// This file was autogenerated by go-to-protobuf. Do not edit it manually! syntax = "proto2"; package github.com.openshift.api.networkoperator.v1; import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; // Package-wide variables from generator "generated". option go_package = "github.com/openshift/api/networkoperator/v1"; // EgressRouter is a feature allowing the user to define an egress router // that acts as a bridge between pods and external systems. The egress router runs // a service that redirects egress traffic originating from a pod or a group of // pods to a remote external system or multiple destinations as per configuration. // // It is consumed by the cluster-network-operator. // More specifically, given an EgressRouter CR with , the CNO will create and manage: // - A service called // - An egress pod called // - A NAD called // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // // EgressRouter is a single egressrouter pod configuration object. // +k8s:openapi-gen=true // +kubebuilder:subresource:status // +kubebuilder:resource:path=egressrouters,scope=Namespaced // +kubebuilder:printcolumn:name="Condition",type=string,JSONPath=".status.conditions[*].type" // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[*].status" // +openshift:compatibility-gen:level=1 message EgressRouter { // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // Specification of the desired egress router. // +kubebuilder:validation:Required optional EgressRouterSpec spec = 2; // Observed status of EgressRouter. optional EgressRouterStatus status = 3; } // EgressRouterAddress contains a pair of IP CIDR and gateway to be configured on the router's interface // +kubebuilder:validation:Required message EgressRouterAddress { // IP is the address to configure on the router's interface. Can be IPv4 or IPv6. // +kubebuilder:validation:Required optional string ip = 1; // IP address of the next-hop gateway, if it cannot be automatically determined. Can be IPv4 or IPv6. optional string gateway = 2; } // EgressRouterInterface contains the configuration of interface to create/use. message EgressRouterInterface { // Arguments specific to the interfaceType macvlan // +kubebuilder:default:={mode: Bridge} optional MacvlanConfig macvlan = 1; } // EgressRouterList is the list of egress router pods requested. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message EgressRouterList { // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated EgressRouter items = 2; } // EgressRouterSpec contains the configuration for an egress router. // Mode, networkInterface and addresses fields must be specified along with exactly one "Config" that matches the mode. // Each config consists of parameters specific to that mode. // +k8s:openapi-gen=true // +kubebuilder:validation:Required message EgressRouterSpec { // Mode depicts the mode that is used for the egress router. The default mode is "Redirect" and is the only supported mode currently. // +kubebuilder:validation:Required // +kubebuilder:validation:Enum="Redirect" // +kubebuilder:default:="Redirect" optional string mode = 1; // Redirect represents the configuration parameters specific to redirect mode. optional RedirectConfig redirect = 2; // Specification of interface to create/use. The default is macvlan. // Currently only macvlan is supported. // +kubebuilder:validation:Required // +kubebuilder:default:={macvlan: {mode: Bridge}} optional EgressRouterInterface networkInterface = 3; // List of IP addresses to configure on the pod's secondary interface. // +kubebuilder:validation:Required repeated EgressRouterAddress addresses = 4; } // EgressRouterStatus contains the observed status of EgressRouter. Read-only. message EgressRouterStatus { // Observed status of the egress router // +kubebuilder:validation:Required repeated EgressRouterStatusCondition conditions = 1; } // EgressRouterStatusCondition represents the state of the egress router's // managed and monitored components. // +k8s:deepcopy-gen=true message EgressRouterStatusCondition { // Type specifies the aspect reported by this condition; one of Available, Progressing, Degraded // +kubebuilder:validation:Required // +kubebuilder:validation:Enum="Available";"Progressing";"Degraded" // +required optional string type = 1; // Status of the condition, one of True, False, Unknown. // +kubebuilder:validation:Required // +kubebuilder:validation:Enum="True";"False";"Unknown" // +required optional string status = 2; // LastTransitionTime is the time of the last update to the current status property. // +kubebuilder:validation:Required // +required // +nullable optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3; // Reason is the CamelCase reason for the condition's current status. optional string reason = 4; // Message provides additional information about the current condition. // This is only to be consumed by humans. It may contain Line Feed // characters (U+000A), which should be rendered as new lines. optional string message = 5; } // L4RedirectRule defines a DNAT redirection from a given port to a destination IP and port. message L4RedirectRule { // IP specifies the remote destination's IP address. Can be IPv4 or IPv6. // +kubebuilder:validation:Required optional string destinationIP = 1; // Port is the port number to which clients should send traffic to be redirected. // +kubebuilder:validation:Required // +kubebuilder:validation:Maximum:=65535 // +kubebuilder:validation:Minimum:=1 optional int32 port = 2; // Protocol can be TCP, SCTP or UDP. // +kubebuilder:validation:Required // +kubebuilder:validation:Enum="TCP";"UDP";"SCTP" optional string protocol = 3; // TargetPort allows specifying the port number on the remote destination to which the traffic gets redirected to. // If unspecified, the value from "Port" is used. // +kubebuilder:validation:Maximum:=65535 // +kubebuilder:validation:Minimum:=1 optional int32 targetPort = 4; } // MacvlanConfig consists of arguments specific to the macvlan EgressRouterInterfaceType message MacvlanConfig { // Mode depicts the mode that is used for the macvlan interface; one of Bridge|Private|VEPA|Passthru. The default mode is "Bridge". // +kubebuilder:validation:Required // +kubebuilder:validation:Enum="Bridge";"Private";"VEPA";"Passthru" // +kubebuilder:default:="Bridge" optional string mode = 1; // Name of the master interface. Need not be specified if it can be inferred from the IP address. optional string master = 2; } // RedirectConfig represents the configuration parameters specific to redirect mode. message RedirectConfig { // List of L4RedirectRules that define the DNAT redirection from the pod to the destination in redirect mode. repeated L4RedirectRule redirectRules = 1; // FallbackIP specifies the remote destination's IP address. Can be IPv4 or IPv6. // If no redirect rules are specified, all traffic from the router are redirected to this IP. // If redirect rules are specified, then any connections on any other port (undefined in the rules) on the router will be redirected to this IP. // If redirect rules are specified and no fallback IP is provided, connections on other ports will simply be rejected. optional string fallbackIP = 2; }