Documentation ¶
Overview ¶
Package v2 is the v2 version of the API. +groupName=cilium.io
Index ¶
- Constants
- Variables
- func Resource(resource string) schema.GroupResource
- type AddressPair
- type AddressPairList
- type AllowedIdentityList
- type CiliumClusterwideEnvoyConfig
- func (in *CiliumClusterwideEnvoyConfig) DeepCopy() *CiliumClusterwideEnvoyConfig
- func (in *CiliumClusterwideEnvoyConfig) DeepCopyInto(out *CiliumClusterwideEnvoyConfig)
- func (in *CiliumClusterwideEnvoyConfig) DeepCopyObject() runtime.Object
- func (in *CiliumClusterwideEnvoyConfig) DeepEqual(other *CiliumClusterwideEnvoyConfig) bool
- type CiliumClusterwideEnvoyConfigList
- type CiliumClusterwideNetworkPolicy
- func (r *CiliumClusterwideNetworkPolicy) AnnotationsEquals(o *CiliumClusterwideNetworkPolicy) bool
- func (in *CiliumClusterwideNetworkPolicy) DeepCopy() *CiliumClusterwideNetworkPolicy
- func (in *CiliumClusterwideNetworkPolicy) DeepCopyInto(out *CiliumClusterwideNetworkPolicy)
- func (in *CiliumClusterwideNetworkPolicy) DeepCopyObject() runtime.Object
- func (in *CiliumClusterwideNetworkPolicy) DeepEqual(other *CiliumClusterwideNetworkPolicy) bool
- func (r *CiliumClusterwideNetworkPolicy) GetPolicyStatus(nodeName string) CiliumNetworkPolicyNodeStatus
- func (r *CiliumClusterwideNetworkPolicy) Parse() (api.Rules, error)
- func (r *CiliumClusterwideNetworkPolicy) SetDerivedPolicyStatus(derivativePolicyName string, status CiliumNetworkPolicyNodeStatus)
- func (r *CiliumClusterwideNetworkPolicy) SetPolicyStatus(nodeName string, cnpns CiliumNetworkPolicyNodeStatus)
- type CiliumClusterwideNetworkPolicyList
- type CiliumEgressGatewayPolicy
- func (in *CiliumEgressGatewayPolicy) DeepCopy() *CiliumEgressGatewayPolicy
- func (in *CiliumEgressGatewayPolicy) DeepCopyInto(out *CiliumEgressGatewayPolicy)
- func (in *CiliumEgressGatewayPolicy) DeepCopyObject() runtime.Object
- func (in *CiliumEgressGatewayPolicy) DeepEqual(other *CiliumEgressGatewayPolicy) bool
- type CiliumEgressGatewayPolicyList
- type CiliumEgressGatewayPolicySpec
- type CiliumEndpoint
- type CiliumEndpointList
- type CiliumEnvoyConfig
- type CiliumEnvoyConfigList
- type CiliumEnvoyConfigSpec
- type CiliumExternalWorkload
- type CiliumExternalWorkloadList
- type CiliumExternalWorkloadSpec
- type CiliumExternalWorkloadStatus
- type CiliumIdentity
- type CiliumIdentityList
- type CiliumLocalRedirectPolicy
- func (in *CiliumLocalRedirectPolicy) DeepCopy() *CiliumLocalRedirectPolicy
- func (in *CiliumLocalRedirectPolicy) DeepCopyInto(out *CiliumLocalRedirectPolicy)
- func (in *CiliumLocalRedirectPolicy) DeepCopyObject() runtime.Object
- func (in *CiliumLocalRedirectPolicy) DeepEqual(other *CiliumLocalRedirectPolicy) bool
- type CiliumLocalRedirectPolicyList
- type CiliumLocalRedirectPolicySpec
- type CiliumLocalRedirectPolicyStatus
- type CiliumNetworkPolicy
- func (r *CiliumNetworkPolicy) AnnotationsEquals(o *CiliumNetworkPolicy) bool
- func (in *CiliumNetworkPolicy) DeepCopy() *CiliumNetworkPolicy
- func (in *CiliumNetworkPolicy) DeepCopyInto(out *CiliumNetworkPolicy)
- func (in *CiliumNetworkPolicy) DeepCopyObject() runtime.Object
- func (in *CiliumNetworkPolicy) DeepEqual(other *CiliumNetworkPolicy) bool
- func (r *CiliumNetworkPolicy) GetControllerName() string
- func (r *CiliumNetworkPolicy) GetIdentityLabels() labels.LabelArray
- func (r *CiliumNetworkPolicy) GetPolicyStatus(nodeName string) CiliumNetworkPolicyNodeStatus
- func (r *CiliumNetworkPolicy) Parse() (api.Rules, error)
- func (r *CiliumNetworkPolicy) RequiresDerivative() bool
- func (r *CiliumNetworkPolicy) SetDerivedPolicyStatus(derivativePolicyName string, status CiliumNetworkPolicyNodeStatus)
- func (r *CiliumNetworkPolicy) SetPolicyStatus(nodeName string, cnpns CiliumNetworkPolicyNodeStatus)
- func (r *CiliumNetworkPolicy) String() string
- type CiliumNetworkPolicyList
- type CiliumNetworkPolicyNodeStatus
- type CiliumNetworkPolicyStatus
- type CiliumNode
- type CiliumNodeList
- type ControllerList
- type ControllerStatus
- type ControllerStatusStatus
- type DenyIdentityList
- type EgressGateway
- type EgressRule
- type EncryptionSpec
- type EndpointIdentity
- type EndpointNetworking
- type EndpointPolicy
- type EndpointPolicyDirection
- type EndpointPolicyState
- type EndpointStatus
- type ErrParse
- type Frontend
- type HealthAddressingSpec
- type IPv4CIDR
- type IdentityList
- type IdentityTuple
- type NodeAddress
- type NodeSpec
- type NodeStatus
- type PortInfo
- type RedirectBackend
- type RedirectFrontend
- type Service
- type ServiceInfo
- type ServiceListener
- type XDSResource
Constants ¶
const ( // CustomResourceDefinitionGroup is the name of the third party resource group CustomResourceDefinitionGroup = k8sconst.CustomResourceDefinitionGroup // CustomResourceDefinitionVersion is the current version of the resource CustomResourceDefinitionVersion = "v2" // CNPPluralName is the plural name of Cilium Network Policy CNPPluralName = "ciliumnetworkpolicies" // CNPKindDefinition is the kind name for Cilium Network Policy CNPKindDefinition = "CiliumNetworkPolicy" // CNPName is the full name of Cilium Network Policy CNPName = CNPPluralName + "." + CustomResourceDefinitionGroup // CCNPPluralName is the plural name of Cilium Cluster wide Network Policy CCNPPluralName = "ciliumclusterwidenetworkpolicies" // CCNPKindDefinition is the kind name for Cilium Cluster wide Network Policy CCNPKindDefinition = "CiliumClusterwideNetworkPolicy" // CCNPName is the full name of Cilium Cluster wide Network Policy CCNPName = CCNPPluralName + "." + CustomResourceDefinitionGroup // CEGPPluralName is the plural name of Cilium Egress Gateway Policy CEGPPluralName = "ciliumegressgatewaypolicies" // CEGPKindDefinition is the kind name of Cilium Egress Gateway Policy CEGPKindDefinition = "CiliumEgressGatewayPolicy" // CEGPName is the full name of Cilium Egress Gateway Policy CEGPName = CEGPPluralName + "." + CustomResourceDefinitionGroup // CEPluralName is the plural name of Cilium Endpoint CEPPluralName = "ciliumendpoints" // CEKindDefinition is the kind name for Cilium Endpoint CEPKindDefinition = "CiliumEndpoint" // CEPName is the full name of Cilium Endpoint CEPName = CEPPluralName + "." + CustomResourceDefinitionGroup // CNPluralName is the plural name of Cilium Node CNPluralName = "ciliumnodes" // CNKindDefinition is the kind name for Cilium Node CNKindDefinition = "CiliumNode" // CNName is the full name of Cilium Node CNName = CNPluralName + "." + CustomResourceDefinitionGroup // CIDPluralName is the plural name of Cilium Identity CIDPluralName = "ciliumidentities" // CIDKindDefinition is the kind name for Cilium Identity CIDKindDefinition = "CiliumIdentity" // CIDName is the full name of Cilium Identity CIDName = CIDPluralName + "." + CustomResourceDefinitionGroup // CLRPPluralName is the plural name of Local Redirect Policy CLRPPluralName = "ciliumlocalredirectpolicies" // CLRPKindDefinition is the kind name for Local Redirect Policy CLRPKindDefinition = "CiliumLocalRedirectPolicy" // CLRPName is the full name of Local Redirect Policy CLRPName = CLRPPluralName + "." + CustomResourceDefinitionGroup // CEWPluralName is the plural name of Cilium External Workload CEWPluralName = "ciliumexternalworkloads" // CEWKindDefinition is the kind name for Cilium External Workload CEWKindDefinition = "CiliumExternalWorkload" // CEWName is the full name of Cilium External Workload CEWName = CEWPluralName + "." + CustomResourceDefinitionGroup // CCECPluralName is the plural name of Cilium Clusterwide Envoy Config CCECPluralName = "ciliumclusterwideenvoyconfigs" // CCECKindDefinition is the kind name of Cilium Clusterwide Envoy Config CCECKindDefinition = "CiliumClusterwideEnvoyConfig" // CCECName is the full name of Cilium Clusterwide Envoy Config CCECName = CCECPluralName + "." + CustomResourceDefinitionGroup // CECPluralName is the plural name of Cilium Envoy Config CECPluralName = "ciliumenvoyconfigs" // CECKindDefinition is the kind name of Cilium Envoy Config CECKindDefinition = "CiliumEnvoyConfig" // CECName is the full name of Cilium Envoy Config CECName = CECPluralName + "." + CustomResourceDefinitionGroup )
const EndpointStatusLogEntries = 5
EndpointStatusLogEntries is the maximum number of log entries in EndpointStatus.Log.
Variables ¶
var ( // ErrEmptyCNP is an error representing a CNP that is empty, which means it is // missing both a `spec` and `specs` (both are nil). ErrEmptyCNP = NewErrParse("Invalid CiliumNetworkPolicy spec(s): empty policy") // ErrEmptyCCNP is an error representing a CCNP that is empty, which means it is // missing both a `spec` and `specs` (both are nil). ErrEmptyCCNP = NewErrParse("Invalid CiliumClusterwideNetworkPolicy spec(s): empty policy") // ParsingErr is for comparison when checking error types. ParsingErr = NewErrParse("") )
var ( // SchemeBuilder is needed by DeepCopy generator. SchemeBuilder runtime.SchemeBuilder // AddToScheme adds all types of this clientset into the given scheme. // This allows composition of clientsets, like in: // // import ( // "k8s.io/client-go/kubernetes" // clientsetscheme "k8s.io/client-go/kubernetes/scheme" // aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" // ) // // kclientset, _ := kubernetes.NewForConfig(c) // aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) AddToScheme = localSchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{ Group: CustomResourceDefinitionGroup, Version: CustomResourceDefinitionVersion, }
SchemeGroupVersion is group version used to register these objects
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type AddressPair ¶
AddressPair is a pair of IPv4 and/or IPv6 address.
func (*AddressPair) DeepEqual ¶
func (in *AddressPair) DeepEqual(other *AddressPair) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type AddressPairList ¶
type AddressPairList []*AddressPair
AddressPairList is a list of address pairs.
func (*AddressPairList) DeepEqual ¶
func (in *AddressPairList) DeepEqual(other *AddressPairList) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
func (AddressPairList) Sort ¶
func (a AddressPairList) Sort()
Sort sorts an AddressPairList by IPv4 and IPv6 address.
type AllowedIdentityList ¶
type AllowedIdentityList IdentityList
AllowedIdentityList is a list of IdentityTuples that species peers that are allowed.
func (*AllowedIdentityList) DeepEqual ¶
func (in *AllowedIdentityList) DeepEqual(other *AllowedIdentityList) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
func (AllowedIdentityList) Sort ¶
func (a AllowedIdentityList) Sort()
Sort sorts a list IdentityList by numeric identity, port and protocol.
type CiliumClusterwideEnvoyConfig ¶
type CiliumClusterwideEnvoyConfig struct { // +k8s:openapi-gen=false // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +k8s:openapi-gen=false // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // +k8s:openapi-gen=false // +kubebuilder:validation:Type=object Spec CiliumEnvoyConfigSpec `json:"spec,omitempty"` }
func (*CiliumClusterwideEnvoyConfig) DeepCopy ¶
func (in *CiliumClusterwideEnvoyConfig) DeepCopy() *CiliumClusterwideEnvoyConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideEnvoyConfig.
func (*CiliumClusterwideEnvoyConfig) DeepCopyInto ¶
func (in *CiliumClusterwideEnvoyConfig) DeepCopyInto(out *CiliumClusterwideEnvoyConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumClusterwideEnvoyConfig) DeepCopyObject ¶
func (in *CiliumClusterwideEnvoyConfig) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumClusterwideEnvoyConfig) DeepEqual ¶
func (in *CiliumClusterwideEnvoyConfig) DeepEqual(other *CiliumClusterwideEnvoyConfig) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumClusterwideEnvoyConfigList ¶
type CiliumClusterwideEnvoyConfigList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumClusterwideEnvoyConfig. Items []CiliumClusterwideEnvoyConfig `json:"items"` }
CiliumClusterwideEnvoyConfigList is a list of CiliumClusterwideEnvoyConfig objects.
func (*CiliumClusterwideEnvoyConfigList) DeepCopy ¶
func (in *CiliumClusterwideEnvoyConfigList) DeepCopy() *CiliumClusterwideEnvoyConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideEnvoyConfigList.
func (*CiliumClusterwideEnvoyConfigList) DeepCopyInto ¶
func (in *CiliumClusterwideEnvoyConfigList) DeepCopyInto(out *CiliumClusterwideEnvoyConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumClusterwideEnvoyConfigList) DeepCopyObject ¶
func (in *CiliumClusterwideEnvoyConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumClusterwideNetworkPolicy ¶
type CiliumClusterwideNetworkPolicy struct { // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // Spec is the desired Cilium specific rule specification. Spec *api.Rule `json:"spec,omitempty"` // Specs is a list of desired Cilium specific rule specification. Specs api.Rules `json:"specs,omitempty"` // Status is the status of the Cilium policy rule. // // The reason this field exists in this structure is due a bug in the k8s // code-generator that doesn't create a `UpdateStatus` method because the // field does not exist in the structure. // // +kubebuilder:validation:Optional Status CiliumNetworkPolicyStatus `json:"status"` }
CiliumClusterwideNetworkPolicy is a Kubernetes third-party resource with an modified version of CiliumNetworkPolicy which is cluster scoped rather than namespace scoped.
func (*CiliumClusterwideNetworkPolicy) AnnotationsEquals ¶
func (r *CiliumClusterwideNetworkPolicy) AnnotationsEquals(o *CiliumClusterwideNetworkPolicy) bool
AnnotationsEquals returns true if ObjectMeta.Annotations of each CiliumClusterwideNetworkPolicy are equivalent (i.e., they contain equivalent key-value pairs).
func (*CiliumClusterwideNetworkPolicy) DeepCopy ¶
func (in *CiliumClusterwideNetworkPolicy) DeepCopy() *CiliumClusterwideNetworkPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideNetworkPolicy.
func (*CiliumClusterwideNetworkPolicy) DeepCopyInto ¶
func (in *CiliumClusterwideNetworkPolicy) DeepCopyInto(out *CiliumClusterwideNetworkPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumClusterwideNetworkPolicy) DeepCopyObject ¶
func (in *CiliumClusterwideNetworkPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumClusterwideNetworkPolicy) DeepEqual ¶
func (in *CiliumClusterwideNetworkPolicy) DeepEqual(other *CiliumClusterwideNetworkPolicy) bool
DeepEqual compares 2 CCNPs while ignoring the LastAppliedConfigAnnotation and ignoring the Status field of the CCNP.
func (*CiliumClusterwideNetworkPolicy) GetPolicyStatus ¶
func (r *CiliumClusterwideNetworkPolicy) GetPolicyStatus(nodeName string) CiliumNetworkPolicyNodeStatus
GetPolicyStatus returns the CiliumClusterwideNetworkPolicyNodeStatus corresponding to nodeName in the provided CiliumClusterwideNetworkPolicy. If Nodes within the rule's Status is nil, returns an empty CiliumClusterwideNetworkPolicyNodeStatus.
func (*CiliumClusterwideNetworkPolicy) Parse ¶
func (r *CiliumClusterwideNetworkPolicy) Parse() (api.Rules, error)
Parse parses a CiliumClusterwideNetworkPolicy and returns a list of cilium policy rules.
func (*CiliumClusterwideNetworkPolicy) SetDerivedPolicyStatus ¶
func (r *CiliumClusterwideNetworkPolicy) SetDerivedPolicyStatus(derivativePolicyName string, status CiliumNetworkPolicyNodeStatus)
SetDerivedPolicyStatus set the derivative policy status for the given derivative policy name.
func (*CiliumClusterwideNetworkPolicy) SetPolicyStatus ¶
func (r *CiliumClusterwideNetworkPolicy) SetPolicyStatus(nodeName string, cnpns CiliumNetworkPolicyNodeStatus)
SetPolicyStatus sets the given policy status for the given nodes' map.
type CiliumClusterwideNetworkPolicyList ¶
type CiliumClusterwideNetworkPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumClusterwideNetworkPolicies. Items []CiliumClusterwideNetworkPolicy `json:"items"` }
CiliumClusterwideNetworkPolicyList is a list of CiliumClusterwideNetworkPolicy objects.
func (*CiliumClusterwideNetworkPolicyList) DeepCopy ¶
func (in *CiliumClusterwideNetworkPolicyList) DeepCopy() *CiliumClusterwideNetworkPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideNetworkPolicyList.
func (*CiliumClusterwideNetworkPolicyList) DeepCopyInto ¶
func (in *CiliumClusterwideNetworkPolicyList) DeepCopyInto(out *CiliumClusterwideNetworkPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumClusterwideNetworkPolicyList) DeepCopyObject ¶
func (in *CiliumClusterwideNetworkPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumEgressGatewayPolicy ¶
type CiliumEgressGatewayPolicy struct { // +k8s:openapi-gen=false // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +k8s:openapi-gen=false // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` Spec CiliumEgressGatewayPolicySpec `json:"spec,omitempty"` }
func (*CiliumEgressGatewayPolicy) DeepCopy ¶
func (in *CiliumEgressGatewayPolicy) DeepCopy() *CiliumEgressGatewayPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEgressGatewayPolicy.
func (*CiliumEgressGatewayPolicy) DeepCopyInto ¶
func (in *CiliumEgressGatewayPolicy) DeepCopyInto(out *CiliumEgressGatewayPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEgressGatewayPolicy) DeepCopyObject ¶
func (in *CiliumEgressGatewayPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumEgressGatewayPolicy) DeepEqual ¶
func (in *CiliumEgressGatewayPolicy) DeepEqual(other *CiliumEgressGatewayPolicy) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumEgressGatewayPolicyList ¶
type CiliumEgressGatewayPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumEgressGatewayPolicy. Items []CiliumEgressGatewayPolicy `json:"items"` }
CiliumEgressGatewayPolicyList is a list of CiliumEgressGatewayPolicy objects.
func (*CiliumEgressGatewayPolicyList) DeepCopy ¶
func (in *CiliumEgressGatewayPolicyList) DeepCopy() *CiliumEgressGatewayPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEgressGatewayPolicyList.
func (*CiliumEgressGatewayPolicyList) DeepCopyInto ¶
func (in *CiliumEgressGatewayPolicyList) DeepCopyInto(out *CiliumEgressGatewayPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEgressGatewayPolicyList) DeepCopyObject ¶
func (in *CiliumEgressGatewayPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumEgressGatewayPolicySpec ¶
type CiliumEgressGatewayPolicySpec struct { // Egress represents a list of rules by which egress traffic is // filtered from the source pods. Selectors []EgressRule `json:"selectors"` // DestinationCIDRs is a list of destination CIDRs for destination IP addresses. // If a destination IP matches any one CIDR, it will be selected. DestinationCIDRs []IPv4CIDR `json:"destinationCIDRs"` // ExcludedCIDRs is a list of destination CIDRs that will be excluded // from the egress gateway redirection and SNAT logic. // Should be a subset of destinationCIDRs otherwise it will not have any // effect. // // +kubebuilder:validation:Optional ExcludedCIDRs []IPv4CIDR `json:"excludedCIDRs"` // EgressGateway is the gateway node responsible for SNATing traffic. EgressGateway *EgressGateway `json:"egressGateway"` }
func (*CiliumEgressGatewayPolicySpec) DeepCopy ¶
func (in *CiliumEgressGatewayPolicySpec) DeepCopy() *CiliumEgressGatewayPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEgressGatewayPolicySpec.
func (*CiliumEgressGatewayPolicySpec) DeepCopyInto ¶
func (in *CiliumEgressGatewayPolicySpec) DeepCopyInto(out *CiliumEgressGatewayPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEgressGatewayPolicySpec) DeepEqual ¶
func (in *CiliumEgressGatewayPolicySpec) DeepEqual(other *CiliumEgressGatewayPolicySpec) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumEndpoint ¶
type CiliumEndpoint struct { // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // +kubebuilder:validation:Optional Status EndpointStatus `json:"status"` }
CiliumEndpoint is the status of a Cilium policy rule.
func (*CiliumEndpoint) DeepCopy ¶
func (in *CiliumEndpoint) DeepCopy() *CiliumEndpoint
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEndpoint.
func (*CiliumEndpoint) DeepCopyInto ¶
func (in *CiliumEndpoint) DeepCopyInto(out *CiliumEndpoint)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEndpoint) DeepCopyObject ¶
func (in *CiliumEndpoint) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumEndpoint) DeepEqual ¶
func (in *CiliumEndpoint) DeepEqual(other *CiliumEndpoint) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumEndpointList ¶
type CiliumEndpointList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumEndpoint Items []CiliumEndpoint `json:"items"` }
CiliumEndpointList is a list of CiliumEndpoint objects.
func (*CiliumEndpointList) DeepCopy ¶
func (in *CiliumEndpointList) DeepCopy() *CiliumEndpointList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEndpointList.
func (*CiliumEndpointList) DeepCopyInto ¶
func (in *CiliumEndpointList) DeepCopyInto(out *CiliumEndpointList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEndpointList) DeepCopyObject ¶
func (in *CiliumEndpointList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumEnvoyConfig ¶
type CiliumEnvoyConfig struct { // +k8s:openapi-gen=false // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +k8s:openapi-gen=false // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // +k8s:openapi-gen=false // +kubebuilder:validation:Type=object Spec CiliumEnvoyConfigSpec `json:"spec,omitempty"` }
func (*CiliumEnvoyConfig) DeepCopy ¶
func (in *CiliumEnvoyConfig) DeepCopy() *CiliumEnvoyConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEnvoyConfig.
func (*CiliumEnvoyConfig) DeepCopyInto ¶
func (in *CiliumEnvoyConfig) DeepCopyInto(out *CiliumEnvoyConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEnvoyConfig) DeepCopyObject ¶
func (in *CiliumEnvoyConfig) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumEnvoyConfig) DeepEqual ¶
func (in *CiliumEnvoyConfig) DeepEqual(other *CiliumEnvoyConfig) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumEnvoyConfigList ¶
type CiliumEnvoyConfigList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumEnvoyConfig. Items []CiliumEnvoyConfig `json:"items"` }
CiliumEnvoyConfigList is a list of CiliumEnvoyConfig objects.
func (*CiliumEnvoyConfigList) DeepCopy ¶
func (in *CiliumEnvoyConfigList) DeepCopy() *CiliumEnvoyConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEnvoyConfigList.
func (*CiliumEnvoyConfigList) DeepCopyInto ¶
func (in *CiliumEnvoyConfigList) DeepCopyInto(out *CiliumEnvoyConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEnvoyConfigList) DeepCopyObject ¶
func (in *CiliumEnvoyConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumEnvoyConfigSpec ¶
type CiliumEnvoyConfigSpec struct { // Services specifies Kubernetes services for which traffic is // forwarded to an Envoy listener for L7 load balancing. Backends // of these services are automatically synced to Envoy usign EDS. // // +kubebuilder:validation:Optional Services []*ServiceListener `json:"services,omitempty"` // BackendServices specifies Kubernetes services whose backends // are automatically synced to Envoy using EDS. Traffic for these // services is not forwarded to an Envoy listener. This allows an // Envoy listener load balance traffic to these backends while // normal Cilium service load balancing takes care of balancing // traffic for these services at the same time. // // +kubebuilder:validation:Optional BackendServices []*Service `json:"backendServices,omitempty"` // Envoy xDS resources, a list of the following Envoy resource types: // type.googleapis.com/envoy.config.listener.v3.Listener, // type.googleapis.com/envoy.config.route.v3.RouteConfiguration, // type.googleapis.com/envoy.config.cluster.v3.Cluster, // type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment, and // type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret. // // +kubebuilder:validation:Required Resources []XDSResource `json:"resources,omitempty"` }
func (*CiliumEnvoyConfigSpec) DeepCopy ¶
func (in *CiliumEnvoyConfigSpec) DeepCopy() *CiliumEnvoyConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEnvoyConfigSpec.
func (*CiliumEnvoyConfigSpec) DeepCopyInto ¶
func (in *CiliumEnvoyConfigSpec) DeepCopyInto(out *CiliumEnvoyConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumEnvoyConfigSpec) DeepEqual ¶
func (in *CiliumEnvoyConfigSpec) DeepEqual(other *CiliumEnvoyConfigSpec) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumExternalWorkload ¶
type CiliumExternalWorkload struct { // +k8s:openapi-gen=false // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +k8s:openapi-gen=false // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // Spec is the desired configuration of the external Cilium workload. Spec CiliumExternalWorkloadSpec `json:"spec,omitempty"` // Status is the most recent status of the external Cilium workload. // It is a read-only field. // // +deepequal-gen=false // +kubebuilder:validation:Optional Status CiliumExternalWorkloadStatus `json:"status"` }
CiliumExternalWorkload is a Kubernetes Custom Resource that contains a specification for an external workload that can join the cluster. The name of the CRD is the FQDN of the external workload, and it needs to match the name in the workload registration. The labels on the CRD object are the labels that will be used to allocate a Cilium Identity for the external workload. If 'io.kubernetes.pod.namespace' or 'io.kubernetes.pod.name' labels are not explicitly specified, they will be defaulted to 'default' and <workload name>, respectively. 'io.cilium.k8s.policy.cluster' will always be defined as the name of the current cluster, which defaults to "default".
func (*CiliumExternalWorkload) DeepCopy ¶
func (in *CiliumExternalWorkload) DeepCopy() *CiliumExternalWorkload
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkload.
func (*CiliumExternalWorkload) DeepCopyInto ¶
func (in *CiliumExternalWorkload) DeepCopyInto(out *CiliumExternalWorkload)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumExternalWorkload) DeepCopyObject ¶
func (in *CiliumExternalWorkload) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumExternalWorkload) DeepEqual ¶
func (in *CiliumExternalWorkload) DeepEqual(other *CiliumExternalWorkload) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumExternalWorkloadList ¶
type CiliumExternalWorkloadList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumExternalWorkload Items []CiliumExternalWorkload `json:"items"` }
CiliumExternalWorkloadList is a list of CiliumExternalWorkload objects.
func (*CiliumExternalWorkloadList) DeepCopy ¶
func (in *CiliumExternalWorkloadList) DeepCopy() *CiliumExternalWorkloadList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkloadList.
func (*CiliumExternalWorkloadList) DeepCopyInto ¶
func (in *CiliumExternalWorkloadList) DeepCopyInto(out *CiliumExternalWorkloadList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumExternalWorkloadList) DeepCopyObject ¶
func (in *CiliumExternalWorkloadList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumExternalWorkloadSpec ¶
type CiliumExternalWorkloadSpec struct { // IPv4AllocCIDR is the range of IPv4 addresses in the CIDR format that the external workload can // use to allocate IP addresses for the tunnel device and the health endpoint. // // +kubebuilder:validation:Pattern=`^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([0-9]|[1-2][0-9]|3[0-2])$` IPv4AllocCIDR string `json:"ipv4-alloc-cidr,omitempty"` // IPv6AllocCIDR is the range of IPv6 addresses in the CIDR format that the external workload can // use to allocate IP addresses for the tunnel device and the health endpoint. // // +kubebuilder:validation:Pattern=`^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$` IPv6AllocCIDR string `json:"ipv6-alloc-cidr,omitempty"` }
CiliumExternalWorkloadSpec specifies the configurations for redirecting traffic within a workload.
+kubebuilder:validation:Type=object
func (*CiliumExternalWorkloadSpec) DeepCopy ¶
func (in *CiliumExternalWorkloadSpec) DeepCopy() *CiliumExternalWorkloadSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkloadSpec.
func (*CiliumExternalWorkloadSpec) DeepCopyInto ¶
func (in *CiliumExternalWorkloadSpec) DeepCopyInto(out *CiliumExternalWorkloadSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumExternalWorkloadSpec) DeepEqual ¶
func (in *CiliumExternalWorkloadSpec) DeepEqual(other *CiliumExternalWorkloadSpec) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumExternalWorkloadStatus ¶
type CiliumExternalWorkloadStatus struct { // ID is the numeric identity allocated for the external workload. ID uint64 `json:"id,omitempty"` // IP is the IP address of the workload. Empty if the workload has not registered. IP string `json:"ip,omitempty"` }
CiliumExternalWorkloadStatus is the status of a the external Cilium workload.
func (*CiliumExternalWorkloadStatus) DeepCopy ¶
func (in *CiliumExternalWorkloadStatus) DeepCopy() *CiliumExternalWorkloadStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkloadStatus.
func (*CiliumExternalWorkloadStatus) DeepCopyInto ¶
func (in *CiliumExternalWorkloadStatus) DeepCopyInto(out *CiliumExternalWorkloadStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumExternalWorkloadStatus) DeepEqual ¶
func (in *CiliumExternalWorkloadStatus) DeepEqual(other *CiliumExternalWorkloadStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumIdentity ¶
type CiliumIdentity struct { // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // SecurityLabels is the source-of-truth set of labels for this identity. SecurityLabels map[string]string `json:"security-labels"` }
CiliumIdentity is a CRD that represents an identity managed by Cilium. It is intended as a backing store for identity allocation, acting as the global coordination backend, and can be used in place of a KVStore (such as etcd). The name of the CRD is the numeric identity and the labels on the CRD object are the kubernetes sourced labels seen by cilium. This is currently the only label source possible when running under kubernetes. Non-kubernetes labels are filtered but all labels, from all sources, are places in the SecurityLabels field. These also include the source and are used to define the identity. The labels under metav1.ObjectMeta can be used when searching for CiliumIdentity instances that include particular labels. This can be done with invocations such as:
kubectl get ciliumid -l 'foo=bar'
func (*CiliumIdentity) DeepCopy ¶
func (in *CiliumIdentity) DeepCopy() *CiliumIdentity
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumIdentity.
func (*CiliumIdentity) DeepCopyInto ¶
func (in *CiliumIdentity) DeepCopyInto(out *CiliumIdentity)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumIdentity) DeepCopyObject ¶
func (in *CiliumIdentity) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumIdentity) DeepEqual ¶
func (in *CiliumIdentity) DeepEqual(other *CiliumIdentity) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumIdentityList ¶
type CiliumIdentityList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumIdentity Items []CiliumIdentity `json:"items"` }
CiliumIdentityList is a list of CiliumIdentity objects.
func (*CiliumIdentityList) DeepCopy ¶
func (in *CiliumIdentityList) DeepCopy() *CiliumIdentityList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumIdentityList.
func (*CiliumIdentityList) DeepCopyInto ¶
func (in *CiliumIdentityList) DeepCopyInto(out *CiliumIdentityList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumIdentityList) DeepCopyObject ¶
func (in *CiliumIdentityList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumLocalRedirectPolicy ¶
type CiliumLocalRedirectPolicy struct { // +k8s:openapi-gen=false // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +k8s:openapi-gen=false // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // Spec is the desired behavior of the local redirect policy. Spec CiliumLocalRedirectPolicySpec `json:"spec,omitempty"` // Status is the most recent status of the local redirect policy. // It is a read-only field. // // +deepequal-gen=false // +kubebuilder:validation:Optional Status CiliumLocalRedirectPolicyStatus `json:"status"` }
CiliumLocalRedirectPolicy is a Kubernetes Custom Resource that contains a specification to redirect traffic locally within a node.
func (*CiliumLocalRedirectPolicy) DeepCopy ¶
func (in *CiliumLocalRedirectPolicy) DeepCopy() *CiliumLocalRedirectPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicy.
func (*CiliumLocalRedirectPolicy) DeepCopyInto ¶
func (in *CiliumLocalRedirectPolicy) DeepCopyInto(out *CiliumLocalRedirectPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumLocalRedirectPolicy) DeepCopyObject ¶
func (in *CiliumLocalRedirectPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumLocalRedirectPolicy) DeepEqual ¶
func (in *CiliumLocalRedirectPolicy) DeepEqual(other *CiliumLocalRedirectPolicy) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumLocalRedirectPolicyList ¶
type CiliumLocalRedirectPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumLocalRedirectPolicy Items []CiliumLocalRedirectPolicy `json:"items"` }
CiliumLocalRedirectPolicyList is a list of CiliumLocalRedirectPolicy objects.
func (*CiliumLocalRedirectPolicyList) DeepCopy ¶
func (in *CiliumLocalRedirectPolicyList) DeepCopy() *CiliumLocalRedirectPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicyList.
func (*CiliumLocalRedirectPolicyList) DeepCopyInto ¶
func (in *CiliumLocalRedirectPolicyList) DeepCopyInto(out *CiliumLocalRedirectPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumLocalRedirectPolicyList) DeepCopyObject ¶
func (in *CiliumLocalRedirectPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumLocalRedirectPolicySpec ¶
type CiliumLocalRedirectPolicySpec struct { // RedirectFrontend specifies frontend configuration to redirect traffic from. // It can not be empty. // // +kubebuilder:validation:Required RedirectFrontend RedirectFrontend `json:"redirectFrontend"` // RedirectBackend specifies backend configuration to redirect traffic to. // It can not be empty. // // +kubebuilder:validation:Required RedirectBackend RedirectBackend `json:"redirectBackend"` // Description can be used by the creator of the policy to describe the // purpose of this policy. // // +kubebuilder:validation:Optional Description string `json:"description,omitempty"` }
CiliumLocalRedirectPolicySpec specifies the configurations for redirecting traffic within a node.
+kubebuilder:validation:Type=object
func (*CiliumLocalRedirectPolicySpec) DeepCopy ¶
func (in *CiliumLocalRedirectPolicySpec) DeepCopy() *CiliumLocalRedirectPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicySpec.
func (*CiliumLocalRedirectPolicySpec) DeepCopyInto ¶
func (in *CiliumLocalRedirectPolicySpec) DeepCopyInto(out *CiliumLocalRedirectPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumLocalRedirectPolicySpec) DeepEqual ¶
func (in *CiliumLocalRedirectPolicySpec) DeepEqual(other *CiliumLocalRedirectPolicySpec) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumLocalRedirectPolicyStatus ¶
type CiliumLocalRedirectPolicyStatus struct { // TODO Define status(aditi) // // +kubebuilder:validation:Type=object OK bool `json:"ok,omitempty"` }
CiliumLocalRedirectPolicyStatus is the status of a Local Redirect Policy.
func (*CiliumLocalRedirectPolicyStatus) DeepCopy ¶
func (in *CiliumLocalRedirectPolicyStatus) DeepCopy() *CiliumLocalRedirectPolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicyStatus.
func (*CiliumLocalRedirectPolicyStatus) DeepCopyInto ¶
func (in *CiliumLocalRedirectPolicyStatus) DeepCopyInto(out *CiliumLocalRedirectPolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumLocalRedirectPolicyStatus) DeepEqual ¶
func (in *CiliumLocalRedirectPolicyStatus) DeepEqual(other *CiliumLocalRedirectPolicyStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumNetworkPolicy ¶
type CiliumNetworkPolicy struct { // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // Spec is the desired Cilium specific rule specification. Spec *api.Rule `json:"spec,omitempty"` // Specs is a list of desired Cilium specific rule specification. Specs api.Rules `json:"specs,omitempty"` // Status is the status of the Cilium policy rule // // +deepequal-gen=false // +kubebuilder:validation:Optional Status CiliumNetworkPolicyStatus `json:"status"` }
CiliumNetworkPolicy is a Kubernetes third-party resource with an extended version of NetworkPolicy.
func (*CiliumNetworkPolicy) AnnotationsEquals ¶
func (r *CiliumNetworkPolicy) AnnotationsEquals(o *CiliumNetworkPolicy) bool
AnnotationsEquals returns true if ObjectMeta.Annotations of each CiliumNetworkPolicy are equivalent (i.e., they contain equivalent key-value pairs).
func (*CiliumNetworkPolicy) DeepCopy ¶
func (in *CiliumNetworkPolicy) DeepCopy() *CiliumNetworkPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicy.
func (*CiliumNetworkPolicy) DeepCopyInto ¶
func (in *CiliumNetworkPolicy) DeepCopyInto(out *CiliumNetworkPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumNetworkPolicy) DeepCopyObject ¶
func (in *CiliumNetworkPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumNetworkPolicy) DeepEqual ¶
func (in *CiliumNetworkPolicy) DeepEqual(other *CiliumNetworkPolicy) bool
DeepEqual compares 2 CNPs.
func (*CiliumNetworkPolicy) GetControllerName ¶
func (r *CiliumNetworkPolicy) GetControllerName() string
GetControllerName returns the unique name for the controller manager.
func (*CiliumNetworkPolicy) GetIdentityLabels ¶
func (r *CiliumNetworkPolicy) GetIdentityLabels() labels.LabelArray
GetIdentityLabels returns all rule labels in the CiliumNetworkPolicy.
func (*CiliumNetworkPolicy) GetPolicyStatus ¶
func (r *CiliumNetworkPolicy) GetPolicyStatus(nodeName string) CiliumNetworkPolicyNodeStatus
GetPolicyStatus returns the CiliumNetworkPolicyNodeStatus corresponding to nodeName in the provided CiliumNetworkPolicy. If Nodes within the rule's Status is nil, returns an empty CiliumNetworkPolicyNodeStatus.
func (*CiliumNetworkPolicy) Parse ¶
func (r *CiliumNetworkPolicy) Parse() (api.Rules, error)
Parse parses a CiliumNetworkPolicy and returns a list of cilium policy rules.
func (*CiliumNetworkPolicy) RequiresDerivative ¶
func (r *CiliumNetworkPolicy) RequiresDerivative() bool
RequiresDerivative return true if the CNP has any rule that will create a new derivative rule.
func (*CiliumNetworkPolicy) SetDerivedPolicyStatus ¶
func (r *CiliumNetworkPolicy) SetDerivedPolicyStatus(derivativePolicyName string, status CiliumNetworkPolicyNodeStatus)
SetDerivedPolicyStatus set the derivative policy status for the given derivative policy name.
func (*CiliumNetworkPolicy) SetPolicyStatus ¶
func (r *CiliumNetworkPolicy) SetPolicyStatus(nodeName string, cnpns CiliumNetworkPolicyNodeStatus)
SetPolicyStatus sets the given policy status for the given nodes' map.
func (*CiliumNetworkPolicy) String ¶
func (r *CiliumNetworkPolicy) String() string
type CiliumNetworkPolicyList ¶
type CiliumNetworkPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumNetworkPolicy Items []CiliumNetworkPolicy `json:"items"` }
CiliumNetworkPolicyList is a list of CiliumNetworkPolicy objects.
func (*CiliumNetworkPolicyList) DeepCopy ¶
func (in *CiliumNetworkPolicyList) DeepCopy() *CiliumNetworkPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicyList.
func (*CiliumNetworkPolicyList) DeepCopyInto ¶
func (in *CiliumNetworkPolicyList) DeepCopyInto(out *CiliumNetworkPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumNetworkPolicyList) DeepCopyObject ¶
func (in *CiliumNetworkPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CiliumNetworkPolicyNodeStatus ¶
type CiliumNetworkPolicyNodeStatus struct { // OK is true when the policy has been parsed and imported successfully // into the in-memory policy repository on the node. OK bool `json:"ok,omitempty"` // Error describes any error that occurred when parsing or importing the // policy, or realizing the policy for the endpoints to which it applies // on the node. Error string `json:"error,omitempty"` // LastUpdated contains the last time this status was updated LastUpdated slimv1.Time `json:"lastUpdated,omitempty"` // Revision is the policy revision of the repository which first implemented // this policy. Revision uint64 `json:"localPolicyRevision,omitempty"` // Enforcing is set to true once all endpoints present at the time the // policy has been imported are enforcing this policy. Enforcing bool `json:"enforcing,omitempty"` // Annotations corresponds to the Annotations in the ObjectMeta of the CNP // that have been realized on the node for CNP. That is, if a CNP has been // imported and has been assigned annotation X=Y by the user, // Annotations in CiliumNetworkPolicyNodeStatus will be X=Y once the // CNP that was imported corresponding to Annotation X=Y has been realized on // the node. Annotations map[string]string `json:"annotations,omitempty"` }
CiliumNetworkPolicyNodeStatus is the status of a Cilium policy rule for a specific node.
func CreateCNPNodeStatus ¶
func CreateCNPNodeStatus(enforcing, ok bool, cnpError error, rev uint64, annotations map[string]string) CiliumNetworkPolicyNodeStatus
CreateCNPNodeStatus returns a CiliumNetworkPolicyNodeStatus created from the provided fields.
func (*CiliumNetworkPolicyNodeStatus) DeepCopy ¶
func (in *CiliumNetworkPolicyNodeStatus) DeepCopy() *CiliumNetworkPolicyNodeStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicyNodeStatus.
func (*CiliumNetworkPolicyNodeStatus) DeepCopyInto ¶
func (in *CiliumNetworkPolicyNodeStatus) DeepCopyInto(out *CiliumNetworkPolicyNodeStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumNetworkPolicyNodeStatus) DeepEqual ¶
func (in *CiliumNetworkPolicyNodeStatus) DeepEqual(other *CiliumNetworkPolicyNodeStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumNetworkPolicyStatus ¶
type CiliumNetworkPolicyStatus struct { // Nodes is the Cilium policy status for each node Nodes map[string]CiliumNetworkPolicyNodeStatus `json:"nodes,omitempty"` // DerivativePolicies is the status of all policies derived from the Cilium // policy DerivativePolicies map[string]CiliumNetworkPolicyNodeStatus `json:"derivativePolicies,omitempty"` }
CiliumNetworkPolicyStatus is the status of a Cilium policy rule.
func (*CiliumNetworkPolicyStatus) DeepCopy ¶
func (in *CiliumNetworkPolicyStatus) DeepCopy() *CiliumNetworkPolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicyStatus.
func (*CiliumNetworkPolicyStatus) DeepCopyInto ¶
func (in *CiliumNetworkPolicyStatus) DeepCopyInto(out *CiliumNetworkPolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumNetworkPolicyStatus) DeepEqual ¶
func (in *CiliumNetworkPolicyStatus) DeepEqual(other *CiliumNetworkPolicyStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type CiliumNode ¶
type CiliumNode struct { // +deepequal-gen=false metav1.TypeMeta `json:",inline"` // +deepequal-gen=false metav1.ObjectMeta `json:"metadata"` // Spec defines the desired specification/configuration of the node. Spec NodeSpec `json:"spec"` // Status defines the realized specification/configuration and status // of the node. // // +kubebuilder:validation:Optional Status NodeStatus `json:"status,omitempty"` }
CiliumNode represents a node managed by Cilium. It contains a specification to control various node specific configuration aspects and a status section to represent the status of the node.
func (*CiliumNode) DeepCopy ¶
func (in *CiliumNode) DeepCopy() *CiliumNode
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNode.
func (*CiliumNode) DeepCopyInto ¶
func (in *CiliumNode) DeepCopyInto(out *CiliumNode)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumNode) DeepCopyObject ¶
func (in *CiliumNode) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CiliumNode) DeepEqual ¶
func (in *CiliumNode) DeepEqual(other *CiliumNode) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
func (*CiliumNode) InstanceID ¶
func (n *CiliumNode) InstanceID() (instanceID string)
InstanceID returns the InstanceID of a CiliumNode.
type CiliumNodeList ¶
type CiliumNodeList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` // Items is a list of CiliumNode Items []CiliumNode `json:"items"` }
CiliumNodeList is a list of CiliumNode objects.
func (*CiliumNodeList) DeepCopy ¶
func (in *CiliumNodeList) DeepCopy() *CiliumNodeList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNodeList.
func (*CiliumNodeList) DeepCopyInto ¶
func (in *CiliumNodeList) DeepCopyInto(out *CiliumNodeList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CiliumNodeList) DeepCopyObject ¶
func (in *CiliumNodeList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ControllerList ¶
type ControllerList []ControllerStatus
ControllerList is a list of ControllerStatus.
func (*ControllerList) DeepEqual ¶
func (in *ControllerList) DeepEqual(other *ControllerList) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
func (ControllerList) Sort ¶
func (c ControllerList) Sort()
Sort sorts the ControllerList by controller name
type ControllerStatus ¶
type ControllerStatus struct { // Name is the name of the controller Name string `json:"name,omitempty"` // Configuration is the controller configuration Configuration *models.ControllerStatusConfiguration `json:"configuration,omitempty"` // Status is the status of the controller Status ControllerStatusStatus `json:"status,omitempty"` // UUID is the UUID of the controller UUID string `json:"uuid,omitempty"` }
ControllerStatus is the status of a failing controller.
func (*ControllerStatus) DeepCopy ¶
func (in *ControllerStatus) DeepCopy() *ControllerStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerStatus.
func (*ControllerStatus) DeepCopyInto ¶
func (in *ControllerStatus) DeepCopyInto(out *ControllerStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ControllerStatus) DeepEqual ¶
func (in *ControllerStatus) DeepEqual(other *ControllerStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type ControllerStatusStatus ¶
type ControllerStatusStatus struct { ConsecutiveFailureCount int64 `json:"consecutive-failure-count,omitempty"` FailureCount int64 `json:"failure-count,omitempty"` LastFailureMsg string `json:"last-failure-msg,omitempty"` LastFailureTimestamp string `json:"last-failure-timestamp,omitempty"` LastSuccessTimestamp string `json:"last-success-timestamp,omitempty"` SuccessCount int64 `json:"success-count,omitempty"` }
ControllerStatusStatus is the detailed status section of a controller.
func (*ControllerStatusStatus) DeepEqual ¶
func (in *ControllerStatusStatus) DeepEqual(other *ControllerStatusStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type DenyIdentityList ¶
type DenyIdentityList IdentityList
DenyIdentityList is a list of IdentityTuples that species peers that are denied.
func (*DenyIdentityList) DeepEqual ¶
func (in *DenyIdentityList) DeepEqual(other *DenyIdentityList) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
func (DenyIdentityList) Sort ¶
func (d DenyIdentityList) Sort()
Sort sorts a list IdentityList by numeric identity, port and protocol.
type EgressGateway ¶
type EgressGateway struct { // This is a label selector which selects the node that should act as // egress gateway for the given policy. // In case multiple nodes are selected, only the first one in the // lexical ordering over the node names will be used. // This field follows standard label selector semantics. // // +kubebuilder:validation:Required NodeSelector *slimv1.LabelSelector `json:"nodeSelector"` // Interface is the network interface to which the egress IP address // that the traffic is SNATed with is assigned. // // Example: // When set to "eth1", matching egress traffic will be redirected to the // node matching the NodeSelector field and SNATed with the first IPv4 // address assigned to the eth1 interface. // // When none of the Interface or EgressIP fields is specified, the // policy will use the first IPv4 assigned to the interface with the // default route. Interface string `json:"interface,omitempty"` // EgressIP is the source IP address that the egress traffic is SNATed // with. // // Example: // When set to "192.168.1.100", matching egress traffic will be // redirected to the node matching the NodeSelector field and SNATed // with IP address 192.168.1.100. // // When none of the Interface or EgressIP fields is specified, the // policy will use the first IPv4 assigned to the interface with the // default route. // // +kubebuilder:validation:Pattern=`((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))` EgressIP string `json:"egressIP,omitempty"` }
EgressGateway identifies the node that should act as egress gateway for a given egress Gateway policy. In addition to that it also specifies the configuration of said node (which egress IP or network interface should be used to SNAT traffic).
func (*EgressGateway) DeepCopy ¶
func (in *EgressGateway) DeepCopy() *EgressGateway
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGateway.
func (*EgressGateway) DeepCopyInto ¶
func (in *EgressGateway) DeepCopyInto(out *EgressGateway)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EgressGateway) DeepEqual ¶
func (in *EgressGateway) DeepEqual(other *EgressGateway) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EgressRule ¶
type EgressRule struct { // Selects Namespaces using cluster-scoped labels. This field follows standard label // selector semantics; if present but empty, it selects all namespaces. NamespaceSelector *slimv1.LabelSelector `json:"namespaceSelector,omitempty"` // This is a label selector which selects Pods. This field follows standard label // selector semantics; if present but empty, it selects all pods. PodSelector *slimv1.LabelSelector `json:"podSelector,omitempty"` }
func (*EgressRule) DeepCopy ¶
func (in *EgressRule) DeepCopy() *EgressRule
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressRule.
func (*EgressRule) DeepCopyInto ¶
func (in *EgressRule) DeepCopyInto(out *EgressRule)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EgressRule) DeepEqual ¶
func (in *EgressRule) DeepEqual(other *EgressRule) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EncryptionSpec ¶
type EncryptionSpec struct { // Key is the index to the key to use for encryption or 0 if encryption is // disabled. // // +kubebuilder:validation:Optional Key int `json:"key,omitempty"` }
EncryptionSpec defines the encryption relevant configuration of a node.
func (*EncryptionSpec) DeepCopy ¶
func (in *EncryptionSpec) DeepCopy() *EncryptionSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionSpec.
func (*EncryptionSpec) DeepCopyInto ¶
func (in *EncryptionSpec) DeepCopyInto(out *EncryptionSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EncryptionSpec) DeepEqual ¶
func (in *EncryptionSpec) DeepEqual(other *EncryptionSpec) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EndpointIdentity ¶
type EndpointIdentity struct { // ID is the numeric identity of the endpoint ID int64 `json:"id,omitempty"` // Labels is the list of labels associated with the identity Labels []string `json:"labels,omitempty"` }
EndpointIdentity is the identity information of an endpoint.
func (*EndpointIdentity) DeepCopy ¶
func (in *EndpointIdentity) DeepCopy() *EndpointIdentity
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointIdentity.
func (*EndpointIdentity) DeepCopyInto ¶
func (in *EndpointIdentity) DeepCopyInto(out *EndpointIdentity)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EndpointIdentity) DeepEqual ¶
func (in *EndpointIdentity) DeepEqual(other *EndpointIdentity) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EndpointNetworking ¶
type EndpointNetworking struct { // IP4/6 addresses assigned to this Endpoint Addressing AddressPairList `json:"addressing"` // NodeIP is the IP of the node the endpoint is running on. The IP must // be reachable between nodes. NodeIP string `json:"node,omitempty"` }
EndpointNetworking is the addressing information of an endpoint.
func (*EndpointNetworking) DeepCopy ¶
func (in *EndpointNetworking) DeepCopy() *EndpointNetworking
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointNetworking.
func (*EndpointNetworking) DeepCopyInto ¶
func (in *EndpointNetworking) DeepCopyInto(out *EndpointNetworking)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EndpointNetworking) DeepEqual ¶
func (in *EndpointNetworking) DeepEqual(other *EndpointNetworking) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EndpointPolicy ¶
type EndpointPolicy struct { Ingress *EndpointPolicyDirection `json:"ingress,omitempty"` Egress *EndpointPolicyDirection `json:"egress,omitempty"` }
EndpointPolicy represents the endpoint's policy by listing all allowed ingress and egress identities in combination with L4 port and protocol.
func (*EndpointPolicy) DeepCopy ¶
func (in *EndpointPolicy) DeepCopy() *EndpointPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointPolicy.
func (*EndpointPolicy) DeepCopyInto ¶
func (in *EndpointPolicy) DeepCopyInto(out *EndpointPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EndpointPolicy) DeepEqual ¶
func (in *EndpointPolicy) DeepEqual(other *EndpointPolicy) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EndpointPolicyDirection ¶
type EndpointPolicyDirection struct { Enforcing bool `json:"enforcing"` Allowed AllowedIdentityList `json:"allowed,omitempty"` Denied DenyIdentityList `json:"denied,omitempty"` // Deprecated Removing AllowedIdentityList `json:"removing,omitempty"` // Deprecated Adding AllowedIdentityList `json:"adding,omitempty"` State EndpointPolicyState `json:"state,omitempty"` }
EndpointPolicyDirection is the list of allowed identities per direction.
func (*EndpointPolicyDirection) DeepCopy ¶
func (in *EndpointPolicyDirection) DeepCopy() *EndpointPolicyDirection
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointPolicyDirection.
func (*EndpointPolicyDirection) DeepCopyInto ¶
func (in *EndpointPolicyDirection) DeepCopyInto(out *EndpointPolicyDirection)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EndpointPolicyDirection) DeepEqual ¶
func (in *EndpointPolicyDirection) DeepEqual(other *EndpointPolicyDirection) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type EndpointPolicyState ¶
type EndpointPolicyState string
EndpointPolicyState defines the state of the Policy mode: "enforcing", "non-enforcing", "disabled"
type EndpointStatus ¶
type EndpointStatus struct { // ID is the cilium-agent-local ID of the endpoint. ID int64 `json:"id,omitempty"` // Controllers is the list of failing controllers for this endpoint. Controllers ControllerList `json:"controllers,omitempty"` // ExternalIdentifiers is a set of identifiers to identify the endpoint // apart from the pod name. This includes container runtime IDs. ExternalIdentifiers *models.EndpointIdentifiers `json:"external-identifiers,omitempty"` // Health is the overall endpoint & subcomponent health. Health *models.EndpointHealth `json:"health,omitempty"` // Identity is the security identity associated with the endpoint Identity *EndpointIdentity `json:"identity,omitempty"` // Log is the list of the last few warning and error log entries Log []*models.EndpointStatusChange `json:"log,omitempty"` // Networking is the networking properties of the endpoint. // // +kubebuilder:validation:Optional Networking *EndpointNetworking `json:"networking,omitempty"` // Encryption is the encryption configuration of the node // // +kubebuilder:validation:Optional Encryption EncryptionSpec `json:"encryption,omitempty"` Policy *EndpointPolicy `json:"policy,omitempty"` VisibilityPolicyStatus *string `json:"visibility-policy-status,omitempty"` // State is the state of the endpoint. // // +kubebuilder:validation:Enum=creating;waiting-for-identity;not-ready;waiting-to-regenerate;regenerating;restoring;ready;disconnecting;disconnected;invalid State string `json:"state,omitempty"` NamedPorts models.NamedPorts `json:"named-ports,omitempty"` }
EndpointStatus is the status of a Cilium endpoint.
func (*EndpointStatus) DeepCopy ¶
func (in *EndpointStatus) DeepCopy() *EndpointStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointStatus.
func (*EndpointStatus) DeepCopyInto ¶
func (in *EndpointStatus) DeepCopyInto(out *EndpointStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EndpointStatus) DeepEqual ¶
func (in *EndpointStatus) DeepEqual(other *EndpointStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type ErrParse ¶
type ErrParse struct {
// contains filtered or unexported fields
}
ErrParse is an error to describe where policy fails to parse due any invalid rule.
+k8s:deepcopy-gen=false +deepequal-gen=false
type Frontend ¶
type Frontend struct { // IP is a destination ip address for traffic to be redirected. // // Example: // When it is set to "169.254.169.254", traffic destined to // "169.254.169.254" is redirected. // // +kubebuilder:validation:Pattern=`((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))` // +kubebuilder:validation:Required IP string `json:"ip"` // ToPorts is a list of destination L4 ports with protocol for traffic // to be redirected. // When multiple ports are specified, the ports must be named. // // Example: // When set to Port: "53" and Protocol: UDP, traffic destined to port '53' // with UDP protocol is redirected. // // +kubebuilder:validation:Required ToPorts []PortInfo `json:"toPorts"` }
func (*Frontend) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Frontend.
func (*Frontend) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HealthAddressingSpec ¶
type HealthAddressingSpec struct { // IPv4 is the IPv4 address of the IPv4 health endpoint. // // +kubebuilder:validation:Optional IPv4 string `json:"ipv4,omitempty"` // IPv6 is the IPv6 address of the IPv4 health endpoint. // // +kubebuilder:validation:Optional IPv6 string `json:"ipv6,omitempty"` }
HealthAddressingSpec is the addressing information required to do connectivity health checking.
func (*HealthAddressingSpec) DeepCopy ¶
func (in *HealthAddressingSpec) DeepCopy() *HealthAddressingSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthAddressingSpec.
func (*HealthAddressingSpec) DeepCopyInto ¶
func (in *HealthAddressingSpec) DeepCopyInto(out *HealthAddressingSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HealthAddressingSpec) DeepEqual ¶
func (in *HealthAddressingSpec) DeepEqual(other *HealthAddressingSpec) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type IPv4CIDR ¶
type IPv4CIDR string
+kubebuilder:validation:Pattern=`^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([0-9]|[1-2][0-9]|3[0-2])$`
type IdentityList ¶
type IdentityList []IdentityTuple
IdentityList is a list of IdentityTuple.
func (*IdentityList) DeepEqual ¶
func (in *IdentityList) DeepEqual(other *IdentityList) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
func (IdentityList) Sort ¶
func (a IdentityList) Sort()
Sort sorts a list IdentityList by numeric identity, port and protocol.
type IdentityTuple ¶
type IdentityTuple struct { Identity uint64 `json:"identity,omitempty"` IdentityLabels map[string]string `json:"identity-labels,omitempty"` DestPort uint16 `json:"dest-port,omitempty"` Protocol uint8 `json:"protocol,omitempty"` }
IdentityTuple specifies a peer by identity, destination port and protocol.
func (*IdentityTuple) DeepCopy ¶
func (in *IdentityTuple) DeepCopy() *IdentityTuple
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityTuple.
func (*IdentityTuple) DeepCopyInto ¶
func (in *IdentityTuple) DeepCopyInto(out *IdentityTuple)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IdentityTuple) DeepEqual ¶
func (in *IdentityTuple) DeepEqual(other *IdentityTuple) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type NodeAddress ¶
type NodeAddress struct { // Type is the type of the node address Type addressing.AddressType `json:"type,omitempty"` // IP is an IP of a node IP string `json:"ip,omitempty"` }
NodeAddress is a node address.
func (*NodeAddress) DeepCopy ¶
func (in *NodeAddress) DeepCopy() *NodeAddress
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAddress.
func (*NodeAddress) DeepCopyInto ¶
func (in *NodeAddress) DeepCopyInto(out *NodeAddress)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NodeAddress) DeepEqual ¶
func (in *NodeAddress) DeepEqual(other *NodeAddress) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type NodeSpec ¶
type NodeSpec struct { // InstanceID is the identifier of the node. This is different from the // node name which is typically the FQDN of the node. The InstanceID // typically refers to the identifier used by the cloud provider or // some other means of identification. InstanceID string `json:"instance-id,omitempty"` // BootID is a unique node identifier generated on boot // // +kubebuilder:validation:Optional BootID string `json:"bootid,omitempty"` // Addresses is the list of all node addresses. // // +kubebuilder:validation:Optional Addresses []NodeAddress `json:"addresses,omitempty"` // HealthAddressing is the addressing information for health connectivity // checking. // // +kubebuilder:validation:Optional HealthAddressing HealthAddressingSpec `json:"health,omitempty"` // IngressAddressing is the addressing information for Ingress listener. // // +kubebuilder:validation:Optional IngressAddressing AddressPair `json:"ingress,omitempty"` // Encryption is the encryption configuration of the node. // // +kubebuilder:validation:Optional Encryption EncryptionSpec `json:"encryption,omitempty"` // ENI is the AWS ENI specific configuration. // // +kubebuilder:validation:Optional ENI eniTypes.ENISpec `json:"eni,omitempty"` // Azure is the Azure IPAM specific configuration. // // +kubebuilder:validation:Optional Azure azureTypes.AzureSpec `json:"azure,omitempty"` // AlibabaCloud is the AlibabaCloud IPAM specific configuration. // // +kubebuilder:validation:Optional AlibabaCloud alibabaCloudTypes.Spec `json:"alibaba-cloud,omitempty"` // IPAM is the address management specification. This section can be // populated by a user or it can be automatically populated by an IPAM // operator. // // +kubebuilder:validation:Optional IPAM ipamTypes.IPAMSpec `json:"ipam,omitempty"` // NodeIdentity is the Cilium numeric identity allocated for the node, if any. // // +kubebuilder:validation:Optional NodeIdentity uint64 `json:"nodeidentity,omitempty"` }
NodeSpec is the configuration specific to a node.
func (*NodeSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSpec.
func (*NodeSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeStatus ¶
type NodeStatus struct { // ENI is the AWS ENI specific status of the node. // // +kubebuilder:validation:Optional ENI eniTypes.ENIStatus `json:"eni,omitempty"` // Azure is the Azure specific status of the node. // // +kubebuilder:validation:Optional Azure azureTypes.AzureStatus `json:"azure,omitempty"` // IPAM is the IPAM status of the node. // // +kubebuilder:validation:Optional IPAM ipamTypes.IPAMStatus `json:"ipam,omitempty"` // AlibabaCloud is the AlibabaCloud specific status of the node. // // +kubebuilder:validation:Optional AlibabaCloud alibabaCloudTypes.ENIStatus `json:"alibaba-cloud,omitempty"` }
NodeStatus is the status of a node.
func (*NodeStatus) DeepCopy ¶
func (in *NodeStatus) DeepCopy() *NodeStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeStatus.
func (*NodeStatus) DeepCopyInto ¶
func (in *NodeStatus) DeepCopyInto(out *NodeStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NodeStatus) DeepEqual ¶
func (in *NodeStatus) DeepEqual(other *NodeStatus) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type PortInfo ¶
type PortInfo struct { // Port is an L4 port number. The string will be strictly parsed as a single uint16. // // +kubebuilder:validation:Pattern=`^()([1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5])$` // +kubebuilder:validation:Required Port string `json:"port"` // Protocol is the L4 protocol. // Accepted values: "TCP", "UDP" // // +kubebuilder:validation:Enum=TCP;UDP // +kubebuilder:validation:Required Protocol api.L4Proto `json:"protocol"` // Name is a port name, which must contain at least one [a-z], // and may also contain [0-9] and '-' anywhere except adjacent to another // '-' or in the beginning or the end. // // +kubebuilder:validation:Pattern=`^([0-9]{1,4})|([a-zA-Z0-9]-?)*[a-zA-Z](-?[a-zA-Z0-9])*$` // +kubebuilder:validation:Optional Name string `json:"name"` }
PortInfo specifies L4 port number and name along with the transport protocol
func (*PortInfo) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortInfo.
func (*PortInfo) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RedirectBackend ¶
type RedirectBackend struct { // LocalEndpointSelector selects node local pod(s) where traffic is redirected to. // // +kubebuilder:validation:Required LocalEndpointSelector slim_metav1.LabelSelector `json:"localEndpointSelector"` // ToPorts is a list of L4 ports with protocol of node local pod(s) where traffic // is redirected to. // When multiple ports are specified, the ports must be named. // // +kubebuilder:validation:Required ToPorts []PortInfo `json:"toPorts"` }
RedirectBackend is a backend configuration that determines where traffic needs to be redirected to.
func (*RedirectBackend) DeepCopy ¶
func (in *RedirectBackend) DeepCopy() *RedirectBackend
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedirectBackend.
func (*RedirectBackend) DeepCopyInto ¶
func (in *RedirectBackend) DeepCopyInto(out *RedirectBackend)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RedirectBackend) DeepEqual ¶
func (in *RedirectBackend) DeepEqual(other *RedirectBackend) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type RedirectFrontend ¶
type RedirectFrontend struct { // AddressMatcher is a tuple {IP, port, protocol} that matches traffic to be // redirected. // // +kubebuilder:validation:OneOf AddressMatcher *Frontend `json:"addressMatcher,omitempty"` // ServiceMatcher specifies Kubernetes service and port that matches // traffic to be redirected. // // +kubebuilder:validation:OneOf ServiceMatcher *ServiceInfo `json:"serviceMatcher,omitempty"` }
RedirectFrontend is a frontend configuration that matches traffic that needs to be redirected. The configuration must be specified using a ip/port tuple or a Kubernetes service.
func (*RedirectFrontend) DeepCopy ¶
func (in *RedirectFrontend) DeepCopy() *RedirectFrontend
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedirectFrontend.
func (*RedirectFrontend) DeepCopyInto ¶
func (in *RedirectFrontend) DeepCopyInto(out *RedirectFrontend)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RedirectFrontend) DeepEqual ¶
func (in *RedirectFrontend) DeepEqual(other *RedirectFrontend) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type Service ¶
type Service struct { // Name is the name of a destination Kubernetes service that identifies traffic // to be redirected. // // +kubebuilder:validation:Required Name string `json:"name"` // Namespace is the Kubernetes service namespace. // In CiliumEnvoyConfig namespace defaults to the namespace of the CEC, // In CiliumClusterwideEnvoyConfig namespace defaults to "default". // +kubebuilder:validation:Optional Namespace string `json:"namespace"` // Port is the port number, which can be used for filtering in case of underlying // is exposing multiple port numbers. // // +kubebuilder:validation:Optional Ports []string `json:"number,omitempty"` }
func (*Service) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Service.
func (*Service) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ServiceInfo ¶
type ServiceInfo struct { // Name is the name of a destination Kubernetes service that identifies traffic // to be redirected. // The service type needs to be ClusterIP. // // Example: // When this field is populated with 'serviceName:myService', all the traffic // destined to the cluster IP of this service at the (specified) // service port(s) will be redirected. // // +kubebuilder:validation:Required Name string `json:"serviceName"` // Namespace is the Kubernetes service namespace. // The service namespace must match the namespace of the parent Local // Redirect Policy. For Cluster-wide Local Redirect Policy, this // can be any namespace. // +kubebuilder:validation:Required Namespace string `json:"namespace"` // ToPorts is a list of destination service L4 ports with protocol for // traffic to be redirected. If not specified, traffic for all the service // ports will be redirected. // When multiple ports are specified, the ports must be named. // // +kubebuilder:validation:Optional ToPorts []PortInfo `json:"toPorts,omitempty"` }
func (*ServiceInfo) DeepCopy ¶
func (in *ServiceInfo) DeepCopy() *ServiceInfo
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceInfo.
func (*ServiceInfo) DeepCopyInto ¶
func (in *ServiceInfo) DeepCopyInto(out *ServiceInfo)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ServiceInfo) DeepEqual ¶
func (in *ServiceInfo) DeepEqual(other *ServiceInfo) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type ServiceListener ¶
type ServiceListener struct { // Name is the name of a destination Kubernetes service that identifies traffic // to be redirected. // // +kubebuilder:validation:Required Name string `json:"name"` // Namespace is the Kubernetes service namespace. // In CiliumEnvoyConfig namespace this is overridden to the namespace of the CEC, // In CiliumClusterwideEnvoyConfig namespace defaults to "default". // +kubebuilder:validation:Optional Namespace string `json:"namespace"` // Listener specifies the name of the Envoy listener the // service traffic is redirected to. The listener must be // specified in the Envoy 'resources' of the same // CiliumEnvoyConfig. // // If omitted, the first listener specified in 'resources' is // used. // // +kubebuilder:validation:Optional Listener string `json:"listener"` }
func (*ServiceListener) DeepCopy ¶
func (in *ServiceListener) DeepCopy() *ServiceListener
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceListener.
func (*ServiceListener) DeepCopyInto ¶
func (in *ServiceListener) DeepCopyInto(out *ServiceListener)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ServiceListener) DeepEqual ¶
func (in *ServiceListener) DeepEqual(other *ServiceListener) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type XDSResource ¶
+kubebuilder:pruning:PreserveUnknownFields
func (*XDSResource) DeepCopy ¶
func (in *XDSResource) DeepCopy() *XDSResource
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XDSResource.
func (*XDSResource) DeepCopyInto ¶
func (in *XDSResource) DeepCopyInto(out *XDSResource)
DeepCopyInto deep copies 'in' into 'out'.
func (*XDSResource) DeepEqual ¶
func (a *XDSResource) DeepEqual(b *XDSResource) bool
DeepEqual returns 'true' if 'a' and 'b' are equal.
func (*XDSResource) MarshalJSON ¶
func (u *XDSResource) MarshalJSON() ([]byte, error)
MarshalJSON ensures that the unstructured object produces proper JSON when passed to Go's standard JSON library.
func (*XDSResource) UnmarshalJSON ¶
func (u *XDSResource) UnmarshalJSON(b []byte) (err error)
UnmarshalJSON ensures that the unstructured object properly decodes JSON when passed to Go's standard JSON library.