Documentation ¶
Index ¶
- type AccessLogger
- type AwsSettings
- type CertGenCron
- type CertGenJob
- type Chart
- type CircuitBreakersSettings
- type CleanupJob
- type Config
- type ConfigMap
- type Consul
- type ConsulUpstreamDiscovery
- type DaemonSetSpec
- type DeploymentSpec
- type DeploymentSpecSansResources
- type Directory
- type Discovery
- type DiscoveryDeployment
- type Duration
- type EnvoySidecarContainer
- type Failover
- type FdsOptions
- type Gateway
- type GatewayProxy
- type GatewayProxyDeployment
- type GatewayProxyGatewaySettings
- type GatewayProxyKind
- type GatewayProxyPodTemplate
- type GatewayProxyService
- type GatewayValidation
- type Global
- type GlobalConfigMap
- type Gloo
- type GlooDeployment
- type GlooDeploymentContainer
- type GracefulShutdownSpec
- type HelmConfig
- type HorizontalPodAutoscaler
- type Image
- type Ingress
- type IngressDeployment
- type IngressProxy
- type IngressProxyDeployment
- type Integrations
- type InvalidConfigPolicy
- type IstioIntegration
- type IstioProxyContainer
- type IstioSDS
- type Job
- type JobSpec
- type K8s
- type Knative
- type KnativeProxy
- type KnativeProxyInternal
- type KubeResourceOverride
- type KubernetesSecrets
- type Mtls
- type Namespace
- type PodDisruptionBudget
- type PodDisruptionBudgetWithOverride
- type PodSecurityContext
- type PodSpec
- type Rbac
- type ResourceAllocation
- type ResourceRef
- type ResourceRequirements
- type RolloutJob
- type SdsContainer
- type SecretOptions
- type SecretOptionsSource
- type SecurityContext
- type SecurityOpts
- type Service
- type ServiceAccount
- type ServiceDiscoveryOptions
- type ServiceSpec
- type Settings
- type Stats
- type Tracing
- type UdsOptions
- type VaultAwsAuth
- type VaultSecrets
- type VaultTlsConfig
- type Webhook
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessLogger ¶ added in v0.18.38
type AccessLogger struct { Image *Image `json:"image,omitempty"` Port *uint `json:"port,omitempty"` ServiceName *string `json:"serviceName,omitempty"` Enabled *bool `json:"enabled,omitempty"` Stats *Stats `json:"stats,omitempty" desc:"overrides for prometheus stats published by the access logging pod"` RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the processes in the container to run as. Default is 10101."` FsGroup *float64 `json:"fsGroup,omitempty" desc:"Explicitly set the group ID for volume ownership. Default is 10101"` ExtraAccessLoggerLabels map[string]string `` /* 160-byte string literal not displayed */ ExtraAccessLoggerAnnotations map[string]string `` /* 170-byte string literal not displayed */ Service *KubeResourceOverride `json:"service,omitempty"` Deployment *KubeResourceOverride `json:"deployment,omitempty"` *DeploymentSpec }
type AwsSettings ¶ added in v1.5.0
type AwsSettings struct { EnableCredentialsDiscovery *bool `` /* 225-byte string literal not displayed */ EnableServiceAccountCredentials *bool `` /* 228-byte string literal not displayed */ StsCredentialsRegion *string `` /* 137-byte string literal not displayed */ PropagateOriginalRouting *bool `` /* 171-byte string literal not displayed */ CredentialRefreshDelay *Duration `` /* 141-byte string literal not displayed */ FallbackToFirstFunction *bool `` /* 217-byte string literal not displayed */ }
type CertGenCron ¶ added in v1.9.25
type CertGenCron struct { Enabled *bool `json:"enabled,omitempty" desc:"enable the cronjob"` Schedule *string `json:"schedule,omitempty" desc:"Cron job scheduling"` MtlsKubeResourceOverride map[string]interface{} `json:"mtlsKubeResourceOverride,omitempty" desc:"override fields in the gloo-mtls-certgen cronjob."` ValidationWebhookKubeResourceOverride map[string]interface{} `json:"validationWebhookKubeResourceOverride,omitempty" desc:"override fields in the gateway-certgen cronjob."` }
Scheduling: ┌───────────── minute (0 - 59) │ ┌───────────── hour (0 - 23) │ │ ┌───────────── day of the month (1 - 31) │ │ │ ┌───────────── month (1 - 12) │ │ │ │ ┌───────────── day of the week (0 - 6) (Sunday to Saturday; │ │ │ │ │ 7 is also Sunday on some systems) │ │ │ │ │ │ │ │ │ │ * * * * *
type CertGenJob ¶ added in v0.21.1
type CertGenJob struct { Job Enabled *bool `` /* 136-byte string literal not displayed */ SetTtlAfterFinished *bool `json:"setTtlAfterFinished,omitempty" desc:"Set ttlSecondsAfterFinished on the job. Defaults to true"` FloatingUserId *bool `` /* 142-byte string literal not displayed */ ForceRotation *bool `json:"forceRotation,omitempty" desc:"If true, will create new certs even if the old one are still valid."` RotationDuration *string `` /* 648-byte string literal not displayed */ RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the processes in the container to run as. Default is 10101."` Resources *ResourceRequirements `json:"resources,omitempty"` RunOnUpdate *bool `json:"runOnUpdate,omitempty" desc:"enable to run the job also on pre-upgrade"` Cron *CertGenCron `json:"cron,omitempty" desc:"CronJob parameters"` }
type CircuitBreakersSettings ¶ added in v1.11.47
type CircuitBreakersSettings struct { MaxConnections *uint32 `` /* 183-byte string literal not displayed */ MaxPendingRequests *uint32 `` /* 194-byte string literal not displayed */ MaxRequests *uint32 `` /* 187-byte string literal not displayed */ MaxRetries *uint32 `` /* 182-byte string literal not displayed */ }
type CleanupJob ¶ added in v1.9.25
type CleanupJob struct { *JobSpec Enabled *bool `` /* 132-byte string literal not displayed */ Image *Image `json:"image,omitempty"` Resources *ResourceRequirements `json:"resources,omitempty"` FloatingUserId *bool `` /* 142-byte string literal not displayed */ RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the processes in the container to run as. Default is 10101."` }
type Config ¶
type Config struct { Namespace *Namespace `json:"namespace,omitempty"` // This is an Alpha API and is subject to change in subsequent 1.17 beta releases Gateway2 interface{} `json:"gateway2,omitempty" desc:"Gloo Gateway settings, subject to change."` Settings *Settings `json:"settings,omitempty"` Gloo *Gloo `json:"gloo,omitempty"` Discovery *Discovery `json:"discovery,omitempty"` Gateway *Gateway `json:"gateway,omitempty"` GatewayProxies map[string]GatewayProxy `json:"gatewayProxies,omitempty"` Ingress *Ingress `json:"ingress,omitempty"` IngressProxy *IngressProxy `json:"ingressProxy,omitempty"` K8s *K8s `json:"k8s,omitempty"` AccessLogger *AccessLogger `json:"accessLogger,omitempty"` }
type ConfigMap ¶ added in v1.8.0
type ConfigMap struct { Data map[string]string `json:"data,omitempty"` *KubeResourceOverride }
type Consul ¶ added in v1.6.0
type Consul struct { Datacenter *string `json:"datacenter,omitempty" desc:"Datacenter to use. If not provided, the default agent datacenter is used."` Username *string `json:"username,omitempty" desc:"Username to use for HTTP Basic Authentication."` Password *string `json:"password,omitempty" desc:"Password to use for HTTP Basic Authentication."` Token *string `json:"token,omitempty" desc:"Token is used to provide a per-request ACL token which overrides the agent's default token."` CaFile *string `` /* 159-byte string literal not displayed */ CaPath *string `` /* 173-byte string literal not displayed */ CertFile *string `` /* 157-byte string literal not displayed */ KeyFile *string `` /* 156-byte string literal not displayed */ InsecureSkipVerify *bool `json:"insecureSkipVerify,omitempty" desc:"InsecureSkipVerify if set to true will disable TLS host verification."` WaitTime *string `` /* 156-byte string literal not displayed */ ServiceDiscovery *ServiceDiscoveryOptions `` /* 141-byte string literal not displayed */ HttpAddress *string `` /* 232-byte string literal not displayed */ DnsAddress *string `` /* 273-byte string literal not displayed */ DnsPollingInterval *string `` /* 292-byte string literal not displayed */ }
type ConsulUpstreamDiscovery ¶ added in v1.6.0
type ConsulUpstreamDiscovery struct { UseTlsTagging *bool `` /* 212-byte string literal not displayed */ TlsTagName *string `` /* 244-byte string literal not displayed */ SplitTlsServices *bool `` /* 163-byte string literal not displayed */ RootCa *ResourceRef `json:"rootCa,omitempty" desc:"The name/namespace of the root CA needed to use TLS with consul services."` }
type DaemonSetSpec ¶ added in v0.17.3
type DeploymentSpec ¶
type DeploymentSpec struct { DeploymentSpecSansResources Resources *ResourceRequirements `json:"resources,omitempty" desc:"resources for the main pod in the deployment"` *KubeResourceOverride }
type DeploymentSpecSansResources ¶ added in v1.3.21
type Directory ¶ added in v1.15.3
type Directory struct {
Directory string `json:"directory,omitempty" desc:"Directory to read secrets from."`
}
type Discovery ¶
type Discovery struct { Deployment *DiscoveryDeployment `json:"deployment,omitempty"` FdsMode *string `json:"fdsMode,omitempty" desc:"mode for function discovery (blacklist or whitelist). See more info in the settings docs"` UdsOptions *UdsOptions `json:"udsOptions,omitempty" desc:"Configuration options for the Upstream Discovery Service (UDS)."` FdsOptions *FdsOptions `json:"fdsOptions,omitempty" desc:"Configuration options for the Function Discovery Service (FDS)."` Enabled *bool `json:"enabled,omitempty" desc:"enable Discovery features"` ServiceAccount `json:"serviceAccount,omitempty" ` LogLevel *string `` /* 173-byte string literal not displayed */ }
type DiscoveryDeployment ¶
type DiscoveryDeployment struct { Image *Image `json:"image,omitempty"` Stats Stats `json:"stats,omitempty" desc:"overrides for prometheus stats published by the discovery pod"` FloatingUserId *bool `` /* 142-byte string literal not displayed */ RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the processes in the container to run as. Default is 10101."` FsGroup *float64 `json:"fsGroup,omitempty" desc:"Explicitly set the group ID for volume ownership. Default is 10101"` ExtraDiscoveryLabels map[string]string `` /* 163-byte string literal not displayed */ ExtraDiscoveryAnnotations map[string]string `` /* 173-byte string literal not displayed */ EnablePodSecurityContext *bool `json:"enablePodSecurityContext,omitempty" desc:"Whether or not to render the pod security context. Default is true"` *DeploymentSpec }
type Duration ¶ added in v1.6.0
type Duration struct { Seconds *int32 `json:"seconds,omitempty" desc:"The value of this duration in seconds."` Nanos *int32 `json:"nanos,omitempty" desc:"The value of this duration in nanoseconds."` }
google.protobuf.Duration
type EnvoySidecarContainer ¶ added in v1.3.8
type EnvoySidecarContainer struct { Image *Image `json:"image,omitempty"` SecurityContext *SecurityContext `` /* 341-byte string literal not displayed */ }
type Failover ¶ added in v1.5.0
type Failover struct { Enabled *bool `json:"enabled,omitempty" desc:"(Enterprise Only): Configure this proxy for failover"` Port *uint `json:"port,omitempty" desc:"(Enterprise Only): Port to use for failover Gateway Bind port, and service. Default is 15443"` NodePort *uint `json:"nodePort,omitempty" desc:"(Enterprise Only): Optional NodePort for failover Service"` SecretName *string `json:"secretName,omitempty" desc:"(Enterprise Only): Secret containing downstream Ssl Secrets Default is failover-downstream"` *KubeResourceOverride }
type FdsOptions ¶ added in v1.11.44
type FdsOptions struct {
GraphqlEnabled *bool `json:"graphqlEnabled,omitempty" desc:"Enable GraphQL schema generation on the function discovery service. Defaults to true."`
}
Configuration options for the Function Discovery Service (FDS).
type Gateway ¶
type Gateway struct { Enabled *bool `json:"enabled,omitempty" desc:"enable Gloo Edge API Gateway features"` Validation GatewayValidation `` /* 176-byte string literal not displayed */ CertGenJob *CertGenJob `` /* 187-byte string literal not displayed */ RolloutJob *RolloutJob `` /* 189-byte string literal not displayed */ CleanupJob *CleanupJob `json:"cleanupJob,omitempty" desc:"This job cleans up resources that are not deleted by Helm when Gloo Edge is uninstalled."` UpdateValues *bool `` /* 169-byte string literal not displayed */ ProxyServiceAccount ServiceAccount `json:"proxyServiceAccount,omitempty" ` ReadGatewaysFromAllNamespaces *bool `` /* 177-byte string literal not displayed */ IsolateVirtualHostsBySslConfig *bool `` /* 213-byte string literal not displayed */ CompressedProxySpec *bool `json:"compressedProxySpec,omitempty" desc:"if true, enables compression for the Proxy CRD spec"` PersistProxySpec *bool `json:"persistProxySpec,omitempty" desc:"Enable writing Proxy CRD to etcd. Disabled by default for performance."` TranslateEmptyGateways *bool `` /* 142-byte string literal not displayed */ Service *KubeResourceOverride }
type GatewayProxy ¶
type GatewayProxy struct { Kind *GatewayProxyKind `json:"kind,omitempty" desc:"value to determine how the gateway proxy is deployed"` Namespace *string `` /* 131-byte string literal not displayed */ PodTemplate *GatewayProxyPodTemplate `json:"podTemplate,omitempty"` ConfigMap *ConfigMap `json:"configMap,omitempty"` CustomStaticLayer interface{} `` /* 339-byte string literal not displayed */ GlobalDownstreamMaxConnections *uint32 `` /* 173-byte string literal not displayed */ HealthyPanicThreshold *int8 `` /* 134-byte string literal not displayed */ Service *GatewayProxyService `json:"service,omitempty"` AntiAffinity *bool `json:"antiAffinity,omitempty" desc:"configure anti affinity such that pods are preferably not co-located"` Affinity map[string]interface{} `json:"affinity,omitempty"` TopologySpreadConstraints []interface{} `json:"topologySpreadConstraints,omitempty" desc:"configure topologySpreadConstraints for gateway proxy pods"` Tracing *Tracing `json:"tracing,omitempty"` GatewaySettings *GatewayProxyGatewaySettings `json:"gatewaySettings,omitempty" desc:"settings for the helm generated gateways, leave nil to not render"` ExtraEnvoyArgs []string `` /* 126-byte string literal not displayed */ ExtraContainersHelper *string `json:"extraContainersHelper,omitempty"` ExtraInitContainersHelper *string `json:"extraInitContainersHelper,omitempty"` ExtraVolumes []map[string]interface{} `json:"extraVolumes,omitempty"` ExtraVolumeHelper *string `json:"extraVolumeHelper,omitempty"` ExtraListenersHelper *string `json:"extraListenersHelper,omitempty"` Stats *Stats `json:"stats,omitempty" desc:"overrides for prometheus stats published by the gateway-proxy pod"` ReadConfig *bool `json:"readConfig,omitempty" desc:"expose a read-only subset of the Envoy admin api"` ReadConfigMulticluster *bool `json:"readConfigMulticluster,omitempty" desc:"expose a read-only subset of the Envoy admin api to gloo-fed"` ExtraProxyVolumeMounts []map[string]interface{} `json:"extraProxyVolumeMounts,omitempty"` ExtraProxyVolumeMountHelper *string `` /* 142-byte string literal not displayed */ LoopBackAddress *string `` /* 184-byte string literal not displayed */ Failover Failover `json:"failover,omitempty" desc:"(Enterprise Only): Failover configuration"` Disabled *bool `` /* 139-byte string literal not displayed */ EnvoyApiVersion *string `json:"envoyApiVersion,omitempty" desc:"Version of the Envoy API to use for the xDS transport and resources. Default is V3"` EnvoyBootstrapExtensions []map[string]interface{} `` /* 256-byte string literal not displayed */ EnvoyOverloadManager map[string]interface{} `` /* 302-byte string literal not displayed */ EnvoyStaticClusters []map[string]interface{} `` /* 238-byte string literal not displayed */ HorizontalPodAutoscaler *HorizontalPodAutoscaler `` /* 240-byte string literal not displayed */ PodDisruptionBudget *PodDisruptionBudgetWithOverride `` /* 147-byte string literal not displayed */ IstioMetaMeshId *string `json:"istioMetaMeshId,omitempty" desc:"ISTIO_META_MESH_ID Environment Variable. Defaults to \"cluster.local\""` IstioMetaClusterId *string `json:"istioMetaClusterId,omitempty" desc:"ISTIO_META_CLUSTER_ID Environment Variable. Defaults to \"Kubernetes\""` IstioDiscoveryAddress *string `` /* 156-byte string literal not displayed */ EnvoyLogLevel *string `` /* 189-byte string literal not displayed */ EnvoyStatsConfig map[string]interface{} `` /* 219-byte string literal not displayed */ XdsServiceAddress *string `json:"xdsServiceAddress,omitempty" desc:"The k8s service name for the xds server. Defaults to gloo."` XdsServicePort *uint32 `` /* 193-byte string literal not displayed */ TcpKeepaliveTimeSeconds *uint32 `` /* 289-byte string literal not displayed */ DisableCoreDumps *bool `` /* 134-byte string literal not displayed */ DisableExtauthSidecar *bool `` /* 232-byte string literal not displayed */ *KubeResourceOverride }
type GatewayProxyDeployment ¶
type GatewayProxyDeployment struct { *DeploymentSpecSansResources *KubeResourceOverride }
type GatewayProxyGatewaySettings ¶ added in v0.19.1
type GatewayProxyGatewaySettings struct { Enabled *bool `json:"enabled,omitempty" desc:"enable/disable default gateways"` DisableGeneratedGateways *bool `json:"disableGeneratedGateways,omitempty" desc:"set to true to disable the gateway generation for a gateway proxy"` DisableHttpGateway *bool `json:"disableHttpGateway,omitempty" desc:"Set to true to disable http gateway generation."` DisableHttpsGateway *bool `json:"disableHttpsGateway,omitempty" desc:"Set to true to disable https gateway generation."` IPv4Only *bool `` /* 149-byte string literal not displayed */ UseProxyProto *bool `json:"useProxyProto,omitempty" desc:"use proxy protocol"` HttpHybridGateway map[string]interface{} `json:"httpHybridGateway,omitempty" desc:"custom yaml to use for hybrid gateway settings for the http gateway"` HttpsHybridGateway map[string]interface{} `json:"httpsHybridGateway,omitempty" desc:"custom yaml to use for hybrid gateway settings for the https gateway"` CustomHttpGateway map[string]interface{} `json:"customHttpGateway,omitempty" desc:"custom yaml to use for http gateway settings"` CustomHttpsGateway map[string]interface{} `json:"customHttpsGateway,omitempty" desc:"custom yaml to use for https gateway settings"` AccessLoggingService map[string]interface{} `` /* 215-byte string literal not displayed */ GatewayOptions map[string]interface{} `` /* 200-byte string literal not displayed */ HttpGatewayKubeOverride map[string]interface{} `json:"httpGatewayKubeOverride,omitempty"` HttpsGatewayKubeOverride map[string]interface{} `json:"httpsGatewayKubeOverride,omitempty"` *KubeResourceOverride }
type GatewayProxyKind ¶ added in v0.17.3
type GatewayProxyKind struct { Deployment *GatewayProxyDeployment `json:"deployment,omitempty" desc:"set to deploy as a kubernetes deployment, otherwise nil"` DaemonSet *DaemonSetSpec `json:"daemonSet,omitempty" desc:"set to deploy as a kubernetes daemonset, otherwise nil"` }
type GatewayProxyPodTemplate ¶ added in v0.17.3
type GatewayProxyPodTemplate struct { HttpPort *int `json:"httpPort,omitempty" desc:"HTTP port for the gateway service target port."` HttpsPort *int `json:"httpsPort,omitempty" desc:"HTTPS port for the gateway service target port."` ExtraPorts []interface{} `json:"extraPorts,omitempty" desc:"extra ports for the gateway pod."` ExtraAnnotations map[string]string `json:"extraAnnotations,omitempty" desc:"extra annotations to add to the pod."` NodeName *string `json:"nodeName,omitempty" desc:"name of node to run on."` NodeSelector map[string]string `json:"nodeSelector,omitempty" desc:"label selector for nodes."` Tolerations []*corev1.Toleration `json:"tolerations,omitempty"` Probes *bool `` /* 134-byte string literal not displayed */ LivenessProbeEnabled *bool `json:"livenessProbeEnabled,omitempty" desc:"Set to true to enable a liveness probe (default is false)."` Resources *ResourceRequirements `json:"resources,omitempty"` DisableNetBind *bool `` /* 233-byte string literal not displayed */ RunUnprivileged *bool `` /* 181-byte string literal not displayed */ FloatingUserId *bool `` /* 203-byte string literal not displayed */ RunAsUser *float64 `` /* 231-byte string literal not displayed */ FsGroup *float64 `` /* 160-byte string literal not displayed */ GracefulShutdown *GracefulShutdownSpec `json:"gracefulShutdown,omitempty"` TerminationGracePeriodSeconds *int `` /* 247-byte string literal not displayed */ CustomReadinessProbe *corev1.Probe `json:"customReadinessProbe,omitempty"` CustomLivenessProbe *corev1.Probe `json:"customLivenessProbe,omitempty"` ExtraGatewayProxyLabels map[string]string `` /* 170-byte string literal not displayed */ ExtraContainers []interface{} `` /* 221-byte string literal not displayed */ ExtraInitContainers []interface{} `` /* 233-byte string literal not displayed */ EnablePodSecurityContext *bool `json:"enablePodSecurityContext,omitempty" desc:"Whether or not to render the pod security context. Default is true."` PodSecurityContext *PodSecurityContext `` /* 323-byte string literal not displayed */ *GlooDeploymentContainer }
type GatewayProxyService ¶
type GatewayProxyService struct { Type *string "" /* 182-byte string literal not displayed */ HttpPort *int `json:"httpPort,omitempty" desc:"HTTP port for the gateway service"` HttpsPort *int `json:"httpsPort,omitempty" desc:"HTTPS port for the gateway service"` HttpNodePort *int `json:"httpNodePort,omitempty" desc:"HTTP nodeport for the gateway service if using type NodePort"` HttpsNodePort *int `json:"httpsNodePort,omitempty" desc:"HTTPS nodeport for the gateway service if using type NodePort"` ClusterIP *string "" /* 131-byte string literal not displayed */ ExtraAnnotations map[string]string `json:"extraAnnotations,omitempty"` ExternalTrafficPolicy *string `json:"externalTrafficPolicy,omitempty"` Name *string `json:"name,omitempty" desc:"Custom name override for the service resource of the proxy"` HttpsFirst *bool `json:"httpsFirst,omitempty" desc:"List HTTPS port before HTTP"` LoadBalancerIP *string `json:"loadBalancerIP,omitempty" desc:"IP address of the load balancer"` LoadBalancerSourceRanges []string `json:"loadBalancerSourceRanges,omitempty" desc:"List of IP CIDR ranges that are allowed to access the load balancer"` CustomPorts []interface{} `` /* 166-byte string literal not displayed */ ExternalIPs []string `` /* 146-byte string literal not displayed */ ConfigDumpService *KubeResourceOverride `json:"configDumpService,omitempty" desc:"kube resource override for gateway proxy config dump service"` *KubeResourceOverride }
type GatewayValidation ¶ added in v0.20.3
type GatewayValidation struct { Enabled *bool `json:"enabled,omitempty" desc:"enable Gloo Edge API Gateway validation hook (default true)"` AlwaysAcceptResources *bool `` /* 271-byte string literal not displayed */ AllowWarnings *bool `` /* 189-byte string literal not displayed */ ServerEnabled *bool `` /* 325-byte string literal not displayed */ DisableTransformationValidation *bool `` /* 325-byte string literal not displayed */ WarnRouteShortCircuiting *bool `` /* 308-byte string literal not displayed */ SecretName *string `` /* 209-byte string literal not displayed */ FailurePolicy *string `` /* 193-byte string literal not displayed */ Webhook *Webhook `json:"webhook,omitempty" desc:"webhook specific configuration"` ValidationServerGrpcMaxSizeBytes *int `json:"validationServerGrpcMaxSizeBytes,omitempty" desc:"gRPC max message size in bytes for the gloo validation server"` LivenessProbeEnabled *bool `` /* 165-byte string literal not displayed */ }
type Global ¶ added in v0.18.11
type Global struct { Image *Image `json:"image,omitempty"` Extensions interface{} `json:"extensions,omitempty"` GlooRbac *Rbac `json:"glooRbac,omitempty"` GlooStats Stats `` /* 163-byte string literal not displayed */ GlooMtls Mtls `json:"glooMtls,omitempty" desc:"Config used to enable internal mtls authentication"` IstioSDS IstioSDS `` /* 132-byte string literal not displayed */ IstioIntegration IstioIntegration `` /* 139-byte string literal not displayed */ ExtraSpecs *bool `` /* 180-byte string literal not displayed */ ExtauthCustomYaml *bool `` /* 246-byte string literal not displayed */ Console interface{} `json:"console,omitempty" desc:"Configuration options for the Enterprise Console (UI)."` Graphql interface{} `json:"graphql,omitempty" desc:"(Enterprise Only): GraphQL configuration options."` ConfigMaps []*GlobalConfigMap `json:"configMaps,omitempty" desc:"Config used to create ConfigMaps at install time to store arbitrary data."` ExtraCustomResources *bool `` /* 175-byte string literal not displayed */ }
type GlobalConfigMap ¶ added in v1.12.41
type Gloo ¶
type Gloo struct { Deployment *GlooDeployment `json:"deployment,omitempty"` ServiceAccount `json:"serviceAccount,omitempty"` SplitLogOutput *bool `` /* 162-byte string literal not displayed */ GlooService *KubeResourceOverride `json:"service,omitempty"` LogLevel *string `` /* 172-byte string literal not displayed */ DisableLeaderElection *bool `` /* 194-byte string literal not displayed */ HeaderSecretRefNsMatchesUs *bool `` /* 196-byte string literal not displayed */ PodDisruptionBudget *PodDisruptionBudget `json:"podDisruptionBudget,omitempty"` }
type GlooDeployment ¶
type GlooDeployment struct { XdsPort *int `json:"xdsPort,omitempty" desc:"port where gloo serves xDS API to Envoy."` RestXdsPort *uint32 `json:"restXdsPort,omitempty" desc:"port where gloo serves REST xDS API to Envoy."` ValidationPort *int `json:"validationPort,omitempty" desc:"port where gloo serves gRPC Proxy Validation to Gateway."` ProxyDebugPort *int `json:"proxyDebugPort,omitempty" desc:"port where gloo serves gRPC Proxy contents to glooctl."` Stats *Stats `json:"stats,omitempty" desc:"overrides for prometheus stats published by the gloo pod."` FloatingUserId *bool `` /* 238-byte string literal not displayed */ RunAsUser *float64 `` /* 231-byte string literal not displayed */ ExternalTrafficPolicy *string `json:"externalTrafficPolicy,omitempty" desc:"Set the external traffic policy on the gloo service."` ExtraGlooLabels map[string]string `` /* 151-byte string literal not displayed */ ExtraGlooAnnotations map[string]string `` /* 161-byte string literal not displayed */ LivenessProbeEnabled *bool `json:"livenessProbeEnabled,omitempty" desc:"Set to true to enable a liveness probe for Gloo Edge (default is false)."` OssImageTag *string `` /* 139-byte string literal not displayed */ PodSecurityContext *PodSecurityContext `` /* 314-byte string literal not displayed */ *DeploymentSpec *GlooDeploymentContainer }
type GlooDeploymentContainer ¶ added in v1.14.0
type GlooDeploymentContainer struct { Image *Image `json:"image,omitempty"` GlooContainerSecurityContext *SecurityContext `` /* 333-byte string literal not displayed */ }
type GracefulShutdownSpec ¶ added in v1.4.8
type HelmConfig ¶ added in v0.18.11
type HorizontalPodAutoscaler ¶ added in v1.6.11
type HorizontalPodAutoscaler struct { ApiVersion *string `` /* 160-byte string literal not displayed */ MinReplicas *int32 `` /* 133-byte string literal not displayed */ MaxReplicas *int32 `` /* 167-byte string literal not displayed */ TargetCPUUtilizationPercentage *int32 `` /* 192-byte string literal not displayed */ Metrics []map[string]interface{} `` /* 230-byte string literal not displayed */ Behavior map[string]interface{} `` /* 209-byte string literal not displayed */ *KubeResourceOverride }
type Image ¶
type Image struct { Tag *string `json:"tag,omitempty" desc:"The image tag for the container."` Repository *string `json:"repository,omitempty" desc:"The image repository (name) for the container."` Digest *string `json:"digest,omitempty" desc:"The hash digest of the container's image, ie. sha256:12345...."` FipsDigest *string `` /* 131-byte string literal not displayed */ Registry *string `json:"registry,omitempty" desc:"The image hostname prefix and registry, such as quay.io/solo-io."` PullPolicy *string `` /* 203-byte string literal not displayed */ PullSecret *string `` /* 126-byte string literal not displayed */ Extended *bool `json:"extended,omitempty" desc:"If true, deploys an extended version of the container with additional debug tools."` Fips *bool `` /* 163-byte string literal not displayed */ }
Common
type Ingress ¶
type Ingress struct { Enabled *bool `json:"enabled,omitempty"` Deployment *IngressDeployment `json:"deployment,omitempty"` RequireIngressClass *bool `` /* 256-byte string literal not displayed */ CustomIngress *bool `` /* 295-byte string literal not displayed */ }
type IngressDeployment ¶
type IngressDeployment struct { Image *Image `json:"image,omitempty"` RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the processes in the container to run as. Default is 10101."` FloatingUserId *bool `` /* 142-byte string literal not displayed */ ExtraIngressLabels map[string]string `` /* 149-byte string literal not displayed */ ExtraIngressAnnotations map[string]string `` /* 159-byte string literal not displayed */ Stats *bool `json:"stats,omitempty" desc:"Controls whether or not Envoy stats are enabled"` *DeploymentSpec }
type IngressProxy ¶
type IngressProxy struct { Deployment *IngressProxyDeployment `json:"deployment,omitempty"` ConfigMap *ConfigMap `json:"configMap,omitempty"` Tracing *string `json:"tracing,omitempty"` LoopBackAddress *string `` /* 184-byte string literal not displayed */ Label *string `` /* 155-byte string literal not displayed */ *ServiceSpec }
type IngressProxyDeployment ¶
type IngressProxyDeployment struct { Image *Image `json:"image,omitempty"` HttpPort *int `json:"httpPort,omitempty" desc:"HTTP port for the ingress container"` HttpsPort *int `json:"httpsPort,omitempty" desc:"HTTPS port for the ingress container"` ExtraPorts []interface{} `json:"extraPorts,omitempty"` ExtraAnnotations map[string]string `json:"extraAnnotations,omitempty"` FloatingUserId *bool `` /* 142-byte string literal not displayed */ RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the pod to run as. Default is 10101"` ExtraIngressProxyLabels map[string]string `` /* 160-byte string literal not displayed */ Stats *bool `json:"stats,omitempty" desc:"Controls whether or not Envoy stats are enabled"` *DeploymentSpec }
type Integrations ¶
type Integrations struct { Knative *Knative `json:"knative,omitempty"` Consul *Consul `json:"consul,omitempty" desc:"Consul settings to inject into the consul client on startup"` ConsulUpstreamDiscovery *ConsulUpstreamDiscovery `` /* 147-byte string literal not displayed */ }
type InvalidConfigPolicy ¶ added in v1.0.0
type InvalidConfigPolicy struct { ReplaceInvalidRoutes *bool `` /* 308-byte string literal not displayed */ InvalidRouteResponseCode *int64 `json:"invalidRouteResponseCode,omitempty" desc:"the response code for the direct response"` InvalidRouteResponseBody *string `json:"invalidRouteResponseBody,omitempty" desc:"the response body for the direct response"` }
type IstioIntegration ¶ added in v1.6.11
type IstioIntegration struct { LabelInstallNamespace *bool `` /* 478-byte string literal not displayed */ WhitelistDiscovery *bool `` /* 225-byte string literal not displayed */ DisableAutoinjection *bool `` /* 351-byte string literal not displayed */ EnableIstioSidecarOnGateway *bool `` /* 206-byte string literal not displayed */ IstioSidecarRevTag *string `` /* 390-byte string literal not displayed */ AppendXForwardedHost *bool `` /* 135-byte string literal not displayed */ }
type IstioProxyContainer ¶ added in v1.9.25
type IstioProxyContainer struct { Image *Image `json:"image,omitempty" desc:"Istio-proxy image to use for mTLS"` SecurityContext *SecurityContext `` /* 314-byte string literal not displayed */ LogLevel *string `` /* 168-byte string literal not displayed */ }
type IstioSDS ¶ added in v1.5.0
type IstioSDS struct { Enabled *bool `json:"enabled,omitempty" desc:"Enables SDS cert-rotator sidecar for istio mTLS cert rotation"` CustomSidecars []interface{} `` /* 152-byte string literal not displayed */ }
type Job ¶ added in v0.20.3
type Job struct { Image *Image `json:"image,omitempty"` *JobSpec KubeResourceOverride map[string]interface{} `json:"kubeResourceOverride,omitempty" desc:"override fields in the gateway-certgen job."` MtlsKubeResourceOverride map[string]interface{} `json:"mtlsKubeResourceOverride,omitempty" desc:"override fields in the gloo-mtls-certgen job."` }
type JobSpec ¶ added in v0.18.0
type JobSpec struct { *PodSpec ActiveDeadlineSeconds *int `json:"activeDeadlineSeconds,omitempty" desc:"Deadline in seconds for Kubernetes jobs."` BackoffLimit *int `` /* 129-byte string literal not displayed */ Completions *int `json:"completions,omitempty" desc:"Specifies the desired number of successfully finished pods the job should be run with."` ManualSelector *bool `json:"manualSelector,omitempty" desc:"Controls generation of pod labels and pod selectors."` Parallelism *int `json:"parallelism,omitempty" desc:"Specifies the maximum desired number of pods the job should run at any given time."` TtlSecondsAfterFinished *int `` /* 156-byte string literal not displayed */ ExtraPodLabels map[string]string `` /* 130-byte string literal not displayed */ ExtraPodAnnotations map[string]string `` /* 140-byte string literal not displayed */ }
type K8s ¶ added in v0.13.34
type K8s struct {
ClusterName *string `json:"clusterName,omitempty" desc:"cluster name to use when referencing services."`
}
type Knative ¶
type Knative struct { Enabled *bool `json:"enabled,omitempty" desc:"enabled knative components"` Version *string `` /* 213-byte string literal not displayed */ Proxy *KnativeProxy `json:"proxy,omitempty"` RequireIngressClass *bool `` /* 187-byte string literal not displayed */ ExtraKnativeInternalLabels map[string]string `` /* 166-byte string literal not displayed */ ExtraKnativeInternalAnnotations map[string]string `` /* 176-byte string literal not displayed */ ExtraKnativeExternalLabels map[string]string `` /* 166-byte string literal not displayed */ ExtraKnativeExternalAnnotations map[string]string `` /* 176-byte string literal not displayed */ }
type KnativeProxy ¶
type KnativeProxy struct { Image *Image `json:"image,omitempty"` HttpPort *int `json:"httpPort,omitempty" desc:"HTTP port for the proxy"` HttpsPort *int `json:"httpsPort,omitempty" desc:"HTTPS port for the proxy"` Tracing *string `json:"tracing,omitempty" desc:"tracing configuration"` RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the pod to run as. Default is 10101"` LoopBackAddress *string `` /* 184-byte string literal not displayed */ Stats *bool `json:"stats,omitempty" desc:"Controls whether or not Envoy stats are enabled"` ExtraClusterIngressProxyLabels map[string]string `` /* 175-byte string literal not displayed */ ExtraClusterIngressProxyAnnotations map[string]string `` /* 185-byte string literal not displayed */ Internal *KnativeProxyInternal `json:"internal,omitempty" desc:"kube resource overrides for knative internal proxy resources"` *DeploymentSpec *ServiceSpec ConfigMap *KubeResourceOverride `json:"configMap,omitempty"` Deployment *KubeResourceOverride `json:"deployment,omitempty"` }
type KnativeProxyInternal ¶ added in v1.8.0
type KnativeProxyInternal struct { Deployment *KubeResourceOverride `json:"deployment,omitempty"` Service *KubeResourceOverride `json:"service,omitempty"` ConfigMap *KubeResourceOverride `json:"configMap,omitempty"` }
type KubeResourceOverride ¶ added in v1.8.0
type KubeResourceOverride struct {
KubeResourceOverride map[string]interface{} `` /* 156-byte string literal not displayed */
}
Used to override any field in generated kubernetes resources.
type KubernetesSecrets ¶ added in v1.15.3
type KubernetesSecrets struct { }
type Mtls ¶ added in v1.3.6
type Mtls struct { Enabled *bool `json:"enabled,omitempty" desc:"Enables internal mtls authentication"` Sds SdsContainer `json:"sds,omitempty"` EnvoySidecar EnvoySidecarContainer `json:"envoy,omitempty"` IstioProxy IstioProxyContainer `json:"istioProxy,omitempty" desc:"Istio-proxy container"` EnvoySidecarResources *ResourceRequirements `json:"envoySidecarResources,omitempty" desc:"Sets default resource requirements for all Envoy sidecar containers."` SdsResources *ResourceRequirements `json:"sdsResources,omitempty" desc:"Sets default resource requirements for all sds containers."` }
type Namespace ¶
type Namespace struct {
Create *bool `json:"create,omitempty" desc:"create the installation namespace"`
}
type PodDisruptionBudget ¶ added in v1.6.11
type PodDisruptionBudget struct { MinAvailable *string `` /* 297-byte string literal not displayed */ }
type PodDisruptionBudgetWithOverride ¶ added in v1.14.19
type PodDisruptionBudgetWithOverride struct { *PodDisruptionBudget *KubeResourceOverride }
type PodSecurityContext ¶ added in v1.14.5
type PodSecurityContext struct { *corev1.PodSecurityContext *SecurityOpts }
type PodSpec ¶ added in v0.18.0
type PodSpec struct { RestartPolicy *string `json:"restartPolicy,omitempty" desc:"restart policy to use when the pod exits"` PriorityClassName *string `json:"priorityClassName,omitempty" desc:"name of a defined priority class"` NodeName *string `json:"nodeName,omitempty" desc:"name of node to run on"` NodeSelector map[string]string `json:"nodeSelector,omitempty" desc:"label selector for nodes"` Tolerations []*corev1.Toleration `json:"tolerations,omitempty"` Affinity map[string]interface{} `json:"affinity,omitempty"` HostAliases []interface{} `json:"hostAliases,omitempty"` InitContainers []interface{} `` /* 208-byte string literal not displayed */ }
type ResourceAllocation ¶ added in v0.18.1
type ResourceRef ¶ added in v1.6.0
type ResourceRef struct { Namespace *string `json:"namespace,omitempty" desc:"The namespace of this resource."` Name *string `json:"name,omitempty" desc:"The name of this resource."` }
equivalent of core.solo.io.ResourceRef
type ResourceRequirements ¶ added in v0.18.1
type ResourceRequirements struct { Limits *ResourceAllocation `json:"limits,omitempty" desc:"resource limits of this container"` Requests *ResourceAllocation `json:"requests,omitempty" desc:"resource requests of this container"` }
type RolloutJob ¶ added in v1.9.25
type RolloutJob struct { *JobSpec Enabled *bool `` /* 138-byte string literal not displayed */ Image *Image `json:"image,omitempty"` Resources *ResourceRequirements `json:"resources,omitempty"` FloatingUserId *bool `` /* 142-byte string literal not displayed */ RunAsUser *float64 `json:"runAsUser,omitempty" desc:"Explicitly set the user ID for the processes in the container to run as. Default is 10101."` Timeout *int `` /* 155-byte string literal not displayed */ }
type SdsContainer ¶ added in v1.3.8
type SdsContainer struct { Image *Image `json:"image,omitempty"` SecurityContext *SecurityContext `` /* 311-byte string literal not displayed */ LogLevel *string `` /* 158-byte string literal not displayed */ }
type SecretOptions ¶ added in v1.15.3
type SecretOptions struct {
Sources []*SecretOptionsSource `json:"sources,omitempty" desc:"List of sources to use for secrets."`
}
type SecretOptionsSource ¶ added in v1.15.3
type SecretOptionsSource struct { Kubernetes KubernetesSecrets `json:"kubernetes,omitempty" desc:"Only one of kubernetes, vault, or directory may be set"` Vault VaultSecrets `json:"vault,omitempty" desc:"Only one of kubernetes, vault, or directory may be set"` Directory Directory `json:"directory,omitempty" desc:"Only one of kubernetes, vault, or directory may be set"` }
type SecurityContext ¶ added in v1.14.5
type SecurityContext struct { *corev1.SecurityContext *SecurityOpts }
type SecurityOpts ¶ added in v1.14.5
type SecurityOpts struct {
MergePolicy *string `` /* 814-byte string literal not displayed */
}
type Service ¶ added in v1.3.18
type Service struct { Type *string `json:"type,omitempty" desc:"K8s service type"` ExtraAnnotations map[string]string `json:"extraAnnotations,omitempty" desc:"extra annotations to add to the service"` LoadBalancerIP *string `json:"loadBalancerIP,omitempty" desc:"IP address of the load balancer"` HttpPort *int `json:"httpPort,omitempty" desc:"HTTP port for the knative/ingress proxy service"` HttpsPort *int `json:"httpsPort,omitempty" desc:"HTTPS port for the knative/ingress proxy service"` *KubeResourceOverride }
type ServiceAccount ¶ added in v0.18.20
type ServiceAccount struct { ExtraAnnotations map[string]string `json:"extraAnnotations,omitempty" desc:"extra annotations to add to the service account"` DisableAutomount *bool `` /* 204-byte string literal not displayed */ *KubeResourceOverride }
type ServiceDiscoveryOptions ¶ added in v1.6.0
type ServiceDiscoveryOptions struct {
DataCenters []string `` /* 213-byte string literal not displayed */
}
type ServiceSpec ¶ added in v1.3.18
type ServiceSpec struct {
Service *Service `json:"service,omitempty" desc:"K8s service configuration"`
}
type Settings ¶
type Settings struct { WatchNamespaces []string `` /* 141-byte string literal not displayed */ WriteNamespace *string `` /* 139-byte string literal not displayed */ Integrations *Integrations `json:"integrations,omitempty"` Create *bool `json:"create,omitempty" desc:"create a Settings CRD which provides bootstrap configuration to Gloo Edge controllers"` Extensions interface{} `json:"extensions,omitempty"` SingleNamespace *bool `json:"singleNamespace,omitempty" desc:"Enable to use install namespace as WatchNamespace and WriteNamespace"` InvalidConfigPolicy *InvalidConfigPolicy `json:"invalidConfigPolicy,omitempty" desc:"Define policies for Gloo Edge to handle invalid configuration"` Linkerd *bool `json:"linkerd,omitempty" desc:"Enable automatic Linkerd integration in Gloo Edge"` DisableProxyGarbageCollection *bool `` /* 391-byte string literal not displayed */ RegexMaxProgramSize *uint32 `` /* 219-byte string literal not displayed */ DisableKubernetesDestinations *bool `` /* 1093-byte string literal not displayed */ Aws AwsSettings `json:"aws,omitempty"` RateLimit interface{} `` /* 504-byte string literal not displayed */ RatelimitServer interface{} `` /* 300-byte string literal not displayed */ CircuitBreakers CircuitBreakersSettings `json:"circuitBreakers,omitempty" desc:"Set this to configure the circuit breaker settings for Gloo."` EnableRestEds *bool `json:"enableRestEds,omitempty" desc:"Whether or not to use rest xds for all EDS by default. Defaults to false."` DevMode *bool `` /* 204-byte string literal not displayed */ SecretOptions SecretOptions `json:"secretOptions,omitempty" desc:"Options for how Gloo Edge should handle secrets."` *KubeResourceOverride }
type Stats ¶ added in v1.2.13
type Stats struct { Enabled *bool `json:"enabled,omitempty" desc:"Controls whether or not Envoy stats are enabled"` RoutePrefixRewrite *string `json:"routePrefixRewrite,omitempty" desc:"The Envoy stats endpoint to which the metrics are written"` SetDatadogAnnotations *bool `json:"setDatadogAnnotations,omitempty" desc:"Sets the default datadog annotations"` EnableStatsRoute *bool `json:"enableStatsRoute,omitempty" desc:"Enables an additional route to the stats cluster defaulting to /stats"` StatsPrefixRewrite *string `json:"statsPrefixRewrite,omitempty" desc:"The Envoy stats endpoint with general metrics for the additional stats route"` ServiceMonitorEnabled *bool `` /* 184-byte string literal not displayed */ PodMonitorEnabled *bool `` /* 176-byte string literal not displayed */ }
type UdsOptions ¶ added in v1.9.5
type UdsOptions struct { Enabled *bool `json:"enabled,omitempty" desc:"Enable upstream discovery service. Defaults to true."` WatchLabels map[string]string `` /* 148-byte string literal not displayed */ }
Configuration options for the Upstream Discovery Service (UDS).
type VaultAwsAuth ¶ added in v1.15.3
type VaultAwsAuth struct { VaultRole string `` /* 170-byte string literal not displayed */ Region string `json:"region,omitempty" desc:"The AWS region to use for the login attempt."` IamServerIdHeader string `json:"iamServerIdHeader,omitempty" desc:"The IAM Server ID Header required to be included in the request."` MountPath string `json:"mountPath,omitempty" desc:"The Vault path on which the AWS auth is mounted."` AccessKeyID string `` /* 389-byte string literal not displayed */ SecretAccessKey string `` /* 397-byte string literal not displayed */ SessionToken string `json:"sessionToken,omitempty" desc:"The Session Token as provided by the security credentials on the AWS IAM resource."` LeaseIncrement *uint32 `` /* 265-byte string literal not displayed */ }
type VaultSecrets ¶ added in v1.15.3
type VaultSecrets struct { Address string `` /* 175-byte string literal not displayed */ RootKey string `` /* 183-byte string literal not displayed */ PathPrefix string `` /* 233-byte string literal not displayed */ TlsConfig VaultTlsConfig `` /* 205-byte string literal not displayed */ AccessToken string `json:"accessToken,omitempty" desc:"Vault token to use for authentication. Only one of accessToken or aws may be set."` Aws VaultAwsAuth `json:"aws,omitempty" desc:"Only one of accessToken or aws may be set."` }
type VaultTlsConfig ¶ added in v1.15.3
type VaultTlsConfig struct { CaCert string `json:"caCert,omitempty" desc:"Path to a PEM-encoded CA cert file to use to verify the Vault server SSL certificate."` CaPath string `json:"caPath,omitempty" desc:"Path to a directory of PEM-encoded CA cert files to verify the Vault server SSL certificate."` ClientCert string `json:"clientCert,omitempty" desc:"Path to the certificate for Vault communication."` ClientKey string `json:"clientKey,omitempty" desc:"Path to the private key for Vault communication."` TlsServerName string `json:"tlsServerName,omitempty" desc:"If set, it is used to set the SNI host when connecting via TLS."` Insecure bool `json:"insecure,omitempty" desc:"Disables TLS verification when set to true."` }
type Webhook ¶ added in v1.3.27
type Webhook struct { Enabled *bool `json:"enabled,omitempty" desc:"enable validation webhook (default true)"` DisableHelmHook *bool `json:"disableHelmHook,omitempty" desc:"do not create the webhook as helm hook (default false)"` TimeoutSeconds *int `json:"timeoutSeconds,omitempty" desc:"the timeout for the webhook, defaults to 10"` ExtraAnnotations map[string]string `json:"extraAnnotations,omitempty" desc:"extra annotations to add to the webhook"` SkipDeleteValidationResources []string `` /* 329-byte string literal not displayed */ *KubeResourceOverride }
Click to show internal directories.
Click to hide internal directories.