1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 name: externalworkloads.workload.linkerd.io
6 annotations:
7 {{ include "partials.annotations.created-by" . }}
8 labels:
9 helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
10 linkerd.io/control-plane-ns: {{.Release.Namespace}}
11spec:
12 group: workload.linkerd.io
13 names:
14 categories:
15 - external
16 kind: ExternalWorkload
17 listKind: ExternalWorkloadList
18 plural: externalworkloads
19 singular: externalworkload
20 shortNames: []
21 scope: Namespaced
22 versions:
23 - name: v1alpha1
24 served: true
25 storage: false
26 schema:
27 openAPIV3Schema:
28 description: >-
29 An ExternalWorkload describes a single workload (i.e. a deployable unit) external
30 to the cluster that should be enrolled in the mesh.
31 type: object
32 required: [spec]
33 properties:
34 apiVerson:
35 type: string
36 kind:
37 type: string
38 metadata:
39 type: object
40 spec:
41 properties:
42 meshTls:
43 description: meshTls describes TLS settings associated with an
44 external workload.
45 properties:
46 identity:
47 type: string
48 description: identity of the workload. Corresponds to the
49 identity used in the workload's certificate. It is used
50 by peers to perform verification in the mTLS handshake.
51 minLength: 1
52 maxLength: 253
53 serverName:
54 type: string
55 description: serverName is the name of the workload in DNS
56 format. It is used by the workload to terminate TLS using
57 SNI.
58 minLength: 1
59 maxLength: 253
60 type: object
61 required:
62 - identity
63 - serverName
64 ports:
65 type: array
66 description: ports describes a list of ports exposed by the
67 workload
68 items:
69 properties:
70 name:
71 type: string
72 description: name must be an IANA_SVC_NAME and unique
73 within the ports set. Each named port can be referred
74 to by services.
75 port:
76 format: int32
77 maximum: 65535
78 minimum: 1
79 type: integer
80 protocol:
81 description: protocol exposed by the port. Must be UDP or
82 TCP. Defaults to TCP.
83 type: string
84 default: "TCP"
85 type: object
86 required:
87 - port
88 workloadIPs:
89 type: array
90 description: workloadIPs contains a list of IP addresses that
91 can be used to send traffic to the workload.
92 items:
93 type: object
94 properties:
95 ip:
96 type: string
97 # TODO: relax this in the future when ipv6 is supported
98 # an external workload (like a pod) should only
99 # support 2 interfaces
100 maxItems: 1
101 type: object
102 required:
103 - meshTls
104 status:
105 type: object
106 properties:
107 conditions:
108 type: array
109 items:
110 type: object
111 properties:
112 lastProbeTime:
113 description: lastProbeTime is the last time the
114 healthcheck endpoint was probed.
115 format: date-time
116 type: string
117 lastTransitionTime:
118 description: lastTransitionTime is the last time the
119 condition transitioned from one status to another.
120 format: date-time
121 type: string
122 status:
123 description: status of the condition (one of True, False, Unknown)
124 enum:
125 - "True"
126 - "False"
127 - Unknown
128 type: string
129 type:
130 description: type of the condition in CamelCase or in
131 foo.example.com/CamelCase.
132 maxLength: 316
133 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
134 type: string
135 reason:
136 description: reason contains a programmatic identifier
137 indicating the reason for the condition's last
138 transition. Producers of specific condition types may
139 define expected values and meanings for this field, and
140 whether the values are considered a guaranteed API. The
141 value should be a CamelCase string. This field may not
142 be empty.
143 maxLength: 1024
144 minLength: 1
145 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
146 type: string
147 message:
148 description: message is a human readable message
149 indicating details about the transition. This may be an
150 empty string.
151 maxLength: 32768
152 type: string
153 required:
154 - status
155 - type
156 additionalPrinterColumns:
157 - jsonPath: .spec.meshTls.identity
158 name: Identity
159 type: string
160 - jsonPath: .metadata.creationTimestamp
161 name: Age
162 type: date
163 - name: v1beta1
164 served: true
165 storage: true
166 subresources:
167 status: {}
168 schema:
169 openAPIV3Schema:
170 description: >-
171 An ExternalWorkload describes a single workload (i.e. a deployable unit) external
172 to the cluster that should be enrolled in the mesh.
173 type: object
174 required: [spec]
175 properties:
176 apiVerson:
177 type: string
178 kind:
179 type: string
180 metadata:
181 type: object
182 spec:
183 properties:
184 meshTLS:
185 description: meshTLS describes TLS settings associated with an
186 external workload.
187 properties:
188 identity:
189 type: string
190 description: identity of the workload. Corresponds to the
191 identity used in the workload's certificate. It is used
192 by peers to perform verification in the mTLS handshake.
193 minLength: 1
194 maxLength: 253
195 serverName:
196 type: string
197 description: serverName is the name of the workload in DNS
198 format. It is used by the workload to terminate TLS using
199 SNI.
200 minLength: 1
201 maxLength: 253
202 type: object
203 required:
204 - identity
205 - serverName
206 ports:
207 type: array
208 description: ports describes a list of ports exposed by the
209 workload
210 items:
211 properties:
212 name:
213 type: string
214 description: name must be an IANA_SVC_NAME and unique
215 within the ports set. Each named port can be referred
216 to by services.
217 port:
218 format: int32
219 maximum: 65535
220 minimum: 1
221 type: integer
222 protocol:
223 description: protocol exposed by the port. Must be UDP or
224 TCP. Defaults to TCP.
225 type: string
226 default: "TCP"
227 type: object
228 required:
229 - port
230 workloadIPs:
231 type: array
232 description: workloadIPs contains a list of IP addresses that
233 can be used to send traffic to the workload.
234 items:
235 type: object
236 properties:
237 ip:
238 type: string
239 # TODO: relax this in the future when ipv6 is supported
240 # an external workload (like a pod) should only
241 # support 2 interfaces
242 maxItems: 1
243 type: object
244 required:
245 - meshTLS
246 status:
247 type: object
248 properties:
249 conditions:
250 type: array
251 items:
252 type: object
253 properties:
254 lastProbeTime:
255 description: lastProbeTime is the last time the
256 healthcheck endpoint was probed.
257 format: date-time
258 type: string
259 lastTransitionTime:
260 description: lastTransitionTime is the last time the
261 condition transitioned from one status to another.
262 format: date-time
263 type: string
264 status:
265 description: status of the condition (one of True, False, Unknown)
266 enum:
267 - "True"
268 - "False"
269 - Unknown
270 type: string
271 type:
272 description: type of the condition in CamelCase or in
273 foo.example.com/CamelCase.
274 maxLength: 316
275 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
276 type: string
277 reason:
278 description: reason contains a programmatic identifier
279 indicating the reason for the condition's last
280 transition. Producers of specific condition types may
281 define expected values and meanings for this field, and
282 whether the values are considered a guaranteed API. The
283 value should be a CamelCase string. This field may not
284 be empty.
285 maxLength: 1024
286 minLength: 1
287 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
288 type: string
289 message:
290 description: message is a human readable message
291 indicating details about the transition. This may be an
292 empty string.
293 maxLength: 32768
294 type: string
295 required:
296 - status
297 - type
298 additionalPrinterColumns:
299 - jsonPath: .spec.meshTLS.identity
300 name: Identity
301 type: string
302 - jsonPath: .metadata.creationTimestamp
303 name: Age
304 type: date
View as plain text