1
2// This file was autogenerated by go-to-protobuf. Do not edit it manually!
3
4syntax = "proto2";
5
6package github.com.openshift.api.networkoperator.v1;
7
8import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
9import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
10
11// Package-wide variables from generator "generated".
12option go_package = "github.com/openshift/api/networkoperator/v1";
13
14// EgressRouter is a feature allowing the user to define an egress router
15// that acts as a bridge between pods and external systems. The egress router runs
16// a service that redirects egress traffic originating from a pod or a group of
17// pods to a remote external system or multiple destinations as per configuration.
18//
19// It is consumed by the cluster-network-operator.
20// More specifically, given an EgressRouter CR with <name>, the CNO will create and manage:
21// - A service called <name>
22// - An egress pod called <name>
23// - A NAD called <name>
24//
25// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
26// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
27//
28// EgressRouter is a single egressrouter pod configuration object.
29// +k8s:openapi-gen=true
30// +kubebuilder:subresource:status
31// +kubebuilder:resource:path=egressrouters,scope=Namespaced
32// +kubebuilder:printcolumn:name="Condition",type=string,JSONPath=".status.conditions[*].type"
33// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[*].status"
34// +openshift:compatibility-gen:level=1
35message EgressRouter {
36 // metadata is the standard object's metadata.
37 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
38 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
39
40 // Specification of the desired egress router.
41 // +kubebuilder:validation:Required
42 optional EgressRouterSpec spec = 2;
43
44 // Observed status of EgressRouter.
45 optional EgressRouterStatus status = 3;
46}
47
48// EgressRouterAddress contains a pair of IP CIDR and gateway to be configured on the router's interface
49// +kubebuilder:validation:Required
50message EgressRouterAddress {
51 // IP is the address to configure on the router's interface. Can be IPv4 or IPv6.
52 // +kubebuilder:validation:Required
53 optional string ip = 1;
54
55 // IP address of the next-hop gateway, if it cannot be automatically determined. Can be IPv4 or IPv6.
56 optional string gateway = 2;
57}
58
59// EgressRouterInterface contains the configuration of interface to create/use.
60message EgressRouterInterface {
61 // Arguments specific to the interfaceType macvlan
62 // +kubebuilder:default:={mode: Bridge}
63 optional MacvlanConfig macvlan = 1;
64}
65
66// EgressRouterList is the list of egress router pods requested.
67//
68// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
69// +openshift:compatibility-gen:level=1
70message EgressRouterList {
71 // metadata is the standard list's metadata.
72 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
73 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
74
75 repeated EgressRouter items = 2;
76}
77
78// EgressRouterSpec contains the configuration for an egress router.
79// Mode, networkInterface and addresses fields must be specified along with exactly one "Config" that matches the mode.
80// Each config consists of parameters specific to that mode.
81// +k8s:openapi-gen=true
82// +kubebuilder:validation:Required
83message EgressRouterSpec {
84 // Mode depicts the mode that is used for the egress router. The default mode is "Redirect" and is the only supported mode currently.
85 // +kubebuilder:validation:Required
86 // +kubebuilder:validation:Enum="Redirect"
87 // +kubebuilder:default:="Redirect"
88 optional string mode = 1;
89
90 // Redirect represents the configuration parameters specific to redirect mode.
91 optional RedirectConfig redirect = 2;
92
93 // Specification of interface to create/use. The default is macvlan.
94 // Currently only macvlan is supported.
95 // +kubebuilder:validation:Required
96 // +kubebuilder:default:={macvlan: {mode: Bridge}}
97 optional EgressRouterInterface networkInterface = 3;
98
99 // List of IP addresses to configure on the pod's secondary interface.
100 // +kubebuilder:validation:Required
101 repeated EgressRouterAddress addresses = 4;
102}
103
104// EgressRouterStatus contains the observed status of EgressRouter. Read-only.
105message EgressRouterStatus {
106 // Observed status of the egress router
107 // +kubebuilder:validation:Required
108 repeated EgressRouterStatusCondition conditions = 1;
109}
110
111// EgressRouterStatusCondition represents the state of the egress router's
112// managed and monitored components.
113// +k8s:deepcopy-gen=true
114message EgressRouterStatusCondition {
115 // Type specifies the aspect reported by this condition; one of Available, Progressing, Degraded
116 // +kubebuilder:validation:Required
117 // +kubebuilder:validation:Enum="Available";"Progressing";"Degraded"
118 // +required
119 optional string type = 1;
120
121 // Status of the condition, one of True, False, Unknown.
122 // +kubebuilder:validation:Required
123 // +kubebuilder:validation:Enum="True";"False";"Unknown"
124 // +required
125 optional string status = 2;
126
127 // LastTransitionTime is the time of the last update to the current status property.
128 // +kubebuilder:validation:Required
129 // +required
130 // +nullable
131 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
132
133 // Reason is the CamelCase reason for the condition's current status.
134 optional string reason = 4;
135
136 // Message provides additional information about the current condition.
137 // This is only to be consumed by humans. It may contain Line Feed
138 // characters (U+000A), which should be rendered as new lines.
139 optional string message = 5;
140}
141
142// L4RedirectRule defines a DNAT redirection from a given port to a destination IP and port.
143message L4RedirectRule {
144 // IP specifies the remote destination's IP address. Can be IPv4 or IPv6.
145 // +kubebuilder:validation:Required
146 optional string destinationIP = 1;
147
148 // Port is the port number to which clients should send traffic to be redirected.
149 // +kubebuilder:validation:Required
150 // +kubebuilder:validation:Maximum:=65535
151 // +kubebuilder:validation:Minimum:=1
152 optional int32 port = 2;
153
154 // Protocol can be TCP, SCTP or UDP.
155 // +kubebuilder:validation:Required
156 // +kubebuilder:validation:Enum="TCP";"UDP";"SCTP"
157 optional string protocol = 3;
158
159 // TargetPort allows specifying the port number on the remote destination to which the traffic gets redirected to.
160 // If unspecified, the value from "Port" is used.
161 // +kubebuilder:validation:Maximum:=65535
162 // +kubebuilder:validation:Minimum:=1
163 optional int32 targetPort = 4;
164}
165
166// MacvlanConfig consists of arguments specific to the macvlan EgressRouterInterfaceType
167message MacvlanConfig {
168 // Mode depicts the mode that is used for the macvlan interface; one of Bridge|Private|VEPA|Passthru. The default mode is "Bridge".
169 // +kubebuilder:validation:Required
170 // +kubebuilder:validation:Enum="Bridge";"Private";"VEPA";"Passthru"
171 // +kubebuilder:default:="Bridge"
172 optional string mode = 1;
173
174 // Name of the master interface. Need not be specified if it can be inferred from the IP address.
175 optional string master = 2;
176}
177
178// RedirectConfig represents the configuration parameters specific to redirect mode.
179message RedirectConfig {
180 // List of L4RedirectRules that define the DNAT redirection from the pod to the destination in redirect mode.
181 repeated L4RedirectRule redirectRules = 1;
182
183 // FallbackIP specifies the remote destination's IP address. Can be IPv4 or IPv6.
184 // If no redirect rules are specified, all traffic from the router are redirected to this IP.
185 // If redirect rules are specified, then any connections on any other port (undefined in the rules) on the router will be redirected to this IP.
186 // If redirect rules are specified and no fallback IP is provided, connections on other ports will simply be rejected.
187 optional string fallbackIP = 2;
188}
189
View as plain text