v2

package
v1.16.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 20, 2024 License: Apache-2.0 Imports: 34 Imported by: 141

Documentation

Overview

Package v2 is the v2 version of the API. +groupName=cilium.io

Index

Constants

View Source
const (
	// CustomResourceDefinitionGroup is the name of the third party resource group
	CustomResourceDefinitionGroup = k8sconst.CustomResourceDefinitionGroup

	// CustomResourceDefinitionVersion is the current version of the resource
	CustomResourceDefinitionVersion = "v2"

	// CNPPluralName is the plural name of Cilium Network Policy
	CNPPluralName = "ciliumnetworkpolicies"

	// CNPKindDefinition is the kind name for Cilium Network Policy
	CNPKindDefinition = "CiliumNetworkPolicy"

	// CNPName is the full name of Cilium Network Policy
	CNPName = CNPPluralName + "." + CustomResourceDefinitionGroup

	// CCNPPluralName is the plural name of Cilium Cluster wide Network Policy
	CCNPPluralName = "ciliumclusterwidenetworkpolicies"

	// CCNPKindDefinition is the kind name for Cilium Cluster wide Network Policy
	CCNPKindDefinition = "CiliumClusterwideNetworkPolicy"

	// CCNPName is the full name of Cilium Cluster wide Network Policy
	CCNPName = CCNPPluralName + "." + CustomResourceDefinitionGroup

	// CEGPPluralName is the plural name of Cilium Egress Gateway Policy
	CEGPPluralName = "ciliumegressgatewaypolicies"

	// CEGPKindDefinition is the kind name of Cilium Egress Gateway Policy
	CEGPKindDefinition = "CiliumEgressGatewayPolicy"

	// CEGPName is the full name of Cilium Egress Gateway Policy
	CEGPName = CEGPPluralName + "." + CustomResourceDefinitionGroup

	// CEPluralName is the plural name of Cilium Endpoint
	CEPPluralName = "ciliumendpoints"

	// CEKindDefinition is the kind name for Cilium Endpoint
	CEPKindDefinition = "CiliumEndpoint"

	// CEPName is the full name of Cilium Endpoint
	CEPName = CEPPluralName + "." + CustomResourceDefinitionGroup

	// CNPluralName is the plural name of Cilium Node
	CNPluralName = "ciliumnodes"

	// CNKindDefinition is the kind name for Cilium Node
	CNKindDefinition = "CiliumNode"

	// CNName is the full name of Cilium Node
	CNName = CNPluralName + "." + CustomResourceDefinitionGroup

	// CIDPluralName is the plural name of Cilium Identity
	CIDPluralName = "ciliumidentities"

	// CIDKindDefinition is the kind name for Cilium Identity
	CIDKindDefinition = "CiliumIdentity"

	// CIDName is the full name of Cilium Identity
	CIDName = CIDPluralName + "." + CustomResourceDefinitionGroup

	// CLRPPluralName is the plural name of Local Redirect Policy
	CLRPPluralName = "ciliumlocalredirectpolicies"

	// CLRPKindDefinition is the kind name for Local Redirect Policy
	CLRPKindDefinition = "CiliumLocalRedirectPolicy"

	// CLRPName is the full name of Local Redirect Policy
	CLRPName = CLRPPluralName + "." + CustomResourceDefinitionGroup

	// CEWPluralName is the plural name of Cilium External Workload
	CEWPluralName = "ciliumexternalworkloads"

	// CEWKindDefinition is the kind name for Cilium External Workload
	CEWKindDefinition = "CiliumExternalWorkload"

	// CEWName is the full name of Cilium External Workload
	CEWName = CEWPluralName + "." + CustomResourceDefinitionGroup

	// CCECPluralName is the plural name of Cilium Clusterwide Envoy Config
	CCECPluralName = "ciliumclusterwideenvoyconfigs"

	// CCECKindDefinition is the kind name of Cilium Clusterwide Envoy Config
	CCECKindDefinition = "CiliumClusterwideEnvoyConfig"

	// CCECName is the full name of Cilium Clusterwide Envoy Config
	CCECName = CCECPluralName + "." + CustomResourceDefinitionGroup

	// CECPluralName is the plural name of Cilium Envoy Config
	CECPluralName = "ciliumenvoyconfigs"

	// CECKindDefinition is the kind name of Cilium Envoy Config
	CECKindDefinition = "CiliumEnvoyConfig"

	// CECName is the full name of Cilium Envoy Config
	CECName = CECPluralName + "." + CustomResourceDefinitionGroup

	// CNCPluralName is the plural name of Cilium Node Config
	CNCPluralName = "ciliumnodeconfigs"

	// CNCKindDefinition is the kind name of Cilium Node Config
	CNCKindDefinition = "CiliumNodeConfig"

	// CNCName is the full name of Cilium Node Config
	CNCName = CNCPluralName + "." + CustomResourceDefinitionGroup
)

Variables

View Source
var (
	// ErrEmptyCNP is an error representing a CNP that is empty, which means it is
	// missing both a `spec` and `specs` (both are nil).
	ErrEmptyCNP = NewErrParse("Invalid CiliumNetworkPolicy spec(s): empty policy")

	// ErrEmptyCCNP is an error representing a CCNP that is empty, which means it is
	// missing both a `spec` and `specs` (both are nil).
	ErrEmptyCCNP = NewErrParse("Invalid CiliumClusterwideNetworkPolicy spec(s): empty policy")

	// ParsingErr is for comparison when checking error types.
	ParsingErr = NewErrParse("")
)
View Source
var (
	// SchemeBuilder is needed by DeepCopy generator.
	SchemeBuilder runtime.SchemeBuilder

	// AddToScheme adds all types of this clientset into the given scheme.
	// This allows composition of clientsets, like in:
	//
	//   import (
	//     "k8s.io/client-go/kubernetes"
	//     clientsetscheme "k8s.io/client-go/kubernetes/scheme"
	//     aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
	//   )
	//
	//   kclientset, _ := kubernetes.NewForConfig(c)
	//   aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme)
	AddToScheme = localSchemeBuilder.AddToScheme
)

SchemeGroupVersion is group version used to register these objects

Functions

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type AddressPair

type AddressPair struct {
	IPV4 string `json:"ipv4,omitempty"`
	IPV6 string `json:"ipv6,omitempty"`
}

AddressPair is a pair of IPv4 and/or IPv6 address.

func (*AddressPair) DeepEqual

func (in *AddressPair) DeepEqual(other *AddressPair) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type AddressPairList

type AddressPairList []*AddressPair

AddressPairList is a list of address pairs.

func (*AddressPairList) DeepEqual

func (in *AddressPairList) DeepEqual(other *AddressPairList) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (AddressPairList) Sort

func (a AddressPairList) Sort()

Sort sorts an AddressPairList by IPv4 and IPv6 address.

type AllowedIdentityList

type AllowedIdentityList IdentityList

AllowedIdentityList is a list of IdentityTuples that species peers that are allowed.

func (*AllowedIdentityList) DeepEqual

func (in *AllowedIdentityList) DeepEqual(other *AllowedIdentityList) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (AllowedIdentityList) Sort

func (a AllowedIdentityList) Sort()

Sort sorts a list IdentityList by numeric identity, port and protocol.

type CiliumClusterwideEnvoyConfig

type CiliumClusterwideEnvoyConfig struct {
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// +k8s:openapi-gen=false
	Spec CiliumEnvoyConfigSpec `json:"spec,omitempty"`
}

func (*CiliumClusterwideEnvoyConfig) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideEnvoyConfig.

func (*CiliumClusterwideEnvoyConfig) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumClusterwideEnvoyConfig) DeepCopyObject

func (in *CiliumClusterwideEnvoyConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumClusterwideEnvoyConfig) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumClusterwideEnvoyConfigList

type CiliumClusterwideEnvoyConfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumClusterwideEnvoyConfig.
	Items []CiliumClusterwideEnvoyConfig `json:"items"`
}

CiliumClusterwideEnvoyConfigList is a list of CiliumClusterwideEnvoyConfig objects.

func (*CiliumClusterwideEnvoyConfigList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideEnvoyConfigList.

func (*CiliumClusterwideEnvoyConfigList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumClusterwideEnvoyConfigList) DeepCopyObject

func (in *CiliumClusterwideEnvoyConfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumClusterwideNetworkPolicy

type CiliumClusterwideNetworkPolicy struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// Spec is the desired Cilium specific rule specification.
	Spec *api.Rule `json:"spec,omitempty"`

	// Specs is a list of desired Cilium specific rule specification.
	Specs api.Rules `json:"specs,omitempty"`

	// Status is the status of the Cilium policy rule.
	//
	// The reason this field exists in this structure is due a bug in the k8s
	// code-generator that doesn't create a `UpdateStatus` method because the
	// field does not exist in the structure.
	//
	// +kubebuilder:validation:Optional
	Status CiliumNetworkPolicyStatus `json:"status"`
}

CiliumClusterwideNetworkPolicy is a Kubernetes third-party resource with an modified version of CiliumNetworkPolicy which is cluster scoped rather than namespace scoped.

func (*CiliumClusterwideNetworkPolicy) AnnotationsEquals

AnnotationsEquals returns true if ObjectMeta.Annotations of each CiliumClusterwideNetworkPolicy are equivalent (i.e., they contain equivalent key-value pairs).

func (*CiliumClusterwideNetworkPolicy) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideNetworkPolicy.

func (*CiliumClusterwideNetworkPolicy) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumClusterwideNetworkPolicy) DeepCopyObject

func (in *CiliumClusterwideNetworkPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumClusterwideNetworkPolicy) DeepEqual

DeepEqual compares 2 CCNPs while ignoring the LastAppliedConfigAnnotation and ignoring the Status field of the CCNP.

func (*CiliumClusterwideNetworkPolicy) Parse

Parse parses a CiliumClusterwideNetworkPolicy and returns a list of cilium policy rules.

func (*CiliumClusterwideNetworkPolicy) SetDerivedPolicyStatus

func (r *CiliumClusterwideNetworkPolicy) SetDerivedPolicyStatus(derivativePolicyName string, status CiliumNetworkPolicyNodeStatus)

SetDerivedPolicyStatus set the derivative policy status for the given derivative policy name.

type CiliumClusterwideNetworkPolicyList

type CiliumClusterwideNetworkPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumClusterwideNetworkPolicies.
	Items []CiliumClusterwideNetworkPolicy `json:"items"`
}

CiliumClusterwideNetworkPolicyList is a list of CiliumClusterwideNetworkPolicy objects.

func (*CiliumClusterwideNetworkPolicyList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumClusterwideNetworkPolicyList.

func (*CiliumClusterwideNetworkPolicyList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumClusterwideNetworkPolicyList) DeepCopyObject

func (in *CiliumClusterwideNetworkPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumEgressGatewayPolicy

type CiliumEgressGatewayPolicy struct {
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	Spec CiliumEgressGatewayPolicySpec `json:"spec,omitempty"`
}

func (*CiliumEgressGatewayPolicy) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEgressGatewayPolicy.

func (*CiliumEgressGatewayPolicy) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEgressGatewayPolicy) DeepCopyObject

func (in *CiliumEgressGatewayPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumEgressGatewayPolicy) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumEgressGatewayPolicyList

type CiliumEgressGatewayPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumEgressGatewayPolicy.
	Items []CiliumEgressGatewayPolicy `json:"items"`
}

CiliumEgressGatewayPolicyList is a list of CiliumEgressGatewayPolicy objects.

func (*CiliumEgressGatewayPolicyList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEgressGatewayPolicyList.

func (*CiliumEgressGatewayPolicyList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEgressGatewayPolicyList) DeepCopyObject

func (in *CiliumEgressGatewayPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumEgressGatewayPolicySpec

type CiliumEgressGatewayPolicySpec struct {
	// Egress represents a list of rules by which egress traffic is
	// filtered from the source pods.
	Selectors []EgressRule `json:"selectors"`

	// DestinationCIDRs is a list of destination CIDRs for destination IP addresses.
	// If a destination IP matches any one CIDR, it will be selected.
	DestinationCIDRs []IPv4CIDR `json:"destinationCIDRs"`

	// ExcludedCIDRs is a list of destination CIDRs that will be excluded
	// from the egress gateway redirection and SNAT logic.
	// Should be a subset of destinationCIDRs otherwise it will not have any
	// effect.
	//
	// +kubebuilder:validation:Optional
	ExcludedCIDRs []IPv4CIDR `json:"excludedCIDRs"`

	// EgressGateway is the gateway node responsible for SNATing traffic.
	EgressGateway *EgressGateway `json:"egressGateway"`
}

func (*CiliumEgressGatewayPolicySpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEgressGatewayPolicySpec.

func (*CiliumEgressGatewayPolicySpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEgressGatewayPolicySpec) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumEndpoint

type CiliumEndpoint struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// +kubebuilder:validation:Optional
	Status EndpointStatus `json:"status"`
}

CiliumEndpoint is the status of a Cilium policy rule.

func (*CiliumEndpoint) DeepCopy

func (in *CiliumEndpoint) DeepCopy() *CiliumEndpoint

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEndpoint.

func (*CiliumEndpoint) DeepCopyInto

func (in *CiliumEndpoint) DeepCopyInto(out *CiliumEndpoint)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEndpoint) DeepCopyObject

func (in *CiliumEndpoint) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumEndpoint) DeepEqual

func (in *CiliumEndpoint) DeepEqual(other *CiliumEndpoint) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumEndpointList

type CiliumEndpointList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumEndpoint
	Items []CiliumEndpoint `json:"items"`
}

CiliumEndpointList is a list of CiliumEndpoint objects.

func (*CiliumEndpointList) DeepCopy

func (in *CiliumEndpointList) DeepCopy() *CiliumEndpointList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEndpointList.

func (*CiliumEndpointList) DeepCopyInto

func (in *CiliumEndpointList) DeepCopyInto(out *CiliumEndpointList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEndpointList) DeepCopyObject

func (in *CiliumEndpointList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumEnvoyConfig

type CiliumEnvoyConfig struct {
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// +k8s:openapi-gen=false
	Spec CiliumEnvoyConfigSpec `json:"spec,omitempty"`
}

func (*CiliumEnvoyConfig) DeepCopy

func (in *CiliumEnvoyConfig) DeepCopy() *CiliumEnvoyConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEnvoyConfig.

func (*CiliumEnvoyConfig) DeepCopyInto

func (in *CiliumEnvoyConfig) DeepCopyInto(out *CiliumEnvoyConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEnvoyConfig) DeepCopyObject

func (in *CiliumEnvoyConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumEnvoyConfig) DeepEqual

func (in *CiliumEnvoyConfig) DeepEqual(other *CiliumEnvoyConfig) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumEnvoyConfigList

type CiliumEnvoyConfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumEnvoyConfig.
	Items []CiliumEnvoyConfig `json:"items"`
}

CiliumEnvoyConfigList is a list of CiliumEnvoyConfig objects.

func (*CiliumEnvoyConfigList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEnvoyConfigList.

func (*CiliumEnvoyConfigList) DeepCopyInto

func (in *CiliumEnvoyConfigList) DeepCopyInto(out *CiliumEnvoyConfigList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEnvoyConfigList) DeepCopyObject

func (in *CiliumEnvoyConfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumEnvoyConfigSpec

type CiliumEnvoyConfigSpec struct {
	// Services specifies Kubernetes services for which traffic is
	// forwarded to an Envoy listener for L7 load balancing. Backends
	// of these services are automatically synced to Envoy usign EDS.
	//
	// +kubebuilder:validation:Optional
	Services []*ServiceListener `json:"services,omitempty"`

	// BackendServices specifies Kubernetes services whose backends
	// are automatically synced to Envoy using EDS.  Traffic for these
	// services is not forwarded to an Envoy listener. This allows an
	// Envoy listener load balance traffic to these backends while
	// normal Cilium service load balancing takes care of balancing
	// traffic for these services at the same time.
	//
	// +kubebuilder:validation:Optional
	BackendServices []*Service `json:"backendServices,omitempty"`

	// Envoy xDS resources, a list of the following Envoy resource types:
	// type.googleapis.com/envoy.config.listener.v3.Listener,
	// type.googleapis.com/envoy.config.route.v3.RouteConfiguration,
	// type.googleapis.com/envoy.config.cluster.v3.Cluster,
	// type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment, and
	// type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret.
	//
	// +kubebuilder:validation:Required
	Resources []XDSResource `json:"resources,omitempty"`

	// NodeSelector is a label selector that determines to which nodes
	// this configuration applies.
	// If nil, then this config applies to all nodes.
	//
	// +kubebuilder:validation:Optional
	NodeSelector *slim_metav1.LabelSelector `json:"nodeSelector,omitempty"`
}

func (*CiliumEnvoyConfigSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumEnvoyConfigSpec.

func (*CiliumEnvoyConfigSpec) DeepCopyInto

func (in *CiliumEnvoyConfigSpec) DeepCopyInto(out *CiliumEnvoyConfigSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumEnvoyConfigSpec) DeepEqual

func (in *CiliumEnvoyConfigSpec) DeepEqual(other *CiliumEnvoyConfigSpec) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumExternalWorkload

type CiliumExternalWorkload struct {
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// Spec is the desired configuration of the external Cilium workload.
	Spec CiliumExternalWorkloadSpec `json:"spec,omitempty"`

	// Status is the most recent status of the external Cilium workload.
	// It is a read-only field.
	//
	// +deepequal-gen=false
	// +kubebuilder:validation:Optional
	Status CiliumExternalWorkloadStatus `json:"status"`
}

CiliumExternalWorkload is a Kubernetes Custom Resource that contains a specification for an external workload that can join the cluster. The name of the CRD is the FQDN of the external workload, and it needs to match the name in the workload registration. The labels on the CRD object are the labels that will be used to allocate a Cilium Identity for the external workload. If 'io.kubernetes.pod.namespace' or 'io.kubernetes.pod.name' labels are not explicitly specified, they will be defaulted to 'default' and <workload name>, respectively. 'io.cilium.k8s.policy.cluster' will always be defined as the name of the current cluster, which defaults to "default".

func (*CiliumExternalWorkload) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkload.

func (*CiliumExternalWorkload) DeepCopyInto

func (in *CiliumExternalWorkload) DeepCopyInto(out *CiliumExternalWorkload)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumExternalWorkload) DeepCopyObject

func (in *CiliumExternalWorkload) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumExternalWorkload) DeepEqual

func (in *CiliumExternalWorkload) DeepEqual(other *CiliumExternalWorkload) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumExternalWorkloadList

type CiliumExternalWorkloadList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumExternalWorkload
	Items []CiliumExternalWorkload `json:"items"`
}

CiliumExternalWorkloadList is a list of CiliumExternalWorkload objects.

func (*CiliumExternalWorkloadList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkloadList.

func (*CiliumExternalWorkloadList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumExternalWorkloadList) DeepCopyObject

func (in *CiliumExternalWorkloadList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumExternalWorkloadSpec

type CiliumExternalWorkloadSpec struct {
	// IPv4AllocCIDR is the range of IPv4 addresses in the CIDR format that the external workload can
	// use to allocate IP addresses for the tunnel device and the health endpoint.
	//
	// +kubebuilder:validation:Pattern=`^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([0-9]|[1-2][0-9]|3[0-2])$`
	IPv4AllocCIDR string `json:"ipv4-alloc-cidr,omitempty"`

	// IPv6AllocCIDR is the range of IPv6 addresses in the CIDR format that the external workload can
	// use to allocate IP addresses for the tunnel device and the health endpoint.
	//
	// +kubebuilder:validation:Pattern=`^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$`
	IPv6AllocCIDR string `json:"ipv6-alloc-cidr,omitempty"`
}

CiliumExternalWorkloadSpec specifies the configurations for redirecting traffic within a workload.

func (*CiliumExternalWorkloadSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkloadSpec.

func (*CiliumExternalWorkloadSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumExternalWorkloadSpec) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumExternalWorkloadStatus

type CiliumExternalWorkloadStatus struct {
	// ID is the numeric identity allocated for the external workload.
	ID uint64 `json:"id,omitempty"`

	// IP is the IP address of the workload. Empty if the workload has not registered.
	IP string `json:"ip,omitempty"`
}

CiliumExternalWorkloadStatus is the status of a the external Cilium workload.

func (*CiliumExternalWorkloadStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumExternalWorkloadStatus.

func (*CiliumExternalWorkloadStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumExternalWorkloadStatus) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumIdentity

type CiliumIdentity struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// SecurityLabels is the source-of-truth set of labels for this identity.
	SecurityLabels map[string]string `json:"security-labels"`
}

CiliumIdentity is a CRD that represents an identity managed by Cilium. It is intended as a backing store for identity allocation, acting as the global coordination backend, and can be used in place of a KVStore (such as etcd). The name of the CRD is the numeric identity and the labels on the CRD object are the kubernetes sourced labels seen by cilium. This is currently the only label source possible when running under kubernetes. Non-kubernetes labels are filtered but all labels, from all sources, are places in the SecurityLabels field. These also include the source and are used to define the identity. The labels under metav1.ObjectMeta can be used when searching for CiliumIdentity instances that include particular labels. This can be done with invocations such as:

kubectl get ciliumid -l 'foo=bar'

func (*CiliumIdentity) DeepCopy

func (in *CiliumIdentity) DeepCopy() *CiliumIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumIdentity.

func (*CiliumIdentity) DeepCopyInto

func (in *CiliumIdentity) DeepCopyInto(out *CiliumIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumIdentity) DeepCopyObject

func (in *CiliumIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumIdentity) DeepEqual

func (in *CiliumIdentity) DeepEqual(other *CiliumIdentity) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumIdentityList

type CiliumIdentityList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumIdentity
	Items []CiliumIdentity `json:"items"`
}

CiliumIdentityList is a list of CiliumIdentity objects.

func (*CiliumIdentityList) DeepCopy

func (in *CiliumIdentityList) DeepCopy() *CiliumIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumIdentityList.

func (*CiliumIdentityList) DeepCopyInto

func (in *CiliumIdentityList) DeepCopyInto(out *CiliumIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumIdentityList) DeepCopyObject

func (in *CiliumIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumLocalRedirectPolicy

type CiliumLocalRedirectPolicy struct {
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +k8s:openapi-gen=false
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// Spec is the desired behavior of the local redirect policy.
	Spec CiliumLocalRedirectPolicySpec `json:"spec,omitempty"`

	// Status is the most recent status of the local redirect policy.
	// It is a read-only field.
	//
	// +deepequal-gen=false
	// +kubebuilder:validation:Optional
	Status CiliumLocalRedirectPolicyStatus `json:"status"`
}

CiliumLocalRedirectPolicy is a Kubernetes Custom Resource that contains a specification to redirect traffic locally within a node.

func (*CiliumLocalRedirectPolicy) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicy.

func (*CiliumLocalRedirectPolicy) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumLocalRedirectPolicy) DeepCopyObject

func (in *CiliumLocalRedirectPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumLocalRedirectPolicy) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumLocalRedirectPolicyList

type CiliumLocalRedirectPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumLocalRedirectPolicy
	Items []CiliumLocalRedirectPolicy `json:"items"`
}

CiliumLocalRedirectPolicyList is a list of CiliumLocalRedirectPolicy objects.

func (*CiliumLocalRedirectPolicyList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicyList.

func (*CiliumLocalRedirectPolicyList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumLocalRedirectPolicyList) DeepCopyObject

func (in *CiliumLocalRedirectPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumLocalRedirectPolicySpec

type CiliumLocalRedirectPolicySpec struct {
	// RedirectFrontend specifies frontend configuration to redirect traffic from.
	// It can not be empty.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="redirectFrontend is immutable"
	RedirectFrontend RedirectFrontend `json:"redirectFrontend"`

	// RedirectBackend specifies backend configuration to redirect traffic to.
	// It can not be empty.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="redirectBackend is immutable"
	RedirectBackend RedirectBackend `json:"redirectBackend"`

	// SkipRedirectFromBackend indicates whether traffic matching RedirectFrontend
	// from RedirectBackend should skip redirection, and hence the traffic will
	// be forwarded as-is.
	//
	// The default is false which means traffic matching RedirectFrontend will
	// get redirected from all pods, including the RedirectBackend(s).
	//
	// Example: If RedirectFrontend is configured to "169.254.169.254:80" as the traffic
	// that needs to be redirected to backends selected by RedirectBackend, if
	// SkipRedirectFromBackend is set to true, traffic going to "169.254.169.254:80"
	// from such backends will not be redirected back to the backends. Instead,
	// the matched traffic from the backends will be forwarded to the original
	// destination "169.254.169.254:80".
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:default=false
	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="skipRedirectFromBackend is immutable"
	SkipRedirectFromBackend bool `json:"skipRedirectFromBackend"`

	// Description can be used by the creator of the policy to describe the
	// purpose of this policy.
	//
	// +kubebuilder:validation:Optional
	Description string `json:"description,omitempty"`
}

CiliumLocalRedirectPolicySpec specifies the configurations for redirecting traffic within a node.

func (*CiliumLocalRedirectPolicySpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicySpec.

func (*CiliumLocalRedirectPolicySpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumLocalRedirectPolicySpec) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumLocalRedirectPolicyStatus

type CiliumLocalRedirectPolicyStatus struct {
	// TODO Define status(aditi)
	OK bool `json:"ok,omitempty"`
}

CiliumLocalRedirectPolicyStatus is the status of a Local Redirect Policy.

func (*CiliumLocalRedirectPolicyStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumLocalRedirectPolicyStatus.

func (*CiliumLocalRedirectPolicyStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumLocalRedirectPolicyStatus) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumNetworkPolicy

type CiliumNetworkPolicy struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// Spec is the desired Cilium specific rule specification.
	Spec *api.Rule `json:"spec,omitempty"`

	// Specs is a list of desired Cilium specific rule specification.
	Specs api.Rules `json:"specs,omitempty"`

	// Status is the status of the Cilium policy rule
	//
	// +deepequal-gen=false
	// +kubebuilder:validation:Optional
	Status CiliumNetworkPolicyStatus `json:"status"`
}

CiliumNetworkPolicy is a Kubernetes third-party resource with an extended version of NetworkPolicy.

func (*CiliumNetworkPolicy) AnnotationsEquals

func (r *CiliumNetworkPolicy) AnnotationsEquals(o *CiliumNetworkPolicy) bool

AnnotationsEquals returns true if ObjectMeta.Annotations of each CiliumNetworkPolicy are equivalent (i.e., they contain equivalent key-value pairs).

func (*CiliumNetworkPolicy) DeepCopy

func (in *CiliumNetworkPolicy) DeepCopy() *CiliumNetworkPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicy.

func (*CiliumNetworkPolicy) DeepCopyInto

func (in *CiliumNetworkPolicy) DeepCopyInto(out *CiliumNetworkPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNetworkPolicy) DeepCopyObject

func (in *CiliumNetworkPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumNetworkPolicy) DeepEqual

func (in *CiliumNetworkPolicy) DeepEqual(other *CiliumNetworkPolicy) bool

DeepEqual compares 2 CNPs.

func (*CiliumNetworkPolicy) GetIdentityLabels

func (r *CiliumNetworkPolicy) GetIdentityLabels() labels.LabelArray

GetIdentityLabels returns all rule labels in the CiliumNetworkPolicy.

func (*CiliumNetworkPolicy) Parse

func (r *CiliumNetworkPolicy) Parse() (api.Rules, error)

Parse parses a CiliumNetworkPolicy and returns a list of cilium policy rules.

func (*CiliumNetworkPolicy) RequiresDerivative

func (r *CiliumNetworkPolicy) RequiresDerivative() bool

RequiresDerivative return true if the CNP has any rule that will create a new derivative rule.

func (*CiliumNetworkPolicy) SetDerivedPolicyStatus

func (r *CiliumNetworkPolicy) SetDerivedPolicyStatus(derivativePolicyName string, status CiliumNetworkPolicyNodeStatus)

SetDerivedPolicyStatus set the derivative policy status for the given derivative policy name.

func (*CiliumNetworkPolicy) String

func (r *CiliumNetworkPolicy) String() string

type CiliumNetworkPolicyList

type CiliumNetworkPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumNetworkPolicy
	Items []CiliumNetworkPolicy `json:"items"`
}

CiliumNetworkPolicyList is a list of CiliumNetworkPolicy objects.

func (*CiliumNetworkPolicyList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicyList.

func (*CiliumNetworkPolicyList) DeepCopyInto

func (in *CiliumNetworkPolicyList) DeepCopyInto(out *CiliumNetworkPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNetworkPolicyList) DeepCopyObject

func (in *CiliumNetworkPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumNetworkPolicyNodeStatus

type CiliumNetworkPolicyNodeStatus struct {
	// OK is true when the policy has been parsed and imported successfully
	// into the in-memory policy repository on the node.
	OK bool `json:"ok,omitempty"`

	// Error describes any error that occurred when parsing or importing the
	// policy, or realizing the policy for the endpoints to which it applies
	// on the node.
	Error string `json:"error,omitempty"`

	// LastUpdated contains the last time this status was updated
	LastUpdated slimv1.Time `json:"lastUpdated,omitempty"`

	// Revision is the policy revision of the repository which first implemented
	// this policy.
	Revision uint64 `json:"localPolicyRevision,omitempty"`

	// Enforcing is set to true once all endpoints present at the time the
	// policy has been imported are enforcing this policy.
	Enforcing bool `json:"enforcing,omitempty"`

	// Annotations corresponds to the Annotations in the ObjectMeta of the CNP
	// that have been realized on the node for CNP. That is, if a CNP has been
	// imported and has been assigned annotation X=Y by the user,
	// Annotations in CiliumNetworkPolicyNodeStatus will be X=Y once the
	// CNP that was imported corresponding to Annotation X=Y has been realized on
	// the node.
	Annotations map[string]string `json:"annotations,omitempty"`
}

CiliumNetworkPolicyNodeStatus is the status of a Cilium policy rule for a specific node.

func CreateCNPNodeStatus

func CreateCNPNodeStatus(enforcing, ok bool, cnpError error, rev uint64, annotations map[string]string) CiliumNetworkPolicyNodeStatus

CreateCNPNodeStatus returns a CiliumNetworkPolicyNodeStatus created from the provided fields.

func (*CiliumNetworkPolicyNodeStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicyNodeStatus.

func (*CiliumNetworkPolicyNodeStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNetworkPolicyNodeStatus) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumNetworkPolicyStatus

type CiliumNetworkPolicyStatus struct {

	// DerivativePolicies is the status of all policies derived from the Cilium
	// policy
	DerivativePolicies map[string]CiliumNetworkPolicyNodeStatus `json:"derivativePolicies,omitempty"`

	// +optional
	// +patchMergeKey=type
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=type
	Conditions []NetworkPolicyCondition `json:"conditions,omitempty"`
}

CiliumNetworkPolicyStatus is the status of a Cilium policy rule.

func (*CiliumNetworkPolicyStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNetworkPolicyStatus.

func (*CiliumNetworkPolicyStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNetworkPolicyStatus) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type CiliumNode

type CiliumNode struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata"`

	// Spec defines the desired specification/configuration of the node.
	Spec NodeSpec `json:"spec"`

	// Status defines the realized specification/configuration and status
	// of the node.
	//
	// +kubebuilder:validation:Optional
	Status NodeStatus `json:"status,omitempty"`
}

CiliumNode represents a node managed by Cilium. It contains a specification to control various node specific configuration aspects and a status section to represent the status of the node.

func (*CiliumNode) DeepCopy

func (in *CiliumNode) DeepCopy() *CiliumNode

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNode.

func (*CiliumNode) DeepCopyInto

func (in *CiliumNode) DeepCopyInto(out *CiliumNode)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNode) DeepCopyObject

func (in *CiliumNode) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiliumNode) DeepEqual

func (in *CiliumNode) DeepEqual(other *CiliumNode) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (*CiliumNode) GetIP added in v1.15.0

func (n *CiliumNode) GetIP(ipv6 bool) net.IP

GetIP returns one of the CiliumNode's IP addresses available with the following priority: - NodeInternalIP - NodeExternalIP - other IP address type An error is returned if GetIP fails to extract an IP from the CiliumNode based on the provided address family.

func (*CiliumNode) InstanceID

func (n *CiliumNode) InstanceID() (instanceID string)

InstanceID returns the InstanceID of a CiliumNode.

type CiliumNodeConfig added in v1.16.0

type CiliumNodeConfig struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec is the desired Cilium configuration overrides for a given node
	Spec CiliumNodeConfigSpec `json:"spec"`
}

CiliumNodeConfig is a list of configuration key-value pairs. It is applied to nodes indicated by a label selector.

