v1alpha3

package

v1.1.0 Latest Latest Go to latest Published: May 8, 2024 License: Apache-2.0 Imports: 5 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes-sigs/gateway-api

Links

Open Source Insights

Documentation ¶

Overview ¶

Package v1alpha3 contains API Schema definitions for the gateway.networking.k8s.io API group.

+k8s:openapi-gen=true +kubebuilder:object:generate=true +groupName=gateway.networking.k8s.io

Index ¶

Constants
Variables
func Resource(resource string) schema.GroupResource
type BackendTLSPolicy
type BackendTLSPolicyList
type BackendTLSPolicySpec
- func (in *BackendTLSPolicySpec) DeepCopy() *BackendTLSPolicySpec
- func (in *BackendTLSPolicySpec) DeepCopyInto(out *BackendTLSPolicySpec)
type BackendTLSPolicyValidation
- func (in *BackendTLSPolicyValidation) DeepCopy() *BackendTLSPolicyValidation
- func (in *BackendTLSPolicyValidation) DeepCopyInto(out *BackendTLSPolicyValidation)
type WellKnownCACertificatesType

Constants ¶

View Source

const GroupName = "gateway.networking.k8s.io"

GroupName specifies the group name used to register the objects.

Variables ¶

View Source

var (
	// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
	SchemeBuilder runtime.SchemeBuilder

	// Deprecated: use Install instead
	AddToScheme = localSchemeBuilder.AddToScheme
	Install     = localSchemeBuilder.AddToScheme
)

View Source

var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha3"}

GroupVersion specifies the group and the version used to register the objects.

View Source

var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha3"}

SchemeGroupVersion is group version used to register these objects Deprecated: use GroupVersion instead.

Functions ¶

func Resource ¶

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types ¶

type BackendTLSPolicy ¶

type BackendTLSPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec defines the desired state of BackendTLSPolicy.
	Spec BackendTLSPolicySpec `json:"spec"`

	// Status defines the current state of BackendTLSPolicy.
	Status v1alpha2.PolicyStatus `json:"status,omitempty"`
}

BackendTLSPolicy provides a way to configure how a Gateway connects to a Backend via TLS.

func (*BackendTLSPolicy) DeepCopy ¶

func (in *BackendTLSPolicy) DeepCopy() *BackendTLSPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTLSPolicy.

func (*BackendTLSPolicy) DeepCopyInto ¶

func (in *BackendTLSPolicy) DeepCopyInto(out *BackendTLSPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BackendTLSPolicy) DeepCopyObject ¶

func (in *BackendTLSPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BackendTLSPolicyList ¶

type BackendTLSPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []BackendTLSPolicy `json:"items"`
}

BackendTLSPolicyList contains a list of BackendTLSPolicies +kubebuilder:object:root=true

func (*BackendTLSPolicyList) DeepCopy ¶

func (in *BackendTLSPolicyList) DeepCopy() *BackendTLSPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTLSPolicyList.

func (*BackendTLSPolicyList) DeepCopyInto ¶

func (in *BackendTLSPolicyList) DeepCopyInto(out *BackendTLSPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BackendTLSPolicyList) DeepCopyObject ¶

func (in *BackendTLSPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BackendTLSPolicySpec ¶

type BackendTLSPolicySpec struct {
	// TargetRefs identifies an API object to apply the policy to.
	// Only Services have Extended support. Implementations MAY support
	// additional objects, with Implementation Specific support.
	// Note that this config applies to the entire referenced resource
	// by default, but this default may change in the future to provide
	// a more granular application of the policy.
	//
	// Support: Extended for Kubernetes Service
	//
	// Support: Implementation-specific for any other resource
	//
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:MaxItems=16
	TargetRefs []v1alpha2.LocalPolicyTargetReferenceWithSectionName `json:"targetRefs"`

	// Validation contains backend TLS validation configuration.
	Validation BackendTLSPolicyValidation `json:"validation"`
}

BackendTLSPolicySpec defines the desired state of BackendTLSPolicy.

Support: Extended

func (*BackendTLSPolicySpec) DeepCopy ¶

func (in *BackendTLSPolicySpec) DeepCopy() *BackendTLSPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTLSPolicySpec.

func (*BackendTLSPolicySpec) DeepCopyInto ¶

func (in *BackendTLSPolicySpec) DeepCopyInto(out *BackendTLSPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BackendTLSPolicyValidation ¶

type BackendTLSPolicyValidation struct {
	// CACertificateRefs contains one or more references to Kubernetes objects that
	// contain a PEM-encoded TLS CA certificate bundle, which is used to
	// validate a TLS handshake between the Gateway and backend Pod.
	//
	// If CACertificateRefs is empty or unspecified, then WellKnownCACertificates must be
	// specified. Only one of CACertificateRefs or WellKnownCACertificates may be specified,
	// not both. If CACertifcateRefs is empty or unspecified, the configuration for
	// WellKnownCACertificates MUST be honored instead if supported by the implementation.
	//
	// References to a resource in a different namespace are invalid for the
	// moment, although we will revisit this in the future.
	//
	// A single CACertificateRef to a Kubernetes ConfigMap kind has "Core" support.
	// Implementations MAY choose to support attaching multiple certificates to
	// a backend, but this behavior is implementation-specific.
	//
	// Support: Core - An optional single reference to a Kubernetes ConfigMap,
	// with the CA certificate in a key named `ca.crt`.
	//
	// Support: Implementation-specific (More than one reference, or other kinds
	// of resources).
	//
	// +kubebuilder:validation:MaxItems=8
	// +optional
	CACertificateRefs []v1.LocalObjectReference `json:"caCertificateRefs,omitempty"`

	// WellKnownCACertificates specifies whether system CA certificates may be used in
	// the TLS handshake between the gateway and backend pod.
	//
	// If WellKnownCACertificates is unspecified or empty (""), then CACertificateRefs
	// must be specified with at least one entry for a valid configuration. Only one of
	// CACertificateRefs or WellKnownCACertificates may be specified, not both. If an
	// implementation does not support the WellKnownCACertificates field or the value
	// supplied is not supported, the Status Conditions on the Policy MUST be
	// updated to include an Accepted: False Condition with Reason: Invalid.
	//
	// Support: Implementation-specific
	//
	// +optional
	WellKnownCACertificates *WellKnownCACertificatesType `json:"wellKnownCACertificates,omitempty"`

	// Hostname is used for two purposes in the connection between Gateways and
	// backends:
	//
	// 1. Hostname MUST be used as the SNI to connect to the backend (RFC 6066).
	// 2. Hostname MUST be used for authentication and MUST match the certificate
	//    served by the matching backend.
	//
	// Support: Core
	Hostname v1.PreciseHostname `json:"hostname"`
}

BackendTLSPolicyValidation contains backend TLS validation configuration. +kubebuilder:validation:XValidation:message="must not contain both CACertificateRefs and WellKnownCACertificates",rule="!(has(self.caCertificateRefs) && size(self.caCertificateRefs) > 0 && has(self.wellKnownCACertificates) && self.wellKnownCACertificates != \"\")" +kubebuilder:validation:XValidation:message="must specify either CACertificateRefs or WellKnownCACertificates",rule="(has(self.caCertificateRefs) && size(self.caCertificateRefs) > 0 || has(self.wellKnownCACertificates) && self.wellKnownCACertificates != \"\")"

func (*BackendTLSPolicyValidation) DeepCopy ¶

func (in *BackendTLSPolicyValidation) DeepCopy() *BackendTLSPolicyValidation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTLSPolicyValidation.

func (*BackendTLSPolicyValidation) DeepCopyInto ¶

func (in *BackendTLSPolicyValidation) DeepCopyInto(out *BackendTLSPolicyValidation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WellKnownCACertificatesType ¶

type WellKnownCACertificatesType string

WellKnownCACertificatesType is the type of CA certificate that will be used when the caCertificateRefs field is unspecified. +kubebuilder:validation:Enum=System

const (
	// WellKnownCACertificatesSystem indicates that well known system CA certificates should be used.
	WellKnownCACertificatesSystem WellKnownCACertificatesType = "System"
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL