Documentation ¶
Overview ¶
Package v1alpha2 is the v1alpha2 version of the API.
Index ¶
- Constants
- Variables
- func Resource(resource string) schema.GroupResource
- type CertManagerProviderSpec
- type CertificateSpec
- type ClusterPropertySpec
- type ClusterSetSpec
- type ExternalAuthzSpec
- type FeatureFlags
- type IngressGatewayCertSpec
- type LocalDNSProxy
- type LocalProxyMode
- type MeshConfig
- type MeshConfigList
- type MeshConfigSpec
- type MeshRootCertificate
- type MeshRootCertificateList
- type MeshRootCertificateSpec
- type MeshRootCertificateStatus
- type ObservabilitySpec
- type PluginChainSpec
- type PluginChainsSpec
- type ProviderSpec
- type RemoteLoggingSpec
- type RepoServerSpec
- type SecretKeyReferenceSpec
- type SidecarDriverSpec
- type SidecarSpec
- type TracingSpec
- type TrafficSpec
- type TresorCASpec
- type TresorProviderSpec
- type VaultProviderSpec
- type VaultTokenSpec
Constants ¶
const GroupName = "config.flomesh.io"
GroupName specifies the group name used to register the objects.
Variables ¶
var ( // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder // Deprecated: use Install instead AddToScheme = localSchemeBuilder.AddToScheme Install = localSchemeBuilder.AddToScheme )
var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha2"}
GroupVersion specifies the group and the version used to register the objects.
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha2"}
SchemeGroupVersion is group version used to register these objects Deprecated: use GroupVersion instead.
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type CertManagerProviderSpec ¶
type CertManagerProviderSpec struct { // IssuerName specifies the name of the Issuer resource IssuerName string `json:"issuerName"` // IssuerKind specifies the kind of Issuer IssuerKind string `json:"issuerKind"` // IssuerGroup specifies the group the Issuer belongs to IssuerGroup string `json:"issuerGroup"` }
CertManagerProviderSpec defines the configuration of the cert-manager provider
func (*CertManagerProviderSpec) DeepCopy ¶
func (in *CertManagerProviderSpec) DeepCopy() *CertManagerProviderSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertManagerProviderSpec.
func (*CertManagerProviderSpec) DeepCopyInto ¶
func (in *CertManagerProviderSpec) DeepCopyInto(out *CertManagerProviderSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertificateSpec ¶
type CertificateSpec struct { // ServiceCertValidityDuration defines the service certificate validity duration. ServiceCertValidityDuration string `json:"serviceCertValidityDuration,omitempty"` // CertKeyBitSize defines the certicate key bit size. CertKeyBitSize int `json:"certKeyBitSize,omitempty"` // IngressGateway defines the certificate specification for an ingress gateway. // +optional IngressGateway *IngressGatewayCertSpec `json:"ingressGateway,omitempty"` }
CertificateSpec is the type to reperesent FSM's certificate management configuration.
func (*CertificateSpec) DeepCopy ¶
func (in *CertificateSpec) DeepCopy() *CertificateSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec.
func (*CertificateSpec) DeepCopyInto ¶
func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterPropertySpec ¶
type ClusterPropertySpec struct { // Name defines the name of cluster property. Name string `json:"name"` // Value defines the name of cluster property. Value string `json:"value"` }
ClusterPropertySpec is the type to represent cluster property.
func (*ClusterPropertySpec) DeepCopy ¶
func (in *ClusterPropertySpec) DeepCopy() *ClusterPropertySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPropertySpec.
func (*ClusterPropertySpec) DeepCopyInto ¶
func (in *ClusterPropertySpec) DeepCopyInto(out *ClusterPropertySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterSetSpec ¶
type ClusterSetSpec struct { // Properties defines properties for cluster. Properties []ClusterPropertySpec `json:"properties"` }
ClusterSetSpec is the type to represent cluster set.
func (*ClusterSetSpec) DeepCopy ¶
func (in *ClusterSetSpec) DeepCopy() *ClusterSetSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterSetSpec.
func (*ClusterSetSpec) DeepCopyInto ¶
func (in *ClusterSetSpec) DeepCopyInto(out *ClusterSetSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExternalAuthzSpec ¶
type ExternalAuthzSpec struct { // Enable defines a boolean indicating if the external authorization policy is to be enabled. Enable bool `json:"enable"` // Address defines the remote address of the external authorization endpoint. Address string `json:"address,omitempty"` // Port defines the destination port of the remote external authorization endpoint. Port uint16 `json:"port,omitempty"` // StatPrefix defines a prefix for the stats sink for this external authorization policy. StatPrefix string `json:"statPrefix,omitempty"` // Timeout defines the timeout in which a response from the external authorization endpoint. // is expected to execute. Timeout string `json:"timeout,omitempty"` // FailureModeAllow defines a boolean indicating if traffic should be allowed on a failure to get a // response against the external authorization endpoint. FailureModeAllow bool `json:"failureModeAllow"` }
ExternalAuthzSpec is a type to represent external authorization configuration.
func (*ExternalAuthzSpec) DeepCopy ¶
func (in *ExternalAuthzSpec) DeepCopy() *ExternalAuthzSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalAuthzSpec.
func (*ExternalAuthzSpec) DeepCopyInto ¶
func (in *ExternalAuthzSpec) DeepCopyInto(out *ExternalAuthzSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FeatureFlags ¶
type FeatureFlags struct { // EnableEgressPolicy defines if FSM's Egress policy is enabled. EnableEgressPolicy bool `json:"enableEgressPolicy"` // EnableSnapshotCacheMode defines if XDS server starts with snapshot cache. EnableSnapshotCacheMode bool `json:"enableSnapshotCacheMode"` //EnableAsyncProxyServiceMapping defines if FSM will map proxies to services asynchronously. EnableAsyncProxyServiceMapping bool `json:"enableAsyncProxyServiceMapping"` // EnableIngressBackendPolicy defines if FSM will use the IngressBackend API to allow ingress traffic to // service mesh backends. EnableIngressBackendPolicy bool `json:"enableIngressBackendPolicy"` // EnableAccessControlPolicy defines if FSM will use the AccessControl API to allow access control traffic to // service mesh backends. EnableAccessControlPolicy bool `json:"enableAccessControlPolicy"` // EnableAccessCertPolicy defines if FSM can issue certificates for external services.. EnableAccessCertPolicy bool `json:"enableAccessCertPolicy"` // EnableSidecarActiveHealthChecks defines if FSM will Sidecar active health // checks between services allowed to communicate. EnableSidecarActiveHealthChecks bool `json:"enableSidecarActiveHealthChecks"` // EnableRetryPolicy defines if retry policy is enabled. EnableRetryPolicy bool `json:"enableRetryPolicy"` // EnablePluginPolicy defines if plugin policy is enabled. EnablePluginPolicy bool `json:"enablePluginPolicy"` // EnableAutoDefaultRoute defines if auto default route is enabled. EnableAutoDefaultRoute bool `json:"enableAutoDefaultRoute"` }
FeatureFlags is a type to represent FSM's feature flags.
func (*FeatureFlags) DeepCopy ¶
func (in *FeatureFlags) DeepCopy() *FeatureFlags
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureFlags.
func (*FeatureFlags) DeepCopyInto ¶
func (in *FeatureFlags) DeepCopyInto(out *FeatureFlags)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IngressGatewayCertSpec ¶
type IngressGatewayCertSpec struct { // SubjectAltNames defines the Subject Alternative Names (domain names and IP addresses) secured by the certificate. SubjectAltNames []string `json:"subjectAltNames"` // ValidityDuration defines the validity duration of the certificate. ValidityDuration string `json:"validityDuration"` // Secret defines the secret in which the certificate is stored. Secret corev1.SecretReference `json:"secret"` }
IngressGatewayCertSpec is the type to represent the certificate specification for an ingress gateway.
func (*IngressGatewayCertSpec) DeepCopy ¶
func (in *IngressGatewayCertSpec) DeepCopy() *IngressGatewayCertSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressGatewayCertSpec.
func (*IngressGatewayCertSpec) DeepCopyInto ¶
func (in *IngressGatewayCertSpec) DeepCopyInto(out *IngressGatewayCertSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LocalDNSProxy ¶
type LocalDNSProxy struct { // Enable defines a boolean indicating if the sidecars are enabled for local DNS Proxy. Enable bool `json:"enable"` // PrimaryUpstreamDNSServerIPAddr defines a primary upstream DNS server for local DNS Proxy. PrimaryUpstreamDNSServerIPAddr string `json:"primaryUpstreamDNSServerIPAddr,omitempty"` // SecondaryUpstreamDNSServerIPAddr defines a secondary upstream DNS server for local DNS Proxy. SecondaryUpstreamDNSServerIPAddr string `json:"secondaryUpstreamDNSServerIPAddr,omitempty"` }
LocalDNSProxy is the type to represent FSM's local DNS proxy configuration.
func (*LocalDNSProxy) DeepCopy ¶
func (in *LocalDNSProxy) DeepCopy() *LocalDNSProxy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalDNSProxy.
func (*LocalDNSProxy) DeepCopyInto ¶
func (in *LocalDNSProxy) DeepCopyInto(out *LocalDNSProxy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LocalProxyMode ¶
type LocalProxyMode string
LocalProxyMode is a type alias representing the way the sidecar proxies to the main application
const ( // LocalProxyModeLocalhost indicates the the sidecar should communicate with the main application over localhost LocalProxyModeLocalhost LocalProxyMode = "Localhost" // LocalProxyModePodIP indicates that the sidecar should communicate with the main application via the pod ip LocalProxyModePodIP LocalProxyMode = "PodIP" )
type MeshConfig ¶
type MeshConfig struct { // Object's type metadata. metav1.TypeMeta `json:",inline" yaml:",inline"` // Object's metadata. // +optional metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"` // Spec is the MeshConfig specification. // +optional Spec MeshConfigSpec `json:"spec,omitempty" yaml:"spec,omitempty"` }
MeshConfig is the type used to represent the mesh configuration. +genclient +genclient:noStatus +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:deprecatedversion
func (*MeshConfig) DeepCopy ¶
func (in *MeshConfig) DeepCopy() *MeshConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshConfig.
func (*MeshConfig) DeepCopyInto ¶
func (in *MeshConfig) DeepCopyInto(out *MeshConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*MeshConfig) DeepCopyObject ¶
func (in *MeshConfig) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type MeshConfigList ¶
type MeshConfigList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []MeshConfig `json:"items"` }
MeshConfigList lists the MeshConfig objects. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
func (*MeshConfigList) DeepCopy ¶
func (in *MeshConfigList) DeepCopy() *MeshConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshConfigList.
func (*MeshConfigList) DeepCopyInto ¶
func (in *MeshConfigList) DeepCopyInto(out *MeshConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*MeshConfigList) DeepCopyObject ¶
func (in *MeshConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type MeshConfigSpec ¶
type MeshConfigSpec struct { // ClusterSetSpec defines the configurations of cluster. ClusterSet ClusterSetSpec `json:"clusterSet,omitempty"` // Sidecar defines the configurations of the proxy sidecar in a mesh. Sidecar SidecarSpec `json:"sidecar,omitempty"` // RepoServer defines the configurations of pipy repo server. RepoServer RepoServerSpec `json:"repoServer,omitempty"` // Traffic defines the traffic management configurations for a mesh instance. Traffic TrafficSpec `json:"traffic,omitempty"` // Observalility defines the observability configurations for a mesh instance. Observability ObservabilitySpec `json:"observability,omitempty"` // Certificate defines the certificate management configurations for a mesh instance. Certificate CertificateSpec `json:"certificate,omitempty"` // FeatureFlags defines the feature flags for a mesh instance. FeatureFlags FeatureFlags `json:"featureFlags,omitempty"` // PluginChains defines the default plugin chains. PluginChains PluginChainsSpec `json:"pluginChains,omitempty"` }
MeshConfigSpec is the spec for FSM's configuration.
func (*MeshConfigSpec) DeepCopy ¶
func (in *MeshConfigSpec) DeepCopy() *MeshConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshConfigSpec.
func (*MeshConfigSpec) DeepCopyInto ¶
func (in *MeshConfigSpec) DeepCopyInto(out *MeshConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MeshRootCertificate ¶
type MeshRootCertificate struct { // Object's type metadata metav1.TypeMeta `json:",inline"` // Object's metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty"` // Spec is the MeshRootCertificate config specification // +optional Spec MeshRootCertificateSpec `json:"spec,omitempty"` // Status of the MeshRootCertificate resource // +optional Status MeshRootCertificateStatus `json:"status,omitempty"` }
MeshRootCertificate defines the configuration for certificate issuing by the mesh control plane +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:deprecatedversion
func (*MeshRootCertificate) DeepCopy ¶
func (in *MeshRootCertificate) DeepCopy() *MeshRootCertificate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificate.
func (*MeshRootCertificate) DeepCopyInto ¶
func (in *MeshRootCertificate) DeepCopyInto(out *MeshRootCertificate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*MeshRootCertificate) DeepCopyObject ¶
func (in *MeshRootCertificate) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type MeshRootCertificateList ¶
type MeshRootCertificateList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []MeshRootCertificate `json:"items"` }
MeshRootCertificateList defines the list of MeshRootCertificate objects +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
func (*MeshRootCertificateList) DeepCopy ¶
func (in *MeshRootCertificateList) DeepCopy() *MeshRootCertificateList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateList.
func (*MeshRootCertificateList) DeepCopyInto ¶
func (in *MeshRootCertificateList) DeepCopyInto(out *MeshRootCertificateList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*MeshRootCertificateList) DeepCopyObject ¶
func (in *MeshRootCertificateList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type MeshRootCertificateSpec ¶
type MeshRootCertificateSpec struct { // Provider specifies the mesh certificate provider Provider ProviderSpec `json:"provider"` // TrustDomain is the trust domain to use as a suffix in Common Names for new certificates. TrustDomain string `json:"trustDomain"` }
MeshRootCertificateSpec defines the mesh root certificate specification
func (*MeshRootCertificateSpec) DeepCopy ¶
func (in *MeshRootCertificateSpec) DeepCopy() *MeshRootCertificateSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateSpec.
func (*MeshRootCertificateSpec) DeepCopyInto ¶
func (in *MeshRootCertificateSpec) DeepCopyInto(out *MeshRootCertificateSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MeshRootCertificateStatus ¶
type MeshRootCertificateStatus struct { // State specifies the state of the certificate provider // All states are specified in constants.go State string `json:"state"` }
MeshRootCertificateStatus defines the status of the MeshRootCertificate resource
func (*MeshRootCertificateStatus) DeepCopy ¶
func (in *MeshRootCertificateStatus) DeepCopy() *MeshRootCertificateStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateStatus.
func (*MeshRootCertificateStatus) DeepCopyInto ¶
func (in *MeshRootCertificateStatus) DeepCopyInto(out *MeshRootCertificateStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ObservabilitySpec ¶
type ObservabilitySpec struct { // FSMLogLevel defines the log level for FSM control plane logs. FSMLogLevel string `json:"fsmLogLevel,omitempty"` // Tracing defines FSM's tracing configuration. Tracing TracingSpec `json:"tracing,omitempty"` // RemoteLogging defines FSM's remote logging configuration. RemoteLogging RemoteLoggingSpec `json:"remoteLogging,omitempty"` }
ObservabilitySpec is the type to represent FSM's observability configurations.
func (*ObservabilitySpec) DeepCopy ¶
func (in *ObservabilitySpec) DeepCopy() *ObservabilitySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObservabilitySpec.
func (*ObservabilitySpec) DeepCopyInto ¶
func (in *ObservabilitySpec) DeepCopyInto(out *ObservabilitySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PluginChainSpec ¶
type PluginChainSpec struct { // Plugin defines the name of plugin Plugin string `json:"plugin"` // Priority defines the priority of plugin Priority float32 `json:"priority"` // Disable defines the visibility of plugin Disable bool `json:"disable"` }
PluginChainSpec is the type to represent plugin chain.
func (*PluginChainSpec) DeepCopy ¶
func (in *PluginChainSpec) DeepCopy() *PluginChainSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginChainSpec.
func (*PluginChainSpec) DeepCopyInto ¶
func (in *PluginChainSpec) DeepCopyInto(out *PluginChainSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PluginChainsSpec ¶
type PluginChainsSpec struct { // InboundTCPChains defines inbound tcp chains InboundTCPChains []*PluginChainSpec `json:"inbound-tcp"` // InboundHTTPChains defines inbound http chains InboundHTTPChains []*PluginChainSpec `json:"inbound-http"` // OutboundTCPChains defines outbound tcp chains OutboundTCPChains []*PluginChainSpec `json:"outbound-tcp"` // OutboundHTTPChains defines outbound http chains OutboundHTTPChains []*PluginChainSpec `json:"outbound-http"` }
PluginChainsSpec is the type to represent plugin chains.
func (*PluginChainsSpec) DeepCopy ¶
func (in *PluginChainsSpec) DeepCopy() *PluginChainsSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginChainsSpec.
func (*PluginChainsSpec) DeepCopyInto ¶
func (in *PluginChainsSpec) DeepCopyInto(out *PluginChainsSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderSpec ¶
type ProviderSpec struct { // CertManager specifies the cert-manager provider configuration // +optional CertManager *CertManagerProviderSpec `json:"certManager,omitempty"` // Vault specifies the vault provider configuration // +optional Vault *VaultProviderSpec `json:"vault,omitempty"` // Tresor specifies the Tresor provider configuration // +optional Tresor *TresorProviderSpec `json:"tresor,omitempty"` }
ProviderSpec defines the certificate provider used by the mesh control plane
func (*ProviderSpec) DeepCopy ¶
func (in *ProviderSpec) DeepCopy() *ProviderSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderSpec.
func (*ProviderSpec) DeepCopyInto ¶
func (in *ProviderSpec) DeepCopyInto(out *ProviderSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RemoteLoggingSpec ¶
type RemoteLoggingSpec struct { // Enable defines a boolean indicating if the sidecars are enabled for remote logging. Enable bool `json:"enable"` // Level defines the remote logging's level. Level uint16 `json:"level,omitempty"` // Port defines the remote logging's port. Port int16 `json:"port,omitempty"` // Address defines the remote logging's hostname. Address string `json:"address,omitempty"` // Endpoint defines the API endpoint for remote logging requests sent to the collector. Endpoint string `json:"endpoint,omitempty"` // Authorization defines the access entity that allows to authorize someone in remote logging service. Authorization string `json:"authorization,omitempty"` // SampledFraction defines the sampled fraction. SampledFraction *string `json:"sampledFraction,omitempty"` }
RemoteLoggingSpec is the type to represent FSM's remote logging configuration.
func (*RemoteLoggingSpec) DeepCopy ¶
func (in *RemoteLoggingSpec) DeepCopy() *RemoteLoggingSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteLoggingSpec.
func (*RemoteLoggingSpec) DeepCopyInto ¶
func (in *RemoteLoggingSpec) DeepCopyInto(out *RemoteLoggingSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RepoServerSpec ¶
type RepoServerSpec struct { // IPAddr of the pipy repo server IPAddr string `json:"ipaddr"` // Codebase is the folder used by fsmController Codebase string `json:"codebase"` }
RepoServerSpec is the type to represent repo server.
func (*RepoServerSpec) DeepCopy ¶
func (in *RepoServerSpec) DeepCopy() *RepoServerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RepoServerSpec.
func (*RepoServerSpec) DeepCopyInto ¶
func (in *RepoServerSpec) DeepCopyInto(out *RepoServerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretKeyReferenceSpec ¶
type SecretKeyReferenceSpec struct { // Name specifies the name of the secret in which the Vault token is stored Name string `json:"name"` // Key specifies the key whose value is the Vault token Key string `json:"key"` // Namespace specifies the namespace of the secret in which the Vault token is stored Namespace string `json:"namespace"` }
SecretKeyReferenceSpec defines the configuration of the secret reference
func (*SecretKeyReferenceSpec) DeepCopy ¶
func (in *SecretKeyReferenceSpec) DeepCopy() *SecretKeyReferenceSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeyReferenceSpec.
func (*SecretKeyReferenceSpec) DeepCopyInto ¶
func (in *SecretKeyReferenceSpec) DeepCopyInto(out *SecretKeyReferenceSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SidecarDriverSpec ¶
type SidecarDriverSpec struct { // SidecarName defines the name of the sidecar driver. SidecarName string `json:"sidecarName,omitempty"` // SidecarImage defines the container image used for the proxy sidecar. SidecarImage string `json:"sidecarImage,omitempty"` // InitContainerImage defines the container image used for the init container injected to meshed pods. InitContainerImage string `json:"initContainerImage,omitempty"` // ProxyServerPort is the port on which the Discovery Service listens for new connections from Sidecars ProxyServerPort uint32 `json:"proxyServerPort"` // SidecarDisabledMTLS defines whether mTLS is disabled. SidecarDisabledMTLS bool `json:"sidecarDisabledMTLS"` }
SidecarDriverSpec is the type to represent FSM's sidecar driver define.
func (*SidecarDriverSpec) DeepCopy ¶
func (in *SidecarDriverSpec) DeepCopy() *SidecarDriverSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarDriverSpec.
func (*SidecarDriverSpec) DeepCopyInto ¶
func (in *SidecarDriverSpec) DeepCopyInto(out *SidecarDriverSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SidecarSpec ¶
type SidecarSpec struct { // EnablePrivilegedInitContainer defines a boolean indicating whether the init container for a meshed pod should run as privileged. EnablePrivilegedInitContainer bool `json:"enablePrivilegedInitContainer"` // LogLevel defines the logging level for the sidecar's logs. Non developers should generally never set this value. In production environments the LogLevel should be set to error. LogLevel string `json:"logLevel,omitempty"` // SidecarClass defines the class used for the proxy sidecar. SidecarClass string `json:"sidecarClass,omitempty"` // SidecarImage defines the container image used for the proxy sidecar. SidecarImage string `json:"sidecarImage,omitempty"` // SidecarDisabledMTLS defines whether mTLS is disabled. SidecarDisabledMTLS bool `json:"sidecarDisabledMTLS"` // InitContainerImage defines the container image used for the init container injected to meshed pods. InitContainerImage string `json:"initContainerImage,omitempty"` // SidecarDrivers defines the sidecar supported. SidecarDrivers []SidecarDriverSpec `json:"sidecarDrivers,omitempty"` // MaxDataPlaneConnections defines the maximum allowed data plane connections from a proxy sidecar to the FSM controller. MaxDataPlaneConnections int `json:"maxDataPlaneConnections,omitempty"` // ConfigResyncInterval defines the resync interval for regular proxy broadcast updates. ConfigResyncInterval string `json:"configResyncInterval,omitempty"` // SidecarTimeout defines the connect/idle/read/write timeout. SidecarTimeout int `json:"sidecarTimeout,omitempty"` // Resources defines the compute resources for the sidecar. Resources corev1.ResourceRequirements `json:"resources,omitempty"` // TLSMinProtocolVersion defines the minimum TLS protocol version that the sidecar supports. Valid TLS protocol versions are TLS_AUTO, TLSv1_0, TLSv1_1, TLSv1_2 and TLSv1_3. TLSMinProtocolVersion string `json:"tlsMinProtocolVersion,omitempty"` // TLSMaxProtocolVersion defines the maximum TLS protocol version that the sidecar supports. Valid TLS protocol versions are TLS_AUTO, TLSv1_0, TLSv1_1, TLSv1_2 and TLSv1_3. TLSMaxProtocolVersion string `json:"tlsMaxProtocolVersion,omitempty"` // CipherSuites defines a list of ciphers that listener supports when negotiating TLS 1.0-1.2. This setting has no effect when negotiating TLS 1.3. For valid cipher names, see the latest OpenSSL ciphers manual page. E.g. https://www.openssl.org/docs/man1.1.1/apps/ciphers.html. CipherSuites []string `json:"cipherSuites,omitempty"` // ECDHCurves defines a list of ECDH curves that TLS connection supports. If not specified, the curves are [X25519, P-256] for non-FIPS build and P-256 for builds using BoringSSL FIPS. ECDHCurves []string `json:"ecdhCurves,omitempty"` // LocalProxyMode defines the network interface the proxy will use to send traffic to the backend service application. Acceptable values are [`Localhost`, `PodIP`]. The default is `Localhost` LocalProxyMode LocalProxyMode `json:"localProxyMode,omitempty"` // LocalDNSProxy improves the performance of your computer by caching the responses coming from your DNS servers LocalDNSProxy LocalDNSProxy `json:"localDNSProxy,omitempty"` }
SidecarSpec is the type used to represent the specifications for the proxy sidecar.
func (*SidecarSpec) DeepCopy ¶
func (in *SidecarSpec) DeepCopy() *SidecarSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarSpec.
func (*SidecarSpec) DeepCopyInto ¶
func (in *SidecarSpec) DeepCopyInto(out *SidecarSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TracingSpec ¶
type TracingSpec struct { // Enable defines a boolean indicating if the sidecars are enabled for tracing. Enable bool `json:"enable"` // Port defines the tracing collector's port. Port int16 `json:"port,omitempty"` // Address defines the tracing collectio's hostname. Address string `json:"address,omitempty"` // Endpoint defines the API endpoint for tracing requests sent to the collector. Endpoint string `json:"endpoint,omitempty"` // SampledFraction defines the sampled fraction. SampledFraction *string `json:"sampledFraction,omitempty"` }
TracingSpec is the type to represent FSM's tracing configuration.
func (*TracingSpec) DeepCopy ¶
func (in *TracingSpec) DeepCopy() *TracingSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TracingSpec.
func (*TracingSpec) DeepCopyInto ¶
func (in *TracingSpec) DeepCopyInto(out *TracingSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TrafficSpec ¶
type TrafficSpec struct { // InterceptionMode defines a string indicating which traffic interception mode is used. InterceptionMode string `json:"interceptionMode"` // EnableEgress defines a boolean indicating if mesh-wide Egress is enabled. EnableEgress bool `json:"enableEgress"` // OutboundIPRangeExclusionList defines a global list of IP address ranges to exclude from outbound traffic interception by the sidecar proxy. OutboundIPRangeExclusionList []string `json:"outboundIPRangeExclusionList"` // OutboundIPRangeInclusionList defines a global list of IP address ranges to include for outbound traffic interception by the sidecar proxy. // IP addresses outside this range will be excluded from outbound traffic interception by the sidecar proxy. OutboundIPRangeInclusionList []string `json:"outboundIPRangeInclusionList"` // OutboundPortExclusionList defines a global list of ports to exclude from outbound traffic interception by the sidecar proxy. OutboundPortExclusionList []int `json:"outboundPortExclusionList"` // InboundPortExclusionList defines a global list of ports to exclude from inbound traffic interception by the sidecar proxy. InboundPortExclusionList []int `json:"inboundPortExclusionList"` // EnablePermissiveTrafficPolicyMode defines a boolean indicating if permissive traffic policy mode is enabled mesh-wide. EnablePermissiveTrafficPolicyMode bool `json:"enablePermissiveTrafficPolicyMode"` // ServiceAccessMode defines a string indicating service access mode. ServiceAccessMode string `json:"serviceAccessMode"` // InboundExternalAuthorization defines a ruleset that, if enabled, will configure a remote external authorization endpoint // for all inbound and ingress traffic in the mesh. InboundExternalAuthorization ExternalAuthzSpec `json:"inboundExternalAuthorization,omitempty"` // NetworkInterfaceExclusionList defines a global list of network interface // names to exclude from inbound and outbound traffic interception by the // sidecar proxy. NetworkInterfaceExclusionList []string `json:"networkInterfaceExclusionList"` // HTTP1PerRequestLoadBalancing defines a boolean indicating if load balancing based on request is enabled for http1. HTTP1PerRequestLoadBalancing bool `json:"http1PerRequestLoadBalancing"` // HTTP1PerRequestLoadBalancing defines a boolean indicating if load balancing based on request is enabled for http2. HTTP2PerRequestLoadBalancing bool `json:"http2PerRequestLoadBalancing"` }
TrafficSpec is the type used to represent FSM's traffic management configuration.
func (*TrafficSpec) DeepCopy ¶
func (in *TrafficSpec) DeepCopy() *TrafficSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrafficSpec.
func (*TrafficSpec) DeepCopyInto ¶
func (in *TrafficSpec) DeepCopyInto(out *TrafficSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TresorCASpec ¶
type TresorCASpec struct { // SecretRef specifies the secret in which the root certificate is stored SecretRef corev1.SecretReference `json:"secretRef"` }
TresorCASpec defines the configuration of Tresor's root certificate
func (*TresorCASpec) DeepCopy ¶
func (in *TresorCASpec) DeepCopy() *TresorCASpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TresorCASpec.
func (*TresorCASpec) DeepCopyInto ¶
func (in *TresorCASpec) DeepCopyInto(out *TresorCASpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TresorProviderSpec ¶
type TresorProviderSpec struct { // CA specifies Tresor's ca configuration CA TresorCASpec `json:"ca"` }
TresorProviderSpec defines the configuration of the Tresor provider
func (*TresorProviderSpec) DeepCopy ¶
func (in *TresorProviderSpec) DeepCopy() *TresorProviderSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TresorProviderSpec.
func (*TresorProviderSpec) DeepCopyInto ¶
func (in *TresorProviderSpec) DeepCopyInto(out *TresorProviderSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultProviderSpec ¶
type VaultProviderSpec struct { // Host specifies the name of the Vault server Host string `json:"host"` // Port specifies the port of the Vault server Port int `json:"port"` // Role specifies the name of the role for use by mesh control plane Role string `json:"role"` // Protocol specifies the protocol for connections to Vault Protocol string `json:"protocol"` // Token specifies the configuration of the token to be used by mesh control plane // to connect to Vault Token VaultTokenSpec `json:"token"` }
VaultProviderSpec defines the configuration of the Vault provider
func (*VaultProviderSpec) DeepCopy ¶
func (in *VaultProviderSpec) DeepCopy() *VaultProviderSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultProviderSpec.
func (*VaultProviderSpec) DeepCopyInto ¶
func (in *VaultProviderSpec) DeepCopyInto(out *VaultProviderSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultTokenSpec ¶
type VaultTokenSpec struct { // SecretKeyRef specifies the secret in which the Vault token is stored SecretKeyRef SecretKeyReferenceSpec `json:"secretKeyRef"` }
VaultTokenSpec defines the configuration of the Vault token
func (*VaultTokenSpec) DeepCopy ¶
func (in *VaultTokenSpec) DeepCopy() *VaultTokenSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultTokenSpec.
func (*VaultTokenSpec) DeepCopyInto ¶
func (in *VaultTokenSpec) DeepCopyInto(out *VaultTokenSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.