If multiple overrides apply to the same node, they will be ordered by name with later Overrides overwriting any conflicting keys.

func (*CiliumNodeConfig) DeepCopy added in v1.16.0

func (in *CiliumNodeConfig) DeepCopy() *CiliumNodeConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNodeConfig.

func (*CiliumNodeConfig) DeepCopyInto added in v1.16.0

func (in *CiliumNodeConfig) DeepCopyInto(out *CiliumNodeConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNodeConfig) DeepCopyObject added in v1.16.0

func (in *CiliumNodeConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumNodeConfigList added in v1.16.0

type CiliumNodeConfigList struct {
	// +deepequal-gen=false
	metav1.TypeMeta `json:",inline"`
	// +deepequal-gen=false
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CiliumNodeConfig `json:"items"`
}

func (*CiliumNodeConfigList) DeepCopy added in v1.16.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNodeConfigList.

func (*CiliumNodeConfigList) DeepCopyInto added in v1.16.0

func (in *CiliumNodeConfigList) DeepCopyInto(out *CiliumNodeConfigList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNodeConfigList) DeepCopyObject added in v1.16.0

func (in *CiliumNodeConfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CiliumNodeConfigSpec added in v1.16.0

type CiliumNodeConfigSpec struct {
	// Defaults is treated the same as the cilium-config ConfigMap - a set
	// of key-value pairs parsed by the agent and operator processes.
	// Each key must be a valid config-map data field (i.e. a-z, A-Z, -, _, and .)
	Defaults map[string]string `json:"defaults"`

	// NodeSelector is a label selector that determines to which nodes
	// this configuration applies.
	// If not supplied, then this config applies to no nodes. If
	// empty, then it applies to all nodes.
	NodeSelector *metav1.LabelSelector `json:"nodeSelector"`
}

+deepequal-gen=false

func (*CiliumNodeConfigSpec) DeepCopy added in v1.16.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNodeConfigSpec.

func (*CiliumNodeConfigSpec) DeepCopyInto added in v1.16.0

func (in *CiliumNodeConfigSpec) DeepCopyInto(out *CiliumNodeConfigSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CiliumNodeList

type CiliumNodeList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	// Items is a list of CiliumNode
	Items []CiliumNode `json:"items"`
}

CiliumNodeList is a list of CiliumNode objects.

func (*CiliumNodeList) DeepCopy

func (in *CiliumNodeList) DeepCopy() *CiliumNodeList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiliumNodeList.

func (*CiliumNodeList) DeepCopyInto

func (in *CiliumNodeList) DeepCopyInto(out *CiliumNodeList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiliumNodeList) DeepCopyObject

func (in *CiliumNodeList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ControllerList

type ControllerList []ControllerStatus

ControllerList is a list of ControllerStatus.

func (*ControllerList) DeepEqual

func (in *ControllerList) DeepEqual(other *ControllerList) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (ControllerList) Sort

func (c ControllerList) Sort()

Sort sorts the ControllerList by controller name

type ControllerStatus

type ControllerStatus struct {
	// Name is the name of the controller
	Name string `json:"name,omitempty"`

	// Configuration is the controller configuration
	Configuration *models.ControllerStatusConfiguration `json:"configuration,omitempty"`

	// Status is the status of the controller
	Status ControllerStatusStatus `json:"status,omitempty"`

	// UUID is the UUID of the controller
	UUID string `json:"uuid,omitempty"`
}

ControllerStatus is the status of a failing controller.

func (*ControllerStatus) DeepCopy

func (in *ControllerStatus) DeepCopy() *ControllerStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerStatus.

func (*ControllerStatus) DeepCopyInto

func (in *ControllerStatus) DeepCopyInto(out *ControllerStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ControllerStatus) DeepEqual

func (in *ControllerStatus) DeepEqual(other *ControllerStatus) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type ControllerStatusStatus

type ControllerStatusStatus struct {
	ConsecutiveFailureCount int64  `json:"consecutive-failure-count,omitempty"`
	FailureCount            int64  `json:"failure-count,omitempty"`
	LastFailureMsg          string `json:"last-failure-msg,omitempty"`
	LastFailureTimestamp    string `json:"last-failure-timestamp,omitempty"`
	LastSuccessTimestamp    string `json:"last-success-timestamp,omitempty"`
	SuccessCount            int64  `json:"success-count,omitempty"`
}

ControllerStatusStatus is the detailed status section of a controller.

func (*ControllerStatusStatus) DeepEqual

func (in *ControllerStatusStatus) DeepEqual(other *ControllerStatusStatus) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type DenyIdentityList

type DenyIdentityList IdentityList

DenyIdentityList is a list of IdentityTuples that species peers that are denied.

func (*DenyIdentityList) DeepEqual

func (in *DenyIdentityList) DeepEqual(other *DenyIdentityList) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (DenyIdentityList) Sort

func (d DenyIdentityList) Sort()

Sort sorts a list IdentityList by numeric identity, port and protocol.

type EgressGateway

type EgressGateway struct {
	// This is a label selector which selects the node that should act as
	// egress gateway for the given policy.
	// In case multiple nodes are selected, only the first one in the
	// lexical ordering over the node names will be used.
	// This field follows standard label selector semantics.
	//
	// +kubebuilder:validation:Required
	NodeSelector *slimv1.LabelSelector `json:"nodeSelector"`

	// Interface is the network interface to which the egress IP address
	// that the traffic is SNATed with is assigned.
	//
	// Example:
	// When set to "eth1", matching egress traffic will be redirected to the
	// node matching the NodeSelector field and SNATed with the first IPv4
	// address assigned to the eth1 interface.
	//
	// When none of the Interface or EgressIP fields is specified, the
	// policy will use the first IPv4 assigned to the interface with the
	// default route.
	Interface string `json:"interface,omitempty"`

	// EgressIP is the source IP address that the egress traffic is SNATed
	// with.
	//
	// Example:
	// When set to "192.168.1.100", matching egress traffic will be
	// redirected to the node matching the NodeSelector field and SNATed
	// with IP address 192.168.1.100.
	//
	// When none of the Interface or EgressIP fields is specified, the
	// policy will use the first IPv4 assigned to the interface with the
	// default route.
	//
	// +kubebuilder:validation:Format=ipv4
	EgressIP string `json:"egressIP,omitempty"`
}

EgressGateway identifies the node that should act as egress gateway for a given egress Gateway policy. In addition to that it also specifies the configuration of said node (which egress IP or network interface should be used to SNAT traffic).

func (*EgressGateway) DeepCopy

func (in *EgressGateway) DeepCopy() *EgressGateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGateway.

func (*EgressGateway) DeepCopyInto

func (in *EgressGateway) DeepCopyInto(out *EgressGateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EgressGateway) DeepEqual

func (in *EgressGateway) DeepEqual(other *EgressGateway) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EgressRule

type EgressRule struct {
	// Selects Namespaces using cluster-scoped labels. This field follows standard label
	// selector semantics; if present but empty, it selects all namespaces.
	NamespaceSelector *slimv1.LabelSelector `json:"namespaceSelector,omitempty"`

	// This is a label selector which selects Pods. This field follows standard label
	// selector semantics; if present but empty, it selects all pods.
	PodSelector *slimv1.LabelSelector `json:"podSelector,omitempty"`
}

func (*EgressRule) DeepCopy

func (in *EgressRule) DeepCopy() *EgressRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressRule.

func (*EgressRule) DeepCopyInto

func (in *EgressRule) DeepCopyInto(out *EgressRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EgressRule) DeepEqual

func (in *EgressRule) DeepEqual(other *EgressRule) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EncryptionSpec

type EncryptionSpec struct {
	// Key is the index to the key to use for encryption or 0 if encryption is
	// disabled.
	//
	// +kubebuilder:validation:Optional
	Key int `json:"key,omitempty"`
}

EncryptionSpec defines the encryption relevant configuration of a node.

func (*EncryptionSpec) DeepCopy

func (in *EncryptionSpec) DeepCopy() *EncryptionSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionSpec.

func (*EncryptionSpec) DeepCopyInto

func (in *EncryptionSpec) DeepCopyInto(out *EncryptionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EncryptionSpec) DeepEqual

func (in *EncryptionSpec) DeepEqual(other *EncryptionSpec) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EndpointIdentity

type EndpointIdentity struct {
	// ID is the numeric identity of the endpoint
	ID int64 `json:"id,omitempty"`

	// Labels is the list of labels associated with the identity
	Labels []string `json:"labels,omitempty"`
}

EndpointIdentity is the identity information of an endpoint.

func (*EndpointIdentity) DeepCopy

func (in *EndpointIdentity) DeepCopy() *EndpointIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointIdentity.

func (*EndpointIdentity) DeepCopyInto

func (in *EndpointIdentity) DeepCopyInto(out *EndpointIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EndpointIdentity) DeepEqual

func (in *EndpointIdentity) DeepEqual(other *EndpointIdentity) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EndpointNetworking

type EndpointNetworking struct {
	// IP4/6 addresses assigned to this Endpoint
	Addressing AddressPairList `json:"addressing"`

	// NodeIP is the IP of the node the endpoint is running on. The IP must
	// be reachable between nodes.
	NodeIP string `json:"node,omitempty"`
}

EndpointNetworking is the addressing information of an endpoint.

func (*EndpointNetworking) DeepCopy

func (in *EndpointNetworking) DeepCopy() *EndpointNetworking

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointNetworking.

func (*EndpointNetworking) DeepCopyInto

func (in *EndpointNetworking) DeepCopyInto(out *EndpointNetworking)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EndpointNetworking) DeepEqual

func (in *EndpointNetworking) DeepEqual(other *EndpointNetworking) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EndpointPolicy

type EndpointPolicy struct {
	Ingress *EndpointPolicyDirection `json:"ingress,omitempty"`
	Egress  *EndpointPolicyDirection `json:"egress,omitempty"`
}

EndpointPolicy represents the endpoint's policy by listing all allowed ingress and egress identities in combination with L4 port and protocol.

func (*EndpointPolicy) DeepCopy

func (in *EndpointPolicy) DeepCopy() *EndpointPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointPolicy.

func (*EndpointPolicy) DeepCopyInto

func (in *EndpointPolicy) DeepCopyInto(out *EndpointPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EndpointPolicy) DeepEqual

func (in *EndpointPolicy) DeepEqual(other *EndpointPolicy) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EndpointPolicyDirection

type EndpointPolicyDirection struct {
	Enforcing bool                `json:"enforcing"`
	Allowed   AllowedIdentityList `json:"allowed,omitempty"`
	Denied    DenyIdentityList    `json:"denied,omitempty"`
	// Deprecated
	Removing AllowedIdentityList `json:"removing,omitempty"`
	// Deprecated
	Adding AllowedIdentityList `json:"adding,omitempty"`
	State  EndpointPolicyState `json:"state,omitempty"`
}

EndpointPolicyDirection is the list of allowed identities per direction.

func (*EndpointPolicyDirection) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointPolicyDirection.

func (*EndpointPolicyDirection) DeepCopyInto

func (in *EndpointPolicyDirection) DeepCopyInto(out *EndpointPolicyDirection)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EndpointPolicyDirection) DeepEqual

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type EndpointPolicyState

type EndpointPolicyState string

EndpointPolicyState defines the state of the Policy mode: "enforcing", "non-enforcing", "disabled"

type EndpointStatus

type EndpointStatus struct {
	// ID is the cilium-agent-local ID of the endpoint.
	ID int64 `json:"id,omitempty"`

	// Controllers is the list of failing controllers for this endpoint.
	Controllers ControllerList `json:"controllers,omitempty"`

	// ExternalIdentifiers is a set of identifiers to identify the endpoint
	// apart from the pod name. This includes container runtime IDs.
	ExternalIdentifiers *models.EndpointIdentifiers `json:"external-identifiers,omitempty"`

	// Health is the overall endpoint & subcomponent health.
	Health *models.EndpointHealth `json:"health,omitempty"`

	// Identity is the security identity associated with the endpoint
	Identity *EndpointIdentity `json:"identity,omitempty"`

	// Log is the list of the last few warning and error log entries
	Log []*models.EndpointStatusChange `json:"log,omitempty"`

	// Networking is the networking properties of the endpoint.
	//
	// +kubebuilder:validation:Optional
	Networking *EndpointNetworking `json:"networking,omitempty"`

	// Encryption is the encryption configuration of the node
	//
	// +kubebuilder:validation:Optional
	Encryption EncryptionSpec `json:"encryption,omitempty"`

	Policy *EndpointPolicy `json:"policy,omitempty"`

	VisibilityPolicyStatus *string `json:"visibility-policy-status,omitempty"`

	// State is the state of the endpoint.
	//
	// +kubebuilder:validation:Enum=creating;waiting-for-identity;not-ready;waiting-to-regenerate;regenerating;restoring;ready;disconnecting;disconnected;invalid
	State string `json:"state,omitempty"`

	NamedPorts models.NamedPorts `json:"named-ports,omitempty"`
}

EndpointStatus is the status of a Cilium endpoint.

func (*EndpointStatus) DeepCopy

func (in *EndpointStatus) DeepCopy() *EndpointStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointStatus.

func (*EndpointStatus) DeepCopyInto

func (in *EndpointStatus) DeepCopyInto(out *EndpointStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EndpointStatus) DeepEqual

func (in *EndpointStatus) DeepEqual(other *EndpointStatus) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type ErrParse

type ErrParse struct {
	// contains filtered or unexported fields
}

ErrParse is an error to describe where policy fails to parse due any invalid rule.

+k8s:deepcopy-gen=false +deepequal-gen=false

func NewErrParse

func NewErrParse(msg string) ErrParse

NewErrParse returns a new ErrParse.

func (ErrParse) Error

func (e ErrParse) Error() string

Error returns the error message for parsing

func (ErrParse) Is

func (_ ErrParse) Is(e error) bool

Is returns true if the given error is the type of 'ErrParse'.

type Frontend

type Frontend struct {
	// IP is a destination ip address for traffic to be redirected.
	//
	// Example:
	// When it is set to "169.254.169.254", traffic destined to
	// "169.254.169.254" is redirected.
	//
	// +kubebuilder:validation:Pattern=`((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))`
	// +kubebuilder:validation:Required
	IP string `json:"ip"`

	// ToPorts is a list of destination L4 ports with protocol for traffic
	// to be redirected.
	// When multiple ports are specified, the ports must be named.
	//
	// Example:
	// When set to Port: "53" and Protocol: UDP, traffic destined to port '53'
	// with UDP protocol is redirected.
	//
	// +kubebuilder:validation:Required
	ToPorts []PortInfo `json:"toPorts"`
}

func (*Frontend) DeepCopy

func (in *Frontend) DeepCopy() *Frontend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Frontend.

func (*Frontend) DeepCopyInto

func (in *Frontend) DeepCopyInto(out *Frontend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Frontend) DeepEqual

func (in *Frontend) DeepEqual(other *Frontend) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type HealthAddressingSpec

type HealthAddressingSpec struct {
	// IPv4 is the IPv4 address of the IPv4 health endpoint.
	//
	// +kubebuilder:validation:Optional
	IPv4 string `json:"ipv4,omitempty"`

	// IPv6 is the IPv6 address of the IPv4 health endpoint.
	//
	// +kubebuilder:validation:Optional
	IPv6 string `json:"ipv6,omitempty"`
}

HealthAddressingSpec is the addressing information required to do connectivity health checking.

func (*HealthAddressingSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthAddressingSpec.

func (*HealthAddressingSpec) DeepCopyInto

func (in *HealthAddressingSpec) DeepCopyInto(out *HealthAddressingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*HealthAddressingSpec) DeepEqual

func (in *HealthAddressingSpec) DeepEqual(other *HealthAddressingSpec) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type IPv4CIDR

type IPv4CIDR string

+kubebuilder:validation:Pattern=`^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([0-9]|[1-2][0-9]|3[0-2])$`

type IdentityList

type IdentityList []IdentityTuple

IdentityList is a list of IdentityTuple.

func (*IdentityList) DeepEqual

func (in *IdentityList) DeepEqual(other *IdentityList) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (IdentityList) Sort

func (a IdentityList) Sort()

Sort sorts a list IdentityList by numeric identity, port and protocol.

type IdentityTuple

type IdentityTuple struct {
	Identity       uint64            `json:"identity,omitempty"`
	IdentityLabels map[string]string `json:"identity-labels,omitempty"`
	DestPort       uint16            `json:"dest-port,omitempty"`
	Protocol       uint8             `json:"protocol,omitempty"`
}

IdentityTuple specifies a peer by identity, destination port and protocol.

func (*IdentityTuple) DeepCopy

func (in *IdentityTuple) DeepCopy() *IdentityTuple

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityTuple.

func (*IdentityTuple) DeepCopyInto

func (in *IdentityTuple) DeepCopyInto(out *IdentityTuple)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityTuple) DeepEqual

func (in *IdentityTuple) DeepEqual(other *IdentityTuple) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type NetworkPolicyCondition added in v1.16.0

type NetworkPolicyCondition struct {
	// The type of the policy condition
	Type PolicyConditionType `json:"type"`
	// The status of the condition, one of True, False, or Unknown
	Status v1.ConditionStatus `json:"status"`
	// The last time the condition transitioned from one status to another.
	// +optional
	LastTransitionTime slimv1.Time `json:"lastTransitionTime,omitempty"`
	// The reason for the condition's last transition.
	// +optional
	Reason string `json:"reason,omitempty"`
	// A human readable message indicating details about the transition.
	// +optional
	Message string `json:"message,omitempty"`
}

func (*NetworkPolicyCondition) DeepCopy added in v1.16.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyCondition.

func (*NetworkPolicyCondition) DeepCopyInto added in v1.16.0

func (in *NetworkPolicyCondition) DeepCopyInto(out *NetworkPolicyCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NetworkPolicyCondition) DeepEqual added in v1.16.0

func (in *NetworkPolicyCondition) DeepEqual(other *NetworkPolicyCondition) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type NodeAddress

type NodeAddress struct {
	// Type is the type of the node address
	Type addressing.AddressType `json:"type,omitempty"`

	// IP is an IP of a node
	IP string `json:"ip,omitempty"`
}

NodeAddress is a node address.

func (NodeAddress) AddrType added in v1.15.0

func (n NodeAddress) AddrType() addressing.AddressType

func (*NodeAddress) DeepCopy

func (in *NodeAddress) DeepCopy() *NodeAddress

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAddress.

func (*NodeAddress) DeepCopyInto

func (in *NodeAddress) DeepCopyInto(out *NodeAddress)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NodeAddress) DeepEqual

func (in *NodeAddress) DeepEqual(other *NodeAddress) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (NodeAddress) ToString added in v1.15.0

func (n NodeAddress) ToString() string

type NodeSpec

type NodeSpec struct {
	// InstanceID is the identifier of the node. This is different from the
	// node name which is typically the FQDN of the node. The InstanceID
	// typically refers to the identifier used by the cloud provider or
	// some other means of identification.
	InstanceID string `json:"instance-id,omitempty"`

	// BootID is a unique node identifier generated on boot
	//
	// +kubebuilder:validation:Optional
	BootID string `json:"bootid,omitempty"`

	// Addresses is the list of all node addresses.
	//
	// +kubebuilder:validation:Optional
	Addresses []NodeAddress `json:"addresses,omitempty"`

	// HealthAddressing is the addressing information for health connectivity
	// checking.
	//
	// +kubebuilder:validation:Optional
	HealthAddressing HealthAddressingSpec `json:"health,omitempty"`

	// IngressAddressing is the addressing information for Ingress listener.
	//
	// +kubebuilder:validation:Optional
	IngressAddressing AddressPair `json:"ingress,omitempty"`

	// Encryption is the encryption configuration of the node.
	//
	// +kubebuilder:validation:Optional
	Encryption EncryptionSpec `json:"encryption,omitempty"`

	// ENI is the AWS ENI specific configuration.
	//
	// +kubebuilder:validation:Optional
	ENI eniTypes.ENISpec `json:"eni,omitempty"`

	// Azure is the Azure IPAM specific configuration.
	//
	// +kubebuilder:validation:Optional
	Azure azureTypes.AzureSpec `json:"azure,omitempty"`

	// AlibabaCloud is the AlibabaCloud IPAM specific configuration.
	//
	// +kubebuilder:validation:Optional
	AlibabaCloud alibabaCloudTypes.Spec `json:"alibaba-cloud,omitempty"`

	// IPAM is the address management specification. This section can be
	// populated by a user or it can be automatically populated by an IPAM
	// operator.
	//
	// +kubebuilder:validation:Optional
	IPAM ipamTypes.IPAMSpec `json:"ipam,omitempty"`

	// NodeIdentity is the Cilium numeric identity allocated for the node, if any.
	//
	// +kubebuilder:validation:Optional
	NodeIdentity uint64 `json:"nodeidentity,omitempty"`
}

NodeSpec is the configuration specific to a node.

func (*NodeSpec) DeepCopy

func (in *NodeSpec) DeepCopy() *NodeSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSpec.

func (*NodeSpec) DeepCopyInto

func (in *NodeSpec) DeepCopyInto(out *NodeSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NodeSpec) DeepEqual

func (in *NodeSpec) DeepEqual(other *NodeSpec) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type NodeStatus

type NodeStatus struct {
	// ENI is the AWS ENI specific status of the node.
	//
	// +kubebuilder:validation:Optional
	ENI eniTypes.ENIStatus `json:"eni,omitempty"`

	// Azure is the Azure specific status of the node.
	//
	// +kubebuilder:validation:Optional
	Azure azureTypes.AzureStatus `json:"azure,omitempty"`

	// IPAM is the IPAM status of the node.
	//
	// +kubebuilder:validation:Optional
	IPAM ipamTypes.IPAMStatus `json:"ipam,omitempty"`

	// AlibabaCloud is the AlibabaCloud specific status of the node.
	//
	// +kubebuilder:validation:Optional
	AlibabaCloud alibabaCloudTypes.ENIStatus `json:"alibaba-cloud,omitempty"`
}

NodeStatus is the status of a node.

func (*NodeStatus) DeepCopy

func (in *NodeStatus) DeepCopy() *NodeStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeStatus.

func (*NodeStatus) DeepCopyInto

func (in *NodeStatus) DeepCopyInto(out *NodeStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NodeStatus) DeepEqual

func (in *NodeStatus) DeepEqual(other *NodeStatus) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type PolicyConditionType added in v1.16.0

type PolicyConditionType string
const (
	PolicyConditionValid PolicyConditionType = "Valid"
)

type PortInfo

type PortInfo struct {
	// Port is an L4 port number. The string will be strictly parsed as a single uint16.
	//
	// +kubebuilder:validation:Pattern=`^()([1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5])$`
	// +kubebuilder:validation:Required
	Port string `json:"port"`

	// Protocol is the L4 protocol.
	// Accepted values: "TCP", "UDP"
	//
	// +kubebuilder:validation:Enum=TCP;UDP
	// +kubebuilder:validation:Required
	Protocol api.L4Proto `json:"protocol"`

	// Name is a port name, which must contain at least one [a-z],
	// and may also contain [0-9] and '-' anywhere except adjacent to another
	// '-' or in the beginning or the end.
	//
	// +kubebuilder:validation:Pattern=`^([0-9]{1,4})|([a-zA-Z0-9]-?)*[a-zA-Z](-?[a-zA-Z0-9])*$`
	// +kubebuilder:validation:Optional
	Name string `json:"name"`
}

PortInfo specifies L4 port number and name along with the transport protocol

func (*PortInfo) DeepCopy

func (in *PortInfo) DeepCopy() *PortInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortInfo.

func (*PortInfo) DeepCopyInto

func (in *PortInfo) DeepCopyInto(out *PortInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PortInfo) DeepEqual

func (in *PortInfo) DeepEqual(other *PortInfo) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (*PortInfo) SanitizePortInfo

func (pInfo *PortInfo) SanitizePortInfo(checkNamedPort bool) (uint16, string, lb.L4Type, error)

SanitizePortInfo sanitizes all the fields in the PortInfo. It returns port number, name, and protocol derived from the given input and error (failure cases).

type RedirectBackend

type RedirectBackend struct {
	// LocalEndpointSelector selects node local pod(s) where traffic is redirected to.
	//
	// +kubebuilder:validation:Required
	LocalEndpointSelector slim_metav1.LabelSelector `json:"localEndpointSelector"`

	// ToPorts is a list of L4 ports with protocol of node local pod(s) where traffic
	// is redirected to.
	// When multiple ports are specified, the ports must be named.
	//
	// +kubebuilder:validation:Required
	ToPorts []PortInfo `json:"toPorts"`
}

RedirectBackend is a backend configuration that determines where traffic needs to be redirected to.

func (*RedirectBackend) DeepCopy

func (in *RedirectBackend) DeepCopy() *RedirectBackend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedirectBackend.

func (*RedirectBackend) DeepCopyInto

func (in *RedirectBackend) DeepCopyInto(out *RedirectBackend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RedirectBackend) DeepEqual

func (in *RedirectBackend) DeepEqual(other *RedirectBackend) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type RedirectFrontend

type RedirectFrontend struct {
	// AddressMatcher is a tuple {IP, port, protocol} that matches traffic to be
	// redirected.
	//
	// +kubebuilder:validation:OneOf
	AddressMatcher *Frontend `json:"addressMatcher,omitempty"`

	// ServiceMatcher specifies Kubernetes service and port that matches
	// traffic to be redirected.
	//
	// +kubebuilder:validation:OneOf
	ServiceMatcher *ServiceInfo `json:"serviceMatcher,omitempty"`
}

RedirectFrontend is a frontend configuration that matches traffic that needs to be redirected. The configuration must be specified using a ip/port tuple or a Kubernetes service.

func (*RedirectFrontend) DeepCopy

func (in *RedirectFrontend) DeepCopy() *RedirectFrontend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedirectFrontend.

func (*RedirectFrontend) DeepCopyInto

func (in *RedirectFrontend) DeepCopyInto(out *RedirectFrontend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RedirectFrontend) DeepEqual

func (in *RedirectFrontend) DeepEqual(other *RedirectFrontend) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type Service

type Service struct {
	// Name is the name of a destination Kubernetes service that identifies traffic
	// to be redirected.
	//
	// +kubebuilder:validation:Required
	Name string `json:"name"`

	// Namespace is the Kubernetes service namespace.
	// In CiliumEnvoyConfig namespace defaults to the namespace of the CEC,
	// In CiliumClusterwideEnvoyConfig namespace defaults to "default".
	// +kubebuilder:validation:Optional
	Namespace string `json:"namespace"`

	// Ports is a set of port numbers, which can be used for filtering in case of underlying
	// is exposing multiple port numbers.
	//
	// +kubebuilder:validation:Optional
	Ports []string `json:"number,omitempty"`
}

func (*Service) DeepCopy

func (in *Service) DeepCopy() *Service

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Service.

func (*Service) DeepCopyInto

func (in *Service) DeepCopyInto(out *Service)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Service) DeepEqual

func (in *Service) DeepEqual(other *Service) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type ServiceInfo

type ServiceInfo struct {
	// Name is the name of a destination Kubernetes service that identifies traffic
	// to be redirected.
	// The service type needs to be ClusterIP.
	//
	// Example:
	// When this field is populated with 'serviceName:myService', all the traffic
	// destined to the cluster IP of this service at the (specified)
	// service port(s) will be redirected.
	//
	// +kubebuilder:validation:Required
	Name string `json:"serviceName"`

	// Namespace is the Kubernetes service namespace.
	// The service namespace must match the namespace of the parent Local
	// Redirect Policy.  For Cluster-wide Local Redirect Policy, this
	// can be any namespace.
	// +kubebuilder:validation:Required
	Namespace string `json:"namespace"`

	// ToPorts is a list of destination service L4 ports with protocol for
	// traffic to be redirected. If not specified, traffic for all the service
	// ports will be redirected.
	// When multiple ports are specified, the ports must be named.
	//
	// +kubebuilder:validation:Optional
	ToPorts []PortInfo `json:"toPorts,omitempty"`
}

func (*ServiceInfo) DeepCopy

func (in *ServiceInfo) DeepCopy() *ServiceInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceInfo.

func (*ServiceInfo) DeepCopyInto

func (in *ServiceInfo) DeepCopyInto(out *ServiceInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ServiceInfo) DeepEqual

func (in *ServiceInfo) DeepEqual(other *ServiceInfo) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type ServiceListener

type ServiceListener struct {
	// Name is the name of a destination Kubernetes service that identifies traffic
	// to be redirected.
	//
	// +kubebuilder:validation:Required
	Name string `json:"name"`

	// Namespace is the Kubernetes service namespace.
	// In CiliumEnvoyConfig namespace this is overridden to the namespace of the CEC,
	// In CiliumClusterwideEnvoyConfig namespace defaults to "default".
	// +kubebuilder:validation:Optional
	Namespace string `json:"namespace"`

	// Ports is a set of service's frontend ports that should be redirected to the Envoy
	// listener. By default all frontend ports of the service are redirected.
	//
	// +kubebuilder:validation:Optional
	Ports []uint16 `json:"ports,omitempty"`

	// Listener specifies the name of the Envoy listener the
	// service traffic is redirected to. The listener must be
	// specified in the Envoy 'resources' of the same
	// CiliumEnvoyConfig.
	//
	// If omitted, the first listener specified in 'resources' is
	// used.
	//
	// +kubebuilder:validation:Optional
	Listener string `json:"listener"`
}

func (*ServiceListener) DeepCopy

func (in *ServiceListener) DeepCopy() *ServiceListener

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceListener.

func (*ServiceListener) DeepCopyInto

func (in *ServiceListener) DeepCopyInto(out *ServiceListener)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ServiceListener) DeepEqual

func (in *ServiceListener) DeepEqual(other *ServiceListener) bool

DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.

type XDSResource

type XDSResource struct {
	*anypb.Any `json:"-"`
}

+kubebuilder:pruning:PreserveUnknownFields

func (*XDSResource) DeepCopy

func (in *XDSResource) DeepCopy() *XDSResource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XDSResource.

func (*XDSResource) DeepCopyInto

func (in *XDSResource) DeepCopyInto(out *XDSResource)

DeepCopyInto deep copies 'in' into 'out'.

func (*XDSResource) DeepEqual

func (a *XDSResource) DeepEqual(b *XDSResource) bool

DeepEqual returns 'true' if 'a' and 'b' are equal.

func (*XDSResource) MarshalJSON

func (u *XDSResource) MarshalJSON() ([]byte, error)

MarshalJSON ensures that the unstructured object produces proper JSON when passed to Go's standard JSON library.

func (*XDSResource) UnmarshalJSON

func (u *XDSResource) UnmarshalJSON(b []byte) (err error)

UnmarshalJSON ensures that the unstructured object properly decodes JSON when passed to Go's standard JSON library.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL