v1alpha2

package
v0.0.0-...-4b75dde Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 15, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package v1alpha2 is the v1alpha2 version of the API.

Package v1alpha2 contains API Schema definitions for the config.openservicemesh.io v1alpha2 API group

Index

Constants

This section is empty.

Variables

View Source 
var (
	// SchemeGroupVersion is group version used to register MeshConfig
	SchemeGroupVersion = schema.GroupVersion{
		Group:   "config.openservicemesh.io",
		Version: "v1alpha2",
	}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)

	// AddToScheme adds all Resources to the Scheme
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type CertManagerProviderSpec 

type CertManagerProviderSpec struct {
	// IssuerName specifies the name of the Issuer resource
	IssuerName string `json:"issuerName"`

	// IssuerKind specifies the kind of Issuer
	IssuerKind string `json:"issuerKind"`

	// IssuerGroup specifies the group the Issuer belongs to
	IssuerGroup string `json:"issuerGroup"`
}

CertManagerProviderSpec defines the configuration of the cert-manager provider

func (*CertManagerProviderSpec) DeepCopy 

func (in *CertManagerProviderSpec) DeepCopy() *CertManagerProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertManagerProviderSpec.

func (*CertManagerProviderSpec) DeepCopyInto 

func (in *CertManagerProviderSpec) DeepCopyInto(out *CertManagerProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateSpec 

type CertificateSpec struct {
	// ServiceCertValidityDuration defines the service certificate validity duration.
	ServiceCertValidityDuration string `json:"serviceCertValidityDuration,omitempty"`

	// CertKeyBitSize defines the certicate key bit size.
	CertKeyBitSize int `json:"certKeyBitSize,omitempty"`

	// IngressGateway defines the certificate specification for an ingress gateway.
	// +optional
	IngressGateway *IngressGatewayCertSpec `json:"ingressGateway,omitempty"`
}

CertificateSpec is the type to reperesent OSM's certificate management configuration.

func (*CertificateSpec) DeepCopy 

func (in *CertificateSpec) DeepCopy() *CertificateSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec.

func (*CertificateSpec) DeepCopyInto 

func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExtensionService 

type ExtensionService struct {
	// Object's type metadata.
	metav1.TypeMeta `json:",inline"`

	// Object's metadata.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec defines the specification of the extension service.
	// +optional
	Spec ExtensionServiceSpec `json:"spec,omitempty"`
}

ExtensionService defines the configuration of the external service that an OSM managed mesh integrates with. +genclient +genclient:noStatus +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*ExtensionService) DeepCopy 

func (in *ExtensionService) DeepCopy() *ExtensionService

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionService.

func (*ExtensionService) DeepCopyInto 

func (in *ExtensionService) DeepCopyInto(out *ExtensionService)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExtensionService) DeepCopyObject 

func (in *ExtensionService) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ExtensionServiceList 

type ExtensionServiceList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []ExtensionService `json:"items"`
}

ExtensionServiceList defines the list of ExtensionService objects. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*ExtensionServiceList) DeepCopy 

func (in *ExtensionServiceList) DeepCopy() *ExtensionServiceList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionServiceList.

func (*ExtensionServiceList) DeepCopyInto 

func (in *ExtensionServiceList) DeepCopyInto(out *ExtensionServiceList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExtensionServiceList) DeepCopyObject 

func (in *ExtensionServiceList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ExtensionServiceSpec 

type ExtensionServiceSpec struct {
	// Host defines the hostname of the extension service.
	Host string `json:"host"`

	// Port defines the port number of the extension service.
	Port uint32 `json:"port"`

	// Protocol defines the protocol of the extension service.
	Protocol string `json:"protocol"`

	// ConnectTimeout defines the timeout for connecting to the extension service.
	// +optional
	ConnectTimeout *metav1.Duration `json:"connectTimeout,omitempty"`
}

ExtensionServiceSpec defines the specification of the extension service.

func (*ExtensionServiceSpec) DeepCopy 

func (in *ExtensionServiceSpec) DeepCopy() *ExtensionServiceSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionServiceSpec.

func (*ExtensionServiceSpec) DeepCopyInto 

func (in *ExtensionServiceSpec) DeepCopyInto(out *ExtensionServiceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalAuthzSpec 

type ExternalAuthzSpec struct {
	// Enable defines a boolean indicating if the external authorization policy is to be enabled.
	Enable bool `json:"enable"`

	// Address defines the remote address of the external authorization endpoint.
	Address string `json:"address,omitempty"`

	// Port defines the destination port of the remote external authorization endpoint.
	Port uint16 `json:"port,omitempty"`

	// StatPrefix defines a prefix for the stats sink for this external authorization policy.
	StatPrefix string `json:"statPrefix,omitempty"`

	// Timeout defines the timeout in which a response from the external authorization endpoint.
	// is expected to execute.
	Timeout string `json:"timeout,omitempty"`

	// FailureModeAllow defines a boolean indicating if traffic should be allowed on a failure to get a
	// response against the external authorization endpoint.
	FailureModeAllow bool `json:"failureModeAllow"`
}

ExternalAuthzSpec is a type to represent external authorization configuration.

func (*ExternalAuthzSpec) DeepCopy 

func (in *ExternalAuthzSpec) DeepCopy() *ExternalAuthzSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalAuthzSpec.

func (*ExternalAuthzSpec) DeepCopyInto 

func (in *ExternalAuthzSpec) DeepCopyInto(out *ExternalAuthzSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FeatureFlags 

type FeatureFlags struct {
	// EnableWASMStats defines if WASM Stats are enabled.
	EnableWASMStats bool `json:"enableWASMStats"`

	// EnableEgressPolicy defines if OSM's EgressPolicy API is enabled.
	// DEPRECATED, do not use.
	// Disable mesh-wide global egress by setting 'spec.traffic.enableEgress'
	// to 'false' to implicitly enable the usage of EgressPolicy API.
	EnableEgressPolicy bool `json:"enableEgressPolicy"`

	// EnableSnapshotCacheMode defines if XDS server starts with snapshot cache.
	EnableSnapshotCacheMode bool `json:"enableSnapshotCacheMode"`

	//EnableAsyncProxyServiceMapping defines if OSM will map proxies to services asynchronously.
	EnableAsyncProxyServiceMapping bool `json:"enableAsyncProxyServiceMapping"`

	// EnableIngressBackendPolicy defines if OSM will use the IngressBackend API to allow ingress traffic to
	// service mesh backends.
	EnableIngressBackendPolicy bool `json:"enableIngressBackendPolicy"`

	// EnableEnvoyActiveHealthChecks defines if OSM will Envoy active health
	// checks between services allowed to communicate.
	EnableEnvoyActiveHealthChecks bool `json:"enableEnvoyActiveHealthChecks"`

	// EnableRetryPolicy defines if retry policy is enabled.
	EnableRetryPolicy bool `json:"enableRetryPolicy"`

	// EnableMeshRootCertificate defines if MRCs are used for certificate management.
	// If enabled after install, the control plane must be restarted to pick up on the update.
	EnableMeshRootCertificate bool `json:"enableMeshRootCertificate"`
}

FeatureFlags is a type to represent OSM's feature flags.

func (*FeatureFlags) DeepCopy 

func (in *FeatureFlags) DeepCopy() *FeatureFlags

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureFlags.

func (*FeatureFlags) DeepCopyInto 

func (in *FeatureFlags) DeepCopyInto(out *FeatureFlags)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IngressGatewayCertSpec 

type IngressGatewayCertSpec struct {
	// SubjectAltNames defines the Subject Alternative Names (domain names and IP addresses) secured by the certificate.
	SubjectAltNames []string `json:"subjectAltNames"`

	// ValidityDuration defines the validity duration of the certificate.
	ValidityDuration string `json:"validityDuration"`

	// Secret defines the secret in which the certificate is stored.
	Secret corev1.SecretReference `json:"secret"`
}

IngressGatewayCertSpec is the type to represent the certificate specification for an ingress gateway.

func (*IngressGatewayCertSpec) DeepCopy 

func (in *IngressGatewayCertSpec) DeepCopy() *IngressGatewayCertSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressGatewayCertSpec.

func (*IngressGatewayCertSpec) DeepCopyInto 

func (in *IngressGatewayCertSpec) DeepCopyInto(out *IngressGatewayCertSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalProxyMode 

type LocalProxyMode string

LocalProxyMode is a type alias representing the way the envoy sidecar proxies to the main application 

const (
	// LocalProxyModeLocalhost indicates the the sidecar should communicate with the main application over localhost
	LocalProxyModeLocalhost LocalProxyMode = "Localhost"
	// LocalProxyModePodIP indicates that the sidecar should communicate with the main application via the pod ip
	LocalProxyModePodIP LocalProxyMode = "PodIP"
)

type MeshConfig 

type MeshConfig struct {
	// Object's type metadata.
	metav1.TypeMeta `json:",inline" yaml:",inline"`

	// Object's metadata.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`

	// Spec is the MeshConfig specification.
	// +optional
	Spec MeshConfigSpec `json:"spec,omitempty" yaml:"spec,omitempty"`
}

MeshConfig is the type used to represent the mesh configuration. +genclient +genclient:noStatus +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*MeshConfig) DeepCopy 

func (in *MeshConfig) DeepCopy() *MeshConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshConfig.

func (*MeshConfig) DeepCopyInto 

func (in *MeshConfig) DeepCopyInto(out *MeshConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshConfig) DeepCopyObject 

func (in *MeshConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MeshConfigList 

type MeshConfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`

	Items []MeshConfig `json:"items"`
}

MeshConfigList lists the MeshConfig objects. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*MeshConfigList) DeepCopy 

func (in *MeshConfigList) DeepCopy() *MeshConfigList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshConfigList.

func (*MeshConfigList) DeepCopyInto 

func (in *MeshConfigList) DeepCopyInto(out *MeshConfigList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshConfigList) DeepCopyObject 

func (in *MeshConfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MeshConfigSpec 

type MeshConfigSpec struct {
	// Sidecar defines the configurations of the proxy sidecar in a mesh.
	Sidecar SidecarSpec `json:"sidecar,omitempty"`

	// Traffic defines the traffic management configurations for a mesh instance.
	Traffic TrafficSpec `json:"traffic,omitempty"`

	// Observalility defines the observability configurations for a mesh instance.
	Observability ObservabilitySpec `json:"observability,omitempty"`

	// Certificate defines the certificate management configurations for a mesh instance.
	Certificate CertificateSpec `json:"certificate,omitempty"`

	// FeatureFlags defines the feature flags for a mesh instance.
	FeatureFlags FeatureFlags `json:"featureFlags,omitempty"`
}

MeshConfigSpec is the spec for OSM's configuration.

func (*MeshConfigSpec) DeepCopy 

func (in *MeshConfigSpec) DeepCopy() *MeshConfigSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshConfigSpec.

func (*MeshConfigSpec) DeepCopyInto 

func (in *MeshConfigSpec) DeepCopyInto(out *MeshConfigSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshRootCertificate 

type MeshRootCertificate struct {
	// Object's type metadata
	metav1.TypeMeta `json:",inline"`

	// Object's metadata
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec is the MeshRootCertificate config specification
	// +optional
	Spec MeshRootCertificateSpec `json:"spec,omitempty"`

	// Status of the MeshRootCertificate resource
	// +optional
	Status MeshRootCertificateStatus `json:"status,omitempty"`
}

MeshRootCertificate defines the configuration for certificate issuing by the mesh control plane +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*MeshRootCertificate) DeepCopy 

func (in *MeshRootCertificate) DeepCopy() *MeshRootCertificate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificate.

func (*MeshRootCertificate) DeepCopyInto 

func (in *MeshRootCertificate) DeepCopyInto(out *MeshRootCertificate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshRootCertificate) DeepCopyObject 

func (in *MeshRootCertificate) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MeshRootCertificateComponentStatus 

type MeshRootCertificateComponentStatus string

MeshRootCertificateComponentStatus specifies the status of the certificate component, can be (`Issuing`, `Validating`, `Unknown`). 

const (
	// Issuing means that the root cert described by this MRC is now issuing certs for this component of OSM.
	Issuing MeshRootCertificateComponentStatus = "issuing"

	// Validating means that the root cert's cert chain, described by this MRC is now part of the CABundle used to
	// validate requests for this component..
	Validating MeshRootCertificateComponentStatus = "validating"

	// Unused means that the root cert described by this MRC is unused.
	Unused MeshRootCertificateComponentStatus = "unused"

	// UnknownComponentStatus means that the use of the root cert described by this MRC is in an unknown state for this
	// component.
	UnknownComponentStatus MeshRootCertificateComponentStatus = "unknown"
)

type MeshRootCertificateComponentStatuses 

type MeshRootCertificateComponentStatuses struct {
	ValidatingWebhook MeshRootCertificateComponentStatus `json:"validatingWebhook"`
	MutatingWebhook   MeshRootCertificateComponentStatus `json:"mutatingWebhook"`
	XDSControlPlane   MeshRootCertificateComponentStatus `json:"xdsControlPlane"`
	Sidecar           MeshRootCertificateComponentStatus `json:"sidecar"`
	Bootstrap         MeshRootCertificateComponentStatus `json:"bootstrap"`
	Gateway           MeshRootCertificateComponentStatus `json:"gateway"`
}

MeshRootCertificateComponentStatuses is the set of statuses for each certificate component in the cluster.

func (*MeshRootCertificateComponentStatuses) DeepCopy 

func (in *MeshRootCertificateComponentStatuses) DeepCopy() *MeshRootCertificateComponentStatuses

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateComponentStatuses.

func (*MeshRootCertificateComponentStatuses) DeepCopyInto 

func (in *MeshRootCertificateComponentStatuses) DeepCopyInto(out *MeshRootCertificateComponentStatuses)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshRootCertificateCondition 

type MeshRootCertificateCondition struct {
	// Type of the condition,
	// one of (`Ready`, `Accepted`, `IssuingRollout`, `ValidatingRollout`, `IssuingRollback`, `ValidatingRollback`).
	Type MeshRootCertificateConditionType `json:"type"`

	// Status of the condition, one of (`True`, `False`, `Unknown`).
	Status MeshRootCertificateConditionStatus `json:"status"`

	// LastTransitionTime is the timestamp corresponding to the last status
	// change of this condition.
	// +optional
	LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`

	// Reason is a brief machine readable explanation for the condition's last
	// transition (should be in camelCase).
	// +optional
	Reason string `json:"reason,omitempty"`

	// Message is a human readable description of the details of the last
	// transition, complementing reason.
	// +optional
	Message string `json:"message,omitempty"`
}

MeshRootCertificateCondition defines the condition of the MeshRootCertificate resource.

func (*MeshRootCertificateCondition) DeepCopy 

func (in *MeshRootCertificateCondition) DeepCopy() *MeshRootCertificateCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateCondition.

func (*MeshRootCertificateCondition) DeepCopyInto 

func (in *MeshRootCertificateCondition) DeepCopyInto(out *MeshRootCertificateCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshRootCertificateConditionStatus 

type MeshRootCertificateConditionStatus string

MeshRootCertificateConditionStatus specifies the status of the MeshRootCertificate condition, one of (`True`, `False`, `Unknown`).

type MeshRootCertificateConditionType 

type MeshRootCertificateConditionType string

MeshRootCertificateConditionType specifies the type of the condition, one of (`Ready`, `Accepted`, `IssuingRollout`, `ValidatingRollout`, `IssuingRollback`, `ValidatingRollback`).

type MeshRootCertificateList 

type MeshRootCertificateList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []MeshRootCertificate `json:"items"`
}

MeshRootCertificateList defines the list of MeshRootCertificate objects +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*MeshRootCertificateList) DeepCopy 

func (in *MeshRootCertificateList) DeepCopy() *MeshRootCertificateList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateList.

func (*MeshRootCertificateList) DeepCopyInto 

func (in *MeshRootCertificateList) DeepCopyInto(out *MeshRootCertificateList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MeshRootCertificateList) DeepCopyObject 

func (in *MeshRootCertificateList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MeshRootCertificateRole 

type MeshRootCertificateRole string

MeshRootCertificateRole specifies the role of the MeshRootCertificate can be (Active, Passive). 

const (
	// ActiveRole means the settings and certificate provider in this MRC are used for signing and
	// validating certificates.
	ActiveRole MeshRootCertificateRole = "active"

	// PassiveRole means the settings and certificate provider in this MRC are used for validating
	// certificates.
	PassiveRole MeshRootCertificateRole = "passive"

	// InactiveRole means the settings and certificate provider in this MRC no longer in use.
	InactiveRole MeshRootCertificateRole = "inactive"
)

type MeshRootCertificateSpec 

type MeshRootCertificateSpec struct {
	// Provider specifies the mesh certificate provider
	Provider ProviderSpec `json:"provider"`

	// TrustDomain is the trust domain to use as a suffix in Common Names for new certificates.
	TrustDomain string `json:"trustDomain"`

	// Role of the MeshRootCertificate resource
	Role MeshRootCertificateRole `json:"role"`

