...

Text file src/sigs.k8s.io/gateway-api/config/crd/standard/gateway.networking.k8s.io_gateways.yaml

Documentation: sigs.k8s.io/gateway-api/config/crd/standard

     1apiVersion: apiextensions.k8s.io/v1
     2kind: CustomResourceDefinition
     3metadata:
     4  annotations:
     5    api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
     6    gateway.networking.k8s.io/bundle-version: v1.0.0
     7    gateway.networking.k8s.io/channel: standard
     8  creationTimestamp: null
     9  name: gateways.gateway.networking.k8s.io
    10spec:
    11  group: gateway.networking.k8s.io
    12  names:
    13    categories:
    14    - gateway-api
    15    kind: Gateway
    16    listKind: GatewayList
    17    plural: gateways
    18    shortNames:
    19    - gtw
    20    singular: gateway
    21  scope: Namespaced
    22  versions:
    23  - additionalPrinterColumns:
    24    - jsonPath: .spec.gatewayClassName
    25      name: Class
    26      type: string
    27    - jsonPath: .status.addresses[*].value
    28      name: Address
    29      type: string
    30    - jsonPath: .status.conditions[?(@.type=="Programmed")].status
    31      name: Programmed
    32      type: string
    33    - jsonPath: .metadata.creationTimestamp
    34      name: Age
    35      type: date
    36    name: v1
    37    schema:
    38      openAPIV3Schema:
    39        description: Gateway represents an instance of a service-traffic handling
    40          infrastructure by binding Listeners to a set of IP addresses.
    41        properties:
    42          apiVersion:
    43            description: 'APIVersion defines the versioned schema of this representation
    44              of an object. Servers should convert recognized schemas to the latest
    45              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
    46            type: string
    47          kind:
    48            description: 'Kind is a string value representing the REST resource this
    49              object represents. Servers may infer this from the endpoint the client
    50              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
    51            type: string
    52          metadata:
    53            type: object
    54          spec:
    55            description: Spec defines the desired state of Gateway.
    56            properties:
    57              addresses:
    58                description: "Addresses requested for this Gateway. This is optional
    59                  and behavior can depend on the implementation. If a value is set
    60                  in the spec and the requested address is invalid or unavailable,
    61                  the implementation MUST indicate this in the associated entry in
    62                  GatewayStatus.Addresses. \n The Addresses field represents a request
    63                  for the address(es) on the \"outside of the Gateway\", that traffic
    64                  bound for this Gateway will use. This could be the IP address or
    65                  hostname of an external load balancer or other networking infrastructure,
    66                  or some other address that traffic will be sent to. \n If no Addresses
    67                  are specified, the implementation MAY schedule the Gateway in an
    68                  implementation-specific manner, assigning an appropriate set of
    69                  Addresses. \n The implementation MUST bind all Listeners to every
    70                  GatewayAddress that it assigns to the Gateway and add a corresponding
    71                  entry in GatewayStatus.Addresses. \n Support: Extended \n "
    72                items:
    73                  description: GatewayAddress describes an address that can be bound
    74                    to a Gateway.
    75                  oneOf:
    76                  - properties:
    77                      type:
    78                        enum:
    79                        - IPAddress
    80                      value:
    81                        anyOf:
    82                        - format: ipv4
    83                        - format: ipv6
    84                  - properties:
    85                      type:
    86                        not:
    87                          enum:
    88                          - IPAddress
    89                  properties:
    90                    type:
    91                      default: IPAddress
    92                      description: Type of the address.
    93                      maxLength: 253
    94                      minLength: 1
    95                      pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
    96                      type: string
    97                    value:
    98                      description: "Value of the address. The validity of the values
    99                        will depend on the type and support by the controller. \n
   100                        Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
   101                      maxLength: 253
   102                      minLength: 1
   103                      type: string
   104                  required:
   105                  - value
   106                  type: object
   107                  x-kubernetes-validations:
   108                  - message: Hostname value must only contain valid characters (matching
   109                      ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$)
   110                    rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""):
   111                      true'
   112                maxItems: 16
   113                type: array
   114                x-kubernetes-validations:
   115                - message: IPAddress values must be unique
   116                  rule: 'self.all(a1, a1.type == ''IPAddress'' ? self.exists_one(a2,
   117                    a2.type == a1.type && a2.value == a1.value) : true )'
   118                - message: Hostname values must be unique
   119                  rule: 'self.all(a1, a1.type == ''Hostname'' ? self.exists_one(a2,
   120                    a2.type == a1.type && a2.value == a1.value) : true )'
   121              gatewayClassName:
   122                description: GatewayClassName used for this Gateway. This is the name
   123                  of a GatewayClass resource.
   124                maxLength: 253
   125                minLength: 1
   126                type: string
   127              listeners:
   128                description: "Listeners associated with this Gateway. Listeners define
   129                  logical endpoints that are bound on this Gateway's addresses. At
   130                  least one Listener MUST be specified. \n Each Listener in a set
   131                  of Listeners (for example, in a single Gateway) MUST be _distinct_,
   132                  in that a traffic flow MUST be able to be assigned to exactly one
   133                  listener. (This section uses \"set of Listeners\" rather than \"Listeners
   134                  in a single Gateway\" because implementations MAY merge configuration
   135                  from multiple Gateways onto a single data plane, and these rules
   136                  _also_ apply in that case). \n Practically, this means that each
   137                  listener in a set MUST have a unique combination of Port, Protocol,
   138                  and, if supported by the protocol, Hostname. \n Some combinations
   139                  of port, protocol, and TLS settings are considered Core support
   140                  and MUST be supported by implementations based on their targeted
   141                  conformance profile: \n HTTP Profile \n 1. HTTPRoute, Port: 80,
   142                  Protocol: HTTP 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode:
   143                  Terminate, TLS keypair provided \n TLS Profile \n 1. TLSRoute, Port:
   144                  443, Protocol: TLS, TLS Mode: Passthrough \n \"Distinct\" Listeners
   145                  have the following property: \n The implementation can match inbound
   146                  requests to a single distinct Listener. When multiple Listeners
   147                  share values for fields (for example, two Listeners with the same
   148                  Port value), the implementation can match requests to only one of
   149                  the Listeners using other Listener fields. \n For example, the following
   150                  Listener scenarios are distinct: \n 1. Multiple Listeners with the
   151                  same Port that all use the \"HTTP\" Protocol that all have unique
   152                  Hostname values. 2. Multiple Listeners with the same Port that use
   153                  either the \"HTTPS\" or \"TLS\" Protocol that all have unique Hostname
   154                  values. 3. A mixture of \"TCP\" and \"UDP\" Protocol Listeners,
   155                  where no Listener with the same Protocol has the same Port value.
   156                  \n Some fields in the Listener struct have possible values that
   157                  affect whether the Listener is distinct. Hostname is particularly
   158                  relevant for HTTP or HTTPS protocols. \n When using the Hostname
   159                  value to select between same-Port, same-Protocol Listeners, the
   160                  Hostname value must be different on each Listener for the Listener
   161                  to be distinct. \n When the Listeners are distinct based on Hostname,
   162                  inbound request hostnames MUST match from the most specific to least
   163                  specific Hostname values to choose the correct Listener and its
   164                  associated set of Routes. \n Exact matches must be processed before
   165                  wildcard matches, and wildcard matches must be processed before
   166                  fallback (empty Hostname value) matches. For example, `\"foo.example.com\"`
   167                  takes precedence over `\"*.example.com\"`, and `\"*.example.com\"`
   168                  takes precedence over `\"\"`. \n Additionally, if there are multiple
   169                  wildcard entries, more specific wildcard entries must be processed
   170                  before less specific wildcard entries. For example, `\"*.foo.example.com\"`
   171                  takes precedence over `\"*.example.com\"`. The precise definition
   172                  here is that the higher the number of dots in the hostname to the
   173                  right of the wildcard character, the higher the precedence. \n The
   174                  wildcard character will match any number of characters _and dots_
   175                  to the left, however, so `\"*.example.com\"` will match both `\"foo.bar.example.com\"`
   176                  _and_ `\"bar.example.com\"`. \n If a set of Listeners contains Listeners
   177                  that are not distinct, then those Listeners are Conflicted, and
   178                  the implementation MUST set the \"Conflicted\" condition in the
   179                  Listener Status to \"True\". \n Implementations MAY choose to accept
   180                  a Gateway with some Conflicted Listeners only if they only accept
   181                  the partial Listener set that contains no Conflicted Listeners.
   182                  To put this another way, implementations may accept a partial Listener
   183                  set only if they throw out *all* the conflicting Listeners. No picking
   184                  one of the conflicting listeners as the winner. This also means
   185                  that the Gateway must have at least one non-conflicting Listener
   186                  in this case, otherwise it violates the requirement that at least
   187                  one Listener must be present. \n The implementation MUST set a \"ListenersNotValid\"
   188                  condition on the Gateway Status when the Gateway contains Conflicted
   189                  Listeners whether or not they accept the Gateway. That Condition
   190                  SHOULD clearly indicate in the Message which Listeners are conflicted,
   191                  and which are Accepted. Additionally, the Listener status for those
   192                  listeners SHOULD indicate which Listeners are conflicted and not
   193                  Accepted. \n A Gateway's Listeners are considered \"compatible\"
   194                  if: \n 1. They are distinct. 2. The implementation can serve them
   195                  in compliance with the Addresses requirement that all Listeners
   196                  are available on all assigned addresses. \n Compatible combinations
   197                  in Extended support are expected to vary across implementations.
   198                  A combination that is compatible for one implementation may not
   199                  be compatible for another. \n For example, an implementation that
   200                  cannot serve both TCP and UDP listeners on the same address, or
   201                  cannot mix HTTPS and generic TLS listens on the same port would
   202                  not consider those cases compatible, even though they are distinct.
   203                  \n Note that requests SHOULD match at most one Listener. For example,
   204                  if Listeners are defined for \"foo.example.com\" and \"*.example.com\",
   205                  a request to \"foo.example.com\" SHOULD only be routed using routes
   206                  attached to the \"foo.example.com\" Listener (and not the \"*.example.com\"
   207                  Listener). This concept is known as \"Listener Isolation\". Implementations
   208                  that do not support Listener Isolation MUST clearly document this.
   209                  \n Implementations MAY merge separate Gateways onto a single set
   210                  of Addresses if all Listeners across all Gateways are compatible.
   211                  \n Support: Core"
   212                items:
   213                  description: Listener embodies the concept of a logical endpoint
   214                    where a Gateway accepts network connections.
   215                  properties:
   216                    allowedRoutes:
   217                      default:
   218                        namespaces:
   219                          from: Same
   220                      description: "AllowedRoutes defines the types of routes that
   221                        MAY be attached to a Listener and the trusted namespaces where
   222                        those Route resources MAY be present. \n Although a client
   223                        request may match multiple route rules, only one rule may
   224                        ultimately receive the request. Matching precedence MUST be
   225                        determined in order of the following criteria: \n * The most
   226                        specific match as defined by the Route type. * The oldest
   227                        Route based on creation timestamp. For example, a Route with
   228                        a creation timestamp of \"2020-09-08 01:02:03\" is given precedence
   229                        over a Route with a creation timestamp of \"2020-09-08 01:02:04\".
   230                        * If everything else is equivalent, the Route appearing first
   231                        in alphabetical order (namespace/name) should be given precedence.
   232                        For example, foo/bar is given precedence over foo/baz. \n
   233                        All valid rules within a Route attached to this Listener should
   234                        be implemented. Invalid Route rules can be ignored (sometimes
   235                        that will mean the full Route). If a Route rule transitions
   236                        from valid to invalid, support for that Route rule should
   237                        be dropped to ensure consistency. For example, even if a filter
   238                        specified by a Route rule is invalid, the rest of the rules
   239                        within that Route should still be supported. \n Support: Core"
   240                      properties:
   241                        kinds:
   242                          description: "Kinds specifies the groups and kinds of Routes
   243                            that are allowed to bind to this Gateway Listener. When
   244                            unspecified or empty, the kinds of Routes selected are
   245                            determined using the Listener protocol. \n A RouteGroupKind
   246                            MUST correspond to kinds of Routes that are compatible
   247                            with the application protocol specified in the Listener's
   248                            Protocol field. If an implementation does not support
   249                            or recognize this resource type, it MUST set the \"ResolvedRefs\"
   250                            condition to False for this Listener with the \"InvalidRouteKinds\"
   251                            reason. \n Support: Core"
   252                          items:
   253                            description: RouteGroupKind indicates the group and kind
   254                              of a Route resource.
   255                            properties:
   256                              group:
   257                                default: gateway.networking.k8s.io
   258                                description: Group is the group of the Route.
   259                                maxLength: 253
   260                                pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
   261                                type: string
   262                              kind:
   263                                description: Kind is the kind of the Route.
   264                                maxLength: 63
   265                                minLength: 1
   266                                pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
   267                                type: string
   268                            required:
   269                            - kind
   270                            type: object
   271                          maxItems: 8
   272                          type: array
   273                        namespaces:
   274                          default:
   275                            from: Same
   276                          description: "Namespaces indicates namespaces from which
   277                            Routes may be attached to this Listener. This is restricted
   278                            to the namespace of this Gateway by default. \n Support:
   279                            Core"
   280                          properties:
   281                            from:
   282                              default: Same
   283                              description: "From indicates where Routes will be selected
   284                                for this Gateway. Possible values are: \n * All: Routes
   285                                in all namespaces may be used by this Gateway. * Selector:
   286                                Routes in namespaces selected by the selector may
   287                                be used by this Gateway. * Same: Only Routes in the
   288                                same namespace may be used by this Gateway. \n Support:
   289                                Core"
   290                              enum:
   291                              - All
   292                              - Selector
   293                              - Same
   294                              type: string
   295                            selector:
   296                              description: "Selector must be specified when From is
   297                                set to \"Selector\". In that case, only Routes in
   298                                Namespaces matching this Selector will be selected
   299                                by this Gateway. This field is ignored for other values
   300                                of \"From\". \n Support: Core"
   301                              properties:
   302                                matchExpressions:
   303                                  description: matchExpressions is a list of label
   304                                    selector requirements. The requirements are ANDed.
   305                                  items:
   306                                    description: A label selector requirement is a
   307                                      selector that contains values, a key, and an
   308                                      operator that relates the key and values.
   309                                    properties:
   310                                      key:
   311                                        description: key is the label key that the
   312                                          selector applies to.
   313                                        type: string
   314                                      operator:
   315                                        description: operator represents a key's relationship
   316                                          to a set of values. Valid operators are
   317                                          In, NotIn, Exists and DoesNotExist.
   318                                        type: string
   319                                      values:
   320                                        description: values is an array of string
   321                                          values. If the operator is In or NotIn,
   322                                          the values array must be non-empty. If the
   323                                          operator is Exists or DoesNotExist, the
   324                                          values array must be empty. This array is
   325                                          replaced during a strategic merge patch.
   326                                        items:
   327                                          type: string
   328                                        type: array
   329                                    required:
   330                                    - key
   331                                    - operator
   332                                    type: object
   333                                  type: array
   334                                matchLabels:
   335                                  additionalProperties:
   336                                    type: string
   337                                  description: matchLabels is a map of {key,value}
   338                                    pairs. A single {key,value} in the matchLabels
   339                                    map is equivalent to an element of matchExpressions,
   340                                    whose key field is "key", the operator is "In",
   341                                    and the values array contains only "value". The
   342                                    requirements are ANDed.
   343                                  type: object
   344                              type: object
   345                              x-kubernetes-map-type: atomic
   346                          type: object
   347                      type: object
   348                    hostname:
   349                      description: "Hostname specifies the virtual hostname to match
   350                        for protocol types that define this concept. When unspecified,
   351                        all hostnames are matched. This field is ignored for protocols
   352                        that don't require hostname based matching. \n Implementations
   353                        MUST apply Hostname matching appropriately for each of the
   354                        following protocols: \n * TLS: The Listener Hostname MUST
   355                        match the SNI. * HTTP: The Listener Hostname MUST match the
   356                        Host header of the request. * HTTPS: The Listener Hostname
   357                        SHOULD match at both the TLS and HTTP protocol layers as described
   358                        above. If an implementation does not ensure that both the
   359                        SNI and Host header match the Listener hostname, it MUST clearly
   360                        document that. \n For HTTPRoute and TLSRoute resources, there
   361                        is an interaction with the `spec.hostnames` array. When both
   362                        listener and route specify hostnames, there MUST be an intersection
   363                        between the values for a Route to be accepted. For more information,
   364                        refer to the Route specific Hostnames documentation. \n Hostnames
   365                        that are prefixed with a wildcard label (`*.`) are interpreted
   366                        as a suffix match. That means that a match for `*.example.com`
   367                        would match both `test.example.com`, and `foo.test.example.com`,
   368                        but not `example.com`. \n Support: Core"
   369                      maxLength: 253
   370                      minLength: 1
   371                      pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
   372                      type: string
   373                    name:
   374                      description: "Name is the name of the Listener. This name MUST
   375                        be unique within a Gateway. \n Support: Core"
   376                      maxLength: 253
   377                      minLength: 1
   378                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
   379                      type: string
   380                    port:
   381                      description: "Port is the network port. Multiple listeners may
   382                        use the same port, subject to the Listener compatibility rules.
   383                        \n Support: Core"
   384                      format: int32
   385                      maximum: 65535
   386                      minimum: 1
   387                      type: integer
   388                    protocol:
   389                      description: "Protocol specifies the network protocol this listener
   390                        expects to receive. \n Support: Core"
   391                      maxLength: 255
   392                      minLength: 1
   393                      pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$
   394                      type: string
   395                    tls:
   396                      description: "TLS is the TLS configuration for the Listener.
   397                        This field is required if the Protocol field is \"HTTPS\"
   398                        or \"TLS\". It is invalid to set this field if the Protocol
   399                        field is \"HTTP\", \"TCP\", or \"UDP\". \n The association
   400                        of SNIs to Certificate defined in GatewayTLSConfig is defined
   401                        based on the Hostname field for this listener. \n The GatewayClass
   402                        MUST use the longest matching SNI out of all available certificates
   403                        for any TLS handshake. \n Support: Core"
   404                      properties:
   405                        certificateRefs:
   406                          description: "CertificateRefs contains a series of references
   407                            to Kubernetes objects that contains TLS certificates and
   408                            private keys. These certificates are used to establish
   409                            a TLS handshake for requests that match the hostname of
   410                            the associated listener. \n A single CertificateRef to
   411                            a Kubernetes Secret has \"Core\" support. Implementations
   412                            MAY choose to support attaching multiple certificates
   413                            to a Listener, but this behavior is implementation-specific.
   414                            \n References to a resource in different namespace are
   415                            invalid UNLESS there is a ReferenceGrant in the target
   416                            namespace that allows the certificate to be attached.
   417                            If a ReferenceGrant does not allow this reference, the
   418                            \"ResolvedRefs\" condition MUST be set to False for this
   419                            listener with the \"RefNotPermitted\" reason. \n This
   420                            field is required to have at least one element when the
   421                            mode is set to \"Terminate\" (default) and is optional
   422                            otherwise. \n CertificateRefs can reference to standard
   423                            Kubernetes resources, i.e. Secret, or implementation-specific
   424                            custom resources. \n Support: Core - A single reference
   425                            to a Kubernetes Secret of type kubernetes.io/tls \n Support:
   426                            Implementation-specific (More than one reference or other
   427                            resource types)"
   428                          items:
   429                            description: "SecretObjectReference identifies an API
   430                              object including its namespace, defaulting to Secret.
   431                              \n The API object must be valid in the cluster; the
   432                              Group and Kind must be registered in the cluster for
   433                              this reference to be valid. \n References to objects
   434                              with invalid Group and Kind are not valid, and must
   435                              be rejected by the implementation, with appropriate
   436                              Conditions set on the containing object."
   437                            properties:
   438                              group:
   439                                default: ""
   440                                description: Group is the group of the referent. For
   441                                  example, "gateway.networking.k8s.io". When unspecified
   442                                  or empty string, core API group is inferred.
   443                                maxLength: 253
   444                                pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
   445                                type: string
   446                              kind:
   447                                default: Secret
   448                                description: Kind is kind of the referent. For example
   449                                  "Secret".
   450                                maxLength: 63
   451                                minLength: 1
   452                                pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
   453                                type: string
   454                              name:
   455                                description: Name is the name of the referent.
   456                                maxLength: 253
   457                                minLength: 1
   458                                type: string
   459                              namespace:
   460                                description: "Namespace is the namespace of the referenced
   461                                  object. When unspecified, the local namespace is
   462                                  inferred. \n Note that when a namespace different
   463                                  than the local namespace is specified, a ReferenceGrant
   464                                  object is required in the referent namespace to
   465                                  allow that namespace's owner to accept the reference.
   466                                  See the ReferenceGrant documentation for details.
   467                                  \n Support: Core"
   468                                maxLength: 63
   469                                minLength: 1
   470                                pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
   471                                type: string
   472                            required:
   473                            - name
   474                            type: object
   475                          maxItems: 64
   476                          type: array
   477                        mode:
   478                          default: Terminate
   479                          description: "Mode defines the TLS behavior for the TLS
   480                            session initiated by the client. There are two possible
   481                            modes: \n - Terminate: The TLS session between the downstream
   482                            client and the Gateway is terminated at the Gateway. This
   483                            mode requires certificateRefs to be set and contain at
   484                            least one element. - Passthrough: The TLS session is NOT
   485                            terminated by the Gateway. This implies that the Gateway
   486                            can't decipher the TLS stream except for the ClientHello
   487                            message of the TLS protocol. CertificateRefs field is
   488                            ignored in this mode. \n Support: Core"
   489                          enum:
   490                          - Terminate
   491                          - Passthrough
   492                          type: string
   493                        options:
   494                          additionalProperties:
   495                            description: AnnotationValue is the value of an annotation
   496                              in Gateway API. This is used for validation of maps
   497                              such as TLS options. This roughly matches Kubernetes
   498                              annotation validation, although the length validation
   499                              in that case is based on the entire size of the annotations
   500                              struct.
   501                            maxLength: 4096
   502                            minLength: 0
   503                            type: string
   504                          description: "Options are a list of key/value pairs to enable
   505                            extended TLS configuration for each implementation. For
   506                            example, configuring the minimum TLS version or supported
   507                            cipher suites. \n A set of common keys MAY be defined
   508                            by the API in the future. To avoid any ambiguity, implementation-specific
   509                            definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`.
   510                            Un-prefixed names are reserved for key names defined by
   511                            Gateway API. \n Support: Implementation-specific"
   512                          maxProperties: 16
   513                          type: object
   514                      type: object
   515                      x-kubernetes-validations:
   516                      - message: certificateRefs must be specified when TLSModeType
   517                          is Terminate
   518                        rule: 'self.mode == ''Terminate'' ? size(self.certificateRefs)
   519                          > 0 : true'
   520                  required:
   521                  - name
   522                  - port
   523                  - protocol
   524                  type: object
   525                maxItems: 64
   526                minItems: 1
   527                type: array
   528                x-kubernetes-list-map-keys:
   529                - name
   530                x-kubernetes-list-type: map
   531                x-kubernetes-validations:
   532                - message: tls must be specified for protocols ['HTTPS', 'TLS']
   533                  rule: 'self.all(l, l.protocol in [''HTTPS'', ''TLS''] ? has(l.tls)
   534                    : true)'
   535                - message: tls must not be specified for protocols ['HTTP', 'TCP',
   536                    'UDP']
   537                  rule: 'self.all(l, l.protocol in [''HTTP'', ''TCP'', ''UDP''] ?
   538                    !has(l.tls) : true)'
   539                - message: hostname must not be specified for protocols ['TCP', 'UDP']
   540                  rule: 'self.all(l, l.protocol in [''TCP'', ''UDP'']  ? (!has(l.hostname)
   541                    || l.hostname == '''') : true)'
   542                - message: Listener name must be unique within the Gateway
   543                  rule: self.all(l1, self.exists_one(l2, l1.name == l2.name))
   544                - message: Combination of port, protocol and hostname must be unique
   545                    for each listener
   546                  rule: 'self.all(l1, self.exists_one(l2, l1.port == l2.port && l1.protocol
   547                    == l2.protocol && (has(l1.hostname) && has(l2.hostname) ? l1.hostname
   548                    == l2.hostname : !has(l1.hostname) && !has(l2.hostname))))'
   549            required:
   550            - gatewayClassName
   551            - listeners
   552            type: object
   553          status:
   554            default:
   555              conditions:
   556              - lastTransitionTime: "1970-01-01T00:00:00Z"
   557                message: Waiting for controller
   558                reason: Pending
   559                status: Unknown
   560                type: Accepted
   561              - lastTransitionTime: "1970-01-01T00:00:00Z"
   562                message: Waiting for controller
   563                reason: Pending
   564                status: Unknown
   565                type: Programmed
   566            description: Status defines the current state of Gateway.
   567            properties:
   568              addresses:
   569                description: "Addresses lists the network addresses that have been
   570                  bound to the Gateway. \n This list may differ from the addresses
   571                  provided in the spec under some conditions: \n * no addresses are
   572                  specified, all addresses are dynamically assigned * a combination
   573                  of specified and dynamic addresses are assigned * a specified address
   574                  was unusable (e.g. already in use) \n "
   575                items:
   576                  description: GatewayStatusAddress describes a network address that
   577                    is bound to a Gateway.
   578                  oneOf:
   579                  - properties:
   580                      type:
   581                        enum:
   582                        - IPAddress
   583                      value:
   584                        anyOf:
   585                        - format: ipv4
   586                        - format: ipv6
   587                  - properties:
   588                      type:
   589                        not:
   590                          enum:
   591                          - IPAddress
   592                  properties:
   593                    type:
   594                      default: IPAddress
   595                      description: Type of the address.
   596                      maxLength: 253
   597                      minLength: 1
   598                      pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
   599                      type: string
   600                    value:
   601                      description: "Value of the address. The validity of the values
   602                        will depend on the type and support by the controller. \n
   603                        Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
   604                      maxLength: 253
   605                      minLength: 1
   606                      type: string
   607                  required:
   608                  - value
   609                  type: object
   610                  x-kubernetes-validations:
   611                  - message: Hostname value must only contain valid characters (matching
   612                      ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$)
   613                    rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""):
   614                      true'
   615                maxItems: 16
   616                type: array
   617              conditions:
   618                default:
   619                - lastTransitionTime: "1970-01-01T00:00:00Z"
   620                  message: Waiting for controller
   621                  reason: Pending
   622                  status: Unknown
   623                  type: Accepted
   624                - lastTransitionTime: "1970-01-01T00:00:00Z"
   625                  message: Waiting for controller
   626                  reason: Pending
   627                  status: Unknown
   628                  type: Programmed
   629                description: "Conditions describe the current conditions of the Gateway.
   630                  \n Implementations should prefer to express Gateway conditions using
   631                  the `GatewayConditionType` and `GatewayConditionReason` constants
   632                  so that operators and tools can converge on a common vocabulary
   633                  to describe Gateway state. \n Known condition types are: \n * \"Accepted\"
   634                  * \"Programmed\" * \"Ready\""
   635                items:
   636                  description: "Condition contains details for one aspect of the current
   637                    state of this API Resource. --- This struct is intended for direct
   638                    use as an array at the field path .status.conditions.  For example,
   639                    \n type FooStatus struct{ // Represents the observations of a
   640                    foo's current state. // Known .status.conditions.type are: \"Available\",
   641                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
   642                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
   643                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
   644                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
   645                  properties:
   646                    lastTransitionTime:
   647                      description: lastTransitionTime is the last time the condition
   648                        transitioned from one status to another. This should be when
   649                        the underlying condition changed.  If that is not known, then
   650                        using the time when the API field changed is acceptable.
   651                      format: date-time
   652                      type: string
   653                    message:
   654                      description: message is a human readable message indicating
   655                        details about the transition. This may be an empty string.
   656                      maxLength: 32768
   657                      type: string
   658                    observedGeneration:
   659                      description: observedGeneration represents the .metadata.generation
   660                        that the condition was set based upon. For instance, if .metadata.generation
   661                        is currently 12, but the .status.conditions[x].observedGeneration
   662                        is 9, the condition is out of date with respect to the current
   663                        state of the instance.
   664                      format: int64
   665                      minimum: 0
   666                      type: integer
   667                    reason:
   668                      description: reason contains a programmatic identifier indicating
   669                        the reason for the condition's last transition. Producers
   670                        of specific condition types may define expected values and
   671                        meanings for this field, and whether the values are considered
   672                        a guaranteed API. The value should be a CamelCase string.
   673                        This field may not be empty.
   674                      maxLength: 1024
   675                      minLength: 1
   676                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
   677                      type: string
   678                    status:
   679                      description: status of the condition, one of True, False, Unknown.
   680                      enum:
   681                      - "True"
   682                      - "False"
   683                      - Unknown
   684                      type: string
   685                    type:
   686                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
   687                        --- Many .condition.type values are consistent across resources
   688                        like Available, but because arbitrary conditions can be useful
   689                        (see .node.status.conditions), the ability to deconflict is
   690                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
   691                      maxLength: 316
   692                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
   693                      type: string
   694                  required:
   695                  - lastTransitionTime
   696                  - message
   697                  - reason
   698                  - status
   699                  - type
   700                  type: object
   701                maxItems: 8
   702                type: array
   703                x-kubernetes-list-map-keys:
   704                - type
   705                x-kubernetes-list-type: map
   706              listeners:
   707                description: Listeners provide status for each unique listener port
   708                  defined in the Spec.
   709                items:
   710                  description: ListenerStatus is the status associated with a Listener.
   711                  properties:
   712                    attachedRoutes:
   713                      description: "AttachedRoutes represents the total number of
   714                        Routes that have been successfully attached to this Listener.
   715                        \n Successful attachment of a Route to a Listener is based
   716                        solely on the combination of the AllowedRoutes field on the
   717                        corresponding Listener and the Route's ParentRefs field. A
   718                        Route is successfully attached to a Listener when it is selected
   719                        by the Listener's AllowedRoutes field AND the Route has a
   720                        valid ParentRef selecting the whole Gateway resource or a
   721                        specific Listener as a parent resource (more detail on attachment
   722                        semantics can be found in the documentation on the various
   723                        Route kinds ParentRefs fields). Listener or Route status does
   724                        not impact successful attachment, i.e. the AttachedRoutes
   725                        field count MUST be set for Listeners with condition Accepted:
   726                        false and MUST count successfully attached Routes that may
   727                        themselves have Accepted: false conditions. \n Uses for this
   728                        field include troubleshooting Route attachment and measuring
   729                        blast radius/impact of changes to a Listener."
   730                      format: int32
   731                      type: integer
   732                    conditions:
   733                      description: Conditions describe the current condition of this
   734                        listener.
   735                      items:
   736                        description: "Condition contains details for one aspect of
   737                          the current state of this API Resource. --- This struct
   738                          is intended for direct use as an array at the field path
   739                          .status.conditions.  For example, \n type FooStatus struct{
   740                          // Represents the observations of a foo's current state.
   741                          // Known .status.conditions.type are: \"Available\", \"Progressing\",
   742                          and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
   743                          // +listType=map // +listMapKey=type Conditions []metav1.Condition
   744                          `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
   745                          protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields
   746                          }"
   747                        properties:
   748                          lastTransitionTime:
   749                            description: lastTransitionTime is the last time the condition
   750                              transitioned from one status to another. This should
   751                              be when the underlying condition changed.  If that is
   752                              not known, then using the time when the API field changed
   753                              is acceptable.
   754                            format: date-time
   755                            type: string
   756                          message:
   757                            description: message is a human readable message indicating
   758                              details about the transition. This may be an empty string.
   759                            maxLength: 32768
   760                            type: string
   761                          observedGeneration:
   762                            description: observedGeneration represents the .metadata.generation
   763                              that the condition was set based upon. For instance,
   764                              if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
   765                              is 9, the condition is out of date with respect to the
   766                              current state of the instance.
   767                            format: int64
   768                            minimum: 0
   769                            type: integer
   770                          reason:
   771                            description: reason contains a programmatic identifier
   772                              indicating the reason for the condition's last transition.
   773                              Producers of specific condition types may define expected
   774                              values and meanings for this field, and whether the
   775                              values are considered a guaranteed API. The value should
   776                              be a CamelCase string. This field may not be empty.
   777                            maxLength: 1024
   778                            minLength: 1
   779                            pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
   780                            type: string
   781                          status:
   782                            description: status of the condition, one of True, False,
   783                              Unknown.
   784                            enum:
   785                            - "True"
   786                            - "False"
   787                            - Unknown
   788                            type: string
   789                          type:
   790                            description: type of condition in CamelCase or in foo.example.com/CamelCase.
   791                              --- Many .condition.type values are consistent across
   792                              resources like Available, but because arbitrary conditions
   793                              can be useful (see .node.status.conditions), the ability
   794                              to deconflict is important. The regex it matches is
   795                              (dns1123SubdomainFmt/)?(qualifiedNameFmt)
   796                            maxLength: 316
   797                            pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
   798                            type: string
   799                        required:
   800                        - lastTransitionTime
   801                        - message
   802                        - reason
   803                        - status
   804                        - type
   805                        type: object
   806                      maxItems: 8
   807                      type: array
   808                      x-kubernetes-list-map-keys:
   809                      - type
   810                      x-kubernetes-list-type: map
   811                    name:
   812                      description: Name is the name of the Listener that this status
   813                        corresponds to.
   814                      maxLength: 253
   815                      minLength: 1
   816                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
   817                      type: string
   818                    supportedKinds:
   819                      description: "SupportedKinds is the list indicating the Kinds
   820                        supported by this listener. This MUST represent the kinds
   821                        an implementation supports for that Listener configuration.
   822                        \n If kinds are specified in Spec that are not supported,
   823                        they MUST NOT appear in this list and an implementation MUST
   824                        set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\"
   825                        reason. If both valid and invalid Route kinds are specified,
   826                        the implementation MUST reference the valid Route kinds that
   827                        have been specified."
   828                      items:
   829                        description: RouteGroupKind indicates the group and kind of
   830                          a Route resource.
   831                        properties:
   832                          group:
   833                            default: gateway.networking.k8s.io
   834                            description: Group is the group of the Route.
   835                            maxLength: 253
   836                            pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
   837                            type: string
   838                          kind:
   839                            description: Kind is the kind of the Route.
   840                            maxLength: 63
   841                            minLength: 1
   842                            pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
   843                            type: string
   844                        required:
   845                        - kind
   846                        type: object
   847                      maxItems: 8
   848                      type: array
   849                  required:
   850                  - attachedRoutes
   851                  - conditions
   852                  - name
   853                  - supportedKinds
   854                  type: object
   855                maxItems: 64
   856                type: array
   857                x-kubernetes-list-map-keys:
   858                - name
   859                x-kubernetes-list-type: map
   860            type: object
   861        required:
   862        - spec
   863        type: object
   864    served: true
   865    storage: false
   866    subresources:
   867      status: {}
   868  - additionalPrinterColumns:
   869    - jsonPath: .spec.gatewayClassName
   870      name: Class
   871      type: string
   872    - jsonPath: .status.addresses[*].value
   873      name: Address
   874      type: string
   875    - jsonPath: .status.conditions[?(@.type=="Programmed")].status
   876      name: Programmed
   877      type: string
   878    - jsonPath: .metadata.creationTimestamp
   879      name: Age
   880      type: date
   881    name: v1beta1
   882    schema:
   883      openAPIV3Schema:
   884        description: Gateway represents an instance of a service-traffic handling
   885          infrastructure by binding Listeners to a set of IP addresses.
   886        properties:
   887          apiVersion:
   888            description: 'APIVersion defines the versioned schema of this representation
   889              of an object. Servers should convert recognized schemas to the latest
   890              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   891            type: string
   892          kind:
   893            description: 'Kind is a string value representing the REST resource this
   894              object represents. Servers may infer this from the endpoint the client
   895              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   896            type: string
   897          metadata:
   898            type: object
   899          spec:
   900            description: Spec defines the desired state of Gateway.
   901            properties:
   902              addresses:
   903                description: "Addresses requested for this Gateway. This is optional
   904                  and behavior can depend on the implementation. If a value is set
   905                  in the spec and the requested address is invalid or unavailable,
   906                  the implementation MUST indicate this in the associated entry in
   907                  GatewayStatus.Addresses. \n The Addresses field represents a request
   908                  for the address(es) on the \"outside of the Gateway\", that traffic
   909                  bound for this Gateway will use. This could be the IP address or
   910                  hostname of an external load balancer or other networking infrastructure,
   911                  or some other address that traffic will be sent to. \n If no Addresses
   912                  are specified, the implementation MAY schedule the Gateway in an
   913                  implementation-specific manner, assigning an appropriate set of
   914                  Addresses. \n The implementation MUST bind all Listeners to every
   915                  GatewayAddress that it assigns to the Gateway and add a corresponding
   916                  entry in GatewayStatus.Addresses. \n Support: Extended \n "
   917                items:
   918                  description: GatewayAddress describes an address that can be bound
   919                    to a Gateway.
   920                  oneOf:
   921                  - properties:
   922                      type:
   923                        enum:
   924                        - IPAddress
   925                      value:
   926                        anyOf:
   927                        - format: ipv4
   928                        - format: ipv6
   929                  - properties:
   930                      type:
   931                        not:
   932                          enum:
   933                          - IPAddress
   934                  properties:
   935                    type:
   936                      default: IPAddress
   937                      description: Type of the address.
   938                      maxLength: 253
   939                      minLength: 1
   940                      pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
   941                      type: string
   942                    value:
   943                      description: "Value of the address. The validity of the values
   944                        will depend on the type and support by the controller. \n
   945                        Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
   946                      maxLength: 253
   947                      minLength: 1
   948                      type: string
   949                  required:
   950                  - value
   951                  type: object
   952                  x-kubernetes-validations:
   953                  - message: Hostname value must only contain valid characters (matching
   954                      ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$)
   955                    rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""):
   956                      true'
   957                maxItems: 16
   958                type: array
   959                x-kubernetes-validations:
   960                - message: IPAddress values must be unique
   961                  rule: 'self.all(a1, a1.type == ''IPAddress'' ? self.exists_one(a2,
   962                    a2.type == a1.type && a2.value == a1.value) : true )'
   963                - message: Hostname values must be unique
   964                  rule: 'self.all(a1, a1.type == ''Hostname'' ? self.exists_one(a2,
   965                    a2.type == a1.type && a2.value == a1.value) : true )'
   966              gatewayClassName:
   967                description: GatewayClassName used for this Gateway. This is the name
   968                  of a GatewayClass resource.
   969                maxLength: 253
   970                minLength: 1
   971                type: string
   972              listeners:
   973                description: "Listeners associated with this Gateway. Listeners define
   974                  logical endpoints that are bound on this Gateway's addresses. At
   975                  least one Listener MUST be specified. \n Each Listener in a set
   976                  of Listeners (for example, in a single Gateway) MUST be _distinct_,
   977                  in that a traffic flow MUST be able to be assigned to exactly one
   978                  listener. (This section uses \"set of Listeners\" rather than \"Listeners
   979                  in a single Gateway\" because implementations MAY merge configuration
   980                  from multiple Gateways onto a single data plane, and these rules
   981                  _also_ apply in that case). \n Practically, this means that each
   982                  listener in a set MUST have a unique combination of Port, Protocol,
   983                  and, if supported by the protocol, Hostname. \n Some combinations
   984                  of port, protocol, and TLS settings are considered Core support
   985                  and MUST be supported by implementations based on their targeted
   986                  conformance profile: \n HTTP Profile \n 1. HTTPRoute, Port: 80,
   987                  Protocol: HTTP 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode:
   988                  Terminate, TLS keypair provided \n TLS Profile \n 1. TLSRoute, Port:
   989                  443, Protocol: TLS, TLS Mode: Passthrough \n \"Distinct\" Listeners
   990                  have the following property: \n The implementation can match inbound
   991                  requests to a single distinct Listener. When multiple Listeners
   992                  share values for fields (for example, two Listeners with the same
   993                  Port value), the implementation can match requests to only one of
   994                  the Listeners using other Listener fields. \n For example, the following
   995                  Listener scenarios are distinct: \n 1. Multiple Listeners with the
   996                  same Port that all use the \"HTTP\" Protocol that all have unique
   997                  Hostname values. 2. Multiple Listeners with the same Port that use
   998                  either the \"HTTPS\" or \"TLS\" Protocol that all have unique Hostname
   999                  values. 3. A mixture of \"TCP\" and \"UDP\" Protocol Listeners,
  1000                  where no Listener with the same Protocol has the same Port value.
  1001                  \n Some fields in the Listener struct have possible values that
  1002                  affect whether the Listener is distinct. Hostname is particularly
  1003                  relevant for HTTP or HTTPS protocols. \n When using the Hostname
  1004                  value to select between same-Port, same-Protocol Listeners, the
  1005                  Hostname value must be different on each Listener for the Listener
  1006                  to be distinct. \n When the Listeners are distinct based on Hostname,
  1007                  inbound request hostnames MUST match from the most specific to least
  1008                  specific Hostname values to choose the correct Listener and its
  1009                  associated set of Routes. \n Exact matches must be processed before
  1010                  wildcard matches, and wildcard matches must be processed before
  1011                  fallback (empty Hostname value) matches. For example, `\"foo.example.com\"`
  1012                  takes precedence over `\"*.example.com\"`, and `\"*.example.com\"`
  1013                  takes precedence over `\"\"`. \n Additionally, if there are multiple
  1014                  wildcard entries, more specific wildcard entries must be processed
  1015                  before less specific wildcard entries. For example, `\"*.foo.example.com\"`
  1016                  takes precedence over `\"*.example.com\"`. The precise definition
  1017                  here is that the higher the number of dots in the hostname to the
  1018                  right of the wildcard character, the higher the precedence. \n The
  1019                  wildcard character will match any number of characters _and dots_
  1020                  to the left, however, so `\"*.example.com\"` will match both `\"foo.bar.example.com\"`
  1021                  _and_ `\"bar.example.com\"`. \n If a set of Listeners contains Listeners
  1022                  that are not distinct, then those Listeners are Conflicted, and
  1023                  the implementation MUST set the \"Conflicted\" condition in the
  1024                  Listener Status to \"True\". \n Implementations MAY choose to accept
  1025                  a Gateway with some Conflicted Listeners only if they only accept
  1026                  the partial Listener set that contains no Conflicted Listeners.
  1027                  To put this another way, implementations may accept a partial Listener
  1028                  set only if they throw out *all* the conflicting Listeners. No picking
  1029                  one of the conflicting listeners as the winner. This also means
  1030                  that the Gateway must have at least one non-conflicting Listener
  1031                  in this case, otherwise it violates the requirement that at least
  1032                  one Listener must be present. \n The implementation MUST set a \"ListenersNotValid\"
  1033                  condition on the Gateway Status when the Gateway contains Conflicted
  1034                  Listeners whether or not they accept the Gateway. That Condition
  1035                  SHOULD clearly indicate in the Message which Listeners are conflicted,
  1036                  and which are Accepted. Additionally, the Listener status for those
  1037                  listeners SHOULD indicate which Listeners are conflicted and not
  1038                  Accepted. \n A Gateway's Listeners are considered \"compatible\"
  1039                  if: \n 1. They are distinct. 2. The implementation can serve them
  1040                  in compliance with the Addresses requirement that all Listeners
  1041                  are available on all assigned addresses. \n Compatible combinations
  1042                  in Extended support are expected to vary across implementations.
  1043                  A combination that is compatible for one implementation may not
  1044                  be compatible for another. \n For example, an implementation that
  1045                  cannot serve both TCP and UDP listeners on the same address, or
  1046                  cannot mix HTTPS and generic TLS listens on the same port would
  1047                  not consider those cases compatible, even though they are distinct.
  1048                  \n Note that requests SHOULD match at most one Listener. For example,
  1049                  if Listeners are defined for \"foo.example.com\" and \"*.example.com\",
  1050                  a request to \"foo.example.com\" SHOULD only be routed using routes
  1051                  attached to the \"foo.example.com\" Listener (and not the \"*.example.com\"
  1052                  Listener). This concept is known as \"Listener Isolation\". Implementations
  1053                  that do not support Listener Isolation MUST clearly document this.
  1054                  \n Implementations MAY merge separate Gateways onto a single set
  1055                  of Addresses if all Listeners across all Gateways are compatible.
  1056                  \n Support: Core"
  1057                items:
  1058                  description: Listener embodies the concept of a logical endpoint
  1059                    where a Gateway accepts network connections.
  1060                  properties:
  1061                    allowedRoutes:
  1062                      default:
  1063                        namespaces:
  1064                          from: Same
  1065                      description: "AllowedRoutes defines the types of routes that
  1066                        MAY be attached to a Listener and the trusted namespaces where
  1067                        those Route resources MAY be present. \n Although a client
  1068                        request may match multiple route rules, only one rule may
  1069                        ultimately receive the request. Matching precedence MUST be
  1070                        determined in order of the following criteria: \n * The most
  1071                        specific match as defined by the Route type. * The oldest
  1072                        Route based on creation timestamp. For example, a Route with
  1073                        a creation timestamp of \"2020-09-08 01:02:03\" is given precedence
  1074                        over a Route with a creation timestamp of \"2020-09-08 01:02:04\".
  1075                        * If everything else is equivalent, the Route appearing first
  1076                        in alphabetical order (namespace/name) should be given precedence.
  1077                        For example, foo/bar is given precedence over foo/baz. \n
  1078                        All valid rules within a Route attached to this Listener should
  1079                        be implemented. Invalid Route rules can be ignored (sometimes
  1080                        that will mean the full Route). If a Route rule transitions
  1081                        from valid to invalid, support for that Route rule should
  1082                        be dropped to ensure consistency. For example, even if a filter
  1083                        specified by a Route rule is invalid, the rest of the rules
  1084                        within that Route should still be supported. \n Support: Core"
  1085                      properties:
  1086                        kinds:
  1087                          description: "Kinds specifies the groups and kinds of Routes
  1088                            that are allowed to bind to this Gateway Listener. When
  1089                            unspecified or empty, the kinds of Routes selected are
  1090                            determined using the Listener protocol. \n A RouteGroupKind
  1091                            MUST correspond to kinds of Routes that are compatible
  1092                            with the application protocol specified in the Listener's
  1093                            Protocol field. If an implementation does not support
  1094                            or recognize this resource type, it MUST set the \"ResolvedRefs\"
  1095                            condition to False for this Listener with the \"InvalidRouteKinds\"
  1096                            reason. \n Support: Core"
  1097                          items:
  1098                            description: RouteGroupKind indicates the group and kind
  1099                              of a Route resource.
  1100                            properties:
  1101                              group:
  1102                                default: gateway.networking.k8s.io
  1103                                description: Group is the group of the Route.
  1104                                maxLength: 253
  1105                                pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
  1106                                type: string
  1107                              kind:
  1108                                description: Kind is the kind of the Route.
  1109                                maxLength: 63
  1110                                minLength: 1
  1111                                pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
  1112                                type: string
  1113                            required:
  1114                            - kind
  1115                            type: object
  1116                          maxItems: 8
  1117                          type: array
  1118                        namespaces:
  1119                          default:
  1120                            from: Same
  1121                          description: "Namespaces indicates namespaces from which
  1122                            Routes may be attached to this Listener. This is restricted
  1123                            to the namespace of this Gateway by default. \n Support:
  1124                            Core"
  1125                          properties:
  1126                            from:
  1127                              default: Same
  1128                              description: "From indicates where Routes will be selected
  1129                                for this Gateway. Possible values are: \n * All: Routes
  1130                                in all namespaces may be used by this Gateway. * Selector:
  1131                                Routes in namespaces selected by the selector may
  1132                                be used by this Gateway. * Same: Only Routes in the
  1133                                same namespace may be used by this Gateway. \n Support:
  1134                                Core"
  1135                              enum:
  1136                              - All
  1137                              - Selector
  1138                              - Same
  1139                              type: string
  1140                            selector:
  1141                              description: "Selector must be specified when From is
  1142                                set to \"Selector\". In that case, only Routes in
  1143                                Namespaces matching this Selector will be selected
  1144                                by this Gateway. This field is ignored for other values
  1145                                of \"From\". \n Support: Core"
  1146                              properties:
  1147                                matchExpressions:
  1148                                  description: matchExpressions is a list of label
  1149                                    selector requirements. The requirements are ANDed.
  1150                                  items:
  1151                                    description: A label selector requirement is a
  1152                                      selector that contains values, a key, and an
  1153                                      operator that relates the key and values.
  1154                                    properties:
  1155                                      key:
  1156                                        description: key is the label key that the
  1157                                          selector applies to.
  1158                                        type: string
  1159                                      operator:
  1160                                        description: operator represents a key's relationship
  1161                                          to a set of values. Valid operators are
  1162                                          In, NotIn, Exists and DoesNotExist.
  1163                                        type: string
  1164                                      values:
  1165                                        description: values is an array of string
  1166                                          values. If the operator is In or NotIn,
  1167                                          the values array must be non-empty. If the
  1168                                          operator is Exists or DoesNotExist, the
  1169                                          values array must be empty. This array is
  1170                                          replaced during a strategic merge patch.
  1171                                        items:
  1172                                          type: string
  1173                                        type: array
  1174                                    required:
  1175                                    - key
  1176                                    - operator
  1177                                    type: object
  1178                                  type: array
  1179                                matchLabels:
  1180                                  additionalProperties:
  1181                                    type: string
  1182                                  description: matchLabels is a map of {key,value}
  1183                                    pairs. A single {key,value} in the matchLabels
  1184                                    map is equivalent to an element of matchExpressions,
  1185                                    whose key field is "key", the operator is "In",
  1186                                    and the values array contains only "value". The
  1187                                    requirements are ANDed.
  1188                                  type: object
  1189                              type: object
  1190                              x-kubernetes-map-type: atomic
  1191                          type: object
  1192                      type: object
  1193                    hostname:
  1194                      description: "Hostname specifies the virtual hostname to match
  1195                        for protocol types that define this concept. When unspecified,
  1196                        all hostnames are matched. This field is ignored for protocols
  1197                        that don't require hostname based matching. \n Implementations
  1198                        MUST apply Hostname matching appropriately for each of the
  1199                        following protocols: \n * TLS: The Listener Hostname MUST
  1200                        match the SNI. * HTTP: The Listener Hostname MUST match the
  1201                        Host header of the request. * HTTPS: The Listener Hostname
  1202                        SHOULD match at both the TLS and HTTP protocol layers as described
  1203                        above. If an implementation does not ensure that both the
  1204                        SNI and Host header match the Listener hostname, it MUST clearly
  1205                        document that. \n For HTTPRoute and TLSRoute resources, there
  1206                        is an interaction with the `spec.hostnames` array. When both
  1207                        listener and route specify hostnames, there MUST be an intersection
  1208                        between the values for a Route to be accepted. For more information,
  1209                        refer to the Route specific Hostnames documentation. \n Hostnames
  1210                        that are prefixed with a wildcard label (`*.`) are interpreted
  1211                        as a suffix match. That means that a match for `*.example.com`
  1212                        would match both `test.example.com`, and `foo.test.example.com`,
  1213                        but not `example.com`. \n Support: Core"
  1214                      maxLength: 253
  1215                      minLength: 1
  1216                      pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
  1217                      type: string
  1218                    name:
  1219                      description: "Name is the name of the Listener. This name MUST
  1220                        be unique within a Gateway. \n Support: Core"
  1221                      maxLength: 253
  1222                      minLength: 1
  1223                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
  1224                      type: string
  1225                    port:
  1226                      description: "Port is the network port. Multiple listeners may
  1227                        use the same port, subject to the Listener compatibility rules.
  1228                        \n Support: Core"
  1229                      format: int32
  1230                      maximum: 65535
  1231                      minimum: 1
  1232                      type: integer
  1233                    protocol:
  1234                      description: "Protocol specifies the network protocol this listener
  1235                        expects to receive. \n Support: Core"
  1236                      maxLength: 255
  1237                      minLength: 1
  1238                      pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$
  1239                      type: string
  1240                    tls:
  1241                      description: "TLS is the TLS configuration for the Listener.
  1242                        This field is required if the Protocol field is \"HTTPS\"
  1243                        or \"TLS\". It is invalid to set this field if the Protocol
  1244                        field is \"HTTP\", \"TCP\", or \"UDP\". \n The association
  1245                        of SNIs to Certificate defined in GatewayTLSConfig is defined
  1246                        based on the Hostname field for this listener. \n The GatewayClass
  1247                        MUST use the longest matching SNI out of all available certificates
  1248                        for any TLS handshake. \n Support: Core"
  1249                      properties:
  1250                        certificateRefs:
  1251                          description: "CertificateRefs contains a series of references
  1252                            to Kubernetes objects that contains TLS certificates and
  1253                            private keys. These certificates are used to establish
  1254                            a TLS handshake for requests that match the hostname of
  1255                            the associated listener. \n A single CertificateRef to
  1256                            a Kubernetes Secret has \"Core\" support. Implementations
  1257                            MAY choose to support attaching multiple certificates
  1258                            to a Listener, but this behavior is implementation-specific.
  1259                            \n References to a resource in different namespace are
  1260                            invalid UNLESS there is a ReferenceGrant in the target
  1261                            namespace that allows the certificate to be attached.
  1262                            If a ReferenceGrant does not allow this reference, the
  1263                            \"ResolvedRefs\" condition MUST be set to False for this
  1264                            listener with the \"RefNotPermitted\" reason. \n This
  1265                            field is required to have at least one element when the
  1266                            mode is set to \"Terminate\" (default) and is optional
  1267                            otherwise. \n CertificateRefs can reference to standard
  1268                            Kubernetes resources, i.e. Secret, or implementation-specific
  1269                            custom resources. \n Support: Core - A single reference
  1270                            to a Kubernetes Secret of type kubernetes.io/tls \n Support:
  1271                            Implementation-specific (More than one reference or other
  1272                            resource types)"
  1273                          items:
  1274                            description: "SecretObjectReference identifies an API
  1275                              object including its namespace, defaulting to Secret.
  1276                              \n The API object must be valid in the cluster; the
  1277                              Group and Kind must be registered in the cluster for
  1278                              this reference to be valid. \n References to objects
  1279                              with invalid Group and Kind are not valid, and must
  1280                              be rejected by the implementation, with appropriate
  1281                              Conditions set on the containing object."
  1282                            properties:
  1283                              group:
  1284                                default: ""
  1285                                description: Group is the group of the referent. For
  1286                                  example, "gateway.networking.k8s.io". When unspecified
  1287                                  or empty string, core API group is inferred.
  1288                                maxLength: 253
  1289                                pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
  1290                                type: string
  1291                              kind:
  1292                                default: Secret
  1293                                description: Kind is kind of the referent. For example
  1294                                  "Secret".
  1295                                maxLength: 63
  1296                                minLength: 1
  1297                                pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
  1298                                type: string
  1299                              name:
  1300                                description: Name is the name of the referent.
  1301                                maxLength: 253
  1302                                minLength: 1
  1303                                type: string
  1304                              namespace:
  1305                                description: "Namespace is the namespace of the referenced
  1306                                  object. When unspecified, the local namespace is
  1307                                  inferred. \n Note that when a namespace different
  1308                                  than the local namespace is specified, a ReferenceGrant
  1309                                  object is required in the referent namespace to
  1310                                  allow that namespace's owner to accept the reference.
  1311                                  See the ReferenceGrant documentation for details.
  1312                                  \n Support: Core"
  1313                                maxLength: 63
  1314                                minLength: 1
  1315                                pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
  1316                                type: string
  1317                            required:
  1318                            - name
  1319                            type: object
  1320                          maxItems: 64
  1321                          type: array
  1322                        mode:
  1323                          default: Terminate
  1324                          description: "Mode defines the TLS behavior for the TLS
  1325                            session initiated by the client. There are two possible
  1326                            modes: \n - Terminate: The TLS session between the downstream
  1327                            client and the Gateway is terminated at the Gateway. This
  1328                            mode requires certificateRefs to be set and contain at
  1329                            least one element. - Passthrough: The TLS session is NOT
  1330                            terminated by the Gateway. This implies that the Gateway
  1331                            can't decipher the TLS stream except for the ClientHello
  1332                            message of the TLS protocol. CertificateRefs field is
  1333                            ignored in this mode. \n Support: Core"
  1334                          enum:
  1335                          - Terminate
  1336                          - Passthrough
  1337                          type: string
  1338                        options:
  1339                          additionalProperties:
  1340                            description: AnnotationValue is the value of an annotation
  1341                              in Gateway API. This is used for validation of maps
  1342                              such as TLS options. This roughly matches Kubernetes
  1343                              annotation validation, although the length validation
  1344                              in that case is based on the entire size of the annotations
  1345                              struct.
  1346                            maxLength: 4096
  1347                            minLength: 0
  1348                            type: string
  1349                          description: "Options are a list of key/value pairs to enable
  1350                            extended TLS configuration for each implementation. For
  1351                            example, configuring the minimum TLS version or supported
  1352                            cipher suites. \n A set of common keys MAY be defined
  1353                            by the API in the future. To avoid any ambiguity, implementation-specific
  1354                            definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`.
  1355                            Un-prefixed names are reserved for key names defined by
  1356                            Gateway API. \n Support: Implementation-specific"
  1357                          maxProperties: 16
  1358                          type: object
  1359                      type: object
  1360                      x-kubernetes-validations:
  1361                      - message: certificateRefs must be specified when TLSModeType
  1362                          is Terminate
  1363                        rule: 'self.mode == ''Terminate'' ? size(self.certificateRefs)
  1364                          > 0 : true'
  1365                  required:
  1366                  - name
  1367                  - port
  1368                  - protocol
  1369                  type: object
  1370                maxItems: 64
  1371                minItems: 1
  1372                type: array
  1373                x-kubernetes-list-map-keys:
  1374                - name
  1375                x-kubernetes-list-type: map
  1376                x-kubernetes-validations:
  1377                - message: tls must be specified for protocols ['HTTPS', 'TLS']
  1378                  rule: 'self.all(l, l.protocol in [''HTTPS'', ''TLS''] ? has(l.tls)
  1379                    : true)'
  1380                - message: tls must not be specified for protocols ['HTTP', 'TCP',
  1381                    'UDP']
  1382                  rule: 'self.all(l, l.protocol in [''HTTP'', ''TCP'', ''UDP''] ?
  1383                    !has(l.tls) : true)'
  1384                - message: hostname must not be specified for protocols ['TCP', 'UDP']
  1385                  rule: 'self.all(l, l.protocol in [''TCP'', ''UDP'']  ? (!has(l.hostname)
  1386                    || l.hostname == '''') : true)'
  1387                - message: Listener name must be unique within the Gateway
  1388                  rule: self.all(l1, self.exists_one(l2, l1.name == l2.name))
  1389                - message: Combination of port, protocol and hostname must be unique
  1390                    for each listener
  1391                  rule: 'self.all(l1, self.exists_one(l2, l1.port == l2.port && l1.protocol
  1392                    == l2.protocol && (has(l1.hostname) && has(l2.hostname) ? l1.hostname
  1393                    == l2.hostname : !has(l1.hostname) && !has(l2.hostname))))'
  1394            required:
  1395            - gatewayClassName
  1396            - listeners
  1397            type: object
  1398          status:
  1399            default:
  1400              conditions:
  1401              - lastTransitionTime: "1970-01-01T00:00:00Z"
  1402                message: Waiting for controller
  1403                reason: Pending
  1404                status: Unknown
  1405                type: Accepted
  1406              - lastTransitionTime: "1970-01-01T00:00:00Z"
  1407                message: Waiting for controller
  1408                reason: Pending
  1409                status: Unknown
  1410                type: Programmed
  1411            description: Status defines the current state of Gateway.
  1412            properties:
  1413              addresses:
  1414                description: "Addresses lists the network addresses that have been
  1415                  bound to the Gateway. \n This list may differ from the addresses
  1416                  provided in the spec under some conditions: \n * no addresses are
  1417                  specified, all addresses are dynamically assigned * a combination
  1418                  of specified and dynamic addresses are assigned * a specified address
  1419                  was unusable (e.g. already in use) \n "
  1420                items:
  1421                  description: GatewayStatusAddress describes a network address that
  1422                    is bound to a Gateway.
  1423                  oneOf:
  1424                  - properties:
  1425                      type:
  1426                        enum:
  1427                        - IPAddress
  1428                      value:
  1429                        anyOf:
  1430                        - format: ipv4
  1431                        - format: ipv6
  1432                  - properties:
  1433                      type:
  1434                        not:
  1435                          enum:
  1436                          - IPAddress
  1437                  properties:
  1438                    type:
  1439                      default: IPAddress
  1440                      description: Type of the address.
  1441                      maxLength: 253
  1442                      minLength: 1
  1443                      pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$
  1444                      type: string
  1445                    value:
  1446                      description: "Value of the address. The validity of the values
  1447                        will depend on the type and support by the controller. \n
  1448                        Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
  1449                      maxLength: 253
  1450                      minLength: 1
  1451                      type: string
  1452                  required:
  1453                  - value
  1454                  type: object
  1455                  x-kubernetes-validations:
  1456                  - message: Hostname value must only contain valid characters (matching
  1457                      ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$)
  1458                    rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""):
  1459                      true'
  1460                maxItems: 16
  1461                type: array
  1462              conditions:
  1463                default:
  1464                - lastTransitionTime: "1970-01-01T00:00:00Z"
  1465                  message: Waiting for controller
  1466                  reason: Pending
  1467                  status: Unknown
  1468                  type: Accepted
  1469                - lastTransitionTime: "1970-01-01T00:00:00Z"
  1470                  message: Waiting for controller
  1471                  reason: Pending
  1472                  status: Unknown
  1473                  type: Programmed
  1474                description: "Conditions describe the current conditions of the Gateway.
  1475                  \n Implementations should prefer to express Gateway conditions using
  1476                  the `GatewayConditionType` and `GatewayConditionReason` constants
  1477                  so that operators and tools can converge on a common vocabulary
  1478                  to describe Gateway state. \n Known condition types are: \n * \"Accepted\"
  1479                  * \"Programmed\" * \"Ready\""
  1480                items:
  1481                  description: "Condition contains details for one aspect of the current
  1482                    state of this API Resource. --- This struct is intended for direct
  1483                    use as an array at the field path .status.conditions.  For example,
  1484                    \n type FooStatus struct{ // Represents the observations of a
  1485                    foo's current state. // Known .status.conditions.type are: \"Available\",
  1486                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
  1487                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
  1488                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
  1489                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
  1490                  properties:
  1491                    lastTransitionTime:
  1492                      description: lastTransitionTime is the last time the condition
  1493                        transitioned from one status to another. This should be when
  1494                        the underlying condition changed.  If that is not known, then
  1495                        using the time when the API field changed is acceptable.
  1496                      format: date-time
  1497                      type: string
  1498                    message:
  1499                      description: message is a human readable message indicating
  1500                        details about the transition. This may be an empty string.
  1501                      maxLength: 32768
  1502                      type: string
  1503                    observedGeneration:
  1504                      description: observedGeneration represents the .metadata.generation
  1505                        that the condition was set based upon. For instance, if .metadata.generation
  1506                        is currently 12, but the .status.conditions[x].observedGeneration
  1507                        is 9, the condition is out of date with respect to the current
  1508                        state of the instance.
  1509                      format: int64
  1510                      minimum: 0
  1511                      type: integer
  1512                    reason:
  1513                      description: reason contains a programmatic identifier indicating
  1514                        the reason for the condition's last transition. Producers
  1515                        of specific condition types may define expected values and
  1516                        meanings for this field, and whether the values are considered
  1517                        a guaranteed API. The value should be a CamelCase string.
  1518                        This field may not be empty.
  1519                      maxLength: 1024
  1520                      minLength: 1
  1521                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
  1522                      type: string
  1523                    status:
  1524                      description: status of the condition, one of True, False, Unknown.
  1525                      enum:
  1526                      - "True"
  1527                      - "False"
  1528                      - Unknown
  1529                      type: string
  1530                    type:
  1531                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
  1532                        --- Many .condition.type values are consistent across resources
  1533                        like Available, but because arbitrary conditions can be useful
  1534                        (see .node.status.conditions), the ability to deconflict is
  1535                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
  1536                      maxLength: 316
  1537                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
  1538                      type: string
  1539                  required:
  1540                  - lastTransitionTime
  1541                  - message
  1542                  - reason
  1543                  - status
  1544                  - type
  1545                  type: object
  1546                maxItems: 8
  1547                type: array
  1548                x-kubernetes-list-map-keys:
  1549                - type
  1550                x-kubernetes-list-type: map
  1551              listeners:
  1552                description: Listeners provide status for each unique listener port
  1553                  defined in the Spec.
  1554                items:
  1555                  description: ListenerStatus is the status associated with a Listener.
  1556                  properties:
  1557                    attachedRoutes:
  1558                      description: "AttachedRoutes represents the total number of
  1559                        Routes that have been successfully attached to this Listener.
  1560                        \n Successful attachment of a Route to a Listener is based
  1561                        solely on the combination of the AllowedRoutes field on the
  1562                        corresponding Listener and the Route's ParentRefs field. A
  1563                        Route is successfully attached to a Listener when it is selected
  1564                        by the Listener's AllowedRoutes field AND the Route has a
  1565                        valid ParentRef selecting the whole Gateway resource or a
  1566                        specific Listener as a parent resource (more detail on attachment
  1567                        semantics can be found in the documentation on the various
  1568                        Route kinds ParentRefs fields). Listener or Route status does
  1569                        not impact successful attachment, i.e. the AttachedRoutes
  1570                        field count MUST be set for Listeners with condition Accepted:
  1571                        false and MUST count successfully attached Routes that may
  1572                        themselves have Accepted: false conditions. \n Uses for this
  1573                        field include troubleshooting Route attachment and measuring
  1574                        blast radius/impact of changes to a Listener."
  1575                      format: int32
  1576                      type: integer
  1577                    conditions:
  1578                      description: Conditions describe the current condition of this
  1579                        listener.
  1580                      items:
  1581                        description: "Condition contains details for one aspect of
  1582                          the current state of this API Resource. --- This struct
  1583                          is intended for direct use as an array at the field path
  1584                          .status.conditions.  For example, \n type FooStatus struct{
  1585                          // Represents the observations of a foo's current state.
  1586                          // Known .status.conditions.type are: \"Available\", \"Progressing\",
  1587                          and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
  1588                          // +listType=map // +listMapKey=type Conditions []metav1.Condition
  1589                          `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
  1590                          protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields
  1591                          }"
  1592                        properties:
  1593                          lastTransitionTime:
  1594                            description: lastTransitionTime is the last time the condition
  1595                              transitioned from one status to another. This should
  1596                              be when the underlying condition changed.  If that is
  1597                              not known, then using the time when the API field changed
  1598                              is acceptable.
  1599                            format: date-time
  1600                            type: string
  1601                          message:
  1602                            description: message is a human readable message indicating
  1603                              details about the transition. This may be an empty string.
  1604                            maxLength: 32768
  1605                            type: string
  1606                          observedGeneration:
  1607                            description: observedGeneration represents the .metadata.generation
  1608                              that the condition was set based upon. For instance,
  1609                              if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
  1610                              is 9, the condition is out of date with respect to the
  1611                              current state of the instance.
  1612                            format: int64
  1613                            minimum: 0
  1614                            type: integer
  1615                          reason:
  1616                            description: reason contains a programmatic identifier
  1617                              indicating the reason for the condition's last transition.
  1618                              Producers of specific condition types may define expected
  1619                              values and meanings for this field, and whether the
  1620                              values are considered a guaranteed API. The value should
  1621                              be a CamelCase string. This field may not be empty.
  1622                            maxLength: 1024
  1623                            minLength: 1
  1624                            pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
  1625                            type: string
  1626                          status:
  1627                            description: status of the condition, one of True, False,
  1628                              Unknown.
  1629                            enum:
  1630                            - "True"
  1631                            - "False"
  1632                            - Unknown
  1633                            type: string
  1634                          type:
  1635                            description: type of condition in CamelCase or in foo.example.com/CamelCase.
  1636                              --- Many .condition.type values are consistent across
  1637                              resources like Available, but because arbitrary conditions
  1638                              can be useful (see .node.status.conditions), the ability
  1639                              to deconflict is important. The regex it matches is
  1640                              (dns1123SubdomainFmt/)?(qualifiedNameFmt)
  1641                            maxLength: 316
  1642                            pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
  1643                            type: string
  1644                        required:
  1645                        - lastTransitionTime
  1646                        - message
  1647                        - reason
  1648                        - status
  1649                        - type
  1650                        type: object
  1651                      maxItems: 8
  1652                      type: array
  1653                      x-kubernetes-list-map-keys:
  1654                      - type
  1655                      x-kubernetes-list-type: map
  1656                    name:
  1657                      description: Name is the name of the Listener that this status
  1658                        corresponds to.
  1659                      maxLength: 253
  1660                      minLength: 1
  1661                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
  1662                      type: string
  1663                    supportedKinds:
  1664                      description: "SupportedKinds is the list indicating the Kinds
  1665                        supported by this listener. This MUST represent the kinds
  1666                        an implementation supports for that Listener configuration.
  1667                        \n If kinds are specified in Spec that are not supported,
  1668                        they MUST NOT appear in this list and an implementation MUST
  1669                        set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\"
  1670                        reason. If both valid and invalid Route kinds are specified,
  1671                        the implementation MUST reference the valid Route kinds that
  1672                        have been specified."
  1673                      items:
  1674                        description: RouteGroupKind indicates the group and kind of
  1675                          a Route resource.
  1676                        properties:
  1677                          group:
  1678                            default: gateway.networking.k8s.io
  1679                            description: Group is the group of the Route.
  1680                            maxLength: 253
  1681                            pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
  1682                            type: string
  1683                          kind:
  1684                            description: Kind is the kind of the Route.
  1685                            maxLength: 63
  1686                            minLength: 1
  1687                            pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
  1688                            type: string
  1689                        required:
  1690                        - kind
  1691                        type: object
  1692                      maxItems: 8
  1693                      type: array
  1694                  required:
  1695                  - attachedRoutes
  1696                  - conditions
  1697                  - name
  1698                  - supportedKinds
  1699                  type: object
  1700                maxItems: 64
  1701                type: array
  1702                x-kubernetes-list-map-keys:
  1703                - name
  1704                x-kubernetes-list-type: map
  1705            type: object
  1706        required:
  1707        - spec
  1708        type: object
  1709    served: true
  1710    storage: true
  1711    subresources:
  1712      status: {}
  1713status:
  1714  acceptedNames:
  1715    kind: ""
  1716    plural: ""
  1717  conditions: null
  1718  storedVersions: null

View as plain text