v1

package
v1.30.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 29, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

API Schema definitions for configuring the installation of Calico and Calico Enterprise +k8s:deepcopy-gen=package,register +groupName=operator.tigera.io

Package v1 contains API Schema definitions for the operator v1 API group +kubebuilder:object:generate=true +groupName=operator.tigera.io

Index

Constants

View Source
const (
	WAFDisabled                    WAFStatusType                    = "Disabled"
	WAFEnabled                     WAFStatusType                    = "Enabled"
	L7LogCollectionDisabled        LogCollectionStatusType          = "Disabled"
	L7LogCollectionEnabled         LogCollectionStatusType          = "Enabled"
	ApplicationLayerPolicyEnabled  ApplicationLayerPolicyStatusType = "Enabled"
	ApplicationLayerPolicyDisabled ApplicationLayerPolicyStatusType = "Disabled"
)
View Source
const (
	AuthTypeToken = "Token"
	AuthTypeBasic = "Basic"
	AuthTypeOIDC  = "OIDC"
	AuthTypeOAuth = "OAuth"
)
View Source
const NodeSelectorDefault string = "all()"
View Source
const (
	TigeraStatusReady = "Ready"
)

Variables

View Source
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "operator.tigera.io", Version: "v1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var CNIPluginTypesString []string = []string{
	PluginCalico.String(),
	PluginGKE.String(),
	PluginAmazonVPC.String(),
	PluginAzureVNET.String(),
}
View Source
var EncapsulationTypesString []string = []string{
	EncapsulationIPIPCrossSubnet.String(),
	EncapsulationIPIP.String(),
	EncapsulationVXLAN.String(),
	EncapsulationVXLANCrossSubnet.String(),
	EncapsulationNone.String(),
}
View Source
var HostPortsTypesString []string = []string{
	HostPortsEnabled.String(),
	HostPortsDisabled.String(),
}
View Source
var IPAMPluginTypesString []string = []string{
	IPAMPluginCalico.String(),
	IPAMPluginHostLocal.String(),
	IPAMPluginAmazonVPC.String(),
	IPAMPluginAzureVNET.String(),
}
View Source
var NATOutgoingTypesString []string = []string{
	NATOutgoingEnabled.String(),
	NATOutgoingDisabled.String(),
}
View Source
var SyslogLogTypesString []string = []string{
	SyslogLogAudit.String(),
	SyslogLogDNS.String(),
	SyslogLogFlows.String(),
	SyslogLogL7.String(),
	SyslogLogIDSEvents.String(),
}

Functions

func IsFIPSModeEnabled added in v1.28.0

func IsFIPSModeEnabled(mode *FIPSMode) bool

IsFIPSModeEnabled is a convenience function for turning a FIPSMode reference into a bool.

func IsFIPSModeEnabledString added in v1.28.0

func IsFIPSModeEnabledString(mode *FIPSMode) string

IsFIPSModeEnabledString is a convenience function for turning a FIPSMode reference into a string formatted bool.

Types

type APIServer

type APIServer struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for the Tigera API server.
	Spec APIServerSpec `json:"spec,omitempty"`

	// Most recently observed status for the Tigera API server.
	Status APIServerStatus `json:"status,omitempty"`
}

APIServer installs the Tigera API server and related resources. At most one instance of this resource is supported. It must be named "default" or "tigera-secure". +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster

func (*APIServer) DeepCopy

func (in *APIServer) DeepCopy() *APIServer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer.

func (*APIServer) DeepCopyInto

func (in *APIServer) DeepCopyInto(out *APIServer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIServer) DeepCopyObject

func (in *APIServer) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIServerDeployment added in v1.27.17

type APIServerDeployment struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the specification of the API server Deployment.
	// +optional
	Spec *APIServerDeploymentSpec `json:"spec,omitempty"`
}

APIServerDeployment is the configuration for the API server Deployment.

func (*APIServerDeployment) DeepCopy added in v1.27.17

func (in *APIServerDeployment) DeepCopy() *APIServerDeployment

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerDeployment.

func (*APIServerDeployment) DeepCopyInto added in v1.27.17

func (in *APIServerDeployment) DeepCopyInto(out *APIServerDeployment)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIServerDeployment) GetAffinity added in v1.27.17

func (c *APIServerDeployment) GetAffinity() *v1.Affinity

func (*APIServerDeployment) GetContainers added in v1.27.17

func (c *APIServerDeployment) GetContainers() []v1.Container

func (*APIServerDeployment) GetDeploymentStrategy added in v1.27.17

func (c *APIServerDeployment) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*APIServerDeployment) GetInitContainers added in v1.27.17

func (c *APIServerDeployment) GetInitContainers() []v1.Container

func (*APIServerDeployment) GetMetadata added in v1.27.17

func (c *APIServerDeployment) GetMetadata() *Metadata

func (*APIServerDeployment) GetMinReadySeconds added in v1.27.17

func (c *APIServerDeployment) GetMinReadySeconds() *int32

func (*APIServerDeployment) GetNodeSelector added in v1.27.17

func (c *APIServerDeployment) GetNodeSelector() map[string]string

func (*APIServerDeployment) GetPodTemplateMetadata added in v1.27.17

func (c *APIServerDeployment) GetPodTemplateMetadata() *Metadata

func (*APIServerDeployment) GetPriorityClassName added in v1.30.10

func (c *APIServerDeployment) GetPriorityClassName() string

func (*APIServerDeployment) GetTerminationGracePeriodSeconds added in v1.27.17

func (c *APIServerDeployment) GetTerminationGracePeriodSeconds() *int64

func (*APIServerDeployment) GetTolerations added in v1.27.17

func (c *APIServerDeployment) GetTolerations() []v1.Toleration

func (*APIServerDeployment) GetTopologySpreadConstraints added in v1.29.0

func (c *APIServerDeployment) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type APIServerDeploymentContainer added in v1.27.17

type APIServerDeploymentContainer struct {
	// Name is an enum which identifies the API server Deployment container by name.
	// +kubebuilder:validation:Enum=calico-apiserver;tigera-queryserver
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named API server Deployment container's resources.
	// If omitted, the API server Deployment will use its default value for this container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

APIServerDeploymentContainer is an API server Deployment container.

func (*APIServerDeploymentContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerDeploymentContainer.

func (*APIServerDeploymentContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIServerDeploymentInitContainer added in v1.27.17

type APIServerDeploymentInitContainer struct {
	// Name is an enum which identifies the API server Deployment init container by name.
	// +kubebuilder:validation:Enum=calico-apiserver-certs-key-cert-provisioner
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named API server Deployment init container's resources.
	// If omitted, the API server Deployment will use its default value for this init container's resources.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

APIServerDeploymentInitContainer is an API server Deployment init container.

func (*APIServerDeploymentInitContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerDeploymentInitContainer.

func (*APIServerDeploymentInitContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIServerDeploymentPodSpec added in v1.27.17

type APIServerDeploymentPodSpec struct {
	// InitContainers is a list of API server init containers.
	// If specified, this overrides the specified API server Deployment init containers.
	// If omitted, the API server Deployment will use its default values for its init containers.
	// +optional
	InitContainers []APIServerDeploymentInitContainer `json:"initContainers,omitempty"`

	// Containers is a list of API server containers.
	// If specified, this overrides the specified API server Deployment containers.
	// If omitted, the API server Deployment will use its default values for its containers.
	// +optional
	Containers []APIServerDeploymentContainer `json:"containers,omitempty"`

	// Affinity is a group of affinity scheduling rules for the API server pods.
	// If specified, this overrides any affinity that may be set on the API server Deployment.
	// If omitted, the API server Deployment will use its default value for affinity.
	// WARNING: Please note that this field will override the default API server Deployment affinity.
	// +optional
	Affinity *v1.Affinity `json:"affinity,omitempty"`

	// NodeSelector is the API server pod's scheduling constraints.
	// If specified, each of the key/value pairs are added to the API server Deployment nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If used in conjunction with ControlPlaneNodeSelector, that nodeSelector is set on the API server Deployment
	// and each of this field's key/value pairs are added to the API server Deployment nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If omitted, the API server Deployment will use its default value for nodeSelector.
	// WARNING: Please note that this field will modify the default API server Deployment nodeSelector.
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// TopologySpreadConstraints describes how a group of pods ought to spread across topology
	// domains. Scheduler will schedule pods in a way which abides by the constraints.
	// All topologySpreadConstraints are ANDed.
	// +optional
	TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`

	// Tolerations is the API server pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the API server Deployment.
	// If omitted, the API server Deployment will use its default value for tolerations.
	// WARNING: Please note that this field will override the default API server Deployment tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations,omitempty"`
}

APIServerDeploymentDeploymentPodSpec is the API server Deployment's PodSpec.

func (*APIServerDeploymentPodSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerDeploymentPodSpec.

func (*APIServerDeploymentPodSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIServerDeploymentPodTemplateSpec added in v1.27.17

type APIServerDeploymentPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the API server Deployment's PodSpec.
	// +optional
	Spec *APIServerDeploymentPodSpec `json:"spec,omitempty"`
}

APIServerDeploymentPodTemplateSpec is the API server Deployment's PodTemplateSpec

func (*APIServerDeploymentPodTemplateSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerDeploymentPodTemplateSpec.

func (*APIServerDeploymentPodTemplateSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIServerDeploymentSpec added in v1.27.17

type APIServerDeploymentSpec struct {
	// MinReadySeconds is the minimum number of seconds for which a newly created Deployment pod should
	// be ready without any of its container crashing, for it to be considered available.
	// If specified, this overrides any minReadySeconds value that may be set on the API server Deployment.
	// If omitted, the API server Deployment will use its default value for minReadySeconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`

	// Template describes the API server Deployment pod that will be created.
	// +optional
	Template *APIServerDeploymentPodTemplateSpec `json:"template,omitempty"`
}

APIServerDeploymentSpec defines configuration for the API server Deployment.

func (*APIServerDeploymentSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerDeploymentSpec.

func (*APIServerDeploymentSpec) DeepCopyInto added in v1.27.17

func (in *APIServerDeploymentSpec) DeepCopyInto(out *APIServerDeploymentSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIServerList

type APIServerList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []APIServer `json:"items"`
}

APIServerList contains a list of APIServer

func (*APIServerList) DeepCopy

func (in *APIServerList) DeepCopy() *APIServerList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerList.

func (*APIServerList) DeepCopyInto

func (in *APIServerList) DeepCopyInto(out *APIServerList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIServerList) DeepCopyObject

func (in *APIServerList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIServerSpec

type APIServerSpec struct {
	// APIServerDeployment configures the calico-apiserver (or tigera-apiserver in Enterprise) Deployment. If
	// used in conjunction with ControlPlaneNodeSelector or ControlPlaneTolerations, then these overrides
	// take precedence.
	APIServerDeployment *APIServerDeployment `json:"apiServerDeployment,omitempty"`
}

APIServerSpec defines the desired state of Tigera API server.

func (*APIServerSpec) DeepCopy

func (in *APIServerSpec) DeepCopy() *APIServerSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerSpec.

func (*APIServerSpec) DeepCopyInto

func (in *APIServerSpec) DeepCopyInto(out *APIServerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIServerStatus

type APIServerStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

APIServerStatus defines the observed state of Tigera API server.

func (*APIServerStatus) DeepCopy

func (in *APIServerStatus) DeepCopy() *APIServerStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerStatus.

func (*APIServerStatus) DeepCopyInto

func (in *APIServerStatus) DeepCopyInto(out *APIServerStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSEgressGateway added in v1.29.1

type AWSEgressGateway struct {

	// NativeIP defines if EgressGateway is to use an AWS backed IPPool.
	// Default: Disabled
	// +kubebuilder:validation:Enum=Enabled;Disabled
	// +optional
	NativeIP *NativeIP `json:"nativeIP,omitempty"`

	// ElasticIPs defines the set of elastic IPs that can be used for Egress Gateway pods.
	// NativeIP must be Enabled if elastic IPs are set.
	// +optional
	ElasticIPs []string `json:"elasticIPs,omitempty"`
}

AWSEgressGateway defines the configurations for deploying EgressGateway in AWS

func (*AWSEgressGateway) DeepCopy added in v1.29.1

func (in *AWSEgressGateway) DeepCopy() *AWSEgressGateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEgressGateway.

func (*AWSEgressGateway) DeepCopyInto added in v1.29.1

func (in *AWSEgressGateway) DeepCopyInto(out *AWSEgressGateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AdditionalLogSourceSpec

type AdditionalLogSourceSpec struct {
	// If specified with EKS Provider in Installation, enables fetching EKS
	// audit logs.
	// +optional
	EksCloudwatchLog *EksCloudwatchLogsSpec `json:"eksCloudwatchLog,omitempty"`
}

func (*AdditionalLogSourceSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalLogSourceSpec.

func (*AdditionalLogSourceSpec) DeepCopyInto

func (in *AdditionalLogSourceSpec) DeepCopyInto(out *AdditionalLogSourceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AdditionalLogStoreSpec

type AdditionalLogStoreSpec struct {
	// If specified, enables exporting of flow, audit, and DNS logs to Amazon S3 storage.
	// +optional
	S3 *S3StoreSpec `json:"s3,omitempty"`
	// If specified, enables exporting of flow, audit, and DNS logs to syslog.
	// +optional
	Syslog *SyslogStoreSpec `json:"syslog,omitempty"`
	// If specified, enables exporting of flow, audit, and DNS logs to splunk.
	// +optional
	Splunk *SplunkStoreSpec `json:"splunk,omitempty"`
}

func (*AdditionalLogStoreSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalLogStoreSpec.

func (*AdditionalLogStoreSpec) DeepCopyInto

func (in *AdditionalLogStoreSpec) DeepCopyInto(out *AdditionalLogStoreSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AmazonCloudIntegration

type AmazonCloudIntegration struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AmazonCloudIntegrationSpec   `json:"spec,omitempty"`
	Status AmazonCloudIntegrationStatus `json:"status,omitempty"`
}

AmazonCloudIntegration is the Schema for the amazoncloudintegrations API +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster +kubebuilder:storageversion

func (*AmazonCloudIntegration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AmazonCloudIntegration.

func (*AmazonCloudIntegration) DeepCopyInto

func (in *AmazonCloudIntegration) DeepCopyInto(out *AmazonCloudIntegration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AmazonCloudIntegration) DeepCopyObject

func (in *AmazonCloudIntegration) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AmazonCloudIntegrationList

type AmazonCloudIntegrationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AmazonCloudIntegration `json:"items"`
}

AmazonCloudIntegrationList contains a list of AmazonCloudIntegration

func (*AmazonCloudIntegrationList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AmazonCloudIntegrationList.

func (*AmazonCloudIntegrationList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AmazonCloudIntegrationList) DeepCopyObject

func (in *AmazonCloudIntegrationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AmazonCloudIntegrationSpec

type AmazonCloudIntegrationSpec struct {
	// DefaultPodMetadataAccess defines what the default behavior will be for accessing
	// the AWS metadata service from a pod.
	// Default: Denied
	// +optional
	// +kubebuilder:validation:Enum=Allowed;Denied
	DefaultPodMetadataAccess MetadataAccessAllowedType `json:"defaultPodMetadataAccess,omitempty"`

	// NodeSecurityGroupIDs is a list of Security Group IDs that all nodes and masters
	// will be in.
	NodeSecurityGroupIDs []string `json:"nodeSecurityGroupIDs,omitempty"`
	// PodSecurityGroupID is the ID of the Security Group which all pods should be placed
	// in by default.
	PodSecurityGroupID string `json:"podSecurityGroupID,omitempty"`
	// VPCS is a list of VPC IDs to monitor for ENIs and Security Groups, only one is supported.
	VPCS []string `json:"vpcs,omitempty"`
	// SQSURL is the SQS URL needed to access the Simple Queue Service.
	SQSURL string `json:"sqsURL,omitempty"`
	// AWSRegion is the region in which your cluster is located.
	AWSRegion string `json:"awsRegion,omitempty"`
	// EnforcedSecurityGroupID is the ID of the Security Group which will be applied to all
	// ENIs that are on a host that is also part of the Kubernetes cluster.
	EnforcedSecurityGroupID string `json:"enforcedSecurityGroupID,omitempty"`
	// TrustEnforcedSecurityGroupID is the ID of the Security Group which will be applied
	// to all ENIs in the VPC.
	TrustEnforcedSecurityGroupID string `json:"trustEnforcedSecurityGroupID,omitempty"`
}

AmazonCloudIntegrationSpec defines the desired state of AmazonCloudIntegration

func (*AmazonCloudIntegrationSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AmazonCloudIntegrationSpec.

func (*AmazonCloudIntegrationSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AmazonCloudIntegrationStatus

type AmazonCloudIntegrationStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

AmazonCloudIntegrationStatus defines the observed state of AmazonCloudIntegration

func (*AmazonCloudIntegrationStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AmazonCloudIntegrationStatus.

func (*AmazonCloudIntegrationStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AnomalyDetectionSpec added in v1.28.1

type AnomalyDetectionSpec struct {

	// StorageClassName will be used to query for an existing StorageClass with the same as the field value. It will also
	// populate the PersistentVolumeClaim.StorageClassName that is used to provision disks for the Anomaly Detection API
	// pod for model storage. If the field is left blank, Anomaly Detection API will be using EmptyDir VolumeSource.
	// The StorageClassName should only be modified when no StorageClass is currently active. We recommend choosing a
	// storage class dedicated to AnomalyDetection only. Otherwise, model retention cannot be guaranteed during upgrades.
	// See https://docs.tigera.io/maintenance/upgrading for up-to-date instructions.
	// This field is not used for managed clusters in a Multi-cluster management setup.
	// +optional
	StorageClassName string `json:"storageClassName,omitempty"`
}

func (*AnomalyDetectionSpec) DeepCopy added in v1.28.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AnomalyDetectionSpec.

func (*AnomalyDetectionSpec) DeepCopyInto added in v1.28.1

func (in *AnomalyDetectionSpec) DeepCopyInto(out *AnomalyDetectionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ApplicationLayer added in v1.24.0

type ApplicationLayer struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ApplicationLayerSpec   `json:"spec,omitempty"`
	Status ApplicationLayerStatus `json:"status,omitempty"`
}

ApplicationLayer is the Schema for the applicationlayers API

func (*ApplicationLayer) DeepCopy added in v1.24.0

func (in *ApplicationLayer) DeepCopy() *ApplicationLayer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationLayer.

func (*ApplicationLayer) DeepCopyInto added in v1.24.0

func (in *ApplicationLayer) DeepCopyInto(out *ApplicationLayer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ApplicationLayer) DeepCopyObject added in v1.24.0

func (in *ApplicationLayer) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ApplicationLayerList added in v1.24.0

type ApplicationLayerList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ApplicationLayer `json:"items"`
}

ApplicationLayerList contains a list of ApplicationLayer

func (*ApplicationLayerList) DeepCopy added in v1.24.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationLayerList.

func (*ApplicationLayerList) DeepCopyInto added in v1.24.0

func (in *ApplicationLayerList) DeepCopyInto(out *ApplicationLayerList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ApplicationLayerList) DeepCopyObject added in v1.24.0

func (in *ApplicationLayerList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ApplicationLayerPolicyStatusType added in v1.29.2

type ApplicationLayerPolicyStatusType string

type ApplicationLayerSpec added in v1.24.0

type ApplicationLayerSpec struct {
	// WebApplicationFirewall controls whether or not ModSecurity enforcement is enabled for the cluster.
	// When enabled, Services may opt-in to having ingress traffic examed by ModSecurity.
	WebApplicationFirewall *WAFStatusType `json:"webApplicationFirewall,omitempty"`
	// Specification for application layer (L7) log collection.
	LogCollection *LogCollectionSpec `json:"logCollection,omitempty"`
	// Application Layer Policy controls whether or not ALP enforcement is enabled for the cluster.
	// When enabled, NetworkPolicies with HTTP Match rules may be defined to opt-in workloads for traffic enforcement on the application layer.
	ApplicationLayerPolicy *ApplicationLayerPolicyStatusType `json:"applicationLayerPolicy,omitempty"`
	// User-configurable settings for the Envoy proxy.
	EnvoySettings *EnvoySettings `json:"envoy,omitempty"`
}

ApplicationLayerSpec defines the desired state of ApplicationLayer

func (*ApplicationLayerSpec) DeepCopy added in v1.24.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationLayerSpec.

func (*ApplicationLayerSpec) DeepCopyInto added in v1.24.0

func (in *ApplicationLayerSpec) DeepCopyInto(out *ApplicationLayerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ApplicationLayerStatus added in v1.24.0

type ApplicationLayerStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

ApplicationLayerStatus defines the observed state of ApplicationLayer

func (*ApplicationLayerStatus) DeepCopy added in v1.24.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationLayerStatus.

func (*ApplicationLayerStatus) DeepCopyInto added in v1.24.0

func (in *ApplicationLayerStatus) DeepCopyInto(out *ApplicationLayerStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Auth

type Auth struct {
	// Type configures the type of authentication used by the manager.
	// Default: Token
	// +kubebuilder:validation:Enum=Token;Basic;OIDC;OAuth
	Type AuthType `json:"type,omitempty"`

	// Authority configures the OAuth2/OIDC authority/issuer when using OAuth2 or OIDC login.
	// +optional
	Authority string `json:"authority,omitempty"`

	// ClientId configures the OAuth2/OIDC client ID to use for OAuth2 or OIDC login.
	// +optional
	ClientID string `json:"clientID,omitempty"`
}

Auth defines authentication configuration.

func (*Auth) DeepCopy

func (in *Auth) DeepCopy() *Auth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Auth.

func (*Auth) DeepCopyInto

func (in *Auth) DeepCopyInto(out *Auth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthMethod

type AuthMethod string

type AuthType

type AuthType string

AuthType represents the type of authentication to use. Valid options are: Token, Basic, OIDC, OAuth

type Authentication

type Authentication struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AuthenticationSpec   `json:"spec,omitempty"`
	Status AuthenticationStatus `json:"status,omitempty"`
}

Authentication is the Schema for the authentications API

func (*Authentication) DeepCopy

func (in *Authentication) DeepCopy() *Authentication

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authentication.

func (*Authentication) DeepCopyInto

func (in *Authentication) DeepCopyInto(out *Authentication)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Authentication) DeepCopyObject

func (in *Authentication) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AuthenticationLDAP added in v1.16.0

type AuthenticationLDAP struct {
	// The host and port of the LDAP server. Example: ad.example.com:636
	// +required
	Host string `json:"host"`

	// StartTLS whether to enable the startTLS feature for establishing TLS on an existing LDAP session.
	// If true, the ldap:// protocol is used and then issues a StartTLS command, otherwise, connections will use
	// the ldaps:// protocol.
	// +optional
	StartTLS *bool `json:"startTLS,omitempty"`

	// User entry search configuration to match the credentials with a user.
	// +required
	UserSearch *UserSearch `json:"userSearch"`

	// Group search configuration to find the groups that a user is in.
	// +optional
	GroupSearch *GroupSearch `json:"groupSearch,omitempty"`
}

AuthenticationLDAP is the configuration needed to setup LDAP.

func (*AuthenticationLDAP) DeepCopy added in v1.16.0

func (in *AuthenticationLDAP) DeepCopy() *AuthenticationLDAP

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationLDAP.

func (*AuthenticationLDAP) DeepCopyInto added in v1.16.0

func (in *AuthenticationLDAP) DeepCopyInto(out *AuthenticationLDAP)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationList

type AuthenticationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Authentication `json:"items"`
}

AuthenticationList contains a list of Authentication

func (*AuthenticationList) DeepCopy

func (in *AuthenticationList) DeepCopy() *AuthenticationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationList.

func (*AuthenticationList) DeepCopyInto

func (in *AuthenticationList) DeepCopyInto(out *AuthenticationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthenticationList) DeepCopyObject

func (in *AuthenticationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AuthenticationOIDC

type AuthenticationOIDC struct {
	// IssuerURL is the URL to the OIDC provider.
	// +required
	IssuerURL string `json:"issuerURL"`

	// UsernameClaim specifies which claim to use from the OIDC provider as the username.
	// +required
	UsernameClaim string `json:"usernameClaim"`

	// RequestedScopes is a list of scopes to request from the OIDC provider. If not provided, the following scopes are
	// requested: ["openid", "email", "profile", "groups", "offline_access"].
	// +optional
	RequestedScopes []string `json:"requestedScopes,omitempty"`

	// Deprecated. Please use Authentication.Spec.UsernamePrefix instead.
	// +optional
	UsernamePrefix string `json:"usernamePrefix,omitempty"`

	// GroupsClaim specifies which claim to use from the OIDC provider as the group.
	// +optional
	GroupsClaim string `json:"groupsClaim,omitempty"`

	// Deprecated. Please use Authentication.Spec.GroupsPrefix instead.
	// +optional
	GroupsPrefix string `json:"groupsPrefix,omitempty"`

	// Some providers do not include the claim "email_verified" when there is no verification in the user enrollment
	// process or if they are acting as a proxy for another identity provider. By default those tokens are deemed invalid.
	// To skip this check, set the value to "InsecureSkip".
	// Default: Verify
	// +optional
	// +kubebuilder:validation:Enum=Verify;InsecureSkip
	EmailVerification *EmailVerificationType `json:"emailVerification,omitempty"`

	// PromptTypes is an optional list of string values that specifies whether the identity provider prompts the end user
	// for re-authentication and consent. See the RFC for more information on prompt types:
	// https://openid.net/specs/openid-connect-core-1_0.html.
	// Default: "Consent"
	// +optional
	PromptTypes []PromptType `json:"promptTypes,omitempty"`

	// Default: "Dex"
	// +optional
	Type OIDCType `json:"type,omitempty"`
}

AuthenticationOIDC is the configuration needed to setup OIDC.

func (*AuthenticationOIDC) DeepCopy

func (in *AuthenticationOIDC) DeepCopy() *AuthenticationOIDC

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationOIDC.

func (*AuthenticationOIDC) DeepCopyInto

func (in *AuthenticationOIDC) DeepCopyInto(out *AuthenticationOIDC)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationOpenshift

type AuthenticationOpenshift struct {
	// IssuerURL is the URL to the Openshift OAuth provider. Ex.: https://api.my-ocp-domain.com:6443
	// +required
	IssuerURL string `json:"issuerURL"`
}

AuthenticationOpenshift is the configuration needed to setup Openshift.

func (*AuthenticationOpenshift) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationOpenshift.

func (*AuthenticationOpenshift) DeepCopyInto

func (in *AuthenticationOpenshift) DeepCopyInto(out *AuthenticationOpenshift)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationSpec

type AuthenticationSpec struct {
	// ManagerDomain is the domain name of the Manager
	// +required
	ManagerDomain string `json:"managerDomain,omitempty"`

	// If specified, UsernamePrefix is prepended to each user obtained from the identity provider. Note that
	// Kibana does not support a user prefix, so this prefix is removed from Kubernetes User when translating log access
	// ClusterRoleBindings into Elastic.
	// +optional
	UsernamePrefix string `json:"usernamePrefix,omitempty"`

	// If specified, GroupsPrefix is prepended to each group obtained from the identity provider. Note that
	// Kibana does not support a groups prefix, so this prefix is removed from Kubernetes Groups when translating log access
	// ClusterRoleBindings into Elastic.
	// +optional
	GroupsPrefix string `json:"groupsPrefix,omitempty"`

	// OIDC contains the configuration needed to setup OIDC authentication.
	// +optional
	OIDC *AuthenticationOIDC `json:"oidc,omitempty"`

	// Openshift contains the configuration needed to setup Openshift OAuth authentication.
	// +optional
	Openshift *AuthenticationOpenshift `json:"openshift,omitempty"`

	// LDAP contains the configuration needed to setup LDAP authentication.
	// +optional
	LDAP *AuthenticationLDAP `json:"ldap,omitempty"`
}

AuthenticationSpec defines the desired state of Authentication

func (*AuthenticationSpec) DeepCopy

func (in *AuthenticationSpec) DeepCopy() *AuthenticationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationSpec.

func (*AuthenticationSpec) DeepCopyInto

func (in *AuthenticationSpec) DeepCopyInto(out *AuthenticationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationStatus

type AuthenticationStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

AuthenticationStatus defines the observed state of Authentication

func (*AuthenticationStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationStatus.

func (*AuthenticationStatus) DeepCopyInto

func (in *AuthenticationStatus) DeepCopyInto(out *AuthenticationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BGPOption

type BGPOption string

BGPOption describes the mode of BGP to use.

One of: Enabled, Disabled

const (
	BGPEnabled  BGPOption = "Enabled"
	BGPDisabled BGPOption = "Disabled"
)

func BGPOptionPtr

func BGPOptionPtr(b BGPOption) *BGPOption

type CAType added in v1.28.0

type CAType string

CAType specifies which verification method the tunnel client should use to verify the tunnel server's identity.

One of: Tigera, Public

const (
	CATypeTigera CAType = "Tigera"
	CATypePublic CAType = "Public"
)

type CNILogging added in v1.30.0

type CNILogging struct {
	// Default: Info
	// +kubebuilder:validation:Enum=Error;Warning;Debug;Info
	// +optional
	LogSeverity *LogLevel `json:"logSeverity,omitempty"`

	// Default: 100Mi
	// +optional
	LogFileMaxSize *resource.Quantity `json:"logFileMaxSize,omitempty"`

	// Default: 30 (days)
	// +optional
	LogFileMaxAgeDays *uint32 `json:"logFileMaxAgeDays,omitempty"`

	// Default: 10
	// +optional
	LogFileMaxCount *uint32 `json:"logFileMaxCount,omitempty"`
}

func (*CNILogging) DeepCopy added in v1.30.0

func (in *CNILogging) DeepCopy() *CNILogging

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CNILogging.

func (*CNILogging) DeepCopyInto added in v1.30.0

func (in *CNILogging) DeepCopyInto(out *CNILogging)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CNIPluginType

type CNIPluginType string

CNIPluginType describes the type of CNI plugin used.

One of: Calico, GKE, AmazonVPC, AzureVNET

const (
	PluginCalico    CNIPluginType = "Calico"
	PluginGKE       CNIPluginType = "GKE"
	PluginAmazonVPC CNIPluginType = "AmazonVPC"
	PluginAzureVNET CNIPluginType = "AzureVNET"
)

func (CNIPluginType) String

func (cp CNIPluginType) String() string

type CNISpec

type CNISpec struct {
	// Specifies the CNI plugin that will be used in the Calico or Calico Enterprise installation.
	// * For KubernetesProvider GKE, this field defaults to GKE.
	// * For KubernetesProvider AKS, this field defaults to AzureVNET.
	// * For KubernetesProvider EKS, this field defaults to AmazonVPC.
	// * If aws-node daemonset exists in kube-system when the Installation resource is created, this field defaults to AmazonVPC.
	// * For all other cases this field defaults to Calico.
	//
	// For the value Calico, the CNI plugin binaries and CNI config will be installed as part of deployment,
	// for all other values the CNI plugin binaries and CNI config is a dependency that is expected
	// to be installed separately.
	//
	// Default: Calico
	// +kubebuilder:validation:Enum=Calico;GKE;AmazonVPC;AzureVNET
	Type CNIPluginType `json:"type"`

	// IPAM specifies the pod IP address management that will be used in the Calico or
	// Calico Enterprise installation.
	// +optional
	IPAM *IPAMSpec `json:"ipam"`
}

CNISpec contains configuration for the CNI plugin.

func (*CNISpec) DeepCopy

func (in *CNISpec) DeepCopy() *CNISpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CNISpec.

func (*CNISpec) DeepCopyInto

func (in *CNISpec) DeepCopyInto(out *CNISpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CSINodeDriverDaemonSet added in v1.30.0

type CSINodeDriverDaemonSet struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to the DaemonSet.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the specification of the csi-node-driver DaemonSet.
	// +optional
	Spec *CSINodeDriverDaemonSetSpec `json:"spec,omitempty"`
}

CSINodeDriverDaemonSet is the configuration for the csi-node-driver DaemonSet.

func (*CSINodeDriverDaemonSet) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSINodeDriverDaemonSet.

func (*CSINodeDriverDaemonSet) DeepCopyInto added in v1.30.0

func (in *CSINodeDriverDaemonSet) DeepCopyInto(out *CSINodeDriverDaemonSet)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CSINodeDriverDaemonSet) GetAffinity added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetAffinity() *v1.Affinity

func (*CSINodeDriverDaemonSet) GetContainers added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetContainers() []v1.Container

func (*CSINodeDriverDaemonSet) GetDeploymentStrategy added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*CSINodeDriverDaemonSet) GetInitContainers added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetInitContainers() []v1.Container

func (*CSINodeDriverDaemonSet) GetMetadata added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetMetadata() *Metadata

func (*CSINodeDriverDaemonSet) GetMinReadySeconds added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetMinReadySeconds() *int32

func (*CSINodeDriverDaemonSet) GetNodeSelector added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetNodeSelector() map[string]string

func (*CSINodeDriverDaemonSet) GetPodTemplateMetadata added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetPodTemplateMetadata() *Metadata

func (*CSINodeDriverDaemonSet) GetPriorityClassName added in v1.30.10

func (c *CSINodeDriverDaemonSet) GetPriorityClassName() string

func (*CSINodeDriverDaemonSet) GetTerminationGracePeriodSeconds added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetTerminationGracePeriodSeconds() *int64

func (*CSINodeDriverDaemonSet) GetTolerations added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetTolerations() []v1.Toleration

func (*CSINodeDriverDaemonSet) GetTopologySpreadConstraints added in v1.30.0

func (c *CSINodeDriverDaemonSet) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type CSINodeDriverDaemonSetContainer added in v1.30.0

type CSINodeDriverDaemonSetContainer struct {
	// Name is an enum which identifies the csi-node-driver DaemonSet container by name.
	// +kubebuilder:validation:Enum=csi-node-driver
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named csi-node-driver DaemonSet container's resources.
	// If omitted, the csi-node-driver DaemonSet will use its default value for this container's resources.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

CSINodeDriverDaemonSetContainer is a csi-node-driver DaemonSet container.

func (*CSINodeDriverDaemonSetContainer) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSINodeDriverDaemonSetContainer.

func (*CSINodeDriverDaemonSetContainer) DeepCopyInto added in v1.30.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CSINodeDriverDaemonSetPodSpec added in v1.30.0

type CSINodeDriverDaemonSetPodSpec struct {
	// Containers is a list of csi-node-driver containers.
	// If specified, this overrides the specified csi-node-driver DaemonSet containers.
	// If omitted, the csi-node-driver DaemonSet will use its default values for its containers.
	// +optional
	Containers []CSINodeDriverDaemonSetContainer `json:"containers,omitempty"`
	// Affinity is a group of affinity scheduling rules for the csi-node-driver pods.
	// If specified, this overrides any affinity that may be set on the csi-node-driver DaemonSet.
	// If omitted, the csi-node-driver DaemonSet will use its default value for affinity.
	// WARNING: Please note that this field will override the default csi-node-driver DaemonSet affinity.
	// +optional
	Affinity *v1.Affinity `json:"affinity"`

	// NodeSelector is the csi-node-driver pod's scheduling constraints.
	// If specified, each of the key/value pairs are added to the csi-node-driver DaemonSet nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If omitted, the csi-node-driver DaemonSet will use its default value for nodeSelector.
	// WARNING: Please note that this field will modify the default csi-node-driver DaemonSet nodeSelector.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// Tolerations is the csi-node-driver pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the csi-node-driver DaemonSet.
	// If omitted, the csi-node-driver DaemonSet will use its default value for tolerations.
	// WARNING: Please note that this field will override the default csi-node-driver DaemonSet tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations"`
}

CSINodeDriverDaemonSetPodSpec is the csi-node-driver DaemonSet's PodSpec.

func (*CSINodeDriverDaemonSetPodSpec) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSINodeDriverDaemonSetPodSpec.

func (*CSINodeDriverDaemonSetPodSpec) DeepCopyInto added in v1.30.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CSINodeDriverDaemonSetPodTemplateSpec added in v1.30.0

type CSINodeDriverDaemonSetPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the csi-node-driver DaemonSet's PodSpec.
	// +optional
	Spec *CSINodeDriverDaemonSetPodSpec `json:"spec,omitempty"`
}

CSINodeDriverDaemonSetPodTemplateSpec is the csi-node-driver DaemonSet's PodTemplateSpec

func (*CSINodeDriverDaemonSetPodTemplateSpec) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSINodeDriverDaemonSetPodTemplateSpec.

func (*CSINodeDriverDaemonSetPodTemplateSpec) DeepCopyInto added in v1.30.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CSINodeDriverDaemonSetSpec added in v1.30.0

type CSINodeDriverDaemonSetSpec struct {
	// MinReadySeconds is the minimum number of seconds for which a newly created DaemonSet pod should
	// be ready without any of its container crashing, for it to be considered available.
	// If specified, this overrides any minReadySeconds value that may be set on the csi-node-driver DaemonSet.
	// If omitted, the csi-node-driver DaemonSet will use its default value for minReadySeconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`
	// Template describes the csi-node-driver DaemonSet pod that will be created.
	// +optional
	Template *CSINodeDriverDaemonSetPodTemplateSpec `json:"template,omitempty"`
}

CSINodeDriverDaemonSetSpec defines configuration for the csi-node-driver DaemonSet.

func (*CSINodeDriverDaemonSetSpec) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSINodeDriverDaemonSetSpec.

func (*CSINodeDriverDaemonSetSpec) DeepCopyInto added in v1.30.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoKubeControllersDeployment added in v1.27.17

type CalicoKubeControllersDeployment struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the specification of the calico-kube-controllers Deployment.
	// +optional
	Spec *CalicoKubeControllersDeploymentSpec `json:"spec,omitempty"`
}

CalicoKubeControllersDeployment is the configuration for the calico-kube-controllers Deployment.

func (*CalicoKubeControllersDeployment) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoKubeControllersDeployment.

func (*CalicoKubeControllersDeployment) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CalicoKubeControllersDeployment) GetAffinity added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetAffinity() *v1.Affinity

func (*CalicoKubeControllersDeployment) GetContainers added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetContainers() []v1.Container

func (*CalicoKubeControllersDeployment) GetDeploymentStrategy added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*CalicoKubeControllersDeployment) GetInitContainers added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetInitContainers() []v1.Container

func (*CalicoKubeControllersDeployment) GetMetadata added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetMetadata() *Metadata

func (*CalicoKubeControllersDeployment) GetMinReadySeconds added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetMinReadySeconds() *int32

func (*CalicoKubeControllersDeployment) GetNodeSelector added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetNodeSelector() map[string]string

func (*CalicoKubeControllersDeployment) GetPodTemplateMetadata added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetPodTemplateMetadata() *Metadata

func (*CalicoKubeControllersDeployment) GetPriorityClassName added in v1.30.10

func (c *CalicoKubeControllersDeployment) GetPriorityClassName() string

func (*CalicoKubeControllersDeployment) GetTerminationGracePeriodSeconds added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetTerminationGracePeriodSeconds() *int64

func (*CalicoKubeControllersDeployment) GetTolerations added in v1.27.17

func (c *CalicoKubeControllersDeployment) GetTolerations() []v1.Toleration

func (*CalicoKubeControllersDeployment) GetTopologySpreadConstraints added in v1.29.0

func (c *CalicoKubeControllersDeployment) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type CalicoKubeControllersDeploymentContainer added in v1.27.17

type CalicoKubeControllersDeploymentContainer struct {
	// Name is an enum which identifies the calico-kube-controllers Deployment container by name.
	// +kubebuilder:validation:Enum=calico-kube-controllers
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named calico-kube-controllers Deployment container's resources.
	// If omitted, the calico-kube-controllers Deployment will use its default value for this container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

CalicoKubeControllersDeploymentContainer is a calico-kube-controllers Deployment container.

func (*CalicoKubeControllersDeploymentContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoKubeControllersDeploymentContainer.

func (*CalicoKubeControllersDeploymentContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoKubeControllersDeploymentPodSpec added in v1.27.17

type CalicoKubeControllersDeploymentPodSpec struct {
	// Containers is a list of calico-kube-controllers containers.
	// If specified, this overrides the specified calico-kube-controllers Deployment containers.
	// If omitted, the calico-kube-controllers Deployment will use its default values for its containers.
	// +optional
	Containers []CalicoKubeControllersDeploymentContainer `json:"containers,omitempty"`

	// Affinity is a group of affinity scheduling rules for the calico-kube-controllers pods.
	// If specified, this overrides any affinity that may be set on the calico-kube-controllers Deployment.
	// If omitted, the calico-kube-controllers Deployment will use its default value for affinity.
	// WARNING: Please note that this field will override the default calico-kube-controllers Deployment affinity.
	// +optional
	Affinity *v1.Affinity `json:"affinity"`

	// NodeSelector is the calico-kube-controllers pod's scheduling constraints.
	// If specified, each of the key/value pairs are added to the calico-kube-controllers Deployment nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If used in conjunction with ControlPlaneNodeSelector, that nodeSelector is set on the calico-kube-controllers Deployment
	// and each of this field's key/value pairs are added to the calico-kube-controllers Deployment nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If omitted, the calico-kube-controllers Deployment will use its default value for nodeSelector.
	// WARNING: Please note that this field will modify the default calico-kube-controllers Deployment nodeSelector.
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// Tolerations is the calico-kube-controllers pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the calico-kube-controllers Deployment.
	// If omitted, the calico-kube-controllers Deployment will use its default value for tolerations.
	// WARNING: Please note that this field will override the default calico-kube-controllers Deployment tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations"`
}

CalicoKubeControllersDeploymentPodSpec is the calico-kube-controller Deployment's PodSpec.

func (*CalicoKubeControllersDeploymentPodSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoKubeControllersDeploymentPodSpec.

func (*CalicoKubeControllersDeploymentPodSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoKubeControllersDeploymentPodTemplateSpec added in v1.27.17

type CalicoKubeControllersDeploymentPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the calico-kube-controllers Deployment's PodSpec.
	// +optional
	Spec *CalicoKubeControllersDeploymentPodSpec `json:"spec,omitempty"`
}

CalicoKubeControllersDeploymentPodTemplateSpec is the calico-kube-controllers Deployment's PodTemplateSpec

func (*CalicoKubeControllersDeploymentPodTemplateSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoKubeControllersDeploymentPodTemplateSpec.

func (*CalicoKubeControllersDeploymentPodTemplateSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoKubeControllersDeploymentSpec added in v1.27.17

type CalicoKubeControllersDeploymentSpec struct {
	// MinReadySeconds is the minimum number of seconds for which a newly created Deployment pod should
	// be ready without any of its container crashing, for it to be considered available.
	// If specified, this overrides any minReadySeconds value that may be set on the calico-kube-controllers Deployment.
	// If omitted, the calico-kube-controllers Deployment will use its default value for minReadySeconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`

	// Template describes the calico-kube-controllers Deployment pod that will be created.
	// +optional
	Template *CalicoKubeControllersDeploymentPodTemplateSpec `json:"template,omitempty"`
}

CalicoKubeControllersDeploymentSpec defines configuration for the calico-kube-controllers Deployment.

func (*CalicoKubeControllersDeploymentSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoKubeControllersDeploymentSpec.

func (*CalicoKubeControllersDeploymentSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoNetworkSpec

type CalicoNetworkSpec struct {
	// LinuxDataplane is used to select the dataplane used for Linux nodes. In particular, it
	// causes the operator to add required mounts and environment variables for the particular dataplane.
	// If not specified, iptables mode is used.
	// Default: Iptables
	// +optional
	// +kubebuilder:validation:Enum=Iptables;BPF;VPP
	LinuxDataplane *LinuxDataplaneOption `json:"linuxDataplane,omitempty"`

	// BGP configures whether or not to enable Calico's BGP capabilities.
	// +optional
	// +kubebuilder:validation:Enum=Enabled;Disabled
	BGP *BGPOption `json:"bgp,omitempty"`

	// IPPools contains a list of IP pools to create if none exist. At most one IP pool of each
	// address family may be specified. If omitted, a single pool will be configured if needed.
	// +optional
	IPPools []IPPool `json:"ipPools,omitempty"`

	// MTU specifies the maximum transmission unit to use on the pod network.
	// If not specified, Calico will perform MTU auto-detection based on the cluster network.
	// +optional
	MTU *int32 `json:"mtu,omitempty"`

	// NodeAddressAutodetectionV4 specifies an approach to automatically detect node IPv4 addresses. If not specified,
	// will use default auto-detection settings to acquire an IPv4 address for each node.
	// +optional
	NodeAddressAutodetectionV4 *NodeAddressAutodetection `json:"nodeAddressAutodetectionV4,omitempty"`

	// NodeAddressAutodetectionV6 specifies an approach to automatically detect node IPv6 addresses. If not specified,
	// IPv6 addresses will not be auto-detected.
	// +optional
	NodeAddressAutodetectionV6 *NodeAddressAutodetection `json:"nodeAddressAutodetectionV6,omitempty"`

	// HostPorts configures whether or not Calico will support Kubernetes HostPorts. Valid only when using the Calico CNI plugin.
	// Default: Enabled
	// +optional
	// +kubebuilder:validation:Enum=Enabled;Disabled
	HostPorts *HostPortsType `json:"hostPorts,omitempty"`

	// MultiInterfaceMode configures what will configure multiple interface per pod. Only valid for Calico Enterprise installations
	// using the Calico CNI plugin.
	// Default: None
	// +optional
	// +kubebuilder:validation:Enum=None;Multus
	MultiInterfaceMode *MultiInterfaceMode `json:"multiInterfaceMode,omitempty"`

	// ContainerIPForwarding configures whether ip forwarding will be enabled for containers in the CNI configuration.
	// Default: Disabled
	// +optional
	// +kubebuilder:validation:Enum=Enabled;Disabled
	ContainerIPForwarding *ContainerIPForwardingType `json:"containerIPForwarding,omitempty"`
}

CalicoNetworkSpec specifies configuration options for Calico provided pod networking.

func (*CalicoNetworkSpec) DeepCopy

func (in *CalicoNetworkSpec) DeepCopy() *CalicoNetworkSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNetworkSpec.

func (*CalicoNetworkSpec) DeepCopyInto

func (in *CalicoNetworkSpec) DeepCopyInto(out *CalicoNetworkSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoNodeDaemonSet added in v1.27.17

type CalicoNodeDaemonSet struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to the DaemonSet.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the specification of the calico-node DaemonSet.
	// +optional
	Spec *CalicoNodeDaemonSetSpec `json:"spec,omitempty"`
}

CalicoNodeDaemonSet is the configuration for the calico-node DaemonSet.

func (*CalicoNodeDaemonSet) DeepCopy added in v1.27.17

func (in *CalicoNodeDaemonSet) DeepCopy() *CalicoNodeDaemonSet

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNodeDaemonSet.

func (*CalicoNodeDaemonSet) DeepCopyInto added in v1.27.17

func (in *CalicoNodeDaemonSet) DeepCopyInto(out *CalicoNodeDaemonSet)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CalicoNodeDaemonSet) GetAffinity added in v1.27.17

func (c *CalicoNodeDaemonSet) GetAffinity() *v1.Affinity

func (*CalicoNodeDaemonSet) GetContainers added in v1.27.17

func (c *CalicoNodeDaemonSet) GetContainers() []v1.Container

func (*CalicoNodeDaemonSet) GetDeploymentStrategy added in v1.27.17

func (c *CalicoNodeDaemonSet) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*CalicoNodeDaemonSet) GetInitContainers added in v1.27.17

func (c *CalicoNodeDaemonSet) GetInitContainers() []v1.Container

func (*CalicoNodeDaemonSet) GetMetadata added in v1.27.17

func (c *CalicoNodeDaemonSet) GetMetadata() *Metadata

func (*CalicoNodeDaemonSet) GetMinReadySeconds added in v1.27.17

func (c *CalicoNodeDaemonSet) GetMinReadySeconds() *int32

func (*CalicoNodeDaemonSet) GetNodeSelector added in v1.27.17

func (c *CalicoNodeDaemonSet) GetNodeSelector() map[string]string

func (*CalicoNodeDaemonSet) GetPodTemplateMetadata added in v1.27.17

func (c *CalicoNodeDaemonSet) GetPodTemplateMetadata() *Metadata

func (*CalicoNodeDaemonSet) GetPriorityClassName added in v1.30.10

func (c *CalicoNodeDaemonSet) GetPriorityClassName() string

func (*CalicoNodeDaemonSet) GetTerminationGracePeriodSeconds added in v1.27.17

func (c *CalicoNodeDaemonSet) GetTerminationGracePeriodSeconds() *int64

func (*CalicoNodeDaemonSet) GetTolerations added in v1.27.17

func (c *CalicoNodeDaemonSet) GetTolerations() []v1.Toleration

func (*CalicoNodeDaemonSet) GetTopologySpreadConstraints added in v1.29.0

func (c *CalicoNodeDaemonSet) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type CalicoNodeDaemonSetContainer added in v1.27.17

type CalicoNodeDaemonSetContainer struct {
	// Name is an enum which identifies the calico-node DaemonSet container by name.
	// +kubebuilder:validation:Enum=calico-node
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named calico-node DaemonSet container's resources.
	// If omitted, the calico-node DaemonSet will use its default value for this container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

CalicoNodeDaemonSetContainer is a calico-node DaemonSet container.

func (*CalicoNodeDaemonSetContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNodeDaemonSetContainer.

func (*CalicoNodeDaemonSetContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoNodeDaemonSetInitContainer added in v1.27.17

type CalicoNodeDaemonSetInitContainer struct {
	// Name is an enum which identifies the calico-node DaemonSet init container by name.
	// +kubebuilder:validation:Enum=install-cni;hostpath-init;flexvol-driver;mount-bpffs;node-certs-key-cert-provisioner;calico-node-prometheus-server-tls-key-cert-provisioner
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named calico-node DaemonSet init container's resources.
	// If omitted, the calico-node DaemonSet will use its default value for this container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

CalicoNodeDaemonSetInitContainer is a calico-node DaemonSet init container.

func (*CalicoNodeDaemonSetInitContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNodeDaemonSetInitContainer.

func (*CalicoNodeDaemonSetInitContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoNodeDaemonSetPodSpec added in v1.27.17

type CalicoNodeDaemonSetPodSpec struct {
	// InitContainers is a list of calico-node init containers.
	// If specified, this overrides the specified calico-node DaemonSet init containers.
	// If omitted, the calico-node DaemonSet will use its default values for its init containers.
	// +optional
	InitContainers []CalicoNodeDaemonSetInitContainer `json:"initContainers,omitempty"`

	// Containers is a list of calico-node containers.
	// If specified, this overrides the specified calico-node DaemonSet containers.
	// If omitted, the calico-node DaemonSet will use its default values for its containers.
	// +optional
	Containers []CalicoNodeDaemonSetContainer `json:"containers,omitempty"`

	// Affinity is a group of affinity scheduling rules for the calico-node pods.
	// If specified, this overrides any affinity that may be set on the calico-node DaemonSet.
	// If omitted, the calico-node DaemonSet will use its default value for affinity.
	// WARNING: Please note that this field will override the default calico-node DaemonSet affinity.
	// +optional
	Affinity *v1.Affinity `json:"affinity"`

	// NodeSelector is the calico-node pod's scheduling constraints.
	// If specified, each of the key/value pairs are added to the calico-node DaemonSet nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If omitted, the calico-node DaemonSet will use its default value for nodeSelector.
	// WARNING: Please note that this field will modify the default calico-node DaemonSet nodeSelector.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// Tolerations is the calico-node pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the calico-node DaemonSet.
	// If omitted, the calico-node DaemonSet will use its default value for tolerations.
	// WARNING: Please note that this field will override the default calico-node DaemonSet tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations"`
}

CalicoNodeDaemonSetPodSpec is the calico-node DaemonSet's PodSpec.

func (*CalicoNodeDaemonSetPodSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNodeDaemonSetPodSpec.

func (*CalicoNodeDaemonSetPodSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoNodeDaemonSetPodTemplateSpec added in v1.27.17

type CalicoNodeDaemonSetPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the calico-node DaemonSet's PodSpec.
	// +optional
	Spec *CalicoNodeDaemonSetPodSpec `json:"spec,omitempty"`
}

CalicoNodeDaemonSetPodTemplateSpec is the calico-node DaemonSet's PodTemplateSpec

func (*CalicoNodeDaemonSetPodTemplateSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNodeDaemonSetPodTemplateSpec.

func (*CalicoNodeDaemonSetPodTemplateSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoNodeDaemonSetSpec added in v1.27.17

type CalicoNodeDaemonSetSpec struct {
	// MinReadySeconds is the minimum number of seconds for which a newly created DaemonSet pod should
	// be ready without any of its container crashing, for it to be considered available.
	// If specified, this overrides any minReadySeconds value that may be set on the calico-node DaemonSet.
	// If omitted, the calico-node DaemonSet will use its default value for minReadySeconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`

	// Template describes the calico-node DaemonSet pod that will be created.
	// +optional
	Template *CalicoNodeDaemonSetPodTemplateSpec `json:"template,omitempty"`
}

CalicoNodeDaemonSetSpec defines configuration for the calico-node DaemonSet.

func (*CalicoNodeDaemonSetSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoNodeDaemonSetSpec.

func (*CalicoNodeDaemonSetSpec) DeepCopyInto added in v1.27.17

func (in *CalicoNodeDaemonSetSpec) DeepCopyInto(out *CalicoNodeDaemonSetSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoWindowsUpgradeDaemonSet added in v1.27.17

type CalicoWindowsUpgradeDaemonSet struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the specification of the calico-windows-upgrade DaemonSet.
	// +optional
	Spec *CalicoWindowsUpgradeDaemonSetSpec `json:"spec,omitempty"`
}

CalicoWindowsUpgradeDaemonSet is the configuration for the calico-windows-upgrade DaemonSet.

func (*CalicoWindowsUpgradeDaemonSet) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoWindowsUpgradeDaemonSet.

func (*CalicoWindowsUpgradeDaemonSet) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CalicoWindowsUpgradeDaemonSet) GetAffinity added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetAffinity() *v1.Affinity

func (*CalicoWindowsUpgradeDaemonSet) GetContainers added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetContainers() []v1.Container

func (*CalicoWindowsUpgradeDaemonSet) GetDeploymentStrategy added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*CalicoWindowsUpgradeDaemonSet) GetInitContainers added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetInitContainers() []v1.Container

func (*CalicoWindowsUpgradeDaemonSet) GetMetadata added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetMetadata() *Metadata

func (*CalicoWindowsUpgradeDaemonSet) GetMinReadySeconds added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetMinReadySeconds() *int32

func (*CalicoWindowsUpgradeDaemonSet) GetNodeSelector added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetNodeSelector() map[string]string

func (*CalicoWindowsUpgradeDaemonSet) GetPodTemplateMetadata added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetPodTemplateMetadata() *Metadata

func (*CalicoWindowsUpgradeDaemonSet) GetPriorityClassName added in v1.30.10

func (c *CalicoWindowsUpgradeDaemonSet) GetPriorityClassName() string

func (*CalicoWindowsUpgradeDaemonSet) GetTerminationGracePeriodSeconds added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetTerminationGracePeriodSeconds() *int64

func (*CalicoWindowsUpgradeDaemonSet) GetTolerations added in v1.27.17

func (c *CalicoWindowsUpgradeDaemonSet) GetTolerations() []v1.Toleration

func (*CalicoWindowsUpgradeDaemonSet) GetTopologySpreadConstraints added in v1.29.0

func (c *CalicoWindowsUpgradeDaemonSet) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type CalicoWindowsUpgradeDaemonSetContainer added in v1.27.17

type CalicoWindowsUpgradeDaemonSetContainer struct {
	// Name is an enum which identifies the calico-windows-upgrade DaemonSet container by name.
	// +kubebuilder:validation:Enum=calico-windows-upgrade
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named calico-windows-upgrade DaemonSet container's resources.
	// If omitted, the calico-windows-upgrade DaemonSet will use its default value for this container's resources.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

CalicoWindowsUpgradeDaemonSetContainer is a calico-windows-upgrade DaemonSet container.

func (*CalicoWindowsUpgradeDaemonSetContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoWindowsUpgradeDaemonSetContainer.

func (*CalicoWindowsUpgradeDaemonSetContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoWindowsUpgradeDaemonSetPodSpec added in v1.27.17

type CalicoWindowsUpgradeDaemonSetPodSpec struct {
	// Containers is a list of calico-windows-upgrade containers.
	// If specified, this overrides the specified calico-windows-upgrade DaemonSet containers.
	// If omitted, the calico-windows-upgrade DaemonSet will use its default values for its containers.
	// +optional
	Containers []CalicoWindowsUpgradeDaemonSetContainer `json:"containers,omitempty"`

	// Affinity is a group of affinity scheduling rules for the calico-windows-upgrade pods.
	// If specified, this overrides any affinity that may be set on the calico-windows-upgrade DaemonSet.
	// If omitted, the calico-windows-upgrade DaemonSet will use its default value for affinity.
	// WARNING: Please note that this field will override the default calico-windows-upgrade DaemonSet affinity.
	// +optional
	Affinity *v1.Affinity `json:"affinity,omitempty"`

	// NodeSelector is the calico-windows-upgrade pod's scheduling constraints.
	// If specified, each of the key/value pairs are added to the calico-windows-upgrade DaemonSet nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If omitted, the calico-windows-upgrade DaemonSet will use its default value for nodeSelector.
	// WARNING: Please note that this field will modify the default calico-windows-upgrade DaemonSet nodeSelector.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// Tolerations is the calico-windows-upgrade pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the calico-windows-upgrade DaemonSet.
	// If omitted, the calico-windows-upgrade DaemonSet will use its default value for tolerations.
	// WARNING: Please note that this field will override the default calico-windows-upgrade DaemonSet tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations,omitempty"`
}

CalicoWindowsUpgradeDaemonSetPodSpec is the calico-windows-upgrade DaemonSet's PodSpec.

func (*CalicoWindowsUpgradeDaemonSetPodSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoWindowsUpgradeDaemonSetPodSpec.

func (*CalicoWindowsUpgradeDaemonSetPodSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoWindowsUpgradeDaemonSetPodTemplateSpec added in v1.27.17

type CalicoWindowsUpgradeDaemonSetPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the calico-windows-upgrade DaemonSet's PodSpec.
	// +optional
	Spec *CalicoWindowsUpgradeDaemonSetPodSpec `json:"spec,omitempty"`
}

CalicoWindowsUpgradeDaemonSetPodTemplateSpec is the calico-windows-upgrade DaemonSet's PodTemplateSpec

func (*CalicoWindowsUpgradeDaemonSetPodTemplateSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoWindowsUpgradeDaemonSetPodTemplateSpec.

func (*CalicoWindowsUpgradeDaemonSetPodTemplateSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CalicoWindowsUpgradeDaemonSetSpec added in v1.27.17

type CalicoWindowsUpgradeDaemonSetSpec struct {
	// MinReadySeconds is the minimum number of seconds for which a newly created Deployment pod should
	// be ready without any of its container crashing, for it to be considered available.
	// If specified, this overrides any minReadySeconds value that may be set on the calico-windows-upgrade DaemonSet.
	// If omitted, the calico-windows-upgrade DaemonSet will use its default value for minReadySeconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`

	// Template describes the calico-windows-upgrade DaemonSet pod that will be created.
	// +optional
	Template *CalicoWindowsUpgradeDaemonSetPodTemplateSpec `json:"template,omitempty"`
}

CalicoWindowsUpgradeDaemonSetSpec defines configuration for the calico-windows-upgrade DaemonSet.

func (*CalicoWindowsUpgradeDaemonSetSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CalicoWindowsUpgradeDaemonSetSpec.

func (*CalicoWindowsUpgradeDaemonSetSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateManagement added in v1.14.0

type CertificateManagement struct {
	// Certificate of the authority that signs the CertificateSigningRequests in PEM format.
	CACert []byte `json:"caCert"`

	// When a CSR is issued to the certificates.k8s.io API, the signerName is added to the request in order to accommodate for clusters
	// with multiple signers.
	// Must be formatted as: `<my-domain>/<my-signername>`.
	SignerName string `json:"signerName"`

	// Specify the algorithm used by pods to generate a key pair that is associated with the X.509 certificate request.
	// Default: RSAWithSize2048
	// +kubebuilder:validation:Enum="";RSAWithSize2048;RSAWithSize4096;RSAWithSize8192;ECDSAWithCurve256;ECDSAWithCurve384;ECDSAWithCurve521;
	// +optional
	KeyAlgorithm string `json:"keyAlgorithm,omitempty"`

	// Specify the algorithm used for the signature of the X.509 certificate request.
	// Default: SHA256WithRSA
	// +kubebuilder:validation:Enum="";SHA256WithRSA;SHA384WithRSA;SHA512WithRSA;ECDSAWithSHA256;ECDSAWithSHA384;ECDSAWithSHA512;
	// +optional
	SignatureAlgorithm string `json:"signatureAlgorithm,omitempty"`
}

CertificateManagement configures pods to submit a CertificateSigningRequest to the certificates.k8s.io/v1beta1 API in order to obtain TLS certificates. This feature requires that you bring your own CSR signing and approval process, otherwise pods will be stuck during initialization.

func (*CertificateManagement) DeepCopy added in v1.14.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateManagement.

func (*CertificateManagement) DeepCopyInto added in v1.14.0

func (in *CertificateManagement) DeepCopyInto(out *CertificateManagement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CollectProcessPathOption added in v1.21.0

type CollectProcessPathOption string
const (
	CollectProcessPathEnable  CollectProcessPathOption = "Enabled"
	CollectProcessPathDisable CollectProcessPathOption = "Disabled"
)

type Compliance

type Compliance struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for Tigera compliance reporting.
	Spec ComplianceSpec `json:"spec,omitempty"`
	// Most recently observed state for Tigera compliance reporting.
	Status ComplianceStatus `json:"status,omitempty"`
}

Compliance installs the components required for Tigera compliance reporting. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*Compliance) DeepCopy

func (in *Compliance) DeepCopy() *Compliance

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Compliance.

func (*Compliance) DeepCopyInto

func (in *Compliance) DeepCopyInto(out *Compliance)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Compliance) DeepCopyObject

func (in *Compliance) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceList

type ComplianceList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Compliance `json:"items"`
}

ComplianceList contains a list of Compliance

func (*ComplianceList) DeepCopy

func (in *ComplianceList) DeepCopy() *ComplianceList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceList.

func (*ComplianceList) DeepCopyInto

func (in *ComplianceList) DeepCopyInto(out *ComplianceList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceList) DeepCopyObject

func (in *ComplianceList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceSpec

type ComplianceSpec struct {
}

ComplianceSpec defines the desired state of Tigera compliance reporting capabilities.

func (*ComplianceSpec) DeepCopy

func (in *ComplianceSpec) DeepCopy() *ComplianceSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceSpec.

func (*ComplianceSpec) DeepCopyInto

func (in *ComplianceSpec) DeepCopyInto(out *ComplianceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceStatus

type ComplianceStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

ComplianceStatus defines the observed state of Tigera compliance reporting capabilities.

func (*ComplianceStatus) DeepCopy

func (in *ComplianceStatus) DeepCopy() *ComplianceStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceStatus.

func (*ComplianceStatus) DeepCopyInto

func (in *ComplianceStatus) DeepCopyInto(out *ComplianceStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComponentName

type ComponentName string

ComponentName represents a single component.

One of: Node, Typha, KubeControllers

const (
	ComponentNameNode            ComponentName = "Node"
	ComponentNameTypha           ComponentName = "Typha"
	ComponentNameKubeControllers ComponentName = "KubeControllers"
)

type ComponentResource

type ComponentResource struct {
	// ComponentName is an enum which identifies the component
	// +kubebuilder:validation:Enum=Node;Typha;KubeControllers
	ComponentName ComponentName `json:"componentName"`

	// ResourceRequirements allows customization of limits and requests for compute resources such as cpu and memory.
	ResourceRequirements *v1.ResourceRequirements `json:"resourceRequirements"`
}

Deprecated. Please use component resource config fields in Installation.Spec instead. The ComponentResource struct associates a ResourceRequirements with a component by name

func (*ComponentResource) DeepCopy

func (in *ComponentResource) DeepCopy() *ComponentResource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentResource.

func (*ComponentResource) DeepCopyInto

func (in *ComponentResource) DeepCopyInto(out *ComponentResource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConditionStatus

type ConditionStatus string

ConditionStatus represents the status of a particular condition. A condition may be one of: True, False, Unknown.

const (
	ConditionTrue    ConditionStatus = "True"
	ConditionFalse   ConditionStatus = "False"
	ConditionUnknown ConditionStatus = "Unknown"
)

type ContainerIPForwardingType

type ContainerIPForwardingType string

ContainerIPForwardingType specifies whether the CNI config for container ip forwarding is enabled.

const (
	ContainerIPForwardingEnabled  ContainerIPForwardingType = "Enabled"
	ContainerIPForwardingDisabled ContainerIPForwardingType = "Disabled"
)

type EGWDeploymentContainer added in v1.29.1

type EGWDeploymentContainer struct {
	// Name is an enum which identifies the EGW Deployment container by name.
	// +kubebuilder:validation:Enum=calico-egw
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named EGW Deployment container's resources.
	// If omitted, the EGW Deployment will use its default value for this container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

EGWDeploymentContainer is a Egress Gateway Deployment container.

func (*EGWDeploymentContainer) DeepCopy added in v1.29.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EGWDeploymentContainer.

func (*EGWDeploymentContainer) DeepCopyInto added in v1.29.1

func (in *EGWDeploymentContainer) DeepCopyInto(out *EGWDeploymentContainer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EGWDeploymentInitContainer added in v1.29.1

type EGWDeploymentInitContainer struct {
	// Name is an enum which identifies the EGW Deployment init container by name.
	// +kubebuilder:validation:Enum=egress-gateway-init
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named EGW Deployment init container's resources.
	// If omitted, the EGW Deployment will use its default value for this init container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

EGWDeploymentInitContainer is a Egress Gateway Deployment init container.

func (*EGWDeploymentInitContainer) DeepCopy added in v1.29.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EGWDeploymentInitContainer.

func (*EGWDeploymentInitContainer) DeepCopyInto added in v1.29.1

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGateway added in v1.29.1

type EgressGateway struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   EgressGatewaySpec   `json:"spec,omitempty"`
	Status EgressGatewayStatus `json:"status,omitempty"`
}

EgressGateway is the Schema for the egressgateways API

func (*EgressGateway) DeepCopy added in v1.29.1

func (in *EgressGateway) DeepCopy() *EgressGateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGateway.

func (*EgressGateway) DeepCopyInto added in v1.29.1

func (in *EgressGateway) DeepCopyInto(out *EgressGateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EgressGateway) DeepCopyObject added in v1.29.1

func (in *EgressGateway) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*EgressGateway) GetAffinity added in v1.29.1

func (c *EgressGateway) GetAffinity() *v1.Affinity

func (*EgressGateway) GetContainers added in v1.29.1

func (c *EgressGateway) GetContainers() []v1.Container

func (*EgressGateway) GetDeploymentStrategy added in v1.29.1

func (c *EgressGateway) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*EgressGateway) GetInitContainers added in v1.29.1

func (c *EgressGateway) GetInitContainers() []v1.Container

func (*EgressGateway) GetLogSeverity added in v1.29.1

func (c *EgressGateway) GetLogSeverity() string

func (*EgressGateway) GetMetadata added in v1.29.1

func (c *EgressGateway) GetMetadata() *Metadata

func (*EgressGateway) GetMinReadySeconds added in v1.29.1

func (c *EgressGateway) GetMinReadySeconds() *int32

func (*EgressGateway) GetNodeSelector added in v1.29.1

func (c *EgressGateway) GetNodeSelector() map[string]string

func (*EgressGateway) GetPodTemplateMetadata added in v1.29.1

func (c *EgressGateway) GetPodTemplateMetadata() *Metadata

func (*EgressGateway) GetPriorityClassName added in v1.30.10

func (c *EgressGateway) GetPriorityClassName() string

func (*EgressGateway) GetTerminationGracePeriodSeconds added in v1.29.1

func (c *EgressGateway) GetTerminationGracePeriodSeconds() *int64

func (*EgressGateway) GetTolerations added in v1.29.1

func (c *EgressGateway) GetTolerations() []v1.Toleration

func (*EgressGateway) GetTopologySpreadConstraints added in v1.29.1

func (c *EgressGateway) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type EgressGatewayDeploymentPodSpec added in v1.29.1

type EgressGatewayDeploymentPodSpec struct {
	// InitContainers is a list of EGW init containers.
	// If specified, this overrides the specified EGW Deployment init containers.
	// If omitted, the EGW Deployment will use its default values for its init containers.
	// +optional
	InitContainers []EGWDeploymentInitContainer `json:"initContainers,omitempty"`

	// Containers is a list of EGW containers.
	// If specified, this overrides the specified EGW Deployment containers.
	// If omitted, the EGW Deployment will use its default values for its containers.
	// +optional
	Containers []EGWDeploymentContainer `json:"containers,omitempty"`

	// Affinity is a group of affinity scheduling rules for the EGW pods.
	// +optional
	Affinity *v1.Affinity `json:"affinity,omitempty"`

	// NodeSelector gives more control over the nodes where the Egress Gateway pods will run on.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// TerminationGracePeriodSeconds defines the termination grace period of the Egress Gateway pods in seconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"`

	// TopologySpreadConstraints defines how the Egress Gateway pods should be spread across different AZs.
	// +optional
	TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`

	// Tolerations is the egress gateway pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the EGW Deployment.
	// If omitted, the EGW Deployment will use its default value for tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations,omitempty"`

	// PriorityClassName allows to specify a PriorityClass resource to be used.
	// +optional
	PriorityClassName string `json:"priorityClassName,omitempty"`
}

EgressGatewayDeploymentPodSpec is the Egress Gateway Deployment's PodSpec.

func (*EgressGatewayDeploymentPodSpec) DeepCopy added in v1.29.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayDeploymentPodSpec.

func (*EgressGatewayDeploymentPodSpec) DeepCopyInto added in v1.29.1

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGatewayDeploymentPodTemplateSpec added in v1.29.1

type EgressGatewayDeploymentPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *EgressGatewayMetadata `json:"metadata,omitempty"`

	// Spec is the EGW Deployment's PodSpec.
	// +optional
	Spec *EgressGatewayDeploymentPodSpec `json:"spec,omitempty"`
}

EgressGatewayDeploymentPodTemplateSpec is the EGW Deployment's PodTemplateSpec

func (*EgressGatewayDeploymentPodTemplateSpec) DeepCopy added in v1.29.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayDeploymentPodTemplateSpec.

func (*EgressGatewayDeploymentPodTemplateSpec) DeepCopyInto added in v1.29.1

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGatewayFailureDetection added in v1.29.1

type EgressGatewayFailureDetection struct {

	// HealthTimeoutDataStoreSeconds defines how long Egress Gateway can fail to connect
	// to the datastore before reporting not ready.
	// This value must be greater than 0.
	// Default: 90
	// +kubebuilder:validation:Minimum=1
	// +kubebuilder:validation:Maximum=2147483647
	// +kubebuilder:default:=90
	// +optional
	HealthTimeoutDataStoreSeconds *int32 `json:"healthTimeoutDataStoreSeconds,omitempty"`

	// ICMPProbe define outgoing ICMP probes that Egress Gateway will use to
	// verify its upstream connection. Egress Gateway will report not ready if all
	// fail. Timeout must be greater than interval.
	// +optional
	ICMPProbe *ICMPProbe `json:"icmpProbe,omitempty"`

	// HTTPProbe define outgoing HTTP probes that Egress Gateway will use to
	// verify its upsteam connection. Egress Gateway will report not ready if all
	// fail. Timeout must be greater than interval.
	// +optional
	HTTPProbe *HTTPProbe `json:"httpProbe,omitempty"`
}

EgressGatewayFailureDetection defines the fields the needed for determining Egress Gateway readiness.

func (*EgressGatewayFailureDetection) DeepCopy added in v1.29.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayFailureDetection.

func (*EgressGatewayFailureDetection) DeepCopyInto added in v1.29.1

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGatewayIPPool added in v1.29.1

type EgressGatewayIPPool struct {
	// Name is the name of the IPPool that the Egress Gateways can use.
	// +optional
	Name string `json:"name,omitempty"`

	// CIDR is the IPPool CIDR that the Egress Gateways can use.
	// +optional
	CIDR string `json:"cidr,omitempty"`
}

func (*EgressGatewayIPPool) DeepCopy added in v1.29.1

func (in *EgressGatewayIPPool) DeepCopy() *EgressGatewayIPPool

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayIPPool.

func (*EgressGatewayIPPool) DeepCopyInto added in v1.29.1

func (in *EgressGatewayIPPool) DeepCopyInto(out *EgressGatewayIPPool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGatewayList added in v1.29.1

type EgressGatewayList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []EgressGateway `json:"items"`
}

EgressGatewayList contains a list of EgressGateway

func (*EgressGatewayList) DeepCopy added in v1.29.1

func (in *EgressGatewayList) DeepCopy() *EgressGatewayList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayList.

func (*EgressGatewayList) DeepCopyInto added in v1.29.1

func (in *EgressGatewayList) DeepCopyInto(out *EgressGatewayList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EgressGatewayList) DeepCopyObject added in v1.29.1

func (in *EgressGatewayList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EgressGatewayMetadata added in v1.29.1

type EgressGatewayMetadata struct {
	// Labels is a map of string keys and values that may match replica set and
	// service selectors. Each of these key/value pairs are added to the
	// object's labels provided the key does not already exist in the object's labels.
	// If not specified will default to projectcalico.org/egw:[name], where [name] is
	// the name of the Egress Gateway resource.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`

	// Annotations is a map of arbitrary non-identifying metadata. Each of these
	// key/value pairs are added to the object's annotations provided the key does not
	// already exist in the object's annotations.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`
}

EgressGatewayMetadata contains the standard Kubernetes labels and annotations fields.

func (*EgressGatewayMetadata) DeepCopy added in v1.29.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayMetadata.

func (*EgressGatewayMetadata) DeepCopyInto added in v1.29.1

func (in *EgressGatewayMetadata) DeepCopyInto(out *EgressGatewayMetadata)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGatewaySpec added in v1.29.1

type EgressGatewaySpec struct {
	// Replicas defines how many instances of the Egress Gateway pod will run.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	// +optional
	// +kubebuilder:default:=1
	Replicas *int32 `json:"replicas,omitempty"`

	// IPPools defines the IP Pools that the Egress Gateway pods should be using.
	// Either name or CIDR must be specified.
	// IPPools must match existing IPPools.
	// +required
	IPPools []EgressGatewayIPPool `json:"ipPools"`

	// ExternalNetworks defines the external network names this Egress Gateway is
	// associated with.
	// ExternalNetworks must match existing external networks.
	// +optional
	ExternalNetworks []string `json:"externalNetworks,omitempty"`

	// LogSeverity defines the logging level of the Egress Gateway.
	// Default: Info
	// +kubebuilder:validation:Enum=Trace;Debug;Info;Warn;Error;Fatal
	// +optional
	// +kubebuilder:default:=Info
	LogSeverity *LogLevel `json:"logSeverity,omitempty"`

	// Template describes the EGW Deployment pod that will be created.
	// +optional
	Template *EgressGatewayDeploymentPodTemplateSpec `json:"template,omitempty"`

	// EgressGatewayFailureDetection is used to configure how Egress Gateway
	// determines readiness. If both ICMP, HTTP probes are defined, one ICMP probe and one
	// HTTP probe should succeed for Egress Gateways to become ready.
	// Otherwise one of ICMP or HTTP probe should succeed for Egress gateways to become
	// ready if configured.
	// +optional
	EgressGatewayFailureDetection *EgressGatewayFailureDetection `json:"egressGatewayFailureDetection,omitempty"`

	// AWS defines the additional configuration options for Egress Gateways on AWS.
	// +optional
	AWS *AWSEgressGateway `json:"aws,omitempty"`
}

EgressGatewaySpec defines the desired state of EgressGateway

func (*EgressGatewaySpec) DeepCopy added in v1.29.1

func (in *EgressGatewaySpec) DeepCopy() *EgressGatewaySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewaySpec.

func (*EgressGatewaySpec) DeepCopyInto added in v1.29.1

func (in *EgressGatewaySpec) DeepCopyInto(out *EgressGatewaySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EgressGatewayStatus added in v1.29.1

type EgressGatewayStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

EgressGatewayStatus defines the observed state of EgressGateway

func (*EgressGatewayStatus) DeepCopy added in v1.29.1

func (in *EgressGatewayStatus) DeepCopy() *EgressGatewayStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressGatewayStatus.

func (*EgressGatewayStatus) DeepCopyInto added in v1.29.1

func (in *EgressGatewayStatus) DeepCopyInto(out *EgressGatewayStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EksCloudwatchLogsSpec

type EksCloudwatchLogsSpec struct {
	// AWS Region EKS cluster is hosted in.
	Region string `json:"region"`

	// Cloudwatch log-group name containing EKS audit logs.
	GroupName string `json:"groupName"`

	// Prefix of Cloudwatch log stream containing EKS audit logs in the log-group.
	// Default: kube-apiserver-audit-
	// +optional
	StreamPrefix string `json:"streamPrefix,omitempty"`

	// Cloudwatch audit logs fetching interval in seconds.
	// Default: 60
	// +optional
	FetchInterval int32 `json:"fetchInterval,omitempty"`
}

EksConfigSpec defines configuration for fetching EKS audit logs.

func (*EksCloudwatchLogsSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EksCloudwatchLogsSpec.

func (*EksCloudwatchLogsSpec) DeepCopyInto

func (in *EksCloudwatchLogsSpec) DeepCopyInto(out *EksCloudwatchLogsSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EmailVerificationType

type EmailVerificationType string
const (
	EmailVerificationTypeVerify EmailVerificationType = "Verify"
	EmailVerificationTypeSkip   EmailVerificationType = "InsecureSkip"
)

type EncapsulationType

type EncapsulationType string

EncapsulationType is the type of encapsulation to use on an IP pool.

One of: IPIP, VXLAN, IPIPCrossSubnet, VXLANCrossSubnet, None

const (
	EncapsulationIPIPCrossSubnet  EncapsulationType = "IPIPCrossSubnet"
	EncapsulationIPIP             EncapsulationType = "IPIP"
	EncapsulationVXLAN            EncapsulationType = "VXLAN"
	EncapsulationVXLANCrossSubnet EncapsulationType = "VXLANCrossSubnet"
	EncapsulationNone             EncapsulationType = "None"
)

func (EncapsulationType) String

func (et EncapsulationType) String() string

type EncryptionOption added in v1.28.6

type EncryptionOption string

EncryptionOption specifies the traffic encryption mode when connecting to a Syslog server.

One of: None, TLS

const (
	EncryptionNone EncryptionOption = "None"
	EncryptionTLS  EncryptionOption = "TLS"
)

type EnvoySettings added in v1.30.5

type EnvoySettings struct {
	// The number of additional ingress proxy hops from the right side of the
	// x-forwarded-for HTTP header to trust when determining the origin client’s
	// IP address. 0 is permitted, but >=1 is the typical setting.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	// +kubebuilder:default:=0
	// +optional
	XFFNumTrustedHops int32 `json:"xffNumTrustedHops,omitempty"`
	// If set to true, the Envoy connection manager will use the real remote address
	// of the client connection when determining internal versus external origin and
	// manipulating various headers.
	// +kubebuilder:default:=false
	// +optional
	UseRemoteAddress bool `json:"useRemoteAddress,omitempty"`
}

func (*EnvoySettings) DeepCopy added in v1.30.5

func (in *EnvoySettings) DeepCopy() *EnvoySettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoySettings.

func (*EnvoySettings) DeepCopyInto added in v1.30.5

func (in *EnvoySettings) DeepCopyInto(out *EnvoySettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FIPSMode added in v1.28.0

type FIPSMode string
const (
	FIPSModeEnabled  FIPSMode = "Enabled"
	FIPSModeDisabled FIPSMode = "Disabled"
)

type GroupSearch added in v1.16.0

type GroupSearch struct {
	// BaseDN to start the search from. For example "cn=groups,dc=example,dc=com"
	// +required
	BaseDN string `json:"baseDN"`

	// Optional filter to apply when searching the directory.
	// For example "(objectClass=posixGroup)"
	// +optional
	Filter string `json:"filter,omitempty"`

	// The attribute of the group that represents its name. This attribute can be used to apply RBAC to a user group.
	// +required
	NameAttribute string `json:"nameAttribute"`

	// Following list contains field pairs that are used to match a user to a group. It adds an additional
	// requirement to the filter that an attribute in the group must match the user's
	// attribute value.
	// +required
	UserMatchers []UserMatch `json:"userMatchers"`
}

Group search configuration to find the groups that a user is in.

func (*GroupSearch) DeepCopy added in v1.16.0

func (in *GroupSearch) DeepCopy() *GroupSearch

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSearch.

func (*GroupSearch) DeepCopyInto added in v1.16.0

func (in *GroupSearch) DeepCopyInto(out *GroupSearch)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPProbe added in v1.29.1

type HTTPProbe struct {
	// URLs define the list of HTTP probe URLs. Egress Gateway will probe each URL
	// periodically.If all probes fail, Egress Gateway will report non-ready.
	// +required
	URLs []string `json:"urls"`

	// IntervalSeconds defines the interval of HTTP probes. Used when URLs is non-empty.
	// Default: 10
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	// +kubebuilder:default:=10
	// +optional
	IntervalSeconds *int32 `json:"intervalSeconds,omitempty"`

	// TimeoutSeconds defines the timeout value of HTTP probes. Used when URLs is non-empty.
	// Default: 30
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	// +kubebuilder:default:=30
	// +optional
	TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty"`
}

HTTPProbe defines the HTTP probe configuration for Egress Gateway.

func (*HTTPProbe) DeepCopy added in v1.29.1

func (in *HTTPProbe) DeepCopy() *HTTPProbe

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPProbe.

func (*HTTPProbe) DeepCopyInto added in v1.29.1

func (in *HTTPProbe) DeepCopyInto(out *HTTPProbe)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HostPortsType

type HostPortsType string

HostPortsType specifies host port support.

One of: Enabled, Disabled

const (
	HostPortsEnabled  HostPortsType = "Enabled"
	HostPortsDisabled HostPortsType = "Disabled"
)

func HostPortsTypePtr

func HostPortsTypePtr(h HostPortsType) *HostPortsType

func (HostPortsType) String

func (nt HostPortsType) String() string

type ICMPProbe added in v1.29.1

type ICMPProbe struct {
	// IPs define the list of ICMP probe IPs. Egress Gateway will probe each IP
	// periodically. If all probes fail, Egress Gateway will report non-ready.
	// +required
	IPs []string `json:"ips"`

	// IntervalSeconds defines the interval of ICMP probes. Used when IPs is non-empty.
	// Default: 5
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	// +kubebuilder:default:=5
	// +optional
	IntervalSeconds *int32 `json:"intervalSeconds,omitempty"`

	// TimeoutSeconds defines the timeout value of ICMP probes. Used when IPs is non-empty.
	// Default: 15
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	// +kubebuilder:default:=15
	// +optional
	TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty"`
}

ICMPProbe defines the ICMP probe configuration for Egress Gateway.

func (*ICMPProbe) DeepCopy added in v1.29.1

func (in *ICMPProbe) DeepCopy() *ICMPProbe

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ICMPProbe.

func (*ICMPProbe) DeepCopyInto added in v1.29.1

func (in *ICMPProbe) DeepCopyInto(out *ICMPProbe)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IPAMPluginType

type IPAMPluginType string
const (
	IPAMPluginCalico    IPAMPluginType = "Calico"
	IPAMPluginHostLocal IPAMPluginType = "HostLocal"
	IPAMPluginAmazonVPC IPAMPluginType = "AmazonVPC"
	IPAMPluginAzureVNET IPAMPluginType = "AzureVNET"
)

func (IPAMPluginType) String

func (cp IPAMPluginType) String() string

type IPAMSpec

type IPAMSpec struct {
	// Specifies the IPAM plugin that will be used in the Calico or Calico Enterprise installation.
	// * For CNI Plugin Calico, this field defaults to Calico.
	// * For CNI Plugin GKE, this field defaults to HostLocal.
	// * For CNI Plugin AzureVNET, this field defaults to AzureVNET.
	// * For CNI Plugin AmazonVPC, this field defaults to AmazonVPC.
	//
	// The IPAM plugin is installed and configured only if the CNI plugin is set to Calico,
	// for all other values of the CNI plugin the plugin binaries and CNI config is a dependency
	// that is expected to be installed separately.
	//
	// Default: Calico
	// +kubebuilder:validation:Enum=Calico;HostLocal;AmazonVPC;AzureVNET
	Type IPAMPluginType `json:"type"`
}

IPAMSpec contains configuration for pod IP address management.

func (*IPAMSpec) DeepCopy

func (in *IPAMSpec) DeepCopy() *IPAMSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPAMSpec.

func (*IPAMSpec) DeepCopyInto

func (in *IPAMSpec) DeepCopyInto(out *IPAMSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IPPool

type IPPool struct {
	// CIDR contains the address range for the IP Pool in classless inter-domain routing format.
	CIDR string `json:"cidr"`

	// Encapsulation specifies the encapsulation type that will be used with
	// the IP Pool.
	// Default: IPIP
	// +optional
	// +kubebuilder:validation:Enum=IPIPCrossSubnet;IPIP;VXLAN;VXLANCrossSubnet;None
	Encapsulation EncapsulationType `json:"encapsulation,omitempty"`

	// NATOutgoing specifies if NAT will be enabled or disabled for outgoing traffic.
	// Default: Enabled
	// +optional
	// +kubebuilder:validation:Enum=Enabled;Disabled
	NATOutgoing NATOutgoingType `json:"natOutgoing,omitempty"`

	// NodeSelector specifies the node selector that will be set for the IP Pool.
	// Default: 'all()'
	// +optional
	NodeSelector string `json:"nodeSelector,omitempty"`

	// BlockSize specifies the CIDR prefex length to use when allocating per-node IP blocks from
	// the main IP pool CIDR.
	// Default: 26 (IPv4), 122 (IPv6)
	// +optional
	BlockSize *int32 `json:"blockSize,omitempty"`

	// DisableBGPExport specifies whether routes from this IP pool's CIDR are exported over BGP.
	// Default: false
	// +optional
	// +kubebuilder:default:=false
	DisableBGPExport *bool `json:"disableBGPExport,omitempty"`
}

func (*IPPool) DeepCopy

func (in *IPPool) DeepCopy() *IPPool

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPPool.

func (*IPPool) DeepCopyInto

func (in *IPPool) DeepCopyInto(out *IPPool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Image added in v1.14.0

type Image struct {
	// Image is an image that the operator deploys and instead of using the built in tag
	// the operator will use the Digest for the image identifier.
	// The value should be the image name without registry or tag or digest.
	// For the image `docker.io/calico/node:v3.17.1` it should be represented as `calico/node`
	Image string `json:"image"`

	// Digest is the image identifier that will be used for the Image.
	// The field should not include a leading `@` and must be prefixed with `sha256:`.
	Digest string `json:"digest"`
}

func (*Image) DeepCopy added in v1.14.0

func (in *Image) DeepCopy() *Image

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Image.

func (*Image) DeepCopyInto added in v1.14.0

func (in *Image) DeepCopyInto(out *Image)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ImageSet added in v1.14.0

type ImageSet struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec ImageSetSpec `json:"spec,omitempty"`
}

ImageSet is used to specify image digests for the images that the operator deploys. The name of the ImageSet is expected to be in the format `<variant>-<release>`. The `variant` used is `enterprise` if the InstallationSpec Variant is `TigeraSecureEnterprise` otherwise it is `calico`. The `release` must match the version of the variant that the operator is built to deploy, this version can be obtained by passing the `--version` flag to the operator binary.

func (*ImageSet) DeepCopy added in v1.14.0

func (in *ImageSet) DeepCopy() *ImageSet

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSet.

func (*ImageSet) DeepCopyInto added in v1.14.0

func (in *ImageSet) DeepCopyInto(out *ImageSet)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ImageSet) DeepCopyObject added in v1.14.0

func (in *ImageSet) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ImageSetList added in v1.14.0

type ImageSetList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ImageSet `json:"items"`
}

ImageSetList contains a list of ImageSet

func (*ImageSetList) DeepCopy added in v1.14.0

func (in *ImageSetList) DeepCopy() *ImageSetList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSetList.

func (*ImageSetList) DeepCopyInto added in v1.14.0

func (in *ImageSetList) DeepCopyInto(out *ImageSetList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ImageSetList) DeepCopyObject added in v1.14.0

func (in *ImageSetList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ImageSetSpec added in v1.14.0

type ImageSetSpec struct {
	// Images is the list of images to use digests. All images that the operator will deploy
	// must be specified.
	Images []Image `json:"images,omitempty"`
}

ImageSetSpec defines the desired state of ImageSet.

func (*ImageSetSpec) DeepCopy added in v1.14.0

func (in *ImageSetSpec) DeepCopy() *ImageSetSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSetSpec.

func (*ImageSetSpec) DeepCopyInto added in v1.14.0

func (in *ImageSetSpec) DeepCopyInto(out *ImageSetSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Indices

type Indices struct {
	// Replicas defines how many replicas each index will have. See https://www.elastic.co/guide/en/elasticsearch/reference/current/scalability.html
	// +optional
	Replicas *int32 `json:"replicas,omitempty"`
}

Indices defines the configuration for the indices in an Elasticsearch cluster.

func (*Indices) DeepCopy

func (in *Indices) DeepCopy() *Indices

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Indices.

func (*Indices) DeepCopyInto

func (in *Indices) DeepCopyInto(out *Indices)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Installation

type Installation struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for the Calico or Calico Enterprise installation.
	Spec InstallationSpec `json:"spec,omitempty"`
	// Most recently observed state for the Calico or Calico Enterprise installation.
	Status InstallationStatus `json:"status,omitempty"`
}

Installation configures an installation of Calico or Calico Enterprise. At most one instance of this resource is supported. It must be named "default". The Installation API installs core networking and network policy components, and provides general install-time configuration.

func (*Installation) DeepCopy

func (in *Installation) DeepCopy() *Installation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Installation.

func (*Installation) DeepCopyInto

func (in *Installation) DeepCopyInto(out *Installation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Installation) DeepCopyObject

func (in *Installation) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type InstallationList

type InstallationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Installation `json:"items"`
}

InstallationList contains a list of Installation

func (*InstallationList) DeepCopy

func (in *InstallationList) DeepCopy() *InstallationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstallationList.

func (*InstallationList) DeepCopyInto

func (in *InstallationList) DeepCopyInto(out *InstallationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*InstallationList) DeepCopyObject

func (in *InstallationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type InstallationSpec

type InstallationSpec struct {
	// Variant is the product to install - one of Calico or TigeraSecureEnterprise
	// Default: Calico
	// +optional
	// +kubebuilder:validation:Enum=Calico;TigeraSecureEnterprise
	Variant ProductVariant `json:"variant,omitempty"`

	// Registry is the default Docker registry used for component Docker images.
	// If specified then the given value must end with a slash character (`/`) and all images will be pulled from this registry.
	// If not specified then the default registries will be used. A special case value, UseDefault, is
	// supported to explicitly specify the default registries will be used.
	//
	// Image format:
	//    `<registry><imagePath>/<imagePrefix><imageName>:<image-tag>`
	//
	// This option allows configuring the `<registry>` portion of the above format.
	// +optional
	Registry string `json:"registry,omitempty"`

	// ImagePath allows for the path part of an image to be specified. If specified
	// then the specified value will be used as the image path for each image. If not specified
	// or empty, the default for each image will be used.
	// A special case value, UseDefault, is supported to explicitly specify the default
	// image path will be used for each image.
	//
	// Image format:
	//    `<registry><imagePath>/<imagePrefix><imageName>:<image-tag>`
	//
	// This option allows configuring the `<imagePath>` portion of the above format.
	// +optional
	ImagePath string `json:"imagePath,omitempty"`

	// ImagePrefix allows for the prefix part of an image to be specified. If specified
	// then the given value will be used as a prefix on each image. If not specified
	// or empty, no prefix will be used.
	// A special case value, UseDefault, is supported to explicitly specify the default
	// image prefix will be used for each image.
	//
	// Image format:
	//    `<registry><imagePath>/<imagePrefix><imageName>:<image-tag>`
	//
	// This option allows configuring the `<imagePrefix>` portion of the above format.
	// +optional
	ImagePrefix string `json:"imagePrefix,omitempty"`

	// ImagePullSecrets is an array of references to container registry pull secrets to use. These are
	// applied to all images to be pulled.
	// +optional
	ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"`

	// KubernetesProvider specifies a particular provider of the Kubernetes platform and enables provider-specific configuration.
	// If the specified value is empty, the Operator will attempt to automatically determine the current provider.
	// If the specified value is not empty, the Operator will still attempt auto-detection, but
	// will additionally compare the auto-detected value to the specified value to confirm they match.
	// +optional
	// +kubebuilder:validation:Enum="";EKS;GKE;AKS;OpenShift;DockerEnterprise;RKE2;
	KubernetesProvider Provider `json:"kubernetesProvider,omitempty"`

	// CNI specifies the CNI that will be used by this installation.
	// +optional
	CNI *CNISpec `json:"cni,omitempty"`

	// CalicoNetwork specifies networking configuration options for Calico.
	// +optional
	CalicoNetwork *CalicoNetworkSpec `json:"calicoNetwork,omitempty"`

	// Deprecated. Please use Installation.Spec.TyphaDeployment instead.
	// TyphaAffinity allows configuration of node affinity characteristics for Typha pods.
	// +optional
	TyphaAffinity *TyphaAffinity `json:"typhaAffinity,omitempty"`

	// ControlPlaneNodeSelector is used to select control plane nodes on which to run Calico
	// components. This is globally applied to all resources created by the operator excluding daemonsets.
	// +optional
	ControlPlaneNodeSelector map[string]string `json:"controlPlaneNodeSelector,omitempty"`

	// ControlPlaneTolerations specify tolerations which are then globally applied to all resources
	// created by the operator.
	// +optional
	ControlPlaneTolerations []v1.Toleration `json:"controlPlaneTolerations,omitempty"`

	// ControlPlaneReplicas defines how many replicas of the control plane core components will be deployed.
	// This field applies to all control plane components that support High Availability. Defaults to 2.
	// +optional
	ControlPlaneReplicas *int32 `json:"controlPlaneReplicas,omitempty"`

	// NodeMetricsPort specifies which port calico/node serves prometheus metrics on. By default, metrics are not enabled.
	// If specified, this overrides any FelixConfiguration resources which may exist. If omitted, then
	// prometheus metrics may still be configured through FelixConfiguration.
	// +optional
	NodeMetricsPort *int32 `json:"nodeMetricsPort,omitempty"`

	// TyphaMetricsPort specifies which port calico/typha serves prometheus metrics on. By default, metrics are not enabled.
	// +optional
	TyphaMetricsPort *int32 `json:"typhaMetricsPort,omitempty"`

	// FlexVolumePath optionally specifies a custom path for FlexVolume. If not specified, FlexVolume will be
	// enabled by default. If set to 'None', FlexVolume will be disabled. The default is based on the
	// kubernetesProvider.
	// +optional
	FlexVolumePath string `json:"flexVolumePath,omitempty"`

	// KubeletVolumePluginPath optionally specifies enablement of Calico CSI plugin. If not specified,
	// CSI will be enabled by default. If set to 'None', CSI will be disabled.
	// Default: /var/lib/kubelet
	// +optional
	KubeletVolumePluginPath string `json:"kubeletVolumePluginPath,omitempty"`

	// NodeUpdateStrategy can be used to customize the desired update strategy, such as the MaxUnavailable
	// field.
	// +optional
	NodeUpdateStrategy appsv1.DaemonSetUpdateStrategy `json:"nodeUpdateStrategy,omitempty"`

	// Deprecated. Please use CalicoNodeDaemonSet, TyphaDeployment, and KubeControllersDeployment.
	// ComponentResources can be used to customize the resource requirements for each component.
	// Node, Typha, and KubeControllers are supported for installations.
	// +optional
	ComponentResources []ComponentResource `json:"componentResources,omitempty"`

	// CertificateManagement configures pods to submit a CertificateSigningRequest to the certificates.k8s.io/v1beta1 API in order
	// to obtain TLS certificates. This feature requires that you bring your own CSR signing and approval process, otherwise
	// pods will be stuck during initialization.
	// +optional
	CertificateManagement *CertificateManagement `json:"certificateManagement,omitempty"`

	// NonPrivileged configures Calico to be run in non-privileged containers as non-root users where possible.
	// +optional
	NonPrivileged *NonPrivilegedType `json:"nonPrivileged,omitempty"`

	// CalicoNodeDaemonSet configures the calico-node DaemonSet. If used in
	// conjunction with the deprecated ComponentResources, then these overrides take precedence.
	CalicoNodeDaemonSet *CalicoNodeDaemonSet `json:"calicoNodeDaemonSet,omitempty"`

	// CSINodeDriverDaemonSet configures the csi-node-driver DaemonSet.
	CSINodeDriverDaemonSet *CSINodeDriverDaemonSet `json:"csiNodeDriverDaemonSet,omitempty"`

	// CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in
	// conjunction with the deprecated ComponentResources, then these overrides take precedence.
	CalicoKubeControllersDeployment *CalicoKubeControllersDeployment `json:"calicoKubeControllersDeployment,omitempty"`

	// TyphaDeployment configures the typha Deployment. If used in conjunction with the deprecated
	// ComponentResources or TyphaAffinity, then these overrides take precedence.
	TyphaDeployment *TyphaDeployment `json:"typhaDeployment,omitempty"`

	// CalicoWindowsUpgradeDaemonSet configures the calico-windows-upgrade DaemonSet.
	CalicoWindowsUpgradeDaemonSet *CalicoWindowsUpgradeDaemonSet `json:"calicoWindowsUpgradeDaemonSet,omitempty"`

	// FIPSMode uses images and features only that are using FIPS 140-2 validated cryptographic modules and standards.
	// Default: Disabled
	// +kubebuilder:validation:Enum=Enabled;Disabled
	// +optional
	FIPSMode *FIPSMode `json:"fipsMode,omitempty"`

	// Logging Configuration for Components
	// +optional
	Logging *Logging `json:"logging,omitempty"`
}

InstallationSpec defines configuration for a Calico or Calico Enterprise installation.

func (*InstallationSpec) DeepCopy

func (in *InstallationSpec) DeepCopy() *InstallationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstallationSpec.

func (*InstallationSpec) DeepCopyInto

func (in *InstallationSpec) DeepCopyInto(out *InstallationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InstallationStatus

type InstallationStatus struct {
	// Variant is the most recently observed installed variant - one of Calico or TigeraSecureEnterprise
	// +kubebuilder:validation:Enum=Calico;TigeraSecureEnterprise
	Variant ProductVariant `json:"variant,omitempty"`

	// MTU is the most recently observed value for pod network MTU. This may be an explicitly
	// configured value, or based on Calico's native auto-detetion.
	MTU int32 `json:"mtu,omitempty"`

	// ImageSet is the name of the ImageSet being used, if there is an ImageSet
	// that is being used. If an ImageSet is not being used then this will not be set.
	// +optional
	ImageSet string `json:"imageSet,omitempty"`

	// Computed is the final installation including overlaid resources.
	// +optional
	Computed *InstallationSpec `json:"computed,omitempty"`

	// CalicoVersion shows the current running version of calico.
	// CalicoVersion along with Variant is needed to know the exact
	// version deployed.
	CalicoVersion string `json:"calicoVersion,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

InstallationStatus defines the observed state of the Calico or Calico Enterprise installation.

func (*InstallationStatus) DeepCopy

func (in *InstallationStatus) DeepCopy() *InstallationStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstallationStatus.

func (*InstallationStatus) DeepCopyInto

func (in *InstallationStatus) DeepCopyInto(out *InstallationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IntrusionDetection

type IntrusionDetection struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for Tigera intrusion detection.
	Spec IntrusionDetectionSpec `json:"spec,omitempty"`
	// Most recently observed state for Tigera intrusion detection.
	Status IntrusionDetectionStatus `json:"status,omitempty"`
}

IntrusionDetection installs the components required for Tigera intrusion detection. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*IntrusionDetection) DeepCopy

func (in *IntrusionDetection) DeepCopy() *IntrusionDetection

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntrusionDetection.

func (*IntrusionDetection) DeepCopyInto

func (in *IntrusionDetection) DeepCopyInto(out *IntrusionDetection)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IntrusionDetection) DeepCopyObject

func (in *IntrusionDetection) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IntrusionDetectionComponentName added in v1.22.0

type IntrusionDetectionComponentName string
const (
	ComponentNameDeepPacketInspection IntrusionDetectionComponentName = "DeepPacketInspection"
)

type IntrusionDetectionComponentResource added in v1.22.0

type IntrusionDetectionComponentResource struct {
	// ComponentName is an enum which identifies the component
	// +kubebuilder:validation:Enum=DeepPacketInspection
	ComponentName IntrusionDetectionComponentName `json:"componentName"`
	// ResourceRequirements allows customization of limits and requests for compute resources such as cpu and memory.
	ResourceRequirements *corev1.ResourceRequirements `json:"resourceRequirements"`
}

The ComponentResource struct associates a ResourceRequirements with a component by name

func (*IntrusionDetectionComponentResource) DeepCopy added in v1.22.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntrusionDetectionComponentResource.

func (*IntrusionDetectionComponentResource) DeepCopyInto added in v1.22.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IntrusionDetectionList

type IntrusionDetectionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IntrusionDetection `json:"items"`
}

IntrusionDetectionList contains a list of IntrusionDetection

func (*IntrusionDetectionList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntrusionDetectionList.

func (*IntrusionDetectionList) DeepCopyInto

func (in *IntrusionDetectionList) DeepCopyInto(out *IntrusionDetectionList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IntrusionDetectionList) DeepCopyObject

func (in *IntrusionDetectionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IntrusionDetectionSpec

type IntrusionDetectionSpec struct {
	// ComponentResources can be used to customize the resource requirements for each component.
	// Only DeepPacketInspection is supported for this spec.
	// +optional
	ComponentResources []IntrusionDetectionComponentResource `json:"componentResources,omitempty"`

	// AnomalyDetection provides configuration for running AnomalyDetection Component within
	// IntrusionDetection. Anomaly Detection configuration will only be applied to standalone and
	// management clusters.
	// +optional
	AnomalyDetection AnomalyDetectionSpec `json:"anomalyDetection,omitempty"`
}

IntrusionDetectionSpec defines the desired state of Tigera intrusion detection capabilities.

func (*IntrusionDetectionSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntrusionDetectionSpec.

func (*IntrusionDetectionSpec) DeepCopyInto

func (in *IntrusionDetectionSpec) DeepCopyInto(out *IntrusionDetectionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IntrusionDetectionStatus

type IntrusionDetectionStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

IntrusionDetectionStatus defines the observed state of Tigera intrusion detection capabilities.

func (*IntrusionDetectionStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntrusionDetectionStatus.

func (*IntrusionDetectionStatus) DeepCopyInto

func (in *IntrusionDetectionStatus) DeepCopyInto(out *IntrusionDetectionStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesAutodetectionMethod added in v1.25.0

type KubernetesAutodetectionMethod string

KubernetesAutodetectionMethod is a method of detecting an IP address based on the Kubernetes API.

One of: NodeInternalIP

const (
	// NodeInternalIP detects a node IP using the first status.Addresses entry of the relevant IP family
	// with type NodeInternalIP on the Kubernetes nodes API.
	NodeInternalIP KubernetesAutodetectionMethod = "NodeInternalIP"
)

type LinuxDataplaneOption added in v1.16.0

type LinuxDataplaneOption string

LinuxDataplaneOption controls which dataplane is to be used on Linux nodes.

One of: Iptables, BPF

const (
	LinuxDataplaneIptables LinuxDataplaneOption = "Iptables"
	LinuxDataplaneBPF      LinuxDataplaneOption = "BPF"
	LinuxDataplaneVPP      LinuxDataplaneOption = "VPP"
)

type LogCollectionSpec added in v1.24.0

type LogCollectionSpec struct {
	// This setting enables or disable log collection.
	// Allowed values are Enabled or Disabled.
	// +optional
	CollectLogs *LogCollectionStatusType `json:"collectLogs,omitempty"`

	// Interval in seconds for sending L7 log information for processing.
	// +optional
	// Default: 5 sec
	LogIntervalSeconds *int64 `json:"logIntervalSeconds,omitempty"`

	// Maximum number of unique L7 logs that are sent LogIntervalSeconds.
	// Adjust this to limit the number of L7 logs sent per LogIntervalSeconds
	// to felix for further processing, use negative number to ignore limits.
	// +optional
	// Default: -1
	LogRequestsPerInterval *int64 `json:"logRequestsPerInterval,omitempty"`
}

func (*LogCollectionSpec) DeepCopy added in v1.24.0

func (in *LogCollectionSpec) DeepCopy() *LogCollectionSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogCollectionSpec.

func (*LogCollectionSpec) DeepCopyInto added in v1.24.0

func (in *LogCollectionSpec) DeepCopyInto(out *LogCollectionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LogCollectionStatusType added in v1.24.0

type LogCollectionStatusType string

type LogCollector

type LogCollector struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for Tigera log collection.
	Spec LogCollectorSpec `json:"spec,omitempty"`
	// Most recently observed state for Tigera log collection.
	Status LogCollectorStatus `json:"status,omitempty"`
}

LogCollector installs the components required for Tigera flow and DNS log collection. At most one instance of this resource is supported. It must be named "tigera-secure". When created, this installs fluentd on all nodes configured to collect Tigera log data and export it to Tigera's Elasticsearch cluster as well as any additionally configured destinations.

func (*LogCollector) DeepCopy

func (in *LogCollector) DeepCopy() *LogCollector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogCollector.

func (*LogCollector) DeepCopyInto

func (in *LogCollector) DeepCopyInto(out *LogCollector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LogCollector) DeepCopyObject

func (in *LogCollector) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LogCollectorList

type LogCollectorList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []LogCollector `json:"items"`
}

LogCollectorList contains a list of LogCollector

func (*LogCollectorList) DeepCopy

func (in *LogCollectorList) DeepCopy() *LogCollectorList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogCollectorList.

func (*LogCollectorList) DeepCopyInto

func (in *LogCollectorList) DeepCopyInto(out *LogCollectorList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LogCollectorList) DeepCopyObject

func (in *LogCollectorList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LogCollectorSpec

type LogCollectorSpec struct {
	// Configuration for exporting flow, audit, and DNS logs to external storage.
	// +optional
	AdditionalStores *AdditionalLogStoreSpec `json:"additionalStores,omitempty"`

	// Configuration for importing audit logs from managed kubernetes cluster log sources.
	// +optional
	AdditionalSources *AdditionalLogSourceSpec `json:"additionalSources,omitempty"`

	// Configuration for enabling/disabling process path collection in flowlogs.
	// If Enabled, this feature sets hostPID to true in order to read process cmdline.
	// Default: Enabled
	// +optional
	// +kubebuilder:validation:Enum=Enabled;Disabled
	CollectProcessPath *CollectProcessPathOption `json:"collectProcessPath,omitempty"`
}

LogCollectorSpec defines the desired state of Tigera flow, audit, and DNS log collection.

func (*LogCollectorSpec) DeepCopy

func (in *LogCollectorSpec) DeepCopy() *LogCollectorSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogCollectorSpec.

func (*LogCollectorSpec) DeepCopyInto

func (in *LogCollectorSpec) DeepCopyInto(out *LogCollectorSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LogCollectorStatus

type LogCollectorStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

LogCollectorStatus defines the observed state of Tigera flow and DNS log collection

func (*LogCollectorStatus) DeepCopy

func (in *LogCollectorStatus) DeepCopy() *LogCollectorStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogCollectorStatus.

func (*LogCollectorStatus) DeepCopyInto

func (in *LogCollectorStatus) DeepCopyInto(out *LogCollectorStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LogLevel added in v1.29.1

type LogLevel string
const (
	LogLevelTrace LogLevel = "Trace"
	LogLevelInfo  LogLevel = "Info"
	LogLevelDebug LogLevel = "Debug"
	LogLevelWarn  LogLevel = "Warn"
	LogLevelFatal LogLevel = "Fatal"
	LogLevelError LogLevel = "Error"
)

type LogStorage

type LogStorage struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for Tigera log storage.
	Spec LogStorageSpec `json:"spec,omitempty"`
	// Most recently observed state for Tigera log storage.
	Status LogStorageStatus `json:"status,omitempty"`
}

LogStorage installs the components required for Tigera flow and DNS log storage. At most one instance of this resource is supported. It must be named "tigera-secure". When created, this installs an Elasticsearch cluster for use by Calico Enterprise.

func (*LogStorage) DeepCopy

func (in *LogStorage) DeepCopy() *LogStorage

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogStorage.

func (*LogStorage) DeepCopyInto

func (in *LogStorage) DeepCopyInto(out *LogStorage)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LogStorage) DeepCopyObject

func (in *LogStorage) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (LogStorage) Replicas

func (ls LogStorage) Replicas() int

type LogStorageComponentName added in v1.16.0

type LogStorageComponentName string

LogStorageComponentName CRD enum

const (
	ComponentNameECKOperator LogStorageComponentName = "ECKOperator"
)

type LogStorageComponentResource added in v1.16.0

type LogStorageComponentResource struct {
	// ComponentName is an enum which identifies the component
	// +kubebuilder:validation:Enum=ECKOperator
	ComponentName LogStorageComponentName `json:"componentName"`
	// ResourceRequirements allows customization of limits and requests for compute resources such as cpu and memory.
	ResourceRequirements *corev1.ResourceRequirements `json:"resourceRequirements"`
}

The ComponentResource struct associates a ResourceRequirements with a component by name

func (*LogStorageComponentResource) DeepCopy added in v1.16.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogStorageComponentResource.

func (*LogStorageComponentResource) DeepCopyInto added in v1.16.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LogStorageList

type LogStorageList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []LogStorage `json:"items"`
}

LogStorageList contains a list of LogStorage

func (*LogStorageList) DeepCopy

func (in *LogStorageList) DeepCopy() *LogStorageList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogStorageList.

func (*LogStorageList) DeepCopyInto

func (in *LogStorageList) DeepCopyInto(out *LogStorageList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LogStorageList) DeepCopyObject

func (in *LogStorageList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LogStorageSpec

type LogStorageSpec struct {
	// Nodes defines the configuration for a set of identical Elasticsearch cluster nodes, each of type master, data, and ingest.
	Nodes *Nodes `json:"nodes,omitempty"`

	// Index defines the configuration for the indices in the Elasticsearch cluster.
	// +optional
	Indices *Indices `json:"indices,omitempty"`

	// Retention defines how long data is retained in the Elasticsearch cluster before it is cleared.
	// +optional
	Retention *Retention `json:"retention,omitempty"`

	// StorageClassName will populate the PersistentVolumeClaim.StorageClassName that is used to provision disks to the
	// Tigera Elasticsearch cluster. The StorageClassName should only be modified when no LogStorage is currently
	// active. We recommend choosing a storage class dedicated to Tigera LogStorage only. Otherwise, data retention
	// cannot be guaranteed during upgrades. See https://docs.tigera.io/maintenance/upgrading for up-to-date instructions.
	// Default: tigera-elasticsearch
	// +optional
	StorageClassName string `json:"storageClassName,omitempty"`

	// DataNodeSelector gives you more control over the node that Elasticsearch will run on. The contents of DataNodeSelector will
	// be added to the PodSpec of the Elasticsearch nodes. For the pod to be eligible to run on a node, the node must have
	// each of the indicated key-value pairs as labels as well as access to the specified StorageClassName.
	// +optional
	DataNodeSelector map[string]string `json:"dataNodeSelector,omitempty"`

	// ComponentResources can be used to customize the resource requirements for each component.
	// Only ECKOperator is supported for this spec.
	// +optional
	ComponentResources []LogStorageComponentResource `json:"componentResources,omitempty"`
}

LogStorageSpec defines the desired state of Tigera flow and DNS log storage.

func (*LogStorageSpec) DeepCopy

func (in *LogStorageSpec) DeepCopy() *LogStorageSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogStorageSpec.

func (*LogStorageSpec) DeepCopyInto

func (in *LogStorageSpec) DeepCopyInto(out *LogStorageSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LogStorageStatus

type LogStorageStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// ElasticsearchHash represents the current revision and configuration of the installed Elasticsearch cluster. This
	// is an opaque string which can be monitored for changes to perform actions when Elasticsearch is modified.
	ElasticsearchHash string `json:"elasticsearchHash,omitempty"`

	// KibanaHash represents the current revision and configuration of the installed Kibana dashboard. This
	// is an opaque string which can be monitored for changes to perform actions when Kibana is modified.
	KibanaHash string `json:"kibanaHash,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

LogStorageStatus defines the observed state of Tigera flow and DNS log storage.

func (*LogStorageStatus) DeepCopy

func (in *LogStorageStatus) DeepCopy() *LogStorageStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogStorageStatus.

func (*LogStorageStatus) DeepCopyInto

func (in *LogStorageStatus) DeepCopyInto(out *LogStorageStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Logging added in v1.30.0

type Logging struct {
	// Customized logging specification for calico-cni plugin
	// +optional
	CNI *CNILogging `json:"cni,omitempty"`
}

func (*Logging) DeepCopy added in v1.30.0

func (in *Logging) DeepCopy() *Logging

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Logging.

func (*Logging) DeepCopyInto added in v1.30.0

func (in *Logging) DeepCopyInto(out *Logging)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ManagementCluster

type ManagementCluster struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec ManagementClusterSpec `json:"spec,omitempty"`
}

The presence of ManagementCluster in your cluster, will configure it to be the management plane to which managed clusters can connect. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*ManagementCluster) DeepCopy

func (in *ManagementCluster) DeepCopy() *ManagementCluster

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementCluster.

func (*ManagementCluster) DeepCopyInto

func (in *ManagementCluster) DeepCopyInto(out *ManagementCluster)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ManagementCluster) DeepCopyObject

func (in *ManagementCluster) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ManagementClusterConnection

type ManagementClusterConnection struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ManagementClusterConnectionSpec   `json:"spec,omitempty"`
	Status ManagementClusterConnectionStatus `json:"status,omitempty"`
}

ManagementClusterConnection represents a link between a managed cluster and a management cluster. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*ManagementClusterConnection) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterConnection.

func (*ManagementClusterConnection) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ManagementClusterConnection) DeepCopyObject

func (in *ManagementClusterConnection) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ManagementClusterConnectionList

type ManagementClusterConnectionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ManagementClusterConnection `json:"items"`
}

ManagementClusterConnectionList contains a list of ManagementClusterConnection.

func (*ManagementClusterConnectionList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterConnectionList.

func (*ManagementClusterConnectionList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ManagementClusterConnectionList) DeepCopyObject

func (in *ManagementClusterConnectionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ManagementClusterConnectionSpec

type ManagementClusterConnectionSpec struct {
	// Specify where the managed cluster can reach the management cluster. Ex.: "10.128.0.10:30449". A managed cluster
	// should be able to access this address. This field is used by managed clusters only.
	// +optional
	ManagementClusterAddr string `json:"managementClusterAddr,omitempty"`

	// TLS provides options for configuring how Managed Clusters can establish an mTLS connection with the Management Cluster.
	// +optional
	TLS *ManagementClusterTLS `json:"tls,omitempty"`
}

ManagementClusterConnectionSpec defines the desired state of ManagementClusterConnection

func (*ManagementClusterConnectionSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterConnectionSpec.

func (*ManagementClusterConnectionSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ManagementClusterConnectionStatus added in v1.29.0

type ManagementClusterConnectionStatus struct {
	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

ManagementClusterConnectionStatus defines the observed state of ManagementClusterConnection

func (*ManagementClusterConnectionStatus) DeepCopy added in v1.29.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterConnectionStatus.

func (*ManagementClusterConnectionStatus) DeepCopyInto added in v1.29.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ManagementClusterList

type ManagementClusterList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ManagementCluster `json:"items"`
}

ManagementClusterList contains a list of ManagementCluster

func (*ManagementClusterList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterList.

func (*ManagementClusterList) DeepCopyInto

func (in *ManagementClusterList) DeepCopyInto(out *ManagementClusterList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ManagementClusterList) DeepCopyObject

func (in *ManagementClusterList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ManagementClusterSpec

type ManagementClusterSpec struct {
	// This field specifies the externally reachable address to which your managed cluster will connect. When a managed
	// cluster is added, this field is used to populate an easy-to-apply manifest that will connect both clusters.
	// Valid examples are: "0.0.0.0:31000", "example.com:32000", "[::1]:32500"
	// +optional
	Address string `json:"address,omitempty"`

	// TLS provides options for configuring how Managed Clusters can establish an mTLS connection with the Management Cluster.
	// +optional
	TLS *TLS `json:"tls,omitempty"`
}

ManagementClusterSpec defines the desired state of a ManagementCluster

func (*ManagementClusterSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterSpec.

func (*ManagementClusterSpec) DeepCopyInto

func (in *ManagementClusterSpec) DeepCopyInto(out *ManagementClusterSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ManagementClusterTLS added in v1.28.0

type ManagementClusterTLS struct {
	// CA indicates which verification method the tunnel client should use to verify the tunnel server's identity.
	//
	// When left blank or set to 'Tigera', the tunnel client will expect a self-signed cert to be included in the certificate bundle
	// and will expect the cert to have a Common Name (CN) of 'voltron'.
	//
	// When set to 'Public', the tunnel client will use its installed system certs and will use the managementClusterAddr to verify the tunnel server's identity.
	//
	// Default: Tigera
	//
	// +kubebuilder:validation:Enum=Tigera;Public
	CA CAType `json:"ca,omitempty"`
}

func (*ManagementClusterTLS) DeepCopy added in v1.28.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagementClusterTLS.

func (*ManagementClusterTLS) DeepCopyInto added in v1.28.0

func (in *ManagementClusterTLS) DeepCopyInto(out *ManagementClusterTLS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Manager

type Manager struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Specification of the desired state for the Calico Enterprise manager.
	Spec ManagerSpec `json:"spec,omitempty"`
	// Most recently observed state for the Calico Enterprise manager.
	Status ManagerStatus `json:"status,omitempty"`
}

Manager installs the Calico Enterprise manager graphical user interface. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*Manager) DeepCopy

func (in *Manager) DeepCopy() *Manager

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Manager.

func (*Manager) DeepCopyInto

func (in *Manager) DeepCopyInto(out *Manager)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Manager) DeepCopyObject

func (in *Manager) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ManagerList

type ManagerList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Manager `json:"items"`
}

ManagerList contains a list of Manager

func (*ManagerList) DeepCopy

func (in *ManagerList) DeepCopy() *ManagerList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagerList.

func (*ManagerList) DeepCopyInto

func (in *ManagerList) DeepCopyInto(out *ManagerList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ManagerList) DeepCopyObject

func (in *ManagerList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ManagerSpec

type ManagerSpec struct {
	// Deprecated. Please use the Authentication CR for configuring authentication.
	// +optional
	Auth *Auth `json:"auth,omitempty"`
}

ManagerSpec defines configuration for the Calico Enterprise manager GUI.

func (*ManagerSpec) DeepCopy

func (in *ManagerSpec) DeepCopy() *ManagerSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagerSpec.

func (*ManagerSpec) DeepCopyInto

func (in *ManagerSpec) DeepCopyInto(out *ManagerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ManagerStatus

type ManagerStatus struct {
	// Deprecated. Please use the Authentication CR for configuring authentication.
	// +optional
	Auth *Auth `json:"auth,omitempty"`

	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

ManagerStatus defines the observed state of the Calico Enterprise manager GUI.

func (*ManagerStatus) DeepCopy

func (in *ManagerStatus) DeepCopy() *ManagerStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagerStatus.

func (*ManagerStatus) DeepCopyInto

func (in *ManagerStatus) DeepCopyInto(out *ManagerStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Metadata added in v1.27.17

type Metadata struct {
	// Labels is a map of string keys and values that may match replicaset and
	// service selectors. Each of these key/value pairs are added to the
	// object's labels provided the key does not already exist in the object's labels.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`

	// Annotations is a map of arbitrary non-identifying metadata. Each of these
	// key/value pairs are added to the object's annotations provided the key does not
	// already exist in the object's annotations.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`
}

Metadata contains the standard Kubernetes labels and annotations fields.

func (*Metadata) DeepCopy added in v1.27.17

func (in *Metadata) DeepCopy() *Metadata

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Metadata.

func (*Metadata) DeepCopyInto added in v1.27.17

func (in *Metadata) DeepCopyInto(out *Metadata)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MetadataAccessAllowedType

type MetadataAccessAllowedType string

MetadataAccessAllowedType

const (
	MetadataAccessAllowed MetadataAccessAllowedType = "Allowed"
	MetadataAccessDenied  MetadataAccessAllowedType = "Denied"
)

type Monitor added in v1.19.0

type Monitor struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   MonitorSpec   `json:"spec,omitempty"`
	Status MonitorStatus `json:"status,omitempty"`
}

Monitor is the Schema for the monitor API. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*Monitor) DeepCopy added in v1.19.0

func (in *Monitor) DeepCopy() *Monitor

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Monitor.

func (*Monitor) DeepCopyInto added in v1.19.0

func (in *Monitor) DeepCopyInto(out *Monitor)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Monitor) DeepCopyObject added in v1.19.0

func (in *Monitor) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MonitorList added in v1.19.0

type MonitorList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Monitor `json:"items"`
}

MonitorList contains a list of Monitor

func (*MonitorList) DeepCopy added in v1.19.0

func (in *MonitorList) DeepCopy() *MonitorList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorList.

func (*MonitorList) DeepCopyInto added in v1.19.0

func (in *MonitorList) DeepCopyInto(out *MonitorList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MonitorList) DeepCopyObject added in v1.19.0

func (in *MonitorList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type MonitorSpec added in v1.19.0

type MonitorSpec struct {
}

MonitorSpec defines the desired state of Tigera monitor.

func (*MonitorSpec) DeepCopy added in v1.19.0

func (in *MonitorSpec) DeepCopy() *MonitorSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorSpec.

func (*MonitorSpec) DeepCopyInto added in v1.19.0

func (in *MonitorSpec) DeepCopyInto(out *MonitorSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MonitorStatus added in v1.19.0

type MonitorStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`

	// Conditions represents the latest observed set of conditions for the component. A component may be one or more of
	// Ready, Progressing, Degraded or other customer types.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

MonitorStatus defines the observed state of Tigera monitor.

func (*MonitorStatus) DeepCopy added in v1.19.0

func (in *MonitorStatus) DeepCopy() *MonitorStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorStatus.

func (*MonitorStatus) DeepCopyInto added in v1.19.0

func (in *MonitorStatus) DeepCopyInto(out *MonitorStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MultiInterfaceMode

type MultiInterfaceMode string

MultiInterfaceMode describes the method of providing multiple pod interfaces.

One of: None, Multus

const (
	MultiInterfaceModeNone   MultiInterfaceMode = "None"
	MultiInterfaceModeMultus MultiInterfaceMode = "Multus"
)

func (MultiInterfaceMode) Value

func (m MultiInterfaceMode) Value() string

type NATOutgoingType

type NATOutgoingType string

NATOutgoingType describe the type of outgoing NAT to use.

One of: Enabled, Disabled

const (
	NATOutgoingEnabled  NATOutgoingType = "Enabled"
	NATOutgoingDisabled NATOutgoingType = "Disabled"
)

func (NATOutgoingType) String

func (nt NATOutgoingType) String() string

type NativeIP added in v1.29.1

type NativeIP string

NativeIP defines if Egress Gateway pods should have AWS IPs. When NativeIP is enabled, the IPPools should be backed by AWS subnet.

const (
	NativeIPEnabled  NativeIP = "Enabled"
	NativeIPDisabled NativeIP = "Disabled"
)

type NodeAddressAutodetection

type NodeAddressAutodetection struct {
	// FirstFound uses default interface matching parameters to select an interface, performing best-effort
	// filtering based on well-known interface names.
	// +optional
	FirstFound *bool `json:"firstFound,omitempty"`

	// Kubernetes configures Calico to detect node addresses based on the Kubernetes API.
	// +optional
	// +kubebuilder:validation:Enum=NodeInternalIP
	Kubernetes *KubernetesAutodetectionMethod `json:"kubernetes,omitempty"`

	// Interface enables IP auto-detection based on interfaces that match the given regex.
	// +optional
	Interface string `json:"interface,omitempty"`

	// SkipInterface enables IP auto-detection based on interfaces that do not match
	// the given regex.
	// +optional
	SkipInterface string `json:"skipInterface,omitempty"`

	// CanReach enables IP auto-detection based on which source address on the node is used to reach the
	// specified IP or domain.
	// +optional
	CanReach string `json:"canReach,omitempty"`

	// CIDRS enables IP auto-detection based on which addresses on the nodes are within
	// one of the provided CIDRs.
	CIDRS []string `json:"cidrs,omitempty"`
}

NodeAddressAutodetection provides configuration options for auto-detecting node addresses. At most one option can be used. If no detection option is specified, then IP auto detection will be disabled for this address family and IPs must be specified directly on the Node resource.

func (*NodeAddressAutodetection) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAddressAutodetection.

func (*NodeAddressAutodetection) DeepCopyInto

func (in *NodeAddressAutodetection) DeepCopyInto(out *NodeAddressAutodetection)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NodeAffinity added in v1.14.4

type NodeAffinity struct {
	// The scheduler will prefer to schedule pods to nodes that satisfy
	// the affinity expressions specified by this field, but it may choose
	// a node that violates one or more of the expressions.
	// +optional
	PreferredDuringSchedulingIgnoredDuringExecution []v1.PreferredSchedulingTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty"`

	// WARNING: Please note that if the affinity requirements specified by this field are not met at
	// scheduling time, the pod will NOT be scheduled onto the node.
	// There is no fallback to another affinity rules with this setting.
	// This may cause networking disruption or even catastrophic failure!
	// PreferredDuringSchedulingIgnoredDuringExecution should be used for affinity
	// unless there is a specific well understood reason to use RequiredDuringSchedulingIgnoredDuringExecution and
	// you can guarantee that the RequiredDuringSchedulingIgnoredDuringExecution will always have sufficient nodes to satisfy the requirement.
	// NOTE: RequiredDuringSchedulingIgnoredDuringExecution is set by default for AKS nodes,
	// to avoid scheduling Typhas on virtual-nodes.
	// If the affinity requirements specified by this field cease to be met
	// at some point during pod execution (e.g. due to an update), the system
	// may or may not try to eventually evict the pod from its node.
	// +optional
	RequiredDuringSchedulingIgnoredDuringExecution *v1.NodeSelector `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty"`
}

NodeAffinity is similar to *v1.NodeAffinity, but allows us to limit available schedulers.

func (*NodeAffinity) DeepCopy added in v1.14.4

func (in *NodeAffinity) DeepCopy() *NodeAffinity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAffinity.

func (*NodeAffinity) DeepCopyInto added in v1.14.4

func (in *NodeAffinity) DeepCopyInto(out *NodeAffinity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NodeSet

type NodeSet struct {
	// SelectionAttributes defines K8s node attributes a NodeSet should use when setting the Node Affinity selectors and
	// Elasticsearch cluster awareness attributes for the Elasticsearch nodes. The list of SelectionAttributes are used
	// to define Node Affinities and set the node awareness configuration in the running Elasticsearch instance.
	SelectionAttributes []NodeSetSelectionAttribute `json:"selectionAttributes,omitempty"`
}

NodeSets defines configuration specific to each Elasticsearch Node Set

func (*NodeSet) DeepCopy

func (in *NodeSet) DeepCopy() *NodeSet

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSet.

func (*NodeSet) DeepCopyInto

func (in *NodeSet) DeepCopyInto(out *NodeSet)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NodeSetSelectionAttribute

type NodeSetSelectionAttribute struct {
	// +required
	Name string `json:"name"`
	// +required
	NodeLabel string `json:"nodeLabel"`
	// +required
	Value string `json:"value"`
}

NodeSetSelectionAttribute defines a K8s node "attribute" the Elasticsearch nodes should be aware of. The "Name" and "Value" are used together to set the "awareness" attributes in Elasticsearch, while the "NodeLabel" and "Value" are used together to define Node Affinity for the Pods created for the Elasticsearch nodes.

func (*NodeSetSelectionAttribute) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSetSelectionAttribute.

func (*NodeSetSelectionAttribute) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Nodes

type Nodes struct {
	// Count defines the number of nodes in the Elasticsearch cluster.
	Count int64 `json:"count,omitempty"`

	// NodeSets defines configuration specific to each Elasticsearch Node Set
	// +optional
	NodeSets []NodeSet `json:"nodeSets,omitempty"`

	// ResourceRequirements defines the resource limits and requirements for the Elasticsearch cluster.
	// +optional
	ResourceRequirements *corev1.ResourceRequirements `json:"resourceRequirements,omitempty"`
}

Nodes defines the configuration for a set of identical Elasticsearch cluster nodes, each of type master, data, and ingest.

func (*Nodes) DeepCopy

func (in *Nodes) DeepCopy() *Nodes

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Nodes.

func (*Nodes) DeepCopyInto

func (in *Nodes) DeepCopyInto(out *Nodes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NonPrivilegedType added in v1.23.0

type NonPrivilegedType string

NonPrivilegedType specifies whether Calico runs as permissioned or not

One of: Enabled, Disabled

const (
	NonPrivilegedEnabled  NonPrivilegedType = "Enabled"
	NonPrivilegedDisabled NonPrivilegedType = "Disabled"
)

type OIDCType added in v1.18.0

type OIDCType string

OIDCType defines how OIDC is configured for Tigera Enterprise. Dex should be the best option for most use-cases. The Tigera option can help in specific use-cases, for instance, when you are unable to configure a client secret. One of: Dex, Tigera +kubebuilder:validation:Enum=Dex;Tigera

const (
	// OIDCTypeDex uses Dex IdP, a popular open-source tool for connecting OIDC.
	OIDCTypeDex OIDCType = "Dex"
	// OIDCTypeTigera uses customer code to pass OIDC configuration directly into our server applications.
	OIDCTypeTigera OIDCType = "Tigera"
)

type PolicyRecommendation added in v1.30.0

type PolicyRecommendation struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   PolicyRecommendationSpec   `json:"spec,omitempty"`
	Status PolicyRecommendationStatus `json:"status,omitempty"`
}

PolicyRecommendation is the Schema for the policy recommendation API. At most one instance of this resource is supported. It must be named "tigera-secure".

func (*PolicyRecommendation) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRecommendation.

func (*PolicyRecommendation) DeepCopyInto added in v1.30.0

func (in *PolicyRecommendation) DeepCopyInto(out *PolicyRecommendation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyRecommendation) DeepCopyObject added in v1.30.0

func (in *PolicyRecommendation) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyRecommendationList added in v1.30.0

type PolicyRecommendationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []PolicyRecommendation `json:"items"`
}

PolicyRecommendationList contains a list of Monitor

func (*PolicyRecommendationList) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRecommendationList.

func (*PolicyRecommendationList) DeepCopyInto added in v1.30.0

func (in *PolicyRecommendationList) DeepCopyInto(out *PolicyRecommendationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyRecommendationList) DeepCopyObject added in v1.30.0

func (in *PolicyRecommendationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyRecommendationSpec added in v1.30.0

type PolicyRecommendationSpec struct {
}

PolicyRecommendationSpec defines configuration for the Calico Enterprise Policy Recommendation service.

func (*PolicyRecommendationSpec) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRecommendationSpec.

func (*PolicyRecommendationSpec) DeepCopyInto added in v1.30.0

func (in *PolicyRecommendationSpec) DeepCopyInto(out *PolicyRecommendationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyRecommendationStatus added in v1.30.0

type PolicyRecommendationStatus struct {
	// State provides user-readable status.
	State string `json:"state,omitempty"`
}

PolicyRecommendationStatus defines the observed state of Tigera policy recommendation.

func (*PolicyRecommendationStatus) DeepCopy added in v1.30.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRecommendationStatus.

func (*PolicyRecommendationStatus) DeepCopyInto added in v1.30.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProductVariant

type ProductVariant string

ProductVariant represents the variant of the product.

One of: Calico, TigeraSecureEnterprise

var (
	Calico                 ProductVariant = "Calico"
	TigeraSecureEnterprise ProductVariant = "TigeraSecureEnterprise"
)

type PromptType added in v1.16.0

type PromptType string

PromptType is a value that specifies whether the identity provider prompts the end user for re-authentication and consent. One of: None, Login, Consent, SelectAccount. +kubebuilder:validation:Enum=None;Login;Consent;SelectAccount

const (
	// The identity provider must not display any authentication or consent user interface pages.
	PromptTypeNone PromptType = "None"
	// The identity provider should prompt the end user for reauthentication.
	PromptTypeLogin PromptType = "Login"
	// The identity provider should prompt the end user for consent before returning information to the client.
	PromptTypeConsent PromptType = "Consent"
	// The identity provider should prompt the end user to select a user account.
	PromptTypeSelectAccount PromptType = "SelectAccount"
)

type Provider

type Provider string

Provider represents a particular provider or flavor of Kubernetes. Valid options are: EKS, GKE, AKS, RKE2, OpenShift, DockerEnterprise.

var (
	ProviderNone      Provider = ""
	ProviderEKS       Provider = "EKS"
	ProviderGKE       Provider = "GKE"
	ProviderAKS       Provider = "AKS"
	ProviderRKE2      Provider = "RKE2"
	ProviderOpenShift Provider = "OpenShift"
	ProviderDockerEE  Provider = "DockerEnterprise"
)

type Retention

type Retention struct {
	// Flows configures the retention period for flow logs, in days.  Logs written on a day that started at least this long ago
	// are removed.  To keep logs for at least x days, use a retention period of x+1.
	// Default: 8
	// +optional
	Flows *int32 `json:"flows"`

	// AuditReports configures the retention period for audit logs, in days.  Logs written on a day that started at least this long ago are
	// removed.  To keep logs for at least x days, use a retention period of x+1.
	// Default: 91
	// +optional
	AuditReports *int32 `json:"auditReports"`

	// Snapshots configures the retention period for snapshots, in days. Snapshots are periodic captures
	// of resources which along with audit events are used to generate reports.
	// Consult the Compliance Reporting documentation for more details on snapshots.
	// Logs written on a day that started at least this long ago are
	// removed.  To keep logs for at least x days, use a retention period of x+1.
	// Default: 91
	// +optional
	Snapshots *int32 `json:"snapshots"`

	// ComplianceReports configures the retention period for compliance reports, in days. Reports are output
	// from the analysis of the system state and audit events for compliance reporting.
	// Consult the Compliance Reporting documentation for more details on reports.
	// Logs written on a day that started at least this long ago are
	// removed.  To keep logs for at least x days, use a retention period of x+1.
	// Default: 91
	// +optional
	ComplianceReports *int32 `json:"complianceReports"`

	// DNSLogs configures the retention period for DNS logs, in days.  Logs written on a day that started at least this long ago
	// are removed.  To keep logs for at least x days, use a retention period of x+1.
	// Default: 8
	// +optional
	DNSLogs *int32 `json:"dnsLogs"`

	// BGPLogs configures the retention period for BGP logs, in days.  Logs written on a day that started at least this long ago
	// are removed.  To keep logs for at least x days, use a retention period of x+1.
	// Default: 8
	// +optional
	BGPLogs *int32 `json:"bgpLogs"`
}

Retention defines how long data is retained in an Elasticsearch cluster before it is cleared.

func (*Retention) DeepCopy

func (in *Retention) DeepCopy() *Retention

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Retention.

func (*Retention) DeepCopyInto

func (in *Retention) DeepCopyInto(out *Retention)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type S3StoreSpec

type S3StoreSpec struct {
	// AWS Region of the S3 bucket
	Region string `json:"region"`

	// Name of the S3 bucket to send logs
	BucketName string `json:"bucketName"`

	// Path in the S3 bucket where to send logs
	BucketPath string `json:"bucketPath"`
}

S3StoreSpec defines configuration for exporting logs to Amazon S3. +k8s:openapi-gen=true

func (*S3StoreSpec) DeepCopy

func (in *S3StoreSpec) DeepCopy() *S3StoreSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new S3StoreSpec.

func (*S3StoreSpec) DeepCopyInto

func (in *S3StoreSpec) DeepCopyInto(out *S3StoreSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SplunkStoreSpec

type SplunkStoreSpec struct {
	// Location for splunk's http event collector end point. example `https://1.2.3.4:8088`
	Endpoint string `json:"endpoint"`
}

SplunkStoreSpec defines configuration for exporting logs to splunk.

func (*SplunkStoreSpec) DeepCopy

func (in *SplunkStoreSpec) DeepCopy() *SplunkStoreSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SplunkStoreSpec.

func (*SplunkStoreSpec) DeepCopyInto

func (in *SplunkStoreSpec) DeepCopyInto(out *SplunkStoreSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StatusConditionType

type StatusConditionType string

StatusConditionType is a type of condition that may apply to a particular component.

const (
	// Available indicates that the component is healthy.
	ComponentAvailable StatusConditionType = "Available"

	// Progressing means that the component is in the process of being installed or upgraded.
	ComponentProgressing StatusConditionType = "Progressing"

	// Degraded means the component is not operating as desired and user action is required.
	ComponentDegraded StatusConditionType = "Degraded"

	// Ready indicates that the component is healthy and ready.it is identical to Available and used in Status conditions for CRs.
	ComponentReady StatusConditionType = "Ready"
)

type SyslogLogType

type SyslogLogType string

SyslogLogType represents the allowable log types for syslog. Allowable values are Audit, DNS, Flows and IDSEvents. * Audit corresponds to audit logs for both Kubernetes resources and Enterprise custom resources. * DNS corresponds to DNS logs generated by Calico node. * Flows corresponds to flow logs generated by Calico node. * IDSEvents corresponds to event logs for the intrusion detection system (anomaly detection, suspicious IPs, suspicious domains and global alerts). +kubebuilder:validation:Enum=Audit;DNS;Flows;IDSEvents

const (
	SyslogLogAudit     SyslogLogType = "Audit"
	SyslogLogDNS       SyslogLogType = "DNS"
	SyslogLogFlows     SyslogLogType = "Flows"
	SyslogLogL7        SyslogLogType = "L7"
	SyslogLogIDSEvents SyslogLogType = "IDSEvents"
)

func (SyslogLogType) String

func (cp SyslogLogType) String() string

type SyslogStoreSpec

type SyslogStoreSpec struct {
	// Location of the syslog server. example: tcp://1.2.3.4:601
	Endpoint string `json:"endpoint"`

	// PacketSize defines the maximum size of packets to send to syslog.
	// In general this is only needed if you notice long logs being truncated.
	// Default: 1024
	// +optional
	PacketSize *int32 `json:"packetSize,omitempty"`

	// If no values are provided, the list will be updated to include log types Audit, DNS and Flows.
	// Default: Audit, DNS, Flows
	LogTypes []SyslogLogType `json:"logTypes"`

	// Encryption configures traffic encryption to the Syslog server.
	// Default: None
	// +optional
	// +kubebuilder:validation:Enum=None;TLS
	Encryption EncryptionOption `json:"encryption,omitempty"`
}

SyslogStoreSpec defines configuration for exporting logs to syslog.

func (*SyslogStoreSpec) DeepCopy

func (in *SyslogStoreSpec) DeepCopy() *SyslogStoreSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SyslogStoreSpec.

func (*SyslogStoreSpec) DeepCopyInto

func (in *SyslogStoreSpec) DeepCopyInto(out *SyslogStoreSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLS added in v1.28.0

type TLS struct {
	// SecretName indicates the name of the secret in the tigera-operator namespace that contains the private key and certificate that the management cluster uses when it listens for incoming connections.
	//
	// When set to tigera-management-cluster-connection voltron will use the same cert bundle which Guardian client certs are signed with.
	//
	// When set to manager-tls, voltron will use the same cert bundle which Manager UI is served with.
	// This cert bundle must be a publicly signed cert created by the user.
	// Note that Tigera Operator will generate a self-signed manager-tls cert if one does not exist,
	// and use of that cert will result in Guardian being unable to verify Voltron's identity.
	//
	// If changed on a running cluster with connected managed clusters, all managed clusters will disconnect as they will no longer be able to verify Voltron's identity.
	// To reconnect existing managed clusters, change the tls.ca of the  managed clusters' ManagementClusterConnection resource.
	//
	// One of: tigera-management-cluster-connection, manager-tls
	//
	// Default: tigera-management-cluster-connection
	//
	// +kubebuilder:validation:Enum=tigera-management-cluster-connection;manager-tls
	// +optional
	SecretName string `json:"secretName,omitempty"`
}

func (*TLS) DeepCopy added in v1.28.0

func (in *TLS) DeepCopy() *TLS

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLS.

func (*TLS) DeepCopyInto added in v1.28.0

func (in *TLS) DeepCopyInto(out *TLS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TigeraStatus

type TigeraStatus struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TigeraStatusSpec   `json:"spec,omitempty"`
	Status TigeraStatusStatus `json:"status,omitempty"`
}

TigeraStatus represents the most recently observed status for Calico or a Calico Enterprise functional area. +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster +kubebuilder:printcolumn:name="Available",type="string",JSONPath=".status.conditions[?(@.type=='Available')].status",description="Whether the component running and stable." +kubebuilder:printcolumn:name="Progressing",type="string",JSONPath=".status.conditions[?(@.type=='Progressing')].status",description="Whether the component is processing changes." +kubebuilder:printcolumn:name="Degraded",type="string",JSONPath=".status.conditions[?(@.type=='Degraded')].status",description="Whether the component is degraded." +kubebuilder:printcolumn:name="Since",type="date",JSONPath=".status.conditions[?(@.type=='Available')].lastTransitionTime",description="The time the component's Available status last changed."

func (*TigeraStatus) DeepCopy

func (in *TigeraStatus) DeepCopy() *TigeraStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TigeraStatus.

func (*TigeraStatus) DeepCopyInto

func (in *TigeraStatus) DeepCopyInto(out *TigeraStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TigeraStatus) DeepCopyObject

func (in *TigeraStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TigeraStatusCondition

type TigeraStatusCondition struct {
	// The type of condition. May be Available, Progressing, or Degraded.
	Type StatusConditionType `json:"type"`

	// The status of the condition. May be True, False, or Unknown.
	Status ConditionStatus `json:"status"`

	// The timestamp representing the start time for the current status.
	LastTransitionTime metav1.Time `json:"lastTransitionTime"`

	// A brief reason explaining the condition.
	Reason string `json:"reason,omitempty"`

	// Optionally, a detailed message providing additional context.
	Message string `json:"message,omitempty"`

	// observedGeneration represents the generation that the condition was set based upon.
	// For instance, if generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
	// with respect to the current state of the instance.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
}

TigeraStatusCondition represents a condition attached to a particular component. +k8s:deepcopy-gen=true

func (*TigeraStatusCondition) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TigeraStatusCondition.

func (*TigeraStatusCondition) DeepCopyInto

func (in *TigeraStatusCondition) DeepCopyInto(out *TigeraStatusCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TigeraStatusList

type TigeraStatusList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []TigeraStatus `json:"items"`
}

TigeraStatusList contains a list of TigeraStatus

func (*TigeraStatusList) DeepCopy

func (in *TigeraStatusList) DeepCopy() *TigeraStatusList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TigeraStatusList.

func (*TigeraStatusList) DeepCopyInto

func (in *TigeraStatusList) DeepCopyInto(out *TigeraStatusList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TigeraStatusList) DeepCopyObject

func (in *TigeraStatusList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TigeraStatusReason added in v1.28.0

type TigeraStatusReason string

TigeraStatusReason represents the reason for a particular condition.

const (
	AllObjectsAvailable       TigeraStatusReason = "AllObjectsAvailable"
	ResourceNotReady          TigeraStatusReason = "ResourceNotReady"
	PodFailure                TigeraStatusReason = "PodFailure"
	CertificateError          TigeraStatusReason = "CertificateError"
	InvalidConfigurationError TigeraStatusReason = "InvalidConfigurationError"
	ResourceCreateError       TigeraStatusReason = "ResourceCreateError"
	ResourceMigrationError    TigeraStatusReason = "ResourceMigrationError"
	ResourceNotFound          TigeraStatusReason = "ResourceNotFound"
	ResourcePatchError        TigeraStatusReason = "ResourcePatchError"
	ResourceReadError         TigeraStatusReason = "ResourceReadError"
	ResourceRenderingError    TigeraStatusReason = "ResourceRenderingError"
	ResourceScalingError      TigeraStatusReason = "ResourceScalingError"
	ResourceUpdateError       TigeraStatusReason = "ResourceUpdateError"
	ResourceValidationError   TigeraStatusReason = "ResourceValidationError"
	MigrationError            TigeraStatusReason = "MigrationError"
	InternalServerError       TigeraStatusReason = "InternalServerError"
	NotApplicable             TigeraStatusReason = "NotApplicable"
	UpgradeError              TigeraStatusReason = "UpgradeError"
	Unknown                   TigeraStatusReason = "Unknown"
	ImageSetError             TigeraStatusReason = "ImageSetError"
)

type TigeraStatusSpec

type TigeraStatusSpec struct {
}

TigeraStatusSpec defines the desired state of TigeraStatus

func (*TigeraStatusSpec) DeepCopy

func (in *TigeraStatusSpec) DeepCopy() *TigeraStatusSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TigeraStatusSpec.

func (*TigeraStatusSpec) DeepCopyInto

func (in *TigeraStatusSpec) DeepCopyInto(out *TigeraStatusSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TigeraStatusStatus

type TigeraStatusStatus struct {
	// Conditions represents the latest observed set of conditions for this component. A component may be one or more of
	// Available, Progressing, or Degraded.
	Conditions []TigeraStatusCondition `json:"conditions"`
}

TigeraStatusStatus defines the observed state of TigeraStatus

func (*TigeraStatusStatus) DeepCopy

func (in *TigeraStatusStatus) DeepCopy() *TigeraStatusStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TigeraStatusStatus.

func (*TigeraStatusStatus) DeepCopyInto

func (in *TigeraStatusStatus) DeepCopyInto(out *TigeraStatusStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaAffinity added in v1.13.3

type TyphaAffinity struct {
	// NodeAffinity describes node affinity scheduling rules for typha.
	// +optional
	NodeAffinity *NodeAffinity `json:"nodeAffinity,omitempty"`
}

Deprecated. Please use TyphaDeployment instead. TyphaAffinity allows configuration of node affinity characteristics for Typha pods.

func (*TyphaAffinity) DeepCopy added in v1.13.3

func (in *TyphaAffinity) DeepCopy() *TyphaAffinity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaAffinity.

func (*TyphaAffinity) DeepCopyInto added in v1.13.3

func (in *TyphaAffinity) DeepCopyInto(out *TyphaAffinity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaDeployment added in v1.27.17

type TyphaDeployment struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the specification of the typha Deployment.
	// +optional
	Spec *TyphaDeploymentSpec `json:"spec,omitempty"`
}

TyphaDeployment is the configuration for the typha Deployment.

func (*TyphaDeployment) DeepCopy added in v1.27.17

func (in *TyphaDeployment) DeepCopy() *TyphaDeployment

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeployment.

func (*TyphaDeployment) DeepCopyInto added in v1.27.17

func (in *TyphaDeployment) DeepCopyInto(out *TyphaDeployment)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TyphaDeployment) GetAffinity added in v1.27.17

func (c *TyphaDeployment) GetAffinity() *v1.Affinity

func (*TyphaDeployment) GetContainers added in v1.27.17

func (c *TyphaDeployment) GetContainers() []v1.Container

func (*TyphaDeployment) GetDeploymentStrategy added in v1.27.17

func (c *TyphaDeployment) GetDeploymentStrategy() *appsv1.DeploymentStrategy

func (*TyphaDeployment) GetInitContainers added in v1.27.17

func (c *TyphaDeployment) GetInitContainers() []v1.Container

func (*TyphaDeployment) GetMetadata added in v1.27.17

func (c *TyphaDeployment) GetMetadata() *Metadata

func (*TyphaDeployment) GetMinReadySeconds added in v1.27.17

func (c *TyphaDeployment) GetMinReadySeconds() *int32

func (*TyphaDeployment) GetNodeSelector added in v1.27.17

func (c *TyphaDeployment) GetNodeSelector() map[string]string

func (*TyphaDeployment) GetPodTemplateMetadata added in v1.27.17

func (c *TyphaDeployment) GetPodTemplateMetadata() *Metadata

func (*TyphaDeployment) GetPriorityClassName added in v1.30.10

func (c *TyphaDeployment) GetPriorityClassName() string

func (*TyphaDeployment) GetTerminationGracePeriodSeconds added in v1.27.17

func (c *TyphaDeployment) GetTerminationGracePeriodSeconds() *int64

func (*TyphaDeployment) GetTolerations added in v1.27.17

func (c *TyphaDeployment) GetTolerations() []v1.Toleration

func (*TyphaDeployment) GetTopologySpreadConstraints added in v1.29.0

func (c *TyphaDeployment) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint

type TyphaDeploymentContainer added in v1.27.17

type TyphaDeploymentContainer struct {
	// Name is an enum which identifies the typha Deployment container by name.
	// +kubebuilder:validation:Enum=calico-typha
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named typha Deployment container's resources.
	// If omitted, the typha Deployment will use its default value for this container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

TyphaDeploymentContainer is a typha Deployment container.

func (*TyphaDeploymentContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeploymentContainer.

func (*TyphaDeploymentContainer) DeepCopyInto added in v1.27.17

func (in *TyphaDeploymentContainer) DeepCopyInto(out *TyphaDeploymentContainer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaDeploymentInitContainer added in v1.27.17

type TyphaDeploymentInitContainer struct {
	// Name is an enum which identifies the typha Deployment init container by name.
	// +kubebuilder:validation:Enum=typha-certs-key-cert-provisioner
	Name string `json:"name"`

	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
	// If specified, this overrides the named typha Deployment init container's resources.
	// If omitted, the typha Deployment will use its default value for this init container's resources.
	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
	// +optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
}

TyphaDeploymentInitContainer is a typha Deployment init container.

func (*TyphaDeploymentInitContainer) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeploymentInitContainer.

func (*TyphaDeploymentInitContainer) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaDeploymentPodSpec added in v1.27.17

type TyphaDeploymentPodSpec struct {
	// InitContainers is a list of typha init containers.
	// If specified, this overrides the specified typha Deployment init containers.
	// If omitted, the typha Deployment will use its default values for its init containers.
	// +optional
	InitContainers []TyphaDeploymentInitContainer `json:"initContainers,omitempty"`

	// Containers is a list of typha containers.
	// If specified, this overrides the specified typha Deployment containers.
	// If omitted, the typha Deployment will use its default values for its containers.
	// +optional
	Containers []TyphaDeploymentContainer `json:"containers,omitempty"`

	// Affinity is a group of affinity scheduling rules for the typha pods.
	// If specified, this overrides any affinity that may be set on the typha Deployment.
	// If omitted, the typha Deployment will use its default value for affinity.
	// If used in conjunction with the deprecated TyphaAffinity, then this value takes precedence.
	// WARNING: Please note that this field will override the default calico-typha Deployment affinity.
	// +optional
	Affinity *v1.Affinity `json:"affinity,omitempty"`

	// NodeSelector is the calico-typha pod's scheduling constraints.
	// If specified, each of the key/value pairs are added to the calico-typha Deployment nodeSelector provided
	// the key does not already exist in the object's nodeSelector.
	// If omitted, the calico-typha Deployment will use its default value for nodeSelector.
	// WARNING: Please note that this field will modify the default calico-typha Deployment nodeSelector.
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.
	// Value must be non-negative integer. The value zero indicates stop immediately via
	// the kill signal (no opportunity to shut down).
	// If this value is nil, the default grace period will be used instead.
	// The grace period is the duration in seconds after the processes running in the pod are sent
	// a termination signal and the time when the processes are forcibly halted with a kill signal.
	// Set this value longer than the expected cleanup time for your process.
	// Defaults to 30 seconds.
	// +optional
	TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty" protobuf:"varint,4,opt,name=terminationGracePeriodSeconds"`

	// TopologySpreadConstraints describes how a group of pods ought to spread across topology
	// domains. Scheduler will schedule pods in a way which abides by the constraints.
	// All topologySpreadConstraints are ANDed.
	// +optional
	TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`

	// Tolerations is the typha pod's tolerations.
	// If specified, this overrides any tolerations that may be set on the typha Deployment.
	// If omitted, the typha Deployment will use its default value for tolerations.
	// WARNING: Please note that this field will override the default calico-typha Deployment tolerations.
	// +optional
	Tolerations []v1.Toleration `json:"tolerations,omitempty"`
}

TyphaDeploymentPodSpec is the typha Deployment's PodSpec.

func (*TyphaDeploymentPodSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeploymentPodSpec.

func (*TyphaDeploymentPodSpec) DeepCopyInto added in v1.27.17

func (in *TyphaDeploymentPodSpec) DeepCopyInto(out *TyphaDeploymentPodSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaDeploymentPodTemplateSpec added in v1.27.17

type TyphaDeploymentPodTemplateSpec struct {
	// Metadata is a subset of a Kubernetes object's metadata that is added to
	// the pod's metadata.
	// +optional
	Metadata *Metadata `json:"metadata,omitempty"`

	// Spec is the typha Deployment's PodSpec.
	// +optional
	Spec *TyphaDeploymentPodSpec `json:"spec,omitempty"`
}

TyphaDeploymentPodTemplateSpec is the typha Deployment's PodTemplateSpec

func (*TyphaDeploymentPodTemplateSpec) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeploymentPodTemplateSpec.

func (*TyphaDeploymentPodTemplateSpec) DeepCopyInto added in v1.27.17

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaDeploymentSpec added in v1.27.17

type TyphaDeploymentSpec struct {
	// MinReadySeconds is the minimum number of seconds for which a newly created Deployment pod should
	// be ready without any of its container crashing, for it to be considered available.
	// If specified, this overrides any minReadySeconds value that may be set on the typha Deployment.
	// If omitted, the typha Deployment will use its default value for minReadySeconds.
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=2147483647
	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`

	// Template describes the typha Deployment pod that will be created.
	// +optional
	Template *TyphaDeploymentPodTemplateSpec `json:"template,omitempty"`

	// The deployment strategy to use to replace existing pods with new ones.
	// +optional
	// +patchStrategy=retainKeys
	Strategy *TyphaDeploymentStrategy `json:"strategy,omitempty" patchStrategy:"retainKeys" protobuf:"bytes,4,opt,name=strategy"`
}

TyphaDeploymentSpec defines configuration for the typha Deployment.

func (*TyphaDeploymentSpec) DeepCopy added in v1.27.17

func (in *TyphaDeploymentSpec) DeepCopy() *TyphaDeploymentSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeploymentSpec.

func (*TyphaDeploymentSpec) DeepCopyInto added in v1.27.17

func (in *TyphaDeploymentSpec) DeepCopyInto(out *TyphaDeploymentSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TyphaDeploymentStrategy added in v1.27.17

type TyphaDeploymentStrategy struct {
	// Rolling update config params. Present only if DeploymentStrategyType =
	// RollingUpdate.
	// to be.
	// +optional
	RollingUpdate *appsv1.RollingUpdateDeployment `json:"rollingUpdate,omitempty" protobuf:"bytes,2,opt,name=rollingUpdate"`
}

TyphaDeploymentStrategy describes how to replace existing pods with new ones. Only RollingUpdate is supported at this time so the Type field is not exposed.

func (*TyphaDeploymentStrategy) DeepCopy added in v1.27.17

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TyphaDeploymentStrategy.

func (*TyphaDeploymentStrategy) DeepCopyInto added in v1.27.17

func (in *TyphaDeploymentStrategy) DeepCopyInto(out *TyphaDeploymentStrategy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type UserMatch added in v1.16.0

type UserMatch struct {
	// The attribute of a user that links it to a group.
	// +required
	UserAttribute string `json:"userAttribute"`

	// The attribute of a group that links it to a user.
	// +required
	GroupAttribute string `json:"groupAttribute"`
}

UserMatch when the value of a UserAttribute and a GroupAttribute match, a user belongs to the group.

func (*UserMatch) DeepCopy added in v1.16.0

func (in *UserMatch) DeepCopy() *UserMatch

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserMatch.

func (*UserMatch) DeepCopyInto added in v1.16.0

func (in *UserMatch) DeepCopyInto(out *UserMatch)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type UserSearch added in v1.16.0

type UserSearch struct {
	// BaseDN to start the search from. For example "cn=users,dc=example,dc=com"
	// +required
	BaseDN string `json:"baseDN"`

	// Optional filter to apply when searching the directory. For example "(objectClass=person)"
	// +optional
	Filter string `json:"filter,omitempty"`

	// A mapping of the attribute that is used as the username. This attribute can be used to apply RBAC to a user.
	// Default: uid
	// +optional
	NameAttribute string `json:"nameAttribute,omitempty"`
}

User entry search configuration to match the credentials with a user.

func (*UserSearch) DeepCopy added in v1.16.0

func (in *UserSearch) DeepCopy() *UserSearch

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSearch.

func (*UserSearch) DeepCopyInto added in v1.16.0

func (in *UserSearch) DeepCopyInto(out *UserSearch)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WAFStatusType added in v1.26.0

type WAFStatusType string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL