v1

package
v0.0.0-...-6c366bb Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 20, 2024 License: Apache-2.0 Imports: 3 Imported by: 9

Documentation

Overview

Package v1 contains API Schema definitions for the network v1 API group +k8s:deepcopy-gen=package,register +groupName=k8s.ovn.org

Index

Constants

This section is empty.

Variables

View Source
var (
	GroupName          = "k8s.ovn.org"
	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}
	SchemeBuilder      = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme        = SchemeBuilder.AddToScheme
)

Functions

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type EgressFirewall

type EgressFirewall struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired behavior of EgressFirewall.
	Spec EgressFirewallSpec `json:"spec"`
	// Observed status of EgressFirewall
	// +optional
	Status EgressFirewallStatus `json:"status,omitempty"`
}

+genclient +resource:path=egressfirewall +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:printcolumn:name="EgressFirewall Status",type=string,JSONPath=".status.status" +kubebuilder:subresource:status EgressFirewall describes the current egress firewall for a Namespace. Traffic from a pod to an IP address outside the cluster will be checked against each EgressFirewallRule in the pod's namespace's EgressFirewall, in order. If no rule matches (or no EgressFirewall is present) then the traffic will be allowed by default.

func (*EgressFirewall) DeepCopy

func (in *EgressFirewall) DeepCopy() *EgressFirewall

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewall.

func (*EgressFirewall) DeepCopyInto

func (in *EgressFirewall) DeepCopyInto(out *EgressFirewall)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EgressFirewall) DeepCopyObject

func (in *EgressFirewall) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EgressFirewallDestination

type EgressFirewallDestination struct {
	// cidrSelector is the CIDR range to allow/deny traffic to. If this is set, dnsName and nodeSelector must be unset.
	CIDRSelector string `json:"cidrSelector,omitempty"`
	// dnsName is the domain name to allow/deny traffic to. If this is set, cidrSelector and nodeSelector must be unset.
	// For a wildcard DNS name, the '*' will match only one label. Additionally, only a single '*' can be
	// used at the beginning of the wildcard DNS name. For example, '*.example.com' will match 'sub1.example.com'
	// but won't match 'sub2.sub1.example.com'.
	// +kubebuilder:validation:Pattern=`^(\*\.)?([A-Za-z0-9-]+\.)*[A-Za-z0-9-]+\.?$`
	DNSName string `json:"dnsName,omitempty"`
	// nodeSelector will allow/deny traffic to the Kubernetes node IP of selected nodes. If this is set,
	// cidrSelector and DNSName must be unset.
	// +optional
	NodeSelector *metav1.LabelSelector `json:"nodeSelector,omitempty"`
}

+kubebuilder:validation:MinProperties:=1 +kubebuilder:validation:MaxProperties:=1 EgressFirewallDestination is the target that traffic is either allowed or denied to

func (*EgressFirewallDestination) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewallDestination.

func (*EgressFirewallDestination) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressFirewallList

type EgressFirewallList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`

	// List of EgressFirewalls.
	Items []EgressFirewall `json:"items"`
}

+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +resource:path=egressfirewall EgressFirewallList is the list of EgressFirewalls.

func (*EgressFirewallList) DeepCopy

func (in *EgressFirewallList) DeepCopy() *EgressFirewallList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewallList.

func (*EgressFirewallList) DeepCopyInto

func (in *EgressFirewallList) DeepCopyInto(out *EgressFirewallList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EgressFirewallList) DeepCopyObject

func (in *EgressFirewallList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EgressFirewallPort

type EgressFirewallPort struct {
	// protocol (tcp, udp, sctp) that the traffic must match.
	// +kubebuilder:validation:Pattern=^TCP|UDP|SCTP$
	Protocol string `json:"protocol"`
	// port that the traffic must match
	// +kubebuilder:validation:Minimum:=1
	// +kubebuilder:validation:Maximum:=65535
	Port int32 `json:"port"`
}

EgressFirewallPort specifies the port to allow or deny traffic to

func (*EgressFirewallPort) DeepCopy

func (in *EgressFirewallPort) DeepCopy() *EgressFirewallPort

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewallPort.

func (*EgressFirewallPort) DeepCopyInto

func (in *EgressFirewallPort) DeepCopyInto(out *EgressFirewallPort)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressFirewallRule

type EgressFirewallRule struct {
	// type marks this as an "Allow" or "Deny" rule
	Type EgressFirewallRuleType `json:"type"`
	// ports specify what ports and protocols the rule applies to
	// +optional
	Ports []EgressFirewallPort `json:"ports,omitempty"`
	// to is the target that traffic is allowed/denied to
	To EgressFirewallDestination `json:"to"`
}

EgressFirewallRule is a single egressfirewall rule object

func (*EgressFirewallRule) DeepCopy

func (in *EgressFirewallRule) DeepCopy() *EgressFirewallRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewallRule.

func (*EgressFirewallRule) DeepCopyInto

func (in *EgressFirewallRule) DeepCopyInto(out *EgressFirewallRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressFirewallRuleType

type EgressFirewallRuleType string

EgressNetworkFirewallRuleType indicates whether an EgressNetworkFirewallRule allows or denies traffic +kubebuilder:validation:Pattern=^Allow|Deny$

const (
	EgressFirewallRuleAllow EgressFirewallRuleType = "Allow"
	EgressFirewallRuleDeny  EgressFirewallRuleType = "Deny"
)

type EgressFirewallSpec

type EgressFirewallSpec struct {
	// a collection of egress firewall rule objects
	Egress []EgressFirewallRule `json:"egress"`
}

EgressFirewallSpec is a desired state description of EgressFirewall.

func (*EgressFirewallSpec) DeepCopy

func (in *EgressFirewallSpec) DeepCopy() *EgressFirewallSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewallSpec.

func (*EgressFirewallSpec) DeepCopyInto

func (in *EgressFirewallSpec) DeepCopyInto(out *EgressFirewallSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressFirewallStatus

type EgressFirewallStatus struct {
	// +optional
	Status string `json:"status,omitempty"`
	// +patchStrategy=merge
	// +listType=set
	// +optional
	Messages []string `json:"messages,omitempty"`
}

func (*EgressFirewallStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressFirewallStatus.

func (*EgressFirewallStatus) DeepCopyInto

func (in *EgressFirewallStatus) DeepCopyInto(out *EgressFirewallStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
apis
clientset/versioned/fake
This package has the automatically generated fake clientset.
This package has the automatically generated fake clientset.
clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
This package contains the scheme of the automatically generated clientset.
clientset/versioned/typed/egressfirewall/v1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
clientset/versioned/typed/egressfirewall/v1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL