
4390 spec:
4391 description: TCPMappingSpec defines the desired state of TCPMapping
4392 properties:
4393 address:
4394 type: string
4395 circuit_breakers:
4396 items:
4397 properties:
4398 max_connections:
4399 type: integer
4400 max_pending_requests:
4401 type: integer
4402 max_requests:
4403 type: integer
4404 max_retries:
4405 type: integer
4406 priority:
4407 enum:
4408 - default
4409 - high
4410 type: string
4411 type: object
4412 type: array
4413 cluster_tag:
4414 type: string
4415 enable_ipv4:
4416 type: boolean
4417 enable_ipv6:
4418 type: boolean
4419 host:
4420 type: string
4421 idle_timeout_ms:
4422 description: 'FIXME(lukeshu): Surely this should be an ''int''?'
4423 type: string
4424 port:
4425 description: Port isn't a pointer because it's required.
4426 type: integer
4427 resolver:
4428 type: string
4429 service:
4430 type: string
4431 v3StatsName:
4432 type: string
4433 weight:
4434 type: integer
4435 required:
4436 - port
4437 - service
4438 type: object
4439 x-kubernetes-preserve-unknown-fields: true
4440 type: object
4441 served: true
4442 storage: true
4443 - name: v3alpha1
4444 schema:
4445 openAPIV3Schema:
4446 description: TCPMapping is the Schema for the tcpmappings API
4447 properties:
4448 apiVersion:
4449 description: 'APIVersion defines the versioned schema of this representation
4450 of an object. Servers should convert recognized schemas to the latest
4451 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4452 type: string
4453 kind:
4454 description: 'Kind is a string value representing the REST resource this
4455 object represents. Servers may infer this from the endpoint the client
4456 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4457 type: string
4458 metadata:
4459 type: object
4460 spec:
4461 description: TCPMappingSpec defines the desired state of TCPMapping
4462 properties:
4463 address:
4464 type: string
4465 ambassador_id:
4466 description: "AmbassadorID declares which Ambassador instances should
4467 pay attention to this resource. If no value is provided, the default
4468 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
4469 consider renaming all of the `ambassador_id` (singular) fields to
4470 `ambassador_ids` (plural)."
4471 items:
4472 type: string
4473 type: array
4474 circuit_breakers:
4475 items:
4476 properties:
4477 max_connections:
4478 type: integer
4479 max_pending_requests:
4480 type: integer
4481 max_requests:
4482 type: integer
4483 max_retries:
4484 type: integer
4485 priority:
4486 enum:
4487 - default
4488 - high
4489 type: string
4490 type: object
4491 type: array
4492 cluster_tag:
4493 type: string
4494 enable_ipv4:
4495 type: boolean
4496 enable_ipv6:
4497 type: boolean
4498 host:
4499 type: string
4500 idle_timeout_ms:
4501 description: 'FIXME(lukeshu): Surely this should be an ''int''?'
4502 type: string
4503 port:
4504 description: Port isn't a pointer because it's required.
4505 type: integer
4506 resolver:
4507 type: string
4508 service:
4509 type: string
4510 stats_name:
4511 type: string
4512 tls:
4513 type: string
4514 v2ExplicitTLS:
4515 description: V2ExplicitTLS controls some vanity/stylistic elements
4516 when converting from v3alpha1 to v2. The values in an V2ExplicitTLS
4517 should not in any way affect the runtime operation of Emissary;
4518 except that it may affect internal names in the Envoy config, which
4519 may in turn affect stats names. But it should not affect any end-user
4520 observable behavior.
4521 properties:
4522 serviceScheme:
4523 description: "ServiceScheme specifies how to spell and capitalize
4524 the scheme-part of the service URL. \n Acceptable values are
4525 \"http://\" (case-insensitive), \"https://\" (case-insensitive),
4526 or \"\". The value is used if it agrees with whether or not
4527 this resource enables TLS origination, or if something else
4528 in the resource overrides the scheme."
4529 pattern: ^([hH][tT][tT][pP][sS]?://)?$
4530 type: string
4531 tls:
4532 description: "TLS controls whether and how to represent the \"tls\"
4533 field when its value could be implied by the \"service\" field.
4534 \ In v2, there were a lot of different ways to spell an \"empty\"
4535 value, and this field specifies which way to spell it (and will
4536 therefore only be used if the value will indeed be empty). \n
4537 \ | Value | Representation | Meaning
4538 of representation | |--------------+---------------------------------------+------------------------------------|
4539 \ | \"\" | omit the field |
4540 defer to service (no TLSContext) | | \"null\" | store
4541 an explicit \"null\" in the field | defer to service (no TLSContext)
4542 \ | | \"string\" | store an empty string in the field
4543 \ | defer to service (no TLSContext) | | \"bool:false\"
4544 | store a Boolean \"false\" in the field | defer to service
4545 (no TLSContext) | | \"bool:true\" | store a Boolean \"true\"
4546 in the field | originate TLS (no TLSContext) | \n If
4547 the meaning of the representation contradicts anything else
4548 (if a TLSContext is to be used, or in the case of \"bool:true\"
4549 if TLS is not to be originated), then this field is ignored."
4550 enum:
4551 - ""
4552 - "null"
4553 - bool:true
4554 - bool:false
4555 - string
4556 type: string
4557 type: object
4558 weight:
4559 type: integer
4560 required:
4561 - port
4562 - service
4563 type: object
4564 type: object
4565 served: true
4566 storage: false
4567---
4568apiVersion: apiextensions.k8s.io/v1
4569kind: CustomResourceDefinition
4570metadata:
4571 annotations:
4572 controller-gen.kubebuilder.io/version: v0.6.2
4573 labels:
4574 app.kubernetes.io/instance: emissary-apiext
4575 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4576 app.kubernetes.io/name: emissary-apiext
4577 app.kubernetes.io/part-of: emissary-apiext
4578 name: tlscontexts.getambassador.io
4579spec:
4580 conversion:
4581 strategy: Webhook
4582 webhook:
4583 clientConfig:
4584 service:
4585 name: emissary-apiext
4586 namespace: emissary-system
4587 conversionReviewVersions:
4588 - v1beta1
4589 group: getambassador.io
4590 names:
4591 categories:
4592 - ambassador-crds
4593 kind: TLSContext
4594 listKind: TLSContextList
4595 plural: tlscontexts
4596 singular: tlscontext
4597 preserveUnknownFields: false
4598 scope: Namespaced
4599 versions:
4600 - name: v1
4601 schema:
4602 openAPIV3Schema:
4603 description: TLSContext is the Schema for the tlscontexts API
4604 properties:
4605 apiVersion:
4606 description: 'APIVersion defines the versioned schema of this representation
4607 of an object. Servers should convert recognized schemas to the latest
4608 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4609 type: string
4610 kind:
4611 description: 'Kind is a string value representing the REST resource this
4612 object represents. Servers may infer this from the endpoint the client
4613 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4614 type: string
4615 metadata:
4616 type: object
4617 spec:
4618 description: TLSContextSpec defines the desired state of TLSContext
4619 properties:
4620 alpn_protocols:
4621 type: string
4622 ca_secret:
4623 type: string
4624 cacert_chain_file:
4625 type: string
4626 cert_chain_file:
4627 type: string
4628 cert_required:
4629 type: boolean
4630 cipher_suites:
4631 items:
4632 type: string
4633 type: array
4634 ecdh_curves:
4635 items:
4636 type: string
4637 type: array
4638 hosts:
4639 items:
4640 type: string
4641 type: array
4642 max_tls_version:
4643 enum:
4644 - v1.0
4645 - v1.1
4646 - v1.2
4647 - v1.3
4648 type: string
4649 min_tls_version:
4650 enum:
4651 - v1.0
4652 - v1.1
4653 - v1.2
4654 - v1.3
4655 type: string
4656 private_key_file:
4657 type: string
4658 redirect_cleartext_from:
4659 type: integer
4660 secret:
4661 type: string
4662 secret_namespacing:
4663 type: boolean
4664 sni:
4665 type: string
4666 v3CRLSecret:
4667 type: string
4668 type: object
4669 x-kubernetes-preserve-unknown-fields: true
4670 type: object
4671 served: true
4672 storage: false
4673 - name: v2
4674 schema:
4675 openAPIV3Schema:
4676 description: TLSContext is the Schema for the tlscontexts API
4677 properties:
4678 apiVersion:
4679 description: 'APIVersion defines the versioned schema of this representation
4680 of an object. Servers should convert recognized schemas to the latest
4681 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4682 type: string
4683 kind:
4684 description: 'Kind is a string value representing the REST resource this
4685 object represents. Servers may infer this from the endpoint the client
4686 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4687 type: string
4688 metadata:
4689 type: object
4690 spec:
4691 description: TLSContextSpec defines the desired state of TLSContext
4692 properties:
4693 alpn_protocols:
4694 type: string
4695 ca_secret:
4696 type: string
4697 cacert_chain_file:
4698 type: string
4699 cert_chain_file:
4700 type: string
4701 cert_required:
4702 type: boolean
4703 cipher_suites:
4704 items:
4705 type: string
4706 type: array
4707 ecdh_curves:
4708 items:
4709 type: string
4710 type: array
4711 hosts:
4712 items:
4713 type: string
4714 type: array
4715 max_tls_version:
4716 enum:
4717 - v1.0
4718 - v1.1
4719 - v1.2
4720 - v1.3
4721 type: string
4722 min_tls_version:
4723 enum:
4724 - v1.0
4725 - v1.1
4726 - v1.2
4727 - v1.3
4728 type: string
4729 private_key_file:
4730 type: string
4731 redirect_cleartext_from:
4732 type: integer
4733 secret:
4734 type: string
4735 secret_namespacing:
4736 type: boolean
4737 sni:
4738 type: string
4739 v3CRLSecret:
4740 type: string
4741 type: object
4742 x-kubernetes-preserve-unknown-fields: true
4743 type: object
4744 served: true
4745 storage: true
4746 - name: v3alpha1
4747 schema:
4748 openAPIV3Schema:
4749 description: TLSContext is the Schema for the tlscontexts API
4750 properties:
4751 apiVersion:
4752 description: 'APIVersion defines the versioned schema of this representation
4753 of an object. Servers should convert recognized schemas to the latest
4754 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4755 type: string
4756 kind:
4757 description: 'Kind is a string value representing the REST resource this
4758 object represents. Servers may infer this from the endpoint the client
4759 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4760 type: string
4761 metadata:
4762 type: object
4763 spec:
4764 description: TLSContextSpec defines the desired state of TLSContext
4765 properties:
4766 alpn_protocols:
4767 type: string
4768 ambassador_id:
4769 description: "AmbassadorID declares which Ambassador instances should
4770 pay attention to this resource. If no value is provided, the default
4771 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
4772 consider renaming all of the `ambassador_id` (singular) fields to
4773 `ambassador_ids` (plural)."
4774 items:
4775 type: string
4776 type: array
4777 ca_secret:
4778 type: string
4779 cacert_chain_file:
4780 type: string
4781 cert_chain_file:
4782 type: string
4783 cert_required:
4784 type: boolean
4785 cipher_suites:
4786 items:
4787 type: string
4788 type: array
4789 crl_secret:
4790 type: string
4791 ecdh_curves:
4792 items:
4793 type: string
4794 type: array
4795 hosts:
4796 items:
4797 type: string
4798 type: array
4799 max_tls_version:
4800 enum:
4801 - v1.0
4802 - v1.1
4803 - v1.2
4804 - v1.3
4805 type: string
4806 min_tls_version:
4807 enum:
4808 - v1.0
4809 - v1.1
4810 - v1.2
4811 - v1.3
4812 type: string
4813 private_key_file:
4814 type: string
4815 redirect_cleartext_from:
4816 type: integer
4817 secret:
4818 type: string
4819 secret_namespacing:
4820 type: boolean
4821 sni:
4822 type: string
4823 type: object
4824 type: object
4825 served: true
4826 storage: false
4827---
4828apiVersion: apiextensions.k8s.io/v1
4829kind: CustomResourceDefinition
4830metadata:
4831 annotations:
4832 controller-gen.kubebuilder.io/version: v0.6.2
4833 labels:
4834 app.kubernetes.io/instance: emissary-apiext
4835 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
4836 app.kubernetes.io/name: emissary-apiext
4837 app.kubernetes.io/part-of: emissary-apiext
4838 name: tracingservices.getambassador.io
4839spec:
4840 conversion:
4841 strategy: Webhook
4842 webhook:
4843 clientConfig:
4844 service:
4845 name: emissary-apiext
4846 namespace: emissary-system
4847 conversionReviewVersions:
4848 - v1beta1
4849 group: getambassador.io
4850 names:
4851 categories:
4852 - ambassador-crds
4853 kind: TracingService
4854 listKind: TracingServiceList
4855 plural: tracingservices
4856 singular: tracingservice
4857 preserveUnknownFields: false
4858 scope: Namespaced
4859 versions:
4860 - name: v1
4861 schema:
4862 openAPIV3Schema:
4863 description: TracingService is the Schema for the tracingservices API
4864 properties:
4865 apiVersion:
4866 description: 'APIVersion defines the versioned schema of this representation
4867 of an object. Servers should convert recognized schemas to the latest
4868 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4869 type: string
4870 kind:
4871 description: 'Kind is a string value representing the REST resource this
4872 object represents. Servers may infer this from the endpoint the client
4873 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
4874 type: string
4875 metadata:
4876 type: object
4877 spec:
4878 description: TracingServiceSpec defines the desired state of TracingService
4879 properties:
4880 config:
4881 properties:
4882 access_token_file:
4883 type: string
4884 collector_cluster:
4885 type: string
4886 collector_endpoint:
4887 type: string
4888 collector_endpoint_version:
4889 enum:
4890 - HTTP_JSON_V1
4891 - HTTP_JSON
4892 - HTTP_PROTO
4893 type: string
4894 collector_hostname:
4895 type: string
4896 service_name:
4897 type: string
4898 shared_span_context:
4899 type: boolean
4900 trace_id_128bit:
4901 type: boolean
4902 v3PropagationModes:
4903 items:
4904 enum:
4905 - ENVOY
4906 - LIGHTSTEP
4907 - B3
4908 - TRACE_CONTEXT
4909 type: string
4910 type: array
4911 type: object
4912 driver:
4913 enum:
4914 - lightstep
4915 - zipkin
4916 - datadog
4917 - opentelemetry
4918 type: string
4919 sampling:
4920 properties:
4921 client:
4922 type: integer
4923 overall:
4924 type: integer
4925 random:
4926 type: integer
4927 type: object
4928 service:
4929 type: string
4930 tag_headers:
4931 items:
4932 type: string
4933 type: array
4934 v3CustomTags:
4935 items:
4936 description: TracingCustomTag provides a data structure for capturing
4937 envoy's `type.tracing.v3.CustomTag`
4938 properties:
4939 environment:
4940 description: Environment explicitly specifies the protocol stack
4941 to set up. Exactly one of Literal, Environment or Header must
4942 be supplied.
4943 properties:
4944 default_value:
4945 type: string
4946 name:
4947 type: string
4948 required:
4949 - name
4950 type: object
4951 literal:
4952 description: Literal explicitly specifies the protocol stack
4953 to set up. Exactly one of Literal, Environment or Header must
4954 be supplied.
4955 properties:
4956 value:
4957 type: string
4958 required:
4959 - value
4960 type: object
4961 request_header:
4962 description: Header explicitly specifies the protocol stack
4963 to set up. Exactly one of Literal, Environment or Header must
4964 be supplied.
4965 properties:
4966 default_value:
4967 type: string
4968 name:
4969 type: string
4970 required:
4971 - name
4972 type: object
4973 tag:
4974 type: string
4975 required:
4976 - tag
4977 type: object
4978 type: array
4979 v3StatsName:
4980 type: string
4981 required:
4982 - driver
4983 - service
4984 type: object
4985 x-kubernetes-preserve-unknown-fields: true
4986 type: object
4987 served: true
4988 storage: false
4989 - name: v2
4990 schema:
4991 openAPIV3Schema:
4992 description: TracingService is the Schema for the tracingservices API
4993 properties:
4994 apiVersion:
4995 description: 'APIVersion defines the versioned schema of this representation
4996 of an object. Servers should convert recognized schemas to the latest
4997 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
4998 type: string
4999 kind:
5000 description: 'Kind is a string value representing the REST resource this
5001 object represents. Servers may infer this from the endpoint the client
5002 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
5003 type: string
5004 metadata:
5005 type: object
5006 spec:
5007 description: TracingServiceSpec defines the desired state of TracingService
5008 properties:
5009 config:
5010 properties:
5011 access_token_file:
5012 type: string
5013 collector_cluster:
5014 type: string
5015 collector_endpoint:
5016 type: string
5017 collector_endpoint_version:
5018 enum:
5019 - HTTP_JSON_V1
5020 - HTTP_JSON
5021 - HTTP_PROTO
5022 type: string
5023 collector_hostname:
5024 type: string
5025 service_name:
5026 type: string
5027 shared_span_context:
5028 type: boolean
5029 trace_id_128bit:
5030 type: boolean
5031 v3PropagationModes:
5032 items:
5033 enum:
5034 - ENVOY
5035 - LIGHTSTEP
5036 - B3
5037 - TRACE_CONTEXT
5038 type: string
5039 type: array
5040 type: object
5041 driver:
5042 enum:
5043 - lightstep
5044 - zipkin
5045 - datadog
5046 - opentelemetry
5047 type: string
5048 sampling:
5049 properties:
5050 client:
5051 type: integer
5052 overall:
5053 type: integer
5054 random:
5055 type: integer
5056 type: object
5057 service:
5058 type: string
5059 tag_headers:
5060 items:
5061 type: string
5062 type: array
5063 v3CustomTags:
5064 items:
5065 description: TracingCustomTag provides a data structure for capturing
5066 envoy's `type.tracing.v3.CustomTag`
5067 properties:
5068 environment:
5069 description: Environment explicitly specifies the protocol stack
5070 to set up. Exactly one of Literal, Environment or Header must
5071 be supplied.
5072 properties:
5073 default_value:
5074 type: string
5075 name:
5076 type: string
5077 required:
5078 - name
5079 type: object
5080 literal:
5081 description: Literal explicitly specifies the protocol stack
5082 to set up. Exactly one of Literal, Environment or Header must
5083 be supplied.
5084 properties:
5085 value:
5086 type: string
5087 required:
5088 - value
5089 type: object
5090 request_header:
5091 description: Header explicitly specifies the protocol stack
5092 to set up. Exactly one of Literal, Environment or Header must
5093 be supplied.
5094 properties:
5095 default_value:
5096 type: string
5097 name:
5098 type: string
5099 required:
5100 - name
5101 type: object
5102 tag:
5103 type: string
5104 required:
5105 - tag
5106 type: object
5107 type: array
5108 v3StatsName:
5109 type: string
5110 required:
5111 - driver
5112 - service
5113 type: object
5114 x-kubernetes-preserve-unknown-fields: true
5115 type: object
5116 served: true
5117 storage: true
5118 - name: v3alpha1
5119 schema:
5120 openAPIV3Schema:
5121 description: TracingService is the Schema for the tracingservices API
5122 properties:
5123 apiVersion:
5124 description: 'APIVersion defines the versioned schema of this representation
5125 of an object. Servers should convert recognized schemas to the latest
5126 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
5127 type: string
5128 kind:
5129 description: 'Kind is a string value representing the REST resource this
5130 object represents. Servers may infer this from the endpoint the client
5131 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
5132 type: string
5133 metadata:
5134 type: object
5135 spec:
5136 description: TracingServiceSpec defines the desired state of TracingService
5137 properties:
5138 ambassador_id:
5139 description: "AmbassadorID declares which Ambassador instances should
5140 pay attention to this resource. If no value is provided, the default
5141 is: \n \tambassador_id: \t- \"default\" \n TODO(lukeshu): In v3alpha2,
5142 consider renaming all of the `ambassador_id` (singular) fields to
5143 `ambassador_ids` (plural)."
5144 items:
5145 type: string
5146 type: array
5147 config:
5148 properties:
5149 access_token_file:
5150 type: string
5151 collector_cluster:
5152 type: string
5153 collector_endpoint:
5154 type: string
5155 collector_endpoint_version:
5156 enum:
5157 - HTTP_JSON_V1
5158 - HTTP_JSON
5159 - HTTP_PROTO
5160 type: string
5161 collector_hostname:
5162 type: string
5163 propagation_modes:
5164 items:
5165 enum:
5166 - ENVOY
5167 - LIGHTSTEP
5168 - B3
5169 - TRACE_CONTEXT
5170 type: string
5171 type: array
5172 service_name:
5173 type: string
5174 shared_span_context:
5175 type: boolean
5176 trace_id_128bit:
5177 type: boolean
5178 type: object
5179 custom_tags:
5180 items:
5181 description: TracingCustomTag provides a data structure for capturing
5182 envoy's `type.tracing.v3.CustomTag`
5183 properties:
5184 environment:
5185 description: Environment explicitly specifies the protocol stack
5186 to set up. Exactly one of Literal, Environment or Header must
5187 be supplied.
5188 properties:
5189 default_value:
5190 type: string
5191 name:
5192 type: string
5193 required:
5194 - name
5195 type: object
5196 literal:
5197 description: Literal explicitly specifies the protocol stack
5198 to set up. Exactly one of Literal, Environment or Header must
5199 be supplied.
5200 properties:
5201 value:
5202 type: string
5203 required:
5204 - value
5205 type: object
5206 request_header:
5207 description: Header explicitly specifies the protocol stack
5208 to set up. Exactly one of Literal, Environment or Header must
5209 be supplied.
5210 properties:
5211 default_value:
5212 type: string
5213 name:
5214 type: string
5215 required:
5216 - name
5217 type: object
5218 tag:
5219 type: string
5220 required:
5221 - tag
5222 type: object
5223 type: array
5224 driver:
5225 enum:
5226 - lightstep
5227 - zipkin
5228 - datadog
5229 - opentelemetry
5230 type: string
5231 sampling:
5232 properties:
5233 client:
5234 type: integer
5235 overall:
5236 type: integer
5237 random:
5238 type: integer
5239 type: object
5240 service:
5241 type: string
5242 stats_name:
5243 type: string
5244 tag_headers:
5245 description: 'Deprecated: tag_headers is deprecated. Use custom_tags
5246 instead. `tag_headers: ["header"]` can be defined as `custom_tags:
5247 [{"request_header": {"name": "header"}}]`.'
5248 items:
5249 type: string
5250 type: array
5251 required:
5252 - driver
5253 - service
5254 type: object
5255 type: object
5256 served: true
5257 storage: false
5258---
5259################################################################################
5260# Namespace #
5261################################################################################
5262---
5263apiVersion: v1
5264kind: Namespace
5265metadata:
5266 name: emissary-system
5267---
5268################################################################################
5269# ServiceAccount #
5270################################################################################
5271---
5272apiVersion: v1
5273kind: ServiceAccount
5274metadata:
5275 name: emissary-apiext
5276 namespace: emissary-system
5277 labels:
5278 app.kubernetes.io/instance: emissary-apiext
5279 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5280 app.kubernetes.io/name: emissary-apiext
5281 app.kubernetes.io/part-of: emissary-apiext
5282{serviceAccountExtra}
5283---
5284################################################################################
5285# Cluster permissions #
5286################################################################################
5287---
5288apiVersion: rbac.authorization.k8s.io/v1
5289kind: ClusterRole
5290metadata:
5291 name: emissary-apiext
5292 labels:
5293 app.kubernetes.io/instance: emissary-apiext
5294 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5295 app.kubernetes.io/name: emissary-apiext
5296 app.kubernetes.io/part-of: emissary-apiext
5297rules:
5298 - apiGroups: [ "apiextensions.k8s.io" ]
5299 resources: [ "customresourcedefinitions" ]
5300 verbs: [ "list", "watch" ]
5301 - apiGroups: [ "apiextensions.k8s.io" ]
5302 resources: [ "customresourcedefinitions" ]
5303 resourceNames:
5304 - authservices.getambassador.io
5305 - consulresolvers.getambassador.io
5306 - devportals.getambassador.io
5307 - hosts.getambassador.io
5308 - kubernetesendpointresolvers.getambassador.io
5309 - kubernetesserviceresolvers.getambassador.io
5310 - listeners.getambassador.io
5311 - logservices.getambassador.io
5312 - mappings.getambassador.io
5313 - modules.getambassador.io
5314 - ratelimitservices.getambassador.io
5315 - tcpmappings.getambassador.io
5316 - tlscontexts.getambassador.io
5317 - tracingservices.getambassador.io
5318 verbs: [ "update" ]
5319---
5320apiVersion: rbac.authorization.k8s.io/v1
5321kind: ClusterRoleBinding
5322metadata:
5323 name: emissary-apiext
5324 labels:
5325 app.kubernetes.io/instance: emissary-apiext
5326 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5327 app.kubernetes.io/name: emissary-apiext
5328 app.kubernetes.io/part-of: emissary-apiext
5329roleRef:
5330 apiGroup: rbac.authorization.k8s.io
5331 kind: ClusterRole
5332 name: emissary-apiext
5333subjects:
5334 - kind: ServiceAccount
5335 namespace: emissary-system
5336 name: emissary-apiext
5337---
5338################################################################################
5339# Namespaced permissions #
5340################################################################################
5341---
5342apiVersion: rbac.authorization.k8s.io/v1
5343kind: Role
5344metadata:
5345 name: emissary-apiext
5346 namespace: emissary-system
5347 labels:
5348 app.kubernetes.io/instance: emissary-apiext
5349 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5350 app.kubernetes.io/name: emissary-apiext
5351 app.kubernetes.io/part-of: emissary-apiext
5352rules:
5353 - apiGroups: [""]
5354 resources: ["secrets"]
5355 verbs: ["create"]
5356 - apiGroups: [""]
5357 resources: ["secrets"]
5358 resourceNames: ["emissary-ingress-webhook-ca"]
5359 verbs: ["get", "update"]
5360---
5361apiVersion: rbac.authorization.k8s.io/v1
5362kind: RoleBinding
5363metadata:
5364 name: emissary-apiext
5365 namespace: emissary-system
5366 labels:
5367 app.kubernetes.io/instance: emissary-apiext
5368 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5369 app.kubernetes.io/name: emissary-apiext
5370 app.kubernetes.io/part-of: emissary-apiext
5371roleRef:
5372 apiGroup: rbac.authorization.k8s.io
5373 kind: Role
5374 name: emissary-apiext
5375subjects:
5376- kind: ServiceAccount
5377 namespace: emissary-system
5378 name: emissary-apiext
5379---
5380################################################################################
5381# Main #
5382################################################################################
5383---
5384apiVersion: v1
5385kind: Service
5386metadata:
5387 name: emissary-apiext
5388 namespace: emissary-system
5389 labels:
5390 app.kubernetes.io/instance: emissary-apiext
5391 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5392 app.kubernetes.io/name: emissary-apiext
5393 app.kubernetes.io/part-of: emissary-apiext
5394spec:
5395 type: ClusterIP
5396 ports:
5397 - name: https
5398 port: 443
5399 targetPort: https
5400 selector:
5401 app.kubernetes.io/instance: emissary-apiext
5402 app.kubernetes.io/name: emissary-apiext
5403 app.kubernetes.io/part-of: emissary-apiext
5404---
5405apiVersion: apps/v1
5406kind: Deployment
5407metadata:
5408 name: emissary-apiext
5409 namespace: emissary-system
5410 labels:
5411 app.kubernetes.io/instance: emissary-apiext
5412 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5413 app.kubernetes.io/name: emissary-apiext
5414 app.kubernetes.io/part-of: emissary-apiext
5415spec:
5416 selector:
5417 matchLabels:
5418 app.kubernetes.io/instance: emissary-apiext
5419 app.kubernetes.io/name: emissary-apiext
5420 app.kubernetes.io/part-of: emissary-apiext
5421 replicas: 3
5422 template:
5423 metadata:
5424 labels:
5425 app.kubernetes.io/instance: emissary-apiext
5426 app.kubernetes.io/managed-by: kubectl_apply_-f_emissary-apiext.yaml
5427 app.kubernetes.io/name: emissary-apiext
5428 app.kubernetes.io/part-of: emissary-apiext
5429 spec:
5430 serviceAccountName: emissary-apiext
5431 containers:
5432 - name: emissary-apiext
5433 image: {images[emissary]}
5434 imagePullPolicy: IfNotPresent
5435 command: [ "apiext", "emissary-apiext" ]
5436 ports:
5437 - name: http
5438 containerPort: 8080
5439 - name: https
5440 containerPort: 8443
5441 startupProbe:
5442 httpGet:
5443 path: /probes/live
5444 port: 8080
5445 failureThreshold: 10
5446 periodSeconds: 3
5447 livenessProbe:
5448 httpGet:
5449 scheme: HTTP
5450 path: /probes/live
5451 port: 8080
5452 periodSeconds: 3
5453 failureThreshold: 3
5454 readinessProbe:
5455 httpGet:
5456 scheme: HTTP
5457 path: /probes/ready
5458 port: 8080
5459 periodSeconds: 3
5460 failureThreshold: 3
View as plain text