v1beta1

package
v0.9.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 11, 2021 License: Apache-2.0 Imports: 16 Imported by: 34

Documentation

Overview

Package v1beta1 contains API Schema definitions for the istio v1beta1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/banzaicloud/istio-operator/pkg/apis/istio +k8s:defaulter-gen=TypeMeta +groupName=istio.banzaicloud.io

Package v1beta1 contains API Schema definitions for the istio v1beta1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/banzaicloud/istio-operator/pkg/apis/istio +k8s:defaulter-gen=TypeMeta +groupName=istio.banzaicloud.io

Index

Constants

View Source
const (
	ProxyStatusPort      = 15020
	PortStatusPortNumber = 15021
	PortStatusPortName   = "status-port"
)
View Source
const (
	LegacyAutoInjectionLabelKey     = "istio-injection"
	RevisionedAutoInjectionLabelKey = "istio.io/rev"

	ManualInjectionLabelKey = "sidecar.istio.io/inject"
)

Variables

View Source
var (
	SupportedIstioVersion = "1.9.7"
	Version               = "0.9.9"

	DisableInjectionLabel = map[string]string{
		ManualInjectionLabelKey: "false",
	}
)
View Source
var (
	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: "istio.banzaicloud.io", Version: "v1beta1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

	// AddToScheme is required by pkg/client/...
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func NamespacedNameFromRevision

func NamespacedNameFromRevision(revision string) types.NamespacedName

func NamespacedRevision

func NamespacedRevision(revision, namespace string) string

func Resource

func Resource(resource string) schema.GroupResource

Resource is required by pkg/client/listers/...

func SetDefaults

func SetDefaults(config *Istio)

func SetRemoteIstioDefaults

func SetRemoteIstioDefaults(remoteconfig *RemoteIstio)

Types

type BaseK8sResourceConfiguration

type BaseK8sResourceConfiguration struct {
	Resources       *corev1.ResourceRequirements `json:"resources,omitempty"`
	NodeSelector    map[string]string            `json:"nodeSelector,omitempty"`
	Affinity        *corev1.Affinity             `json:"affinity,omitempty"`
	Tolerations     []corev1.Toleration          `json:"tolerations,omitempty"`
	PodAnnotations  map[string]string            `json:"podAnnotations,omitempty"`
	SecurityContext *corev1.SecurityContext      `json:"securityContext,omitempty"`
}

BaseK8sResourceConfiguration defines basic K8s resource spec configurations

func (*BaseK8sResourceConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BaseK8sResourceConfiguration.

func (*BaseK8sResourceConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BaseK8sResourceConfigurationWithHPA

type BaseK8sResourceConfigurationWithHPA struct {
	// +kubebuilder:validation:Minimum=0
	MinReplicas *int32 `json:"minReplicas,omitempty"`
	// +kubebuilder:validation:Minimum=0
	MaxReplicas                              *int32 `json:"maxReplicas,omitempty"`
	BaseK8sResourceConfigurationWithReplicas `json:",inline"`
}

func (*BaseK8sResourceConfigurationWithHPA) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BaseK8sResourceConfigurationWithHPA.

func (*BaseK8sResourceConfigurationWithHPA) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BaseK8sResourceConfigurationWithHPAWithoutImage

type BaseK8sResourceConfigurationWithHPAWithoutImage struct {
	// +kubebuilder:validation:Minimum=0
	ReplicaCount *int32 `json:"replicaCount,omitempty"`
	// +kubebuilder:validation:Minimum=0
	MinReplicas *int32 `json:"minReplicas,omitempty"`
	// +kubebuilder:validation:Minimum=0
	MaxReplicas                  *int32 `json:"maxReplicas,omitempty"`
	BaseK8sResourceConfiguration `json:",inline"`
}

func (*BaseK8sResourceConfigurationWithHPAWithoutImage) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BaseK8sResourceConfigurationWithHPAWithoutImage.

func (*BaseK8sResourceConfigurationWithHPAWithoutImage) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BaseK8sResourceConfigurationWithImage

type BaseK8sResourceConfigurationWithImage struct {
	Image                        *string `json:"image,omitempty"`
	BaseK8sResourceConfiguration `json:",inline"`
}

func (*BaseK8sResourceConfigurationWithImage) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BaseK8sResourceConfigurationWithImage.

func (*BaseK8sResourceConfigurationWithImage) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BaseK8sResourceConfigurationWithReplicas

type BaseK8sResourceConfigurationWithReplicas struct {
	// +kubebuilder:validation:Minimum=0
	ReplicaCount                          *int32 `json:"replicaCount,omitempty"`
	BaseK8sResourceConfigurationWithImage `json:",inline"`
}

func (*BaseK8sResourceConfigurationWithReplicas) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BaseK8sResourceConfigurationWithReplicas.

func (*BaseK8sResourceConfigurationWithReplicas) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CNIRepairConfiguration

type CNIRepairConfiguration struct {
	Enabled             *bool   `json:"enabled,omitempty"`
	Hub                 *string `json:"hub,omitempty"`
	Tag                 *string `json:"tag,omitempty"`
	LabelPods           *bool   `json:"labelPods,omitempty"`
	DeletePods          *bool   `json:"deletePods,omitempty"`
	InitContainerName   *string `json:"initContainerName,omitempty"`
	BrokenPodLabelKey   *string `json:"brokenPodLabelKey,omitempty"`
	BrokenPodLabelValue *string `json:"brokenPodLabelValue,omitempty"`
}

CNIRepairConfiguration defines config for the repair CNI container

func (*CNIRepairConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CNIRepairConfiguration.

func (*CNIRepairConfiguration) DeepCopyInto

func (in *CNIRepairConfiguration) DeepCopyInto(out *CNIRepairConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CNITaintConfiguration

type CNITaintConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
}

CNITaintConfiguration defines config for the CNI taint controller

func (*CNITaintConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CNITaintConfiguration.

func (*CNITaintConfiguration) DeepCopyInto

func (in *CNITaintConfiguration) DeepCopyInto(out *CNITaintConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateConfig

type CertificateConfig struct {
	SecretName *string  `json:"secretName,omitempty"`
	DNSNames   []string `json:"dnsNames,omitempty"`
}

CertificateConfig configures DNS certificates provisioned through Chiron linked into Pilot

func (*CertificateConfig) DeepCopy

func (in *CertificateConfig) DeepCopy() *CertificateConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateConfig.

func (*CertificateConfig) DeepCopyInto

func (in *CertificateConfig) DeepCopyInto(out *CertificateConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CitadelConfiguration

type CitadelConfiguration struct {
	Enabled                               *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithImage `json:",inline"`
	CASecretName                          string `json:"caSecretName,omitempty"`
	// Enable health checking on the Citadel CSR signing API. https://istio.io/docs/tasks/security/health-check/
	HealthCheck *bool `json:"healthCheck,omitempty"`
	// For the workloads running in Kubernetes, the lifetime of their Istio certificates is controlled by the workload-cert-ttl flag on Citadel. The default value is 90 days. This value should be no greater than max-workload-cert-ttl of Citadel.
	WorkloadCertTTL string `json:"workloadCertTTL,omitempty"`
	// Citadel uses a flag max-workload-cert-ttl to control the maximum lifetime for Istio certificates issued to workloads. The default value is 90 days. If workload-cert-ttl on Citadel or node agent is greater than max-workload-cert-ttl, Citadel will fail issuing the certificate.
	MaxWorkloadCertTTL string `json:"maxWorkloadCertTTL,omitempty"`

	// Determines Citadel default behavior if the ca.istio.io/env or ca.istio.io/override
	// labels are not found on a given namespace.
	//
	// For example: consider a namespace called "target", which has neither the "ca.istio.io/env"
	// nor the "ca.istio.io/override" namespace labels. To decide whether or not to generate secrets
	// for service accounts created in this "target" namespace, Citadel will defer to this option. If the value
	// of this option is "true" in this case, secrets will be generated for the "target" namespace.
	// If the value of this option is "false" Citadel will not generate secrets upon service account creation.
	EnableNamespacesByDefault *bool `json:"enableNamespacesByDefault,omitempty"`

	// Whether SDS is enabled.
	SDSEnabled *bool `json:"sdsEnabled,omitempty"`

	// Select the namespaces for the Citadel to listen to, separated by comma. If set to empty,
	// Citadel listens to all namespaces.
	ListenedNamespaces *string `json:"listenedNamespaces,omitempty"`

	// If present will be appended at the end of the initial/preconfigured container arguments
	AdditionalContainerArgs []string `json:"additionalContainerArgs,omitempty"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`
}

CitadelConfiguration defines config options for Citadel

func (*CitadelConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CitadelConfiguration.

func (*CitadelConfiguration) DeepCopyInto

func (in *CitadelConfiguration) DeepCopyInto(out *CitadelConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigState

type ConfigState string
const (
	Created         ConfigState = "Created"
	ReconcileFailed ConfigState = "ReconcileFailed"
	Reconciling     ConfigState = "Reconciling"
	Available       ConfigState = "Available"
	Unmanaged       ConfigState = "Unmanaged"
)

type ControlPlaneAuthPolicyType

type ControlPlaneAuthPolicyType string
const (
	ControlPlaneAuthPolicyMTLS ControlPlaneAuthPolicyType = "MUTUAL_TLS"
	ControlPlaneAuthPolicyNone ControlPlaneAuthPolicyType = "NONE"
)

type DatadogConfiugration

type DatadogConfiugration struct {
	// Host:Port for submitting traces to the Datadog agent.
	// +kubebuilder:validation:Pattern=`^[^:]+:[0-9]{1,5}$`
	Address string `json:"address,omitempty"`
}

Configuration for Envoy to send trace data to Datadog

func (*DatadogConfiugration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatadogConfiugration.

func (*DatadogConfiugration) DeepCopyInto

func (in *DatadogConfiugration) DeepCopyInto(out *DatadogConfiugration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Domain

type Domain string

+kubebuilder:validation:Pattern=`^[-a-z0-9.]+$`

type EnvoyServiceCommonConfiguration

type EnvoyServiceCommonConfiguration struct {
	Enabled      *bool         `json:"enabled,omitempty"`
	Host         string        `json:"host,omitempty"`
	Port         int32         `json:"port,omitempty"`
	TLSSettings  *TLSSettings  `json:"tlsSettings,omitempty"`
	TCPKeepalive *TCPKeepalive `json:"tcpKeepalive,omitempty"`
}

func (*EnvoyServiceCommonConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyServiceCommonConfiguration.

func (*EnvoyServiceCommonConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (EnvoyServiceCommonConfiguration) GetData

func (c EnvoyServiceCommonConfiguration) GetData() map[string]interface{}

func (EnvoyServiceCommonConfiguration) GetDataJSON

func (c EnvoyServiceCommonConfiguration) GetDataJSON() string

type EnvoyStatsD

type EnvoyStatsD struct {
	Enabled *bool  `json:"enabled,omitempty"`
	Host    string `json:"host,omitempty"`
	Port    int32  `json:"port,omitempty"`
}

func (*EnvoyStatsD) DeepCopy

func (in *EnvoyStatsD) DeepCopy() *EnvoyStatsD

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyStatsD.

func (*EnvoyStatsD) DeepCopyInto

func (in *EnvoyStatsD) DeepCopyInto(out *EnvoyStatsD)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalIstiodConfiguration

type ExternalIstiodConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
}

ExternalIstiodConfiguration defines settings for local istiod to control remote clusters as well

func (*ExternalIstiodConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalIstiodConfiguration.

func (*ExternalIstiodConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GalleyConfiguration

type GalleyConfiguration struct {
	Enabled                                  *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithReplicas `json:",inline"`
	ConfigValidation                         *bool `json:"configValidation,omitempty"`
	EnableServiceDiscovery                   *bool `json:"enableServiceDiscovery,omitempty"`
	EnableAnalysis                           *bool `json:"enableAnalysis,omitempty"`

	// If present will be appended at the end of the initial/preconfigured container arguments
	AdditionalContainerArgs []string `json:"additionalContainerArgs,omitempty"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`
}

GalleyConfiguration defines config options for Galley

func (*GalleyConfiguration) DeepCopy

func (in *GalleyConfiguration) DeepCopy() *GalleyConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GalleyConfiguration.

func (*GalleyConfiguration) DeepCopyInto

func (in *GalleyConfiguration) DeepCopyInto(out *GalleyConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GatewayConfiguration

type GatewayConfiguration struct {
	MeshGatewayConfiguration `json:",inline"`
	Ports                    []ServicePort `json:"ports,omitempty"`
	Enabled                  *bool         `json:"enabled,omitempty"`
	// Whether to fully reconcile the MGW resource or just take care that it exists
	CreateOnly *bool `json:"createOnly,omitempty"`
}

func (*GatewayConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayConfiguration.

func (*GatewayConfiguration) DeepCopyInto

func (in *GatewayConfiguration) DeepCopyInto(out *GatewayConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GatewaySDSConfiguration

type GatewaySDSConfiguration struct {
	Enabled   *bool                        `json:"enabled,omitempty"`
	Image     string                       `json:"image,omitempty"`
	Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
}

func (*GatewaySDSConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewaySDSConfiguration.

func (*GatewaySDSConfiguration) DeepCopyInto

func (in *GatewaySDSConfiguration) DeepCopyInto(out *GatewaySDSConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GatewayType

type GatewayType string
const (
	GatewayTypeIngress GatewayType = "ingress"
	GatewayTypeEgress  GatewayType = "egress"
)

type GatewaysConfiguration

type GatewaysConfiguration struct {
	Enabled       *bool                   `json:"enabled,omitempty"`
	Ingress       GatewayConfiguration    `json:"ingress,omitempty"`
	Egress        GatewayConfiguration    `json:"egress,omitempty"`
	MeshExpansion GatewayConfiguration    `json:"meshExpansion,omitempty"`
	K8sIngress    K8sIngressConfiguration `json:"k8singress,omitempty"`
}

GatewaysConfiguration defines config options for Gateways

func (*GatewaysConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewaysConfiguration.

func (*GatewaysConfiguration) DeepCopyInto

func (in *GatewaysConfiguration) DeepCopyInto(out *GatewaysConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPProxyEnvs

type HTTPProxyEnvs struct {
	HTTPProxy  string `json:"httpProxy,omitempty"`
	HTTPSProxy string `json:"httpsProxy,omitempty"`
	NoProxy    string `json:"noProxy,omitempty"`
}

func (*HTTPProxyEnvs) DeepCopy

func (in *HTTPProxyEnvs) DeepCopy() *HTTPProxyEnvs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPProxyEnvs.

func (*HTTPProxyEnvs) DeepCopyInto

func (in *HTTPProxyEnvs) DeepCopyInto(out *HTTPProxyEnvs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InitCNIConfiguration

type InitCNIConfiguration struct {
	// If true, the privileged initContainer istio-init is not needed to perform the traffic redirect
	// settings for the istio-proxy
	Enabled *bool  `json:"enabled,omitempty"`
	Image   string `json:"image,omitempty"`
	// Must be the same as the environment’s --cni-bin-dir setting (kubelet parameter)
	BinDir string `json:"binDir,omitempty"`
	// Must be the same as the environment’s --cni-conf-dir setting (kubelet parameter)
	ConfDir string `json:"confDir,omitempty"`
	// List of namespaces to exclude from Istio pod check
	ExcludeNamespaces []string `json:"excludeNamespaces,omitempty"`
	// List of namespaces to include for Istio pod check
	IncludeNamespaces []string `json:"includeNamespaces,omitempty"`
	// Logging level for CNI binary
	LogLevel string                 `json:"logLevel,omitempty"`
	Affinity *corev1.Affinity       `json:"affinity,omitempty"`
	Chained  *bool                  `json:"chained,omitempty"`
	Repair   CNIRepairConfiguration `json:"repair,omitempty"`
	Taint    CNITaintConfiguration  `json:"taint,omitempty"`
}

InitCNIConfiguration defines config for the sidecar proxy init CNI plugin

func (*InitCNIConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitCNIConfiguration.

func (*InitCNIConfiguration) DeepCopyInto

func (in *InitCNIConfiguration) DeepCopyInto(out *InitCNIConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Istio

type Istio struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IstioSpec   `json:"spec,omitempty"`
	Status IstioStatus `json:"status,omitempty"`
}

Istio is the Schema for the istios API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.Status",description="Status of the resource" +kubebuilder:printcolumn:name="Error",type="string",JSONPath=".status.ErrorMessage",description="Error message" +kubebuilder:printcolumn:name="Ingress IPs",type="string",JSONPath=".status.GatewayAddress",description="Ingress gateway addresses of the resource" +kubebuilder:printcolumn:name="Network name",type="string",JSONPath=".spec.networkName",description="Network name" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func (*Istio) DeepCopy

func (in *Istio) DeepCopy() *Istio

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Istio.

func (*Istio) DeepCopyInto

func (in *Istio) DeepCopyInto(out *Istio)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Istio) DeepCopyObject

func (in *Istio) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Istio) GetCAAddress

func (c *Istio) GetCAAddress() string

func (*Istio) GetControlPlaneAuthPolicy

func (c *Istio) GetControlPlaneAuthPolicy() ControlPlaneAuthPolicyType

func (*Istio) GetDiscoveryAddress

func (c *Istio) GetDiscoveryAddress() string

func (*Istio) GetDiscoveryHost

func (c *Istio) GetDiscoveryHost(withClusterDomain bool) string

func (*Istio) GetDiscoveryPort

func (c *Istio) GetDiscoveryPort() int

func (*Istio) GetWebhookPort

func (c *Istio) GetWebhookPort() int

func (*Istio) IsRevisionUsed

func (c *Istio) IsRevisionUsed() bool

func (*Istio) LegacyInjectionLabels

func (c *Istio) LegacyInjectionLabels() map[string]string

func (*Istio) NamespacedRevision

func (c *Istio) NamespacedRevision() string

func (*Istio) Revision

func (c *Istio) Revision() string

func (*Istio) RevisionLabels

func (c *Istio) RevisionLabels() map[string]string

func (*Istio) SetDefaults

func (config *Istio) SetDefaults()

SetDefaults used to support generic defaulter interface

func (*Istio) SetGatewayAddress

func (c *Istio) SetGatewayAddress(address []string)

func (*Istio) WithNamespacedRevision

func (c *Istio) WithNamespacedRevision(s string) string

func (*Istio) WithRevision

func (c *Istio) WithRevision(s string) string

func (*Istio) WithRevisionIf

func (c *Istio) WithRevisionIf(s string, condition bool) string

type IstioCoreDNS

type IstioCoreDNS struct {
	Enabled                             *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithHPA `json:",inline"`
	PluginImage                         string `json:"pluginImage,omitempty"`
}

func (*IstioCoreDNS) DeepCopy

func (in *IstioCoreDNS) DeepCopy() *IstioCoreDNS

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstioCoreDNS.

func (*IstioCoreDNS) DeepCopyInto

func (in *IstioCoreDNS) DeepCopyInto(out *IstioCoreDNS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IstioList

type IstioList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Istio `json:"items"`
}

IstioList contains a list of Istio

func (*IstioList) DeepCopy

func (in *IstioList) DeepCopy() *IstioList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstioList.

func (*IstioList) DeepCopyInto

func (in *IstioList) DeepCopyInto(out *IstioList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IstioList) DeepCopyObject

func (in *IstioList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IstioService

type IstioService struct {
	Name          string               `json:"name"`
	LabelSelector string               `json:"labelSelector,omitempty"`
	IPs           []string             `json:"podIPs,omitempty"`
	Ports         []corev1.ServicePort `json:"ports,omitempty"`
}

func (*IstioService) DeepCopy

func (in *IstioService) DeepCopy() *IstioService

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstioService.

func (*IstioService) DeepCopyInto

func (in *IstioService) DeepCopyInto(out *IstioService)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IstioSpec

type IstioSpec struct {
	// Contains the intended Istio version
	Version IstioVersion `json:"version"`

	// Logging configurations
	Logging LoggingConfiguration `json:"logging,omitempty"`

	// MeshPolicy configures the mesh-wide PeerAuthentication resource
	MeshPolicy MeshPolicyConfiguration `json:"meshPolicy,omitempty"`

	// DEPRECATED: Use meshPolicy instead.
	// MTLS enables or disables global mTLS
	MTLS *bool `json:"mtls,omitempty"`

	// If set to true, and a given service does not have a corresponding DestinationRule configured,
	// or its DestinationRule does not have TLSSettings specified, Istio configures client side
	// TLS configuration automatically, based on the server side mTLS authentication policy and the
	// availability of sidecars.
	AutoMTLS *bool `json:"autoMtls,omitempty"`

	// IncludeIPRanges the range where to capture egress traffic
	IncludeIPRanges string `json:"includeIPRanges,omitempty"`

	// ExcludeIPRanges the range where not to capture egress traffic
	ExcludeIPRanges string `json:"excludeIPRanges,omitempty"`

	// ExcludeInboundPorts the comma separated list of inbound ports to be excluded from redirection to Envoy
	ExcludeInboundPorts string `json:"excludeInboundPorts,omitempty"`

	// ExcludeOutboundPorts the comma separated list of outbound ports to be excluded from redirection to Envoy
	ExcludeOutboundPorts string `json:"excludeOutboundPorts,omitempty"`

	// List of namespaces to label with sidecar auto injection enabled
	AutoInjectionNamespaces []string `json:"autoInjectionNamespaces,omitempty"`

	// ControlPlaneAuthPolicy defines how the proxy is authenticated when it connects to the control plane
	// +kubebuilder:validation:Enum=MUTUAL_TLS;NONE
	ControlPlaneAuthPolicy ControlPlaneAuthPolicyType `json:"controlPlaneAuthPolicy,omitempty"`

	// Use the user-specified, secret volume mounted key and certs for Pilot and workloads.
	MountMtlsCerts *bool `json:"mountMtlsCerts,omitempty"`

	// DefaultResources are applied for all Istio components by default, can be overridden for each component
	DefaultResources *corev1.ResourceRequirements `json:"defaultResources,omitempty"`

	// If SDS is configured, mTLS certificates for the sidecars will be distributed through the SecretDiscoveryService instead of using K8S secrets to mount the certificates
	SDS SDSConfiguration `json:"sds,omitempty"`

	// Istiod configuration
	Istiod IstiodConfiguration `json:"istiod,omitempty"`

	// Pilot configuration options
	Pilot PilotConfiguration `json:"pilot,omitempty"`

	// Citadel configuration options
	Citadel CitadelConfiguration `json:"citadel,omitempty"`

	// Galley configuration options
	Galley GalleyConfiguration `json:"galley,omitempty"`

	// Gateways configuration options
	Gateways GatewaysConfiguration `json:"gateways,omitempty"`

	// Mixer configuration options
	Mixer MixerConfiguration `json:"mixer,omitempty"`

	// Policy configuration options
	Policy PolicyConfiguration `json:"policy,omitempty"`

	// Telemetry configuration options
	Telemetry TelemetryConfiguration `json:"telemetry,omitempty"`

	// SidecarInjector configuration options
	SidecarInjector SidecarInjectorConfiguration `json:"sidecarInjector,omitempty"`

	// ProxyWasm configuration options
	ProxyWasm ProxyWasmConfiguration `json:"proxyWasm,omitempty"`

	// NodeAgent configuration options
	NodeAgent NodeAgentConfiguration `json:"nodeAgent,omitempty"`

	// Proxy configuration options
	Proxy ProxyConfiguration `json:"proxy,omitempty"`

	// Proxy Init configuration options
	// DEPRECATED: Use proxy.init instead
	ProxyInit ProxyInitConfiguration `json:"proxyInit,omitempty"`

	// Whether to restrict the applications namespace the controller manages
	WatchOneNamespace bool `json:"watchOneNamespace,omitempty"`

	// Prior to Kubernetes v1.17.0 it was not allowed to use the system-cluster-critical and system-node-critical
	// PriorityClass outside of the kube-system namespace, so it is advised to create your own PriorityClass
	// and use its name here
	// On Kubernetes >=v1.17.0 it is possible to configure system-cluster-critical and
	// system-node-critical PriorityClass in order to make sure your Istio pods
	// will not be killed because of low priority class.
	// Refer to https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
	// for more detail.
	PriorityClassName string `json:"priorityClassName,omitempty"`

	// Use the Mesh Control Protocol (MCP) for configuring Mixer and Pilot. Requires an MCP source.
	UseMCP *bool `json:"useMCP,omitempty"`

	// Set the default set of namespaces to which services, service entries, virtual services, destination rules should be exported to
	DefaultConfigVisibility string `json:"defaultConfigVisibility,omitempty"`

	// Whether or not to establish watches for adapter-specific CRDs
	WatchAdapterCRDs bool `json:"watchAdapterCRDs,omitempty"`

	// Enable pod disruption budget for the control plane, which is used to ensure Istio control plane components are gradually upgraded or recovered
	DefaultPodDisruptionBudget PDBConfiguration `json:"defaultPodDisruptionBudget,omitempty"`

	// Set the default behavior of the sidecar for handling outbound traffic from the application (ALLOW_ANY or REGISTRY_ONLY)
	OutboundTrafficPolicy OutboundTrafficPolicyConfiguration `json:"outboundTrafficPolicy,omitempty"`

	// Configuration for each of the supported tracers
	Tracing TracingConfiguration `json:"tracing,omitempty"`

	// ImagePullPolicy describes a policy for if/when to pull a container image
	// +kubebuilder:validation:Enum=Always;Never;IfNotPresent
	ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`

	// If set to true, the pilot and citadel mtls will be exposed on the
	// ingress gateway also the remote istios will be connected through gateways
	MeshExpansion *bool `json:"meshExpansion,omitempty"`

	// Set to true to connect two or more meshes via their respective
	// ingressgateway services when workloads in each cluster cannot directly
	// talk to one another. All meshes should be using Istio mTLS and must
	// have a shared root CA for this model to work.
	// DEPRECATED: Use multiMeshExpansion.enabled instead
	MultiMesh *bool `json:"multiMesh,omitempty"`

	// Multi mesh communication related configuration
	MultiMeshExpansion *MultiMeshConfiguration `json:"multiMeshExpansion,omitempty"`

	// The domain for global service names
	// DEPRECATED: Use multiMeshExpansion.domains instead
	GlobalDomain *string `json:"globalDomain,omitempty"`

	// Istio CoreDNS provides DNS resolution for services in multi mesh setups
	IstioCoreDNS IstioCoreDNS `json:"istioCoreDNS,omitempty"`

	// Locality based load balancing distribution or failover settings.
	LocalityLB *LocalityLBConfiguration `json:"localityLB,omitempty"`

	// Should be set to the name of the cluster this installation will run in.
	// This is required for sidecar injection to properly label proxies
	ClusterName string `json:"clusterName,omitempty"`

	// Network defines the network this cluster belongs to. This name
	// corresponds to the networks in the map of mesh networks.
	NetworkName string `json:"networkName,omitempty"`

	// Mesh ID means Mesh Identifier. It should be unique within the scope where
	// meshes will interact with each other, but it is not required to be
	// globally/universally unique.
	MeshID string `json:"meshID,omitempty"`

	// Mixerless telemetry configuration
	MixerlessTelemetry *MixerlessTelemetryConfiguration `json:"mixerlessTelemetry,omitempty"`

	MeshNetworks *MeshNetworks `json:"-"`

	// The domain serves to identify the system with SPIFFE. (default "cluster.local")
	TrustDomain string `json:"trustDomain,omitempty"`

	//  The trust domain aliases represent the aliases of trust_domain.
	//  For example, if we have
	//  trustDomain: td1
	//  trustDomainAliases: ["td2", "td3"]
	//  Any service with the identity "td1/ns/foo/sa/a-service-account", "td2/ns/foo/sa/a-service-account",
	//  or "td3/ns/foo/sa/a-service-account" will be treated the same in the Istio mesh.
	TrustDomainAliases []string `json:"trustDomainAliases,omitempty"`

	// Configures DNS certificates provisioned through Chiron linked into Pilot.
	// The DNS names in this file are all hard-coded; please ensure the namespaces
	// in dnsNames are consistent with those of your services.
	// Example:
	// certificates:
	// certificates:
	//   - secretName: dns.istiod-service-account
	//     dnsNames: [istiod.istio-system.svc, istiod.istio-system]
	// +k8s:deepcopy-gen:interfaces=Certificates
	Certificates []CertificateConfig `json:"certificates,omitempty"`

	// Configure the policy for validating JWT.
	// Currently, two options are supported: "third-party-jwt" and "first-party-jwt".
	// +kubebuilder:validation:Enum=third-party-jwt;first-party-jwt
	JWTPolicy JWTPolicyType `json:"jwtPolicy,omitempty"`

	// The customized CA address to retrieve certificates for the pods in the cluster.
	// CSR clients such as the Istio Agent and ingress gateways can use this to specify the CA endpoint.
	CAAddress string `json:"caAddress,omitempty"`

	// Upstream HTTP proxy properties to be injected as environment variables to the pod containers
	HTTPProxyEnvs HTTPProxyEnvs `json:"httpProxyEnvs,omitempty"`

	// Specifies whether the control plane is a global one or revisioned. There must be only one global control plane.
	Global *bool `json:"global,omitempty"`

	// ImagePullSecrets is an optional list of references to secrets to use for pulling any of the images.
	ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`

	// K8SOverlays conaints overlay patches for k8s resources
	K8SOverlays []resources.K8SResourceOverlay `json:"k8sResourceOverlays,omitempty"`
}

IstioSpec defines the desired state of Istio

func (*IstioSpec) DeepCopy

func (in *IstioSpec) DeepCopy() *IstioSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstioSpec.

func (*IstioSpec) DeepCopyInto

func (in *IstioSpec) DeepCopyInto(out *IstioSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IstioSpec) GetDefaultConfigVisibility

func (s IstioSpec) GetDefaultConfigVisibility() string

func (*IstioSpec) GetMeshNetworks

func (s *IstioSpec) GetMeshNetworks() *MeshNetworks

func (*IstioSpec) GetMeshNetworksHash

func (s *IstioSpec) GetMeshNetworksHash() string

func (IstioSpec) GetMultiMeshExpansion

func (s IstioSpec) GetMultiMeshExpansion() *MultiMeshConfiguration

func (*IstioSpec) SetMeshNetworks

func (s *IstioSpec) SetMeshNetworks(networks *MeshNetworks) *IstioSpec

type IstioStatus

type IstioStatus struct {
	Status         ConfigState `json:"Status,omitempty"`
	GatewayAddress []string    `json:"GatewayAddress,omitempty"`
	ErrorMessage   string      `json:"ErrorMessage,omitempty"`
}

IstioStatus defines the observed state of Istio

func (*IstioStatus) DeepCopy

func (in *IstioStatus) DeepCopy() *IstioStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstioStatus.

func (*IstioStatus) DeepCopyInto

func (in *IstioStatus) DeepCopyInto(out *IstioStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IstioVersion

type IstioVersion string

IstioVersion stores the intended Istio version +kubebuilder:validation:Pattern=^1.

func (IstioVersion) IsSupported

func (v IstioVersion) IsSupported() bool

type IstiodCAConfiguration

type IstiodCAConfiguration struct {
	// Configuration for Vault CA integration
	Vault *VaultCAConfiguration `json:"vault,omitempty"`
}

IstiodCAConfiguration defines configuration for Istiod CA

func (*IstiodCAConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstiodCAConfiguration.

func (*IstiodCAConfiguration) DeepCopyInto

func (in *IstiodCAConfiguration) DeepCopyInto(out *IstiodCAConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IstiodConfiguration

type IstiodConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
	// If enabled, pilot will run Istio analyzers and write analysis errors to the Status field of any Istio Resources
	EnableAnalysis *bool `json:"enableAnalysis,omitempty"`
	// If enabled, pilot will update the CRD Status field of all Istio resources with reconciliation status
	EnableStatus             *bool `json:"enableStatus,omitempty"`
	MultiClusterSupport      *bool `json:"multiClusterSupport,omitempty"`
	MultiControlPlaneSupport *bool `json:"multiControlPlaneSupport,omitempty"`
	ExposeWebhookPort        *bool `json:"exposeWebhookPort,omitempty"`
	// Settings for local istiod to control remote clusters as well
	ExternalIstiod *ExternalIstiodConfiguration `json:"externalIstiod,omitempty"`
	// Istiod CA config
	CA *IstiodCAConfiguration `json:"ca,omitempty"`
}

IstiodConfiguration defines config options for Istiod

func (*IstiodConfiguration) DeepCopy

func (in *IstiodConfiguration) DeepCopy() *IstiodConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstiodConfiguration.

func (*IstiodConfiguration) DeepCopyInto

func (in *IstiodConfiguration) DeepCopyInto(out *IstiodConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JWTPolicyType

type JWTPolicyType string
const (
	JWTPolicyThirdPartyJWT JWTPolicyType = "third-party-jwt"
	JWTPolicyFirstPartyJWT JWTPolicyType = "first-party-jwt"
)

type K8sIngressConfiguration

type K8sIngressConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
	// enableHttps will add port 443 on the ingress.
	// It REQUIRES that the certificates are installed  in the
	// expected secrets - enabling this option without certificates
	// will result in LDS rejection and the ingress will not work.
	EnableHttps *bool `json:"enableHttps,omitempty"`
}

func (*K8sIngressConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new K8sIngressConfiguration.

func (*K8sIngressConfiguration) DeepCopyInto

func (in *K8sIngressConfiguration) DeepCopyInto(out *K8sIngressConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LightstepConfiguration

type LightstepConfiguration struct {
	// the <host>:<port> of the satellite pool
	// +kubebuilder:validation:Pattern=`^[^:]+:[0-9]{1,5}$`
	Address string `json:"address,omitempty"`
	// required for sending data to the pool
	AccessToken string `json:"accessToken,omitempty"`
	// specifies whether data should be sent with TLS
	Secure bool `json:"secure,omitempty"`
	// the path to the file containing the cacert to use when verifying TLS. If secure is true, this is
	// required. If a value is specified then a secret called "lightstep.cacert" must be created in the destination
	// namespace with the key matching the base of the provided cacertPath and the value being the cacert itself.
	CacertPath string `json:"cacertPath,omitempty"`
}

Configuration for Envoy to send trace data to Lightstep

func (*LightstepConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LightstepConfiguration.

func (*LightstepConfiguration) DeepCopyInto

func (in *LightstepConfiguration) DeepCopyInto(out *LightstepConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalityLBConfiguration

type LocalityLBConfiguration struct {
	// If set to true, locality based load balancing will be enabled
	Enabled *bool `json:"enabled,omitempty"`
	// Optional: only one of distribute or failover can be set.
	// Explicitly specify loadbalancing weight across different zones and geographical locations.
	// Refer to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/load_balancing/locality_weight)
	// If empty, the locality weight is set according to the endpoints number within it.
	Distribute []*LocalityLBDistributeConfiguration `json:"distribute,omitempty"`
	// Optional: only failover or distribute can be set.
	// Explicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.
	// Should be used together with OutlierDetection to detect unhealthy endpoints.
	// Note: if no OutlierDetection specified, this will not take effect.
	Failover []*LocalityLBFailoverConfiguration `json:"failover,omitempty"`
}

Locality-weighted load balancing allows administrators to control the distribution of traffic to endpoints based on the localities of where the traffic originates and where it will terminate.

func (*LocalityLBConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalityLBConfiguration.

func (*LocalityLBConfiguration) DeepCopyInto

func (in *LocalityLBConfiguration) DeepCopyInto(out *LocalityLBConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalityLBDistributeConfiguration

type LocalityLBDistributeConfiguration struct {
	// Originating locality, '/' separated, e.g. 'region/zone'.
	From string `json:"from,omitempty"`
	// Map of upstream localities to traffic distribution weights. The sum of
	// all weights should be == 100. Any locality not assigned a weight will
	// receive no traffic.
	To map[string]uint32 `json:"to,omitempty"`
}

Describes how traffic originating in the 'from' zone is distributed over a set of 'to' zones. Syntax for specifying a zone is {region}/{zone} and terminal wildcards are allowed on any segment of the specification. Examples: * - matches all localities us-west/* - all zones and sub-zones within the us-west region

func (*LocalityLBDistributeConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalityLBDistributeConfiguration.

func (*LocalityLBDistributeConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalityLBFailoverConfiguration

type LocalityLBFailoverConfiguration struct {
	// Originating region.
	From string `json:"from,omitempty"`
	// Destination region the traffic will fail over to when endpoints in
	// the 'from' region becomes unhealthy.
	To string `json:"to,omitempty"`
}

Specify the traffic failover policy across regions. Since zone failover is supported by default this only needs to be specified for regions when the operator needs to constrain traffic failover so that the default behavior of failing over to any endpoint globally does not apply. This is useful when failing over traffic across regions would not improve service health or may need to be restricted for other reasons like regulatory controls.

func (*LocalityLBFailoverConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalityLBFailoverConfiguration.

func (*LocalityLBFailoverConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LoggingConfiguration

type LoggingConfiguration struct {
	// +kubebuilder:validation:Pattern=`^([a-zA-Z]+:[a-zA-Z]+,?)+$`
	Level *string `json:"level,omitempty"`
}

Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level> The control plane has different scopes depending on component, but can configure default log level across all components If empty, default scope and level will be used as configured in code

func (*LoggingConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoggingConfiguration.

func (*LoggingConfiguration) DeepCopyInto

func (in *LoggingConfiguration) DeepCopyInto(out *LoggingConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MTLSMode

type MTLSMode string
const (
	STRICT     MTLSMode = "STRICT"
	PERMISSIVE MTLSMode = "PERMISSIVE"
	DISABLED   MTLSMode = "DISABLED"
)

type MeshGateway

type MeshGateway struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   MeshGatewaySpec   `json:"spec,omitempty"`
	Status MeshGatewayStatus `json:"status,omitempty"`
}

MeshGateway is the Schema for the meshgateways API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.type",description="Type of the gateway" +kubebuilder:printcolumn:name="Service Type",type="string",JSONPath=".spec.serviceType",description="Type of the service" +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.Status",description="Status of the resource" +kubebuilder:printcolumn:name="Ingress IPs",type="string",JSONPath=".status.GatewayAddress",description="Ingress gateway addresses of the resource" +kubebuilder:printcolumn:name="Error",type="string",JSONPath=".status.ErrorMessage",description="Error message" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Control Plane",type="string",JSONPath=".spec.istioControlPlane" +kubebuilder:resource:path=meshgateways,shortName=mgw

func (*MeshGateway) DeepCopy

func (in *MeshGateway) DeepCopy() *MeshGateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshGateway.

func (*MeshGateway) DeepCopyInto

func (in *MeshGateway) DeepCopyInto(out *MeshGateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshGateway) DeepCopyObject

func (in *MeshGateway) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*MeshGateway) GetDefaultLabels

func (gw *MeshGateway) GetDefaultLabels() map[string]string

func (*MeshGateway) SetDefaultLabels

func (gw *MeshGateway) SetDefaultLabels()

func (*MeshGateway) SetDefaults

func (gw *MeshGateway) SetDefaults()

type MeshGatewayConfiguration

type MeshGatewayConfiguration struct {
	BaseK8sResourceConfigurationWithHPAWithoutImage `json:",inline"`
	Labels                                          map[string]string `json:"labels,omitempty"`
	// +kubebuilder:validation:Enum=ClusterIP;NodePort;LoadBalancer
	ServiceType        corev1.ServiceType `json:"serviceType,omitempty"`
	LoadBalancerIP     string             `json:"loadBalancerIP,omitempty"`
	ServiceAnnotations map[string]string  `json:"serviceAnnotations,omitempty"`
	ServiceLabels      map[string]string  `json:"serviceLabels,omitempty"`
	// +kubebuilder:validation:Enum=Local;Cluster
	ServiceExternalTrafficPolicy corev1.ServiceExternalTrafficPolicyType `json:"serviceExternalTrafficPolicy,omitempty"`
	SDS                          GatewaySDSConfiguration                 `json:"sds,omitempty"`
	RequestedNetworkView         string                                  `json:"requestedNetworkView,omitempty"`
	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`
	// Whether to run the gateway in a privileged container
	RunAsRoot *bool `json:"runAsRoot,omitempty"`
}

func (*MeshGatewayConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshGatewayConfiguration.

func (*MeshGatewayConfiguration) DeepCopyInto

func (in *MeshGatewayConfiguration) DeepCopyInto(out *MeshGatewayConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshGatewayConfiguration) SetDefaults

func (c *MeshGatewayConfiguration) SetDefaults()

type MeshGatewayList

type MeshGatewayList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []MeshGateway `json:"items"`
}

MeshGatewayList contains a list of MeshGateway

func (*MeshGatewayList) DeepCopy

func (in *MeshGatewayList) DeepCopy() *MeshGatewayList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshGatewayList.

func (*MeshGatewayList) DeepCopyInto

func (in *MeshGatewayList) DeepCopyInto(out *MeshGatewayList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshGatewayList) DeepCopyObject

func (in *MeshGatewayList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MeshGatewaySpec

type MeshGatewaySpec struct {
	MeshGatewayConfiguration `json:",inline"`
	// +kubebuilder:validation:MinItems=0
	Ports []ServicePort `json:"ports"`
	// +kubebuilder:validation:Enum=ingress;egress
	Type GatewayType `json:"type"`
	// Istio CR to which this gateway belongs to
	IstioControlPlane *NamespacedName `json:"istioControlPlane,omitempty"`
}

MeshGatewaySpec defines the desired state of MeshGateway

func (*MeshGatewaySpec) DeepCopy

func (in *MeshGatewaySpec) DeepCopy() *MeshGatewaySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshGatewaySpec.

func (*MeshGatewaySpec) DeepCopyInto

func (in *MeshGatewaySpec) DeepCopyInto(out *MeshGatewaySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshGatewayStatus

type MeshGatewayStatus struct {
	Status         ConfigState `json:"Status,omitempty"`
	GatewayAddress []string    `json:"GatewayAddress,omitempty"`
	ErrorMessage   string      `json:"ErrorMessage,omitempty"`
}

MeshGatewayStatus defines the observed state of MeshGateway

func (*MeshGatewayStatus) DeepCopy

func (in *MeshGatewayStatus) DeepCopy() *MeshGatewayStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshGatewayStatus.

func (*MeshGatewayStatus) DeepCopyInto

func (in *MeshGatewayStatus) DeepCopyInto(out *MeshGatewayStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshNetwork

type MeshNetwork struct {
	Endpoints []MeshNetworkEndpoint `json:"endpoints,omitempty"`
	Gateways  []MeshNetworkGateway  `json:"gateways,omitempty"`
}

func (*MeshNetwork) DeepCopy

func (in *MeshNetwork) DeepCopy() *MeshNetwork

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshNetwork.

func (*MeshNetwork) DeepCopyInto

func (in *MeshNetwork) DeepCopyInto(out *MeshNetwork)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshNetworkEndpoint

type MeshNetworkEndpoint struct {
	FromCIDR     string `json:"fromCidr,omitempty"`
	FromRegistry string `json:"fromRegistry,omitempty"`
}

func (*MeshNetworkEndpoint) DeepCopy

func (in *MeshNetworkEndpoint) DeepCopy() *MeshNetworkEndpoint

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshNetworkEndpoint.

func (*MeshNetworkEndpoint) DeepCopyInto

func (in *MeshNetworkEndpoint) DeepCopyInto(out *MeshNetworkEndpoint)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshNetworkGateway

type MeshNetworkGateway struct {
	Address string `json:"address"`
	Port    uint   `json:"port"`
}

func (*MeshNetworkGateway) DeepCopy

func (in *MeshNetworkGateway) DeepCopy() *MeshNetworkGateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshNetworkGateway.

func (*MeshNetworkGateway) DeepCopyInto

func (in *MeshNetworkGateway) DeepCopyInto(out *MeshNetworkGateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshNetworks

type MeshNetworks struct {
	Networks map[string]*MeshNetwork `json:"networks"`
}

func (*MeshNetworks) DeepCopy

func (in *MeshNetworks) DeepCopy() *MeshNetworks

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshNetworks.

func (*MeshNetworks) DeepCopyInto

func (in *MeshNetworks) DeepCopyInto(out *MeshNetworks)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshPolicyConfiguration

type MeshPolicyConfiguration struct {
	// MTLSMode sets the mesh-wide mTLS policy
	// +kubebuilder:validation:Enum=STRICT;PERMISSIVE;DISABLED
	MTLSMode MTLSMode `json:"mtlsMode,omitempty"`
}

MeshPolicyConfiguration configures the mesh-wide PeerAuthentication resource

func (*MeshPolicyConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshPolicyConfiguration.

func (*MeshPolicyConfiguration) DeepCopyInto

func (in *MeshPolicyConfiguration) DeepCopyInto(out *MeshPolicyConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MixerConfiguration

type MixerConfiguration struct {
	Enabled                             *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithHPA `json:",inline"`
	PolicyConfigurationSpec             `json:",inline"`
	TelemetryConfigurationSpec          `json:",inline"`
	// Turn it on if you use mixer that supports multi cluster telemetry
	MultiClusterSupport *bool `json:"multiClusterSupport,omitempty"`
	// stdio is a debug adapter in Istio telemetry, it is not recommended for production use
	StdioAdapterEnabled *bool `json:"stdioAdapterEnabled,omitempty"`

	// If present will be appended at the end of the initial/preconfigured container arguments
	AdditionalContainerArgs []string `json:"additionalContainerArgs,omitempty"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`
}

MixerConfiguration defines config options for Mixer

func (*MixerConfiguration) DeepCopy

func (in *MixerConfiguration) DeepCopy() *MixerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MixerConfiguration.

func (*MixerConfiguration) DeepCopyInto

func (in *MixerConfiguration) DeepCopyInto(out *MixerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MixerlessTelemetryConfiguration

type MixerlessTelemetryConfiguration struct {
	// If set to true, experimental Mixerless http telemetry will be enabled
	Enabled *bool `json:"enabled,omitempty"`
}

func (*MixerlessTelemetryConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MixerlessTelemetryConfiguration.

func (*MixerlessTelemetryConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MultiMeshConfiguration

type MultiMeshConfiguration struct {
	// Set to true to connect two or more meshes via their respective
	// ingressgateway services when workloads in each cluster cannot directly
	// talk to one another.
	Enabled *bool `json:"enabled,omitempty"`
	// Whether to apply envoy filter to automatically expose every service for multi mesh connections
	EnvoyFilterEnabled *bool `json:"envoyFilterEnabled,omitempty"`
	// Domains available for multi mesh communications
	Domains []Domain `json:"domains,omitempty"`
}

func (*MultiMeshConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiMeshConfiguration.

func (*MultiMeshConfiguration) DeepCopyInto

func (in *MultiMeshConfiguration) DeepCopyInto(out *MultiMeshConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MultiMeshConfiguration) GetDomains

func (c *MultiMeshConfiguration) GetDomains() []string

type NamespacedName

type NamespacedName struct {
	Namespace string `json:"namespace,omitempty"`
	Name      string `json:"name,omitempty"`
}

NamespacedName contains reference to a resource

func (*NamespacedName) DeepCopy

func (in *NamespacedName) DeepCopy() *NamespacedName

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespacedName.

func (*NamespacedName) DeepCopyInto

func (in *NamespacedName) DeepCopyInto(out *NamespacedName)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NodeAgentConfiguration

type NodeAgentConfiguration struct {
	Enabled                               *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithImage `json:",inline"`
}

NodeAgentConfiguration defines config options for NodeAgent

func (*NodeAgentConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAgentConfiguration.

func (*NodeAgentConfiguration) DeepCopyInto

func (in *NodeAgentConfiguration) DeepCopyInto(out *NodeAgentConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OperatorEndpointsConfiguration

type OperatorEndpointsConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
}

OperatorEndpointsConfiguration defines config options for automatic SPIFFE endpoints

func (*OperatorEndpointsConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorEndpointsConfiguration.

func (*OperatorEndpointsConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OutboundTrafficPolicyConfiguration

type OutboundTrafficPolicyConfiguration struct {
	// +kubebuilder:validation:Enum=ALLOW_ANY;REGISTRY_ONLY
	Mode string `json:"mode,omitempty"`
}

func (*OutboundTrafficPolicyConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OutboundTrafficPolicyConfiguration.

func (*OutboundTrafficPolicyConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PDBConfiguration

type PDBConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
}

PDBConfiguration holds Pod Disruption Budget related config options

func (*PDBConfiguration) DeepCopy

func (in *PDBConfiguration) DeepCopy() *PDBConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBConfiguration.

func (*PDBConfiguration) DeepCopyInto

func (in *PDBConfiguration) DeepCopyInto(out *PDBConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PilotCertProviderType

type PilotCertProviderType string
const (
	PilotCertProviderTypeKubernetes PilotCertProviderType = "kubernetes"
	PilotCertProviderTypeIstiod     PilotCertProviderType = "istiod"
)

type PilotConfiguration

type PilotConfiguration struct {
	Enabled                             *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithHPA `json:",inline"`
	Sidecar                             *bool   `json:"sidecar,omitempty"`
	TraceSampling                       float32 `json:"traceSampling,omitempty"`
	// If enabled, protocol sniffing will be used for outbound listeners whose port protocol is not specified or unsupported
	EnableProtocolSniffingOutbound *bool `json:"enableProtocolSniffingOutbound,omitempty"`
	// If enabled, protocol sniffing will be used for inbound listeners whose port protocol is not specified or unsupported
	EnableProtocolSniffingInbound *bool `json:"enableProtocolSniffingInbound,omitempty"`
	// Configure the certificate provider for control plane communication.
	// Currently, two providers are supported: "kubernetes" and "istiod".
	// As some platforms may not have kubernetes signing APIs,
	// Istiod is the default
	// +kubebuilder:validation:Enum=kubernetes;istiod
	CertProvider PilotCertProviderType `json:"certProvider,omitempty"`

	// If present will be appended at the end of the initial/preconfigured container arguments
	AdditionalContainerArgs []string `json:"additionalContainerArgs,omitempty"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`

	// SPIFFE configuration of Pilot
	SPIFFE *SPIFFEConfiguration `json:"spiffe,omitempty"`
}

PilotConfiguration defines config options for Pilot

func (*PilotConfiguration) DeepCopy

func (in *PilotConfiguration) DeepCopy() *PilotConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PilotConfiguration.

func (*PilotConfiguration) DeepCopyInto

func (in *PilotConfiguration) DeepCopyInto(out *PilotConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyConfiguration

type PolicyConfiguration struct {
	Enabled                             *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithHPA `json:",inline"`
	PolicyConfigurationSpec             `json:",inline"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`
}

func (*PolicyConfiguration) DeepCopy

func (in *PolicyConfiguration) DeepCopy() *PolicyConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyConfiguration.

func (*PolicyConfiguration) DeepCopyInto

func (in *PolicyConfiguration) DeepCopyInto(out *PolicyConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyConfigurationSpec

type PolicyConfigurationSpec struct {
	ChecksEnabled *bool `json:"checksEnabled,omitempty"`
}

func (*PolicyConfigurationSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyConfigurationSpec.

func (*PolicyConfigurationSpec) DeepCopyInto

func (in *PolicyConfigurationSpec) DeepCopyInto(out *PolicyConfigurationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyConfiguration

type ProxyConfiguration struct {
	Image string `json:"image,omitempty"`
	// Configures the access log for each sidecar.
	// Options:
	//   "" - disables access log
	//   "/dev/stdout" - enables access log
	// +kubebuilder:validation:Enum="";/dev/stdout
	AccessLogFile *string `json:"accessLogFile,omitempty"`
	// Configure how and what fields are displayed in sidecar access log. Setting to
	// empty string will result in default log format.
	// If accessLogEncoding is TEXT, value will be used directly as the log format
	// example: "[%START_TIME%] %REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\n"
	// If AccessLogEncoding is JSON, value will be parsed as map[string]string
	// example: '{"start_time": "%START_TIME%", "req_method": "%REQ(:METHOD)%"}'
	AccessLogFormat *string `json:"accessLogFormat,omitempty"`
	// Configure the access log for sidecar to JSON or TEXT.
	// +kubebuilder:validation:Enum=JSON;TEXT
	AccessLogEncoding *string `json:"accessLogEncoding,omitempty"`
	// If set to true, istio-proxy container will have privileged securityContext
	Privileged bool `json:"privileged,omitempty"`
	// If set, newly injected sidecars will have core dumps enabled.
	EnableCoreDump *bool `json:"enableCoreDump,omitempty"`
	// Image used to enable core dumps. This is only used, when "EnableCoreDump" is set to true.
	CoreDumpImage string `json:"coreDumpImage,omitempty"`
	// Specifies the directory where the core dumps will be saved
	CoreDumpDirectory string `json:"coreDumpDirectory,omitempty"`
	// Log level for proxy, applies to gateways and sidecars. If left empty, "warning" is used.
	// Expected values are: trace|debug|info|warning|error|critical|off
	// +kubebuilder:validation:Enum=trace;debug;info;warning;error;critical;off
	LogLevel string `json:"logLevel,omitempty"`
	// Per Component log level for proxy, applies to gateways and sidecars. If a component level is
	// not set, then the "LogLevel" will be used. If left empty, "misc:error" is used.
	ComponentLogLevel string `json:"componentLogLevel,omitempty"`
	// Configure the DNS refresh rate for Envoy cluster of type STRICT_DNS
	// This must be given it terms of seconds. For example, 300s is valid but 5m is invalid.
	// +kubebuilder:validation:Pattern=`^[0-9]{1,5}s$`
	DNSRefreshRate string `json:"dnsRefreshRate,omitempty"`
	// cluster domain. Default value is "cluster.local"
	ClusterDomain string `json:"clusterDomain,omitempty"`
	// Controls if sidecar is injected at the front of the container list and blocks the start of the other containers until the proxy is ready
	HoldApplicationUntilProxyStarts *bool `json:"holdApplicationUntilProxyStarts,omitempty"`

	EnvoyStatsD               EnvoyStatsD                     `json:"envoyStatsD,omitempty"`
	EnvoyMetricsService       EnvoyServiceCommonConfiguration `json:"envoyMetricsService,omitempty"`
	EnvoyAccessLogService     EnvoyServiceCommonConfiguration `json:"envoyAccessLogService,omitempty"`
	ProtocolDetectionTimeout  *string                         `json:"protocolDetectionTimeout,omitempty"`
	UseMetadataExchangeFilter *bool                           `json:"useMetadataExchangeFilter,omitempty"`

	Lifecycle corev1.Lifecycle `json:"lifecycle,omitempty"`

	Resources       *corev1.ResourceRequirements `json:"resources,omitempty"`
	SecurityContext *corev1.SecurityContext      `json:"securityContext,omitempty"`

	// Proxy Init configuration options
	Init *ProxyInitConfiguration `json:"init,omitempty"`
}

ProxyConfiguration defines config options for Proxy

func (*ProxyConfiguration) DeepCopy

func (in *ProxyConfiguration) DeepCopy() *ProxyConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyConfiguration.

func (*ProxyConfiguration) DeepCopyInto

func (in *ProxyConfiguration) DeepCopyInto(out *ProxyConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyInitConfiguration

type ProxyInitConfiguration struct {
	Image     string                       `json:"image,omitempty"`
	Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
}

ProxyInitConfiguration defines config options for Proxy Init containers

func (*ProxyInitConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyInitConfiguration.

func (*ProxyInitConfiguration) DeepCopyInto

func (in *ProxyInitConfiguration) DeepCopyInto(out *ProxyInitConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyWasmConfiguration

type ProxyWasmConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
}

ProxyWasmConfiguration defines config options for Envoy wasm

func (*ProxyWasmConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyWasmConfiguration.

func (*ProxyWasmConfiguration) DeepCopyInto

func (in *ProxyWasmConfiguration) DeepCopyInto(out *ProxyWasmConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RemoteIstio

type RemoteIstio struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   RemoteIstioSpec   `json:"spec,omitempty"`
	Status RemoteIstioStatus `json:"status,omitempty"`
}

RemoteIstio is the Schema for the remoteistios API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.Status",description="Status of the resource" +kubebuilder:printcolumn:name="Error",type="string",JSONPath=".status.ErrorMessage",description="Error message" +kubebuilder:printcolumn:name="Ingress IPs",type="string",JSONPath=".status.GatewayAddress",description="Ingress gateway addresses of the resource" +kubebuilder:printcolumn:name="Network name",type="string",JSONPath=".spec.networkName",description="Network name" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func (*RemoteIstio) DeepCopy

func (in *RemoteIstio) DeepCopy() *RemoteIstio

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteIstio.

func (*RemoteIstio) DeepCopyInto

func (in *RemoteIstio) DeepCopyInto(out *RemoteIstio)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RemoteIstio) DeepCopyObject

func (in *RemoteIstio) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*RemoteIstio) SetGatewayAddress

func (spec *RemoteIstio) SetGatewayAddress(address []string)

type RemoteIstioList

type RemoteIstioList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []RemoteIstio `json:"items"`
}

RemoteIstioList contains a list of RemoteIstio

func (*RemoteIstioList) DeepCopy

func (in *RemoteIstioList) DeepCopy() *RemoteIstioList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteIstioList.

func (*RemoteIstioList) DeepCopyInto

func (in *RemoteIstioList) DeepCopyInto(out *RemoteIstioList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RemoteIstioList) DeepCopyObject

func (in *RemoteIstioList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RemoteIstioSpec

type RemoteIstioSpec struct {
	// IncludeIPRanges the range where to capture egress traffic
	IncludeIPRanges string `json:"includeIPRanges,omitempty"`

	// ExcludeIPRanges the range where not to capture egress traffic
	ExcludeIPRanges string `json:"excludeIPRanges,omitempty"`

	// ExcludeInboundPorts the comma separated list of inbound ports to be excluded from redirection to Envoy
	ExcludeInboundPorts string `json:"excludeInboundPorts,omitempty"`

	// ExcludeOutboundPorts the comma separated list of outbound ports to be excluded from redirection to Envoy
	ExcludeOutboundPorts string `json:"excludeOutboundPorts,omitempty"`

	// EnabledServices the Istio component services replicated to remote side
	EnabledServices []IstioService `json:"enabledServices"`

	// List of namespaces to label with sidecar auto injection enabled
	AutoInjectionNamespaces []string `json:"autoInjectionNamespaces,omitempty"`

	// DefaultResources are applied for all Istio components by default, can be overridden for each component
	DefaultResources *corev1.ResourceRequirements `json:"defaultResources,omitempty"`

	// Citadel configuration options
	Citadel CitadelConfiguration `json:"citadel,omitempty"`

	// SidecarInjector configuration options
	SidecarInjector SidecarInjectorConfiguration `json:"sidecarInjector,omitempty"`

	// Proxy configuration options
	Proxy ProxyConfiguration `json:"proxy,omitempty"`

	// Proxy Init configuration options
	ProxyInit ProxyInitConfiguration `json:"proxyInit,omitempty"`

	// Istio CR to which this gateway belongs to
	IstioControlPlane *NamespacedName `json:"istioControlPlane,omitempty"`

	// Network defines the network this cluster belongs to. This name
	// corresponds to the networks in the map of mesh networks.
	NetworkName string `json:"networkName,omitempty"`

	SignCert SignCert `json:"-"`
}

RemoteIstioSpec defines the desired state of RemoteIstio

func (*RemoteIstioSpec) DeepCopy

func (in *RemoteIstioSpec) DeepCopy() *RemoteIstioSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteIstioSpec.

func (*RemoteIstioSpec) DeepCopyInto

func (in *RemoteIstioSpec) DeepCopyInto(out *RemoteIstioSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RemoteIstioSpec) GetSignCert

func (spec RemoteIstioSpec) GetSignCert() SignCert

func (RemoteIstioSpec) SetSignCert

func (spec RemoteIstioSpec) SetSignCert(signCert SignCert) RemoteIstioSpec

type RemoteIstioStatus

type RemoteIstioStatus struct {
	Status         ConfigState `json:"Status,omitempty"`
	GatewayAddress []string    `json:"GatewayAddress,omitempty"`
	ErrorMessage   string      `json:"ErrorMessage,omitempty"`
}

RemoteIstioStatus defines the observed state of RemoteIstio

func (*RemoteIstioStatus) DeepCopy

func (in *RemoteIstioStatus) DeepCopy() *RemoteIstioStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteIstioStatus.

func (*RemoteIstioStatus) DeepCopyInto

func (in *RemoteIstioStatus) DeepCopyInto(out *RemoteIstioStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SDSConfiguration

type SDSConfiguration struct {
	// If set to true, mTLS certificates for the sidecars will be
	// distributed through the SecretDiscoveryService instead of using K8S secrets to mount the certificates.
	Enabled *bool `json:"enabled,omitempty"`
	// Unix Domain Socket through which envoy communicates with NodeAgent SDS to get
	// key/cert for mTLS. Use secret-mount files instead of SDS if set to empty.
	UdsPath string `json:"udsPath,omitempty"`
	// The JWT token for SDS and the aud field of such JWT. See RFC 7519, section 4.1.3.
	// When a CSR is sent from Citadel Agent to the CA (e.g. Citadel), this aud is to make sure the
	// 	JWT is intended for the CA.
	TokenAudience string `json:"tokenAudience,omitempty"`

	CustomTokenDirectory string `json:"customTokenDirectory,omitempty"`
}

SDSConfiguration defines Secret Discovery Service config options

func (*SDSConfiguration) DeepCopy

func (in *SDSConfiguration) DeepCopy() *SDSConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SDSConfiguration.

func (*SDSConfiguration) DeepCopyInto

func (in *SDSConfiguration) DeepCopyInto(out *SDSConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SPIFFEConfiguration

type SPIFFEConfiguration struct {
	OperatorEndpoints *OperatorEndpointsConfiguration `json:"operatorEndpoints,omitempty"`
}

SPIFFEConfiguration is for SPIFFE configuration of Pilot

func (*SPIFFEConfiguration) DeepCopy

func (in *SPIFFEConfiguration) DeepCopy() *SPIFFEConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SPIFFEConfiguration.

func (*SPIFFEConfiguration) DeepCopyInto

func (in *SPIFFEConfiguration) DeepCopyInto(out *SPIFFEConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServicePort

type ServicePort struct {
	corev1.ServicePort `json:",inline"`
	TargetPort         *int32 `json:"targetPort,omitempty"`
}

func (*ServicePort) DeepCopy

func (in *ServicePort) DeepCopy() *ServicePort

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServicePort.

func (*ServicePort) DeepCopyInto

func (in *ServicePort) DeepCopyInto(out *ServicePort)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServicePorts

type ServicePorts []ServicePort

func (ServicePorts) Convert

func (ps ServicePorts) Convert() []corev1.ServicePort

func (ServicePorts) DeepCopy

func (in ServicePorts) DeepCopy() ServicePorts

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServicePorts.

func (ServicePorts) DeepCopyInto

func (in ServicePorts) DeepCopyInto(out *ServicePorts)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SidecarInjectorConfiguration

type SidecarInjectorConfiguration struct {
	Enabled                                  *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithReplicas `json:",inline"`
	// DEPRECATED: Use proxy.init instead
	Init                 ProxyInitConfiguration `json:"init,omitempty"`
	InitCNIConfiguration InitCNIConfiguration   `json:"initCNIConfiguration,omitempty"`
	// If true, sidecar injector will rewrite PodSpec for liveness
	// health check to redirect request to sidecar. This makes liveness check work
	// even when mTLS is enabled.
	RewriteAppHTTPProbe *bool `json:"rewriteAppHTTPProbe,omitempty"`
	// This controls the 'policy' in the sidecar injector
	AutoInjectionPolicyEnabled *bool `json:"autoInjectionPolicyEnabled,omitempty"`
	// This controls whether the webhook looks for namespaces for injection enabled or disabled
	EnableNamespacesByDefault *bool `json:"enableNamespacesByDefault,omitempty"`
	// NeverInjectSelector: Refuses the injection on pods whose labels match this selector.
	// It's an array of label selectors, that will be OR'ed, meaning we will iterate
	// over it and stop at the first match
	// Takes precedence over AlwaysInjectSelector.
	NeverInjectSelector []metav1.LabelSelector `json:"neverInjectSelector,omitempty"`
	// AlwaysInjectSelector: Forces the injection on pods whose labels match this selector.
	// It's an array of label selectors, that will be OR'ed, meaning we will iterate
	// over it and stop at the first match
	AlwaysInjectSelector []metav1.LabelSelector `json:"alwaysInjectSelector,omitempty"`
	// injectedAnnotations are additional annotations that will be added to the pod spec after injection
	// This is primarily to support PSP annotations. For example, if you defined a PSP with the annotations:
	//
	// annotations:
	//   apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default
	//   apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
	//
	// The PSP controller would add corresponding annotations to the pod spec for each container. However, this happens before
	// the inject adds additional containers, so we must specify them explicitly here. With the above example, we could specify:
	// injectedAnnotations:
	//   container.apparmor.security.beta.kubernetes.io/istio-init: runtime/default
	//   container.apparmor.security.beta.kubernetes.io/istio-proxy: runtime/default
	InjectedAnnotations map[string]string `json:"injectedAnnotations,omitempty"`

	// If present will be appended at the end of the initial/preconfigured container arguments
	AdditionalContainerArgs []string `json:"additionalContainerArgs,omitempty"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`

	// If present will be appended at the end of the initial/preconfigured container arguments
	InjectedContainerAdditionalArgs []string `json:"injectedContainerAdditionalArgs,omitempty"`

	// If present will be appended to the environment variables of the container
	InjectedContainerAdditionalEnvVars []corev1.EnvVar `json:"injectedContainerAdditionalEnvVars,omitempty"`
}

SidecarInjectorConfiguration defines config options for SidecarInjector

func (*SidecarInjectorConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarInjectorConfiguration.

func (*SidecarInjectorConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SignCert

type SignCert struct {
	CA    []byte
	Root  []byte
	Key   []byte
	Chain []byte
}

func (*SignCert) DeepCopy

func (in *SignCert) DeepCopy() *SignCert

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SignCert.

func (*SignCert) DeepCopyInto

func (in *SignCert) DeepCopyInto(out *SignCert)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SortableIstioItems

type SortableIstioItems []Istio

func (SortableIstioItems) DeepCopy

func (in SortableIstioItems) DeepCopy() SortableIstioItems

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SortableIstioItems.

func (SortableIstioItems) DeepCopyInto

func (in SortableIstioItems) DeepCopyInto(out *SortableIstioItems)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (SortableIstioItems) Len

func (list SortableIstioItems) Len() int

func (SortableIstioItems) Less

func (list SortableIstioItems) Less(i, j int) bool

func (SortableIstioItems) Swap

func (list SortableIstioItems) Swap(i, j int)

type StrackdriverConfiguration

type StrackdriverConfiguration struct {
	// enables trace output to stdout.
	Debug *bool `json:"debug,omitempty"`
	// The global default max number of attributes per span.
	MaxNumberOfAttributes *int32 `json:"maxNumberOfAttributes,omitempty"`
	// The global default max number of annotation events per span.
	MaxNumberOfAnnotations *int32 `json:"maxNumberOfAnnotations,omitempty"`
	// The global default max number of message events per span.
	MaxNumberOfMessageEvents *int32 `json:"maxNumberOfMessageEvents,omitempty"`
}

func (*StrackdriverConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StrackdriverConfiguration.

func (*StrackdriverConfiguration) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TCPKeepalive

type TCPKeepalive struct {
	Probes   int32  `json:"probes,omitempty"`
	Time     string `json:"time,omitempty"`
	Interval string `json:"interval,omitempty"`
}

func (*TCPKeepalive) DeepCopy

func (in *TCPKeepalive) DeepCopy() *TCPKeepalive

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPKeepalive.

func (*TCPKeepalive) DeepCopyInto

func (in *TCPKeepalive) DeepCopyInto(out *TCPKeepalive)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSSettings

type TLSSettings struct {
	// +kubebuilder:validation:Enum=DISABLE;SIMPLE;MUTUAL;ISTIO_MUTUAL
	Mode              string   `json:"mode,omitempty"`
	ClientCertificate string   `json:"clientCertificate,omitempty"`
	PrivateKey        string   `json:"privateKey,omitempty"`
	CACertificates    string   `json:"caCertificates,omitempty"`
	SNI               string   `json:"sni,omitempty"`
	SubjectAltNames   []string `json:"subjectAltNames,omitempty"`
}

func (*TLSSettings) DeepCopy

func (in *TLSSettings) DeepCopy() *TLSSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSettings.

func (*TLSSettings) DeepCopyInto

func (in *TLSSettings) DeepCopyInto(out *TLSSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TelemetryConfiguration

type TelemetryConfiguration struct {
	Enabled                             *bool `json:"enabled,omitempty"`
	BaseK8sResourceConfigurationWithHPA `json:",inline"`
	TelemetryConfigurationSpec          `json:",inline"`

	// If present will be appended to the environment variables of the container
	AdditionalEnvVars []corev1.EnvVar `json:"additionalEnvVars,omitempty"`
}

func (*TelemetryConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TelemetryConfiguration.

func (*TelemetryConfiguration) DeepCopyInto

func (in *TelemetryConfiguration) DeepCopyInto(out *TelemetryConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TelemetryConfigurationSpec

type TelemetryConfigurationSpec struct {
	// Set reportBatchMaxEntries to 0 to use the default batching behavior (i.e., every 100 requests).
	// A positive value indicates the number of requests that are batched before telemetry data
	// is sent to the mixer server
	ReportBatchMaxEntries *int32 `json:"reportBatchMaxEntries,omitempty"`
	// Set reportBatchMaxTime to 0 to use the default batching behavior (i.e., every 1 second).
	// A positive time value indicates the maximum wait time since the last request will telemetry data
	// be batched before being sent to the mixer server
	ReportBatchMaxTime *string `json:"reportBatchMaxTime,omitempty"`
	// Set whether to create a STRICT_DNS type cluster for istio-telemetry.
	SessionAffinityEnabled *bool `json:"sessionAffinityEnabled,omitempty"`
}

func (*TelemetryConfigurationSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TelemetryConfigurationSpec.

func (*TelemetryConfigurationSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TracerType

type TracerType string
const (
	TracerTypeZipkin      TracerType = "zipkin"
	TracerTypeLightstep   TracerType = "lightstep"
	TracerTypeDatadog     TracerType = "datadog"
	TracerTypeStackdriver TracerType = "stackdriver"
)

type TracingConfiguration

type TracingConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
	// +kubebuilder:validation:Enum=zipkin;lightstep;datadog;stackdriver
	Tracer       TracerType                `json:"tracer,omitempty"`
	Zipkin       ZipkinConfiguration       `json:"zipkin,omitempty"`
	Lightstep    LightstepConfiguration    `json:"lightstep,omitempty"`
	Datadog      DatadogConfiugration      `json:"datadog,omitempty"`
	Strackdriver StrackdriverConfiguration `json:"stackdriver,omitempty"`
	// Custom tags to be added to all spans, value can be literals, environment variables, or client request headers
	CustomTags map[string]apiextensionsv1.JSON `json:"customTags,omitempty"`
}

func (*TracingConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TracingConfiguration.

func (*TracingConfiguration) DeepCopyInto

func (in *TracingConfiguration) DeepCopyInto(out *TracingConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VaultCAConfiguration

type VaultCAConfiguration struct {
	Enabled *bool `json:"enabled,omitempty"`
	// Vault address
	Address *string `json:"address,omitempty"`
	// Vault role
	Role *string `json:"role,omitempty"`
	// Reference path in Vault for the CA certificate
	CertPath *string `json:"certPath,omitempty"`
	// Reference path in Vault for the CA private key
	KeyPath *string `json:"keyPath,omitempty"`
	// Reference path in Vault for the CA cert chain (if any)
	CertChainPath *string `json:"certChainPath,omitempty"`
	// Container image for vault-env
	VaultEnvImage *string `json:"vaultEnvImage,omitempty"`
}

VaultCAConfiguration defines configuration for Vault CA integration

func (*VaultCAConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultCAConfiguration.

func (*VaultCAConfiguration) DeepCopyInto

func (in *VaultCAConfiguration) DeepCopyInto(out *VaultCAConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ZipkinConfiguration

type ZipkinConfiguration struct {
	// Host:Port for reporting trace data in zipkin format. If not specified, will default to zipkin service (port 9411) in the same namespace as the other istio components.
	// +kubebuilder:validation:Pattern=`^[^:]+:[0-9]{1,5}$`
	Address string `json:"address,omitempty"`
	// TLS setting for Zipkin endpoint.
	TLSSettings *TLSSettings `json:"tlsSettings,omitempty"`
}

Configuration for Envoy to send trace data to Zipkin/Jaeger.

func (*ZipkinConfiguration) DeepCopy

func (in *ZipkinConfiguration) DeepCopy() *ZipkinConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ZipkinConfiguration.

func (*ZipkinConfiguration) DeepCopyInto

func (in *ZipkinConfiguration) DeepCopyInto(out *ZipkinConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ZipkinConfiguration) GetData

func (c ZipkinConfiguration) GetData() map[string]interface{}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL