1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
6 gateway.networking.k8s.io/bundle-version: v1.0.0
7 gateway.networking.k8s.io/channel: experimental
8 creationTimestamp: null
9 name: tcproutes.gateway.networking.k8s.io
10spec:
11 group: gateway.networking.k8s.io
12 names:
13 categories:
14 - gateway-api
15 kind: TCPRoute
16 listKind: TCPRouteList
17 plural: tcproutes
18 singular: tcproute
19 scope: Namespaced
20 versions:
21 - additionalPrinterColumns:
22 - jsonPath: .metadata.creationTimestamp
23 name: Age
24 type: date
25 name: v1alpha2
26 schema:
27 openAPIV3Schema:
28 description: TCPRoute provides a way to route TCP requests. When combined
29 with a Gateway listener, it can be used to forward connections on the port
30 specified by the listener to a set of backends specified by the TCPRoute.
31 properties:
32 apiVersion:
33 description: 'APIVersion defines the versioned schema of this representation
34 of an object. Servers should convert recognized schemas to the latest
35 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
36 type: string
37 kind:
38 description: 'Kind is a string value representing the REST resource this
39 object represents. Servers may infer this from the endpoint the client
40 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
41 type: string
42 metadata:
43 type: object
44 spec:
45 description: Spec defines the desired state of TCPRoute.
46 properties:
47 parentRefs:
48 description: "ParentRefs references the resources (usually Gateways)
49 that a Route wants to be attached to. Note that the referenced parent
50 resource needs to allow this for the attachment to be complete.
51 For Gateways, that means the Gateway needs to allow attachment from
52 Routes of this kind and namespace. For Services, that means the
53 Service must either be in the same namespace for a \"producer\"
54 route, or the mesh implementation must support and allow \"consumer\"
55 routes for the referenced Service. ReferenceGrant is not applicable
56 for governing ParentRefs to Services - it is not possible to create
57 a \"producer\" route for a Service in a different namespace from
58 the Route. \n There are two kinds of parent resources with \"Core\"
59 support: \n * Gateway (Gateway conformance profile) * Service (Mesh
60 conformance profile, experimental, ClusterIP Services only) This
61 API may be extended in the future to support additional kinds of
62 parent resources. \n ParentRefs must be _distinct_. This means either
63 that: \n * They select different objects. If this is the case,
64 then parentRef entries are distinct. In terms of fields, this means
65 that the multi-part key defined by `group`, `kind`, `namespace`,
66 and `name` must be unique across all parentRef entries in the Route.
67 * They do not select different objects, but for each optional field
68 used, each ParentRef that selects the same object must set the same
69 set of optional fields to different values. If one ParentRef sets
70 a combination of optional fields, all must set the same combination.
71 \n Some examples: \n * If one ParentRef sets `sectionName`, all
72 ParentRefs referencing the same object must also set `sectionName`.
73 * If one ParentRef sets `port`, all ParentRefs referencing the same
74 object must also set `port`. * If one ParentRef sets `sectionName`
75 and `port`, all ParentRefs referencing the same object must also
76 set `sectionName` and `port`. \n It is possible to separately reference
77 multiple distinct objects that may be collapsed by an implementation.
78 For example, some implementations may choose to merge compatible
79 Gateway Listeners together. If that is the case, the list of routes
80 attached to those resources should also be merged. \n Note that
81 for ParentRefs that cross namespace boundaries, there are specific
82 rules. Cross-namespace references are only valid if they are explicitly
83 allowed by something in the namespace they are referring to. For
84 example, Gateway has the AllowedRoutes field, and ReferenceGrant
85 provides a generic way to enable other kinds of cross-namespace
86 reference. \n ParentRefs from a Route to a Service in the same
87 namespace are \"producer\" routes, which apply default routing rules
88 to inbound connections from any namespace to the Service. \n ParentRefs
89 from a Route to a Service in a different namespace are \"consumer\"
90 routes, and these routing rules are only applied to outbound connections
91 originating from the same namespace as the Route, for which the
92 intended destination of the connections are a Service targeted as
93 a ParentRef of the Route. \n "
94 items:
95 description: "ParentReference identifies an API object (usually
96 a Gateway) that can be considered a parent of this resource (usually
97 a route). There are two kinds of parent resources with \"Core\"
98 support: \n * Gateway (Gateway conformance profile) * Service
99 (Mesh conformance profile, experimental, ClusterIP Services only)
100 \n This API may be extended in the future to support additional
101 kinds of parent resources. \n The API object must be valid in
102 the cluster; the Group and Kind must be registered in the cluster
103 for this reference to be valid."
104 properties:
105 group:
106 default: gateway.networking.k8s.io
107 description: "Group is the group of the referent. When unspecified,
108 \"gateway.networking.k8s.io\" is inferred. To set the core
109 API group (such as for a \"Service\" kind referent), Group
110 must be explicitly set to \"\" (empty string). \n Support:
111 Core"
112 maxLength: 253
113 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
114 type: string
115 kind:
116 default: Gateway
117 description: "Kind is kind of the referent. \n There are two
118 kinds of parent resources with \"Core\" support: \n * Gateway
119 (Gateway conformance profile) * Service (Mesh conformance
120 profile, experimental, ClusterIP Services only) \n Support
121 for other resources is Implementation-Specific."
122 maxLength: 63
123 minLength: 1
124 pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
125 type: string
126 name:
127 description: "Name is the name of the referent. \n Support:
128 Core"
129 maxLength: 253
130 minLength: 1
131 type: string
132 namespace:
133 description: "Namespace is the namespace of the referent. When
134 unspecified, this refers to the local namespace of the Route.
135 \n Note that there are specific rules for ParentRefs which
136 cross namespace boundaries. Cross-namespace references are
137 only valid if they are explicitly allowed by something in
138 the namespace they are referring to. For example: Gateway
139 has the AllowedRoutes field, and ReferenceGrant provides a
140 generic way to enable any other kind of cross-namespace reference.
141 \n ParentRefs from a Route to a Service in the same namespace
142 are \"producer\" routes, which apply default routing rules
143 to inbound connections from any namespace to the Service.
144 \n ParentRefs from a Route to a Service in a different namespace
145 are \"consumer\" routes, and these routing rules are only
146 applied to outbound connections originating from the same
147 namespace as the Route, for which the intended destination
148 of the connections are a Service targeted as a ParentRef of
149 the Route. \n Support: Core"
150 maxLength: 63
151 minLength: 1
152 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
153 type: string
154 port:
155 description: "Port is the network port this Route targets. It
156 can be interpreted differently based on the type of parent
157 resource. \n When the parent resource is a Gateway, this targets
158 all listeners listening on the specified port that also support
159 this kind of Route(and select this Route). It's not recommended
160 to set `Port` unless the networking behaviors specified in
161 a Route must apply to a specific port as opposed to a listener(s)
162 whose port(s) may be changed. When both Port and SectionName
163 are specified, the name and port of the selected listener
164 must match both specified values. \n When the parent resource
165 is a Service, this targets a specific port in the Service
166 spec. When both Port (experimental) and SectionName are specified,
167 the name and port of the selected port must match both specified
168 values. \n Implementations MAY choose to support other parent
169 resources. Implementations supporting other types of parent
170 resources MUST clearly document how/if Port is interpreted.
171 \n For the purpose of status, an attachment is considered
172 successful as long as the parent resource accepts it partially.
173 For example, Gateway listeners can restrict which Routes can
174 attach to them by Route kind, namespace, or hostname. If 1
175 of 2 Gateway listeners accept attachment from the referencing
176 Route, the Route MUST be considered successfully attached.
177 If no Gateway listeners accept attachment from this Route,
178 the Route MUST be considered detached from the Gateway. \n
179 Support: Extended \n "
180 format: int32
181 maximum: 65535
182 minimum: 1
183 type: integer
184 sectionName:
185 description: "SectionName is the name of a section within the
186 target resource. In the following resources, SectionName is
187 interpreted as the following: \n * Gateway: Listener Name.
188 When both Port (experimental) and SectionName are specified,
189 the name and port of the selected listener must match both
190 specified values. * Service: Port Name. When both Port (experimental)
191 and SectionName are specified, the name and port of the selected
192 listener must match both specified values. Note that attaching
193 Routes to Services as Parents is part of experimental Mesh
194 support and is not supported for any other purpose. \n Implementations
195 MAY choose to support attaching Routes to other resources.
196 If that is the case, they MUST clearly document how SectionName
197 is interpreted. \n When unspecified (empty string), this will
198 reference the entire resource. For the purpose of status,
199 an attachment is considered successful if at least one section
200 in the parent resource accepts it. For example, Gateway listeners
201 can restrict which Routes can attach to them by Route kind,
202 namespace, or hostname. If 1 of 2 Gateway listeners accept
203 attachment from the referencing Route, the Route MUST be considered
204 successfully attached. If no Gateway listeners accept attachment
205 from this Route, the Route MUST be considered detached from
206 the Gateway. \n Support: Core"
207 maxLength: 253
208 minLength: 1
209 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
210 type: string
211 required:
212 - name
213 type: object
214 maxItems: 32
215 type: array
216 x-kubernetes-validations:
217 - message: sectionName or port must be specified when parentRefs includes
218 2 or more references to the same parent
219 rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind
220 == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__)
221 || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__
222 == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) &&
223 p1.__namespace__ == p2.__namespace__)) ? ((!has(p1.sectionName)
224 || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName
225 == '''') && (!has(p1.port) || p1.port == 0) == (!has(p2.port)
226 || p2.port == 0)): true))'
227 - message: sectionName or port must be unique when parentRefs includes
228 2 or more references to the same parent
229 rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind
230 == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__)
231 || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__
232 == '')) || (has(p1.__namespace__) && has(p2.__namespace__) &&
233 p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName)
234 || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName
235 == '')) || ( has(p1.sectionName) && has(p2.sectionName) && p1.sectionName
236 == p2.sectionName)) && (((!has(p1.port) || p1.port == 0) && (!has(p2.port)
237 || p2.port == 0)) || (has(p1.port) && has(p2.port) && p1.port
238 == p2.port))))
239 rules:
240 description: Rules are a list of TCP matchers and actions.
241 items:
242 description: TCPRouteRule is the configuration for a given rule.
243 properties:
244 backendRefs:
245 description: "BackendRefs defines the backend(s) where matching
246 requests should be sent. If unspecified or invalid (refers
247 to a non-existent resource or a Service with no endpoints),
248 the underlying implementation MUST actively reject connection
249 attempts to this backend. Connection rejections must respect
250 weight; if an invalid backend is requested to have 80% of
251 connections, then 80% of connections must be rejected instead.
252 \n Support: Core for Kubernetes Service \n Support: Extended
253 for Kubernetes ServiceImport \n Support: Implementation-specific
254 for any other resource \n Support for weight: Extended"
255 items:
256 description: "BackendRef defines how a Route should forward
257 a request to a Kubernetes resource. \n Note that when a
258 namespace different than the local namespace is specified,
259 a ReferenceGrant object is required in the referent namespace
260 to allow that namespace's owner to accept the reference.
261 See the ReferenceGrant documentation for details. \n <gateway:experimental:description>
262 \n When the BackendRef points to a Kubernetes Service, implementations
263 SHOULD honor the appProtocol field if it is set for the
264 target Service Port. \n Implementations supporting appProtocol
265 SHOULD recognize the Kubernetes Standard Application Protocols
266 defined in KEP-3726. \n If a Service appProtocol isn't specified,
267 an implementation MAY infer the backend protocol through
268 its own means. Implementations MAY infer the protocol from
269 the Route type referring to the backend Service. \n If a
270 Route is not able to send traffic to the backend using the
271 specified protocol then the backend is considered invalid.
272 Implementations MUST set the \"ResolvedRefs\" condition
273 to \"False\" with the \"UnsupportedProtocol\" reason. \n
274 </gateway:experimental:description> \n Note that when the
275 BackendTLSPolicy object is enabled by the implementation,
276 there are some extra rules about validity to consider here.
277 See the fields where this struct is used for more information
278 about the exact behavior."
279 properties:
280 group:
281 default: ""
282 description: Group is the group of the referent. For example,
283 "gateway.networking.k8s.io". When unspecified or empty
284 string, core API group is inferred.
285 maxLength: 253
286 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
287 type: string
288 kind:
289 default: Service
290 description: "Kind is the Kubernetes resource kind of
291 the referent. For example \"Service\". \n Defaults to
292 \"Service\" when not specified. \n ExternalName services
293 can refer to CNAME DNS records that may live outside
294 of the cluster and as such are difficult to reason about
295 in terms of conformance. They also may not be safe to
296 forward to (see CVE-2021-25740 for more information).
297 Implementations SHOULD NOT support ExternalName Services.
298 \n Support: Core (Services with a type other than ExternalName)
299 \n Support: Implementation-specific (Services with type
300 ExternalName)"
301 maxLength: 63
302 minLength: 1
303 pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
304 type: string
305 name:
306 description: Name is the name of the referent.
307 maxLength: 253
308 minLength: 1
309 type: string
310 namespace:
311 description: "Namespace is the namespace of the backend.
312 When unspecified, the local namespace is inferred. \n
313 Note that when a namespace different than the local
314 namespace is specified, a ReferenceGrant object is required
315 in the referent namespace to allow that namespace's
316 owner to accept the reference. See the ReferenceGrant
317 documentation for details. \n Support: Core"
318 maxLength: 63
319 minLength: 1
320 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
321 type: string
322 port:
323 description: Port specifies the destination port number
324 to use for this resource. Port is required when the
325 referent is a Kubernetes Service. In this case, the
326 port number is the service port number, not the target
327 port. For other resources, destination port might be
328 derived from the referent resource or this field.
329 format: int32
330 maximum: 65535
331 minimum: 1
332 type: integer
333 weight:
334 default: 1
335 description: "Weight specifies the proportion of requests
336 forwarded to the referenced backend. This is computed
337 as weight/(sum of all weights in this BackendRefs list).
338 For non-zero values, there may be some epsilon from
339 the exact proportion defined here depending on the precision
340 an implementation supports. Weight is not a percentage
341 and the sum of weights does not need to equal 100. \n
342 If only one backend is specified and it has a weight
343 greater than 0, 100% of the traffic is forwarded to
344 that backend. If weight is set to 0, no traffic should
345 be forwarded for this entry. If unspecified, weight
346 defaults to 1. \n Support for this field varies based
347 on the context where used."
348 format: int32
349 maximum: 1000000
350 minimum: 0
351 type: integer
352 required:
353 - name
354 type: object
355 x-kubernetes-validations:
356 - message: Must have port for Service reference
357 rule: '(size(self.group) == 0 && self.kind == ''Service'')
358 ? has(self.port) : true'
359 maxItems: 16
360 minItems: 1
361 type: array
362 type: object
363 maxItems: 16
364 minItems: 1
365 type: array
366 required:
367 - rules
368 type: object
369 status:
370 description: Status defines the current state of TCPRoute.
371 properties:
372 parents:
373 description: "Parents is a list of parent resources (usually Gateways)
374 that are associated with the route, and the status of the route
375 with respect to each parent. When this route attaches to a parent,
376 the controller that manages the parent must add an entry to this
377 list when the controller first sees the route and should update
378 the entry as appropriate when the route or gateway is modified.
379 \n Note that parent references that cannot be resolved by an implementation
380 of this API will not be added to this list. Implementations of this
381 API can only populate Route status for the Gateways/parent resources
382 they are responsible for. \n A maximum of 32 Gateways will be represented
383 in this list. An empty list means the route has not been attached
384 to any Gateway."
385 items:
386 description: RouteParentStatus describes the status of a route with
387 respect to an associated Parent.
388 properties:
389 conditions:
390 description: "Conditions describes the status of the route with
391 respect to the Gateway. Note that the route's availability
392 is also subject to the Gateway's own status conditions and
393 listener status. \n If the Route's ParentRef specifies an
394 existing Gateway that supports Routes of this kind AND that
395 Gateway's controller has sufficient access, then that Gateway's
396 controller MUST set the \"Accepted\" condition on the Route,
397 to indicate whether the route has been accepted or rejected
398 by the Gateway, and why. \n A Route MUST be considered \"Accepted\"
399 if at least one of the Route's rules is implemented by the
400 Gateway. \n There are a number of cases where the \"Accepted\"
401 condition may not be set due to lack of controller visibility,
402 that includes when: \n * The Route refers to a non-existent
403 parent. * The Route is of a type that the controller does
404 not support. * The Route is in a namespace the controller
405 does not have access to."
406 items:
407 description: "Condition contains details for one aspect of
408 the current state of this API Resource. --- This struct
409 is intended for direct use as an array at the field path
410 .status.conditions. For example, \n type FooStatus struct{
411 // Represents the observations of a foo's current state.
412 // Known .status.conditions.type are: \"Available\", \"Progressing\",
413 and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
414 // +listType=map // +listMapKey=type Conditions []metav1.Condition
415 `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
416 protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields
417 }"
418 properties:
419 lastTransitionTime:
420 description: lastTransitionTime is the last time the condition
421 transitioned from one status to another. This should
422 be when the underlying condition changed. If that is
423 not known, then using the time when the API field changed
424 is acceptable.
425 format: date-time
426 type: string
427 message:
428 description: message is a human readable message indicating
429 details about the transition. This may be an empty string.
430 maxLength: 32768
431 type: string
432 observedGeneration:
433 description: observedGeneration represents the .metadata.generation
434 that the condition was set based upon. For instance,
435 if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
436 is 9, the condition is out of date with respect to the
437 current state of the instance.
438 format: int64
439 minimum: 0
440 type: integer
441 reason:
442 description: reason contains a programmatic identifier
443 indicating the reason for the condition's last transition.
444 Producers of specific condition types may define expected
445 values and meanings for this field, and whether the
446 values are considered a guaranteed API. The value should
447 be a CamelCase string. This field may not be empty.
448 maxLength: 1024
449 minLength: 1
450 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
451 type: string
452 status:
453 description: status of the condition, one of True, False,
454 Unknown.
455 enum:
456 - "True"
457 - "False"
458 - Unknown
459 type: string
460 type:
461 description: type of condition in CamelCase or in foo.example.com/CamelCase.
462 --- Many .condition.type values are consistent across
463 resources like Available, but because arbitrary conditions
464 can be useful (see .node.status.conditions), the ability
465 to deconflict is important. The regex it matches is
466 (dns1123SubdomainFmt/)?(qualifiedNameFmt)
467 maxLength: 316
468 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
469 type: string
470 required:
471 - lastTransitionTime
472 - message
473 - reason
474 - status
475 - type
476 type: object
477 maxItems: 8
478 minItems: 1
479 type: array
480 x-kubernetes-list-map-keys:
481 - type
482 x-kubernetes-list-type: map
483 controllerName:
484 description: "ControllerName is a domain/path string that indicates
485 the name of the controller that wrote this status. This corresponds
486 with the controllerName field on GatewayClass. \n Example:
487 \"example.net/gateway-controller\". \n The format of this
488 field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid
489 Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
490 \n Controllers MUST populate this field when writing status.
491 Controllers should ensure that entries to status populated
492 with their ControllerName are cleaned up when they are no
493 longer necessary."
494 maxLength: 253
495 minLength: 1
496 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
497 type: string
498 parentRef:
499 description: ParentRef corresponds with a ParentRef in the spec
500 that this RouteParentStatus struct describes the status of.
501 properties:
502 group:
503 default: gateway.networking.k8s.io
504 description: "Group is the group of the referent. When unspecified,
505 \"gateway.networking.k8s.io\" is inferred. To set the
506 core API group (such as for a \"Service\" kind referent),
507 Group must be explicitly set to \"\" (empty string). \n
508 Support: Core"
509 maxLength: 253
510 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
511 type: string
512 kind:
513 default: Gateway
514 description: "Kind is kind of the referent. \n There are
515 two kinds of parent resources with \"Core\" support: \n
516 * Gateway (Gateway conformance profile) * Service (Mesh
517 conformance profile, experimental, ClusterIP Services
518 only) \n Support for other resources is Implementation-Specific."
519 maxLength: 63
520 minLength: 1
521 pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
522 type: string
523 name:
524 description: "Name is the name of the referent. \n Support:
525 Core"
526 maxLength: 253
527 minLength: 1
528 type: string
529 namespace:
530 description: "Namespace is the namespace of the referent.
531 When unspecified, this refers to the local namespace of
532 the Route. \n Note that there are specific rules for ParentRefs
533 which cross namespace boundaries. Cross-namespace references
534 are only valid if they are explicitly allowed by something
535 in the namespace they are referring to. For example: Gateway
536 has the AllowedRoutes field, and ReferenceGrant provides
537 a generic way to enable any other kind of cross-namespace
538 reference. \n ParentRefs from a Route to a Service in
539 the same namespace are \"producer\" routes, which apply
540 default routing rules to inbound connections from any
541 namespace to the Service. \n ParentRefs from a Route to
542 a Service in a different namespace are \"consumer\" routes,
543 and these routing rules are only applied to outbound connections
544 originating from the same namespace as the Route, for
545 which the intended destination of the connections are
546 a Service targeted as a ParentRef of the Route. \n Support:
547 Core"
548 maxLength: 63
549 minLength: 1
550 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
551 type: string
552 port:
553 description: "Port is the network port this Route targets.
554 It can be interpreted differently based on the type of
555 parent resource. \n When the parent resource is a Gateway,
556 this targets all listeners listening on the specified
557 port that also support this kind of Route(and select this
558 Route). It's not recommended to set `Port` unless the
559 networking behaviors specified in a Route must apply to
560 a specific port as opposed to a listener(s) whose port(s)
561 may be changed. When both Port and SectionName are specified,
562 the name and port of the selected listener must match
563 both specified values. \n When the parent resource is
564 a Service, this targets a specific port in the Service
565 spec. When both Port (experimental) and SectionName are
566 specified, the name and port of the selected port must
567 match both specified values. \n Implementations MAY choose
568 to support other parent resources. Implementations supporting
569 other types of parent resources MUST clearly document
570 how/if Port is interpreted. \n For the purpose of status,
571 an attachment is considered successful as long as the
572 parent resource accepts it partially. For example, Gateway
573 listeners can restrict which Routes can attach to them
574 by Route kind, namespace, or hostname. If 1 of 2 Gateway
575 listeners accept attachment from the referencing Route,
576 the Route MUST be considered successfully attached. If
577 no Gateway listeners accept attachment from this Route,
578 the Route MUST be considered detached from the Gateway.
579 \n Support: Extended \n "
580 format: int32
581 maximum: 65535
582 minimum: 1
583 type: integer
584 sectionName:
585 description: "SectionName is the name of a section within
586 the target resource. In the following resources, SectionName
587 is interpreted as the following: \n * Gateway: Listener
588 Name. When both Port (experimental) and SectionName are
589 specified, the name and port of the selected listener
590 must match both specified values. * Service: Port Name.
591 When both Port (experimental) and SectionName are specified,
592 the name and port of the selected listener must match
593 both specified values. Note that attaching Routes to Services
594 as Parents is part of experimental Mesh support and is
595 not supported for any other purpose. \n Implementations
596 MAY choose to support attaching Routes to other resources.
597 If that is the case, they MUST clearly document how SectionName
598 is interpreted. \n When unspecified (empty string), this
599 will reference the entire resource. For the purpose of
600 status, an attachment is considered successful if at least
601 one section in the parent resource accepts it. For example,
602 Gateway listeners can restrict which Routes can attach
603 to them by Route kind, namespace, or hostname. If 1 of
604 2 Gateway listeners accept attachment from the referencing
605 Route, the Route MUST be considered successfully attached.
606 If no Gateway listeners accept attachment from this Route,
607 the Route MUST be considered detached from the Gateway.
608 \n Support: Core"
609 maxLength: 253
610 minLength: 1
611 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
612 type: string
613 required:
614 - name
615 type: object
616 required:
617 - controllerName
618 - parentRef
619 type: object
620 maxItems: 32
621 type: array
622 required:
623 - parents
624 type: object
625 required:
626 - spec
627 type: object
628 served: true
629 storage: true
630 subresources:
631 status: {}
632status:
633 acceptedNames:
634 kind: ""
635 plural: ""
636 conditions: null
637 storedVersions: null
View as plain text