	// SpiffeEnabled will add a SPIFFE ID to the certificates, creating a SPIFFE compatible x509 SVID document
	// SPIFFE ID will be used for validation and routing after this MeshRootCertificate is made 'active' (i.e. it is issuing and validating certificates)
	SpiffeEnabled bool `json:"spiffeEnabled"`
}

MeshRootCertificateSpec defines the mesh root certificate specification

func (*MeshRootCertificateSpec) DeepCopy 

func (in *MeshRootCertificateSpec) DeepCopy() *MeshRootCertificateSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateSpec.

func (*MeshRootCertificateSpec) DeepCopyInto 

func (in *MeshRootCertificateSpec) DeepCopyInto(out *MeshRootCertificateSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MeshRootCertificateStatus 

type MeshRootCertificateStatus struct {
	// State specifies the state of the certificate provider.
	// All states are specified in constants.go
	State string `json:"state"`

	// If present, this MRC can transition to the next state in the state machine after this timestamp.
	TransitionAfter *metav1.Time `json:"transitionAfter,omitempty"`

	// Set of statuses for each certificate component in the cluster (e.g. webhooks, bootstrap, etc.)
	// NOTE: There is a caveat that since these components belong to horizontally scalable pods, it is possible that not
	// all of these components will be ready. That is, one controller might mark the ADS server as ready, while all other
	// controllers have yet to rotate their controller cert.
	ComponentStatuses MeshRootCertificateComponentStatuses `json:"componentStatuses"`

	// List of status conditions to indicate the status of a MeshRootCertificate.
	// Known condition types are `Ready` and `InvalidRequest`.
	// +optional
	Conditions []MeshRootCertificateCondition `json:"conditions"`
}

MeshRootCertificateStatus defines the status of the MeshRootCertificate resource.

func (*MeshRootCertificateStatus) DeepCopy 

func (in *MeshRootCertificateStatus) DeepCopy() *MeshRootCertificateStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshRootCertificateStatus.

func (*MeshRootCertificateStatus) DeepCopyInto 

func (in *MeshRootCertificateStatus) DeepCopyInto(out *MeshRootCertificateStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ObservabilitySpec 

type ObservabilitySpec struct {
	// OSMLogLevel defines the log level for OSM control plane logs.
	OSMLogLevel string `json:"osmLogLevel,omitempty"`

	// EnableDebugServer defines if the debug endpoint on the OSM controller pod is enabled.
	EnableDebugServer bool `json:"enableDebugServer"`

	// Tracing defines OSM's tracing configuration.
	Tracing TracingSpec `json:"tracing,omitempty"`
}

ObservabilitySpec is the type to represent OSM's observability configurations.

func (*ObservabilitySpec) DeepCopy 

func (in *ObservabilitySpec) DeepCopy() *ObservabilitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObservabilitySpec.

func (*ObservabilitySpec) DeepCopyInto 

func (in *ObservabilitySpec) DeepCopyInto(out *ObservabilitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProviderSpec 

type ProviderSpec struct {
	// CertManager specifies the cert-manager provider configuration
	// +optional
	CertManager *CertManagerProviderSpec `json:"certManager,omitempty"`

	// Vault specifies the vault provider configuration
	// +optional
	Vault *VaultProviderSpec `json:"vault,omitempty"`

	// Tresor specifies the Tresor provider configuration
	// +optional
	Tresor *TresorProviderSpec `json:"tresor,omitempty"`
}

ProviderSpec defines the certificate provider used by the mesh control plane

func (*ProviderSpec) DeepCopy 

func (in *ProviderSpec) DeepCopy() *ProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderSpec.

func (*ProviderSpec) DeepCopyInto 

func (in *ProviderSpec) DeepCopyInto(out *ProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretKeyReferenceSpec 

type SecretKeyReferenceSpec struct {
	// Name specifies the name of the secret in which the Vault token is stored
	Name string `json:"name"`

	// Key specifies the key whose value is the Vault token
	Key string `json:"key"`

	// Namespace specifies the namespace of the secret in which the Vault token is stored
	Namespace string `json:"namespace"`
}

SecretKeyReferenceSpec defines the configuration of the secret reference

func (*SecretKeyReferenceSpec) DeepCopy 

func (in *SecretKeyReferenceSpec) DeepCopy() *SecretKeyReferenceSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeyReferenceSpec.

func (*SecretKeyReferenceSpec) DeepCopyInto 

func (in *SecretKeyReferenceSpec) DeepCopyInto(out *SecretKeyReferenceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SidecarSpec 

type SidecarSpec struct {
	// EnablePrivilegedInitContainer defines a boolean indicating whether the init container for a meshed pod should run as privileged.
	EnablePrivilegedInitContainer bool `json:"enablePrivilegedInitContainer"`

	// LogLevel defines the logging level for the sidecar's logs. Non developers should generally never set this value. In production environments the LogLevel should be set to error.
	LogLevel string `json:"logLevel,omitempty"`

	// EnvoyImage defines the container image used for the Envoy proxy sidecar.
	EnvoyImage string `json:"envoyImage,omitempty"`

	// EnvoyWindowsImage defines the windows container image used for the Envoy proxy sidecar.
	EnvoyWindowsImage string `json:"envoyWindowsImage,omitempty"`

	// InitContainerImage defines the container image used for the init container injected to meshed pods.
	InitContainerImage string `json:"initContainerImage,omitempty"`

	// MaxDataPlaneConnections defines the maximum allowed data plane connections from a proxy sidecar to the OSM controller.
	MaxDataPlaneConnections int `json:"maxDataPlaneConnections,omitempty"`

	// ConfigResyncInterval defines the resync interval for regular proxy broadcast updates.
	ConfigResyncInterval string `json:"configResyncInterval,omitempty"`

	// Resources defines the compute resources for the sidecar.
	Resources corev1.ResourceRequirements `json:"resources,omitempty"`

	// TLSMinProtocolVersion defines the minimum TLS protocol version that the sidecar supports. Valid TLS protocol versions are TLS_AUTO, TLSv1_0, TLSv1_1, TLSv1_2 and TLSv1_3.
	TLSMinProtocolVersion string `json:"tlsMinProtocolVersion,omitempty"`

	// TLSMaxProtocolVersion defines the maximum TLS protocol version that the sidecar supports. Valid TLS protocol versions are TLS_AUTO, TLSv1_0 (deprecated), TLSv1_1 (deprecated), TLSv1_2 and TLSv1_3.
	TLSMaxProtocolVersion string `json:"tlsMaxProtocolVersion,omitempty"`

	// CipherSuites defines a list of ciphers that listener supports when negotiating TLS 1.0-1.2. This setting has no effect when negotiating TLS 1.3. For valid cipher names, see the latest OpenSSL ciphers manual page. E.g. https://www.openssl.org/docs/man1.1.1/apps/ciphers.html.
	CipherSuites []string `json:"cipherSuites,omitempty"`

	// ECDHCurves defines a list of ECDH curves that TLS connection supports. If not specified, the curves are [X25519, P-256] for non-FIPS build and P-256 for builds using BoringSSL FIPS.
	ECDHCurves []string `json:"ecdhCurves,omitempty"`

	// LocalProxyMode defines the network interface the envoy proxy will use to send traffic to the backend service application. Acceptable values are [`Localhost`, `PodIP`]. The default is `Localhost`
	LocalProxyMode LocalProxyMode `json:"localProxyMode,omitempty"`
}

SidecarSpec is the type used to represent the specifications for the proxy sidecar.

func (*SidecarSpec) DeepCopy 

func (in *SidecarSpec) DeepCopy() *SidecarSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarSpec.

func (*SidecarSpec) DeepCopyInto 

func (in *SidecarSpec) DeepCopyInto(out *SidecarSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TracingSpec 

type TracingSpec struct {
	// Enable defines a boolean indicating if the sidecars are enabled for tracing.
	Enable bool `json:"enable"`

	// Port defines the tracing collector's port.
	Port int16 `json:"port,omitempty"`

	// Address defines the tracing collectio's hostname.
	Address string `json:"address,omitempty"`

	// Endpoint defines the API endpoint for tracing requests sent to the collector.
	Endpoint string `json:"endpoint,omitempty"`
}

TracingSpec is the type to represent OSM's tracing configuration.

func (*TracingSpec) DeepCopy 

func (in *TracingSpec) DeepCopy() *TracingSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TracingSpec.

func (*TracingSpec) DeepCopyInto 

func (in *TracingSpec) DeepCopyInto(out *TracingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TrafficSpec 

type TrafficSpec struct {
	// EnableEgress defines a boolean indicating if mesh-wide Egress is enabled.
	EnableEgress bool `json:"enableEgress"`

	// OutboundIPRangeExclusionList defines a global list of IP address ranges to exclude from outbound traffic interception by the sidecar proxy.
	OutboundIPRangeExclusionList []string `json:"outboundIPRangeExclusionList"`

	// OutboundIPRangeInclusionList defines a global list of IP address ranges to include for outbound traffic interception by the sidecar proxy.
	// IP addresses outside this range will be excluded from outbound traffic interception by the sidecar proxy.
	OutboundIPRangeInclusionList []string `json:"outboundIPRangeInclusionList"`

	// OutboundPortExclusionList defines a global list of ports to exclude from outbound traffic interception by the sidecar proxy.
	OutboundPortExclusionList []int `json:"outboundPortExclusionList"`

	// InboundPortExclusionList defines a global list of ports to exclude from inbound traffic interception by the sidecar proxy.
	InboundPortExclusionList []int `json:"inboundPortExclusionList"`

	// EnablePermissiveTrafficPolicyMode defines a boolean indicating if permissive traffic policy mode is enabled mesh-wide.
	EnablePermissiveTrafficPolicyMode bool `json:"enablePermissiveTrafficPolicyMode"`

	// InboundExternalAuthorization defines a ruleset that, if enabled, will configure a remote external authorization endpoint
	// for all inbound and ingress traffic in the mesh.
	InboundExternalAuthorization ExternalAuthzSpec `json:"inboundExternalAuthorization,omitempty"`

	// NetworkInterfaceExclusionList defines a global list of network interface
	// names to exclude from inbound and outbound traffic interception by the
	// sidecar proxy.
	NetworkInterfaceExclusionList []string `json:"networkInterfaceExclusionList"`
}

TrafficSpec is the type used to represent OSM's traffic management configuration.

func (*TrafficSpec) DeepCopy 

func (in *TrafficSpec) DeepCopy() *TrafficSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrafficSpec.

func (*TrafficSpec) DeepCopyInto 

func (in *TrafficSpec) DeepCopyInto(out *TrafficSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TresorCASpec 

type TresorCASpec struct {
	// SecretRef specifies the secret in which the root certificate is stored
	SecretRef corev1.SecretReference `json:"secretRef"`
}

TresorCASpec defines the configuration of Tresor's root certificate

func (*TresorCASpec) DeepCopy 

func (in *TresorCASpec) DeepCopy() *TresorCASpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TresorCASpec.

func (*TresorCASpec) DeepCopyInto 

func (in *TresorCASpec) DeepCopyInto(out *TresorCASpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TresorProviderSpec 

type TresorProviderSpec struct {
	// CA specifies Tresor's ca configuration
	CA TresorCASpec `json:"ca"`
}

TresorProviderSpec defines the configuration of the Tresor provider

func (*TresorProviderSpec) DeepCopy 

func (in *TresorProviderSpec) DeepCopy() *TresorProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TresorProviderSpec.

func (*TresorProviderSpec) DeepCopyInto 

func (in *TresorProviderSpec) DeepCopyInto(out *TresorProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VaultProviderSpec 

type VaultProviderSpec struct {
	// Host specifies the name of the Vault server
	Host string `json:"host"`

	// Port specifies the port of the Vault server
	Port int `json:"port"`

	// Role specifies the name of the role for use by mesh control plane
	Role string `json:"role"`

	// Protocol specifies the protocol for connections to Vault
	Protocol string `json:"protocol"`

	// Token specifies the configuration of the token to be used by mesh control plane
	// to connect to Vault
	Token VaultTokenSpec `json:"token"`
}

VaultProviderSpec defines the configuration of the Vault provider

func (*VaultProviderSpec) DeepCopy 

func (in *VaultProviderSpec) DeepCopy() *VaultProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultProviderSpec.

func (*VaultProviderSpec) DeepCopyInto 

func (in *VaultProviderSpec) DeepCopyInto(out *VaultProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VaultTokenSpec 

type VaultTokenSpec struct {
	// SecretKeyRef specifies the secret in which the Vault token is stored
	SecretKeyRef SecretKeyReferenceSpec `json:"secretKeyRef"`
}

VaultTokenSpec defines the configuration of the Vault token

func (*VaultTokenSpec) DeepCopy 

func (in *VaultTokenSpec) DeepCopy() *VaultTokenSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultTokenSpec.

func (*VaultTokenSpec) DeepCopyInto 

func (in *VaultTokenSpec) DeepCopyInto(out *VaultTokenSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.