Skip to content

Commit

Permalink
Add/update CRDs in networking.gke.io
Browse files Browse the repository at this point in the history
  • Loading branch information
@kishorviswanathan
kishorviswanathan committed Nov 20, 2024
1 parent 028642f commit 7d55407
Show file tree
Hide file tree
Showing 12 changed files with 1,964 additions and 87 deletions.
246 changes: 246 additions & 0 deletions networking.gke.io/gcpbackendpolicy_v1.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,246 @@
{
"description": "GCPBackendPolicy provides a way to apply LoadBalancer policy configuration with the GKE implementation of the Gateway API.",
"properties": {
"apiVersion": {
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
"type": "string"
},
"kind": {
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"metadata": {
"type": "object"
},
"spec": {
"description": "Spec defines the desired state of GCPBackendPolicy.",
"properties": {
"default": {
"description": "Default defines default policy configuration for the targeted resource.",
"properties": {
"connectionDraining": {
"description": "ConnectionDraining contains configuration for connection draining",
"properties": {
"drainingTimeoutSec": {
"description": "DrainingTimeoutSec is a BackendService parameter. It is used during removal of VMs from instance groups. This guarantees that for the specified time all existing connections to a VM will remain untouched, but no new connections will be accepted. Set timeout to zero to disable connection draining. Enable the feature by specifying a timeout of up to one hour. If the field is omitted, a default value (0s) will be used. See https://cloud.google.com/compute/docs/reference/rest/v1/backendServices",
"format": "int64",
"maximum": 3600,
"minimum": 0,
"type": "integer"
}
},
"type": "object",
"additionalProperties": false
},
"iap": {
"description": "IAP contains the configurations for Identity-Aware Proxy. See https://cloud.google.com/compute/docs/reference/rest/v1/backendServices Identity-Aware Proxy manages access control policies for backend services associated with a HTTPRoute, so they can be accessed only by authenticated users or applications with correct Identity and Access Management (IAM) role.",
"properties": {
"clientID": {
"description": "ClientID is the OAuth2 client ID to use for the authentication flow. See iap.oauth2ClientId in https://cloud.google.com/compute/docs/reference/rest/v1/backendServices ClientID must be set if Enabled is set to true.",
"type": "string"
},
"enabled": {
"description": "Enabled denotes whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the ClientID and Oauth2ClientSecret fields must be non-empty. If not specified, this defaults to false, which means Identity-Aware Proxy is disabled by default.",
"type": "boolean"
},
"oauth2ClientSecret": {
"description": "Oauth2ClientSecret contains the OAuth2 client secret to use for the authentication flow. Oauth2ClientSecret must be set if Enabled is set to true.",
"properties": {
"name": {
"description": "Name is the reference to the secret resource.",
"type": "string"
}
},
"type": "object",
"additionalProperties": false
}
},
"type": "object",
"additionalProperties": false
},
"logging": {
"description": "LoggingConfig contains configuration for logging.",
"properties": {
"enabled": {
"description": "Enabled denotes whether to enable logging for the load balancer traffic served by this backend service. If not specified, this defaults to false, which means logging is disabled by default.",
"type": "boolean"
},
"sampleRate": {
"description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in range [0, 1e6]. This is converted to a floating point value in the range [0, 1] by dividing by 1e6 for use with the GCE api and interpreted as the proportion of requests that will be logged. By default all requests will be logged.",
"format": "int32",
"maximum": 1000000,
"minimum": 0,
"type": "integer"
}
},
"type": "object",
"additionalProperties": false
},
"maxRatePerEndpoint": {
"description": "MaxRatePerEndpoint is a BackendService parameter. It is used to limit the rate of traffic to each endpoint. If the field is omitted, a default value (1e8) will be used. In the future we may add selector based settings for MaxRatePerEndpoint but they will co-exist with this as a top-level setting.",
"format": "int64",
"maximum": 1000000000,
"minimum": 1,
"type": "integer"
},
"securityPolicy": {
"description": "SecurityPolicy is a reference to a GCP Cloud Armor SecurityPolicy resource.",
"type": "string"
},
"sessionAffinity": {
"description": "SessionAffinityConfig contains configuration for stickiness parameters.",
"properties": {
"cookieTtlSec": {
"description": "CookieTTLSec specifies the lifetime of cookies in seconds. This setting requires GENERATED_COOKIE or HTTP_COOKIE session affinity. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is two weeks (1,209,600).",
"format": "int64",
"maximum": 1209600,
"minimum": 0,
"type": "integer"
},
"type": {
"description": "Type specifies the type of session affinity to use. If not specified, this defaults to NONE.",
"enum": [
"CLIENT_IP",
"CLIENT_IP_PORT_PROTO",
"CLIENT_IP_PROTO",
"GENERATED_COOKIE",
"HEADER_FIELD",
"HTTP_COOKIE",
"NONE"
],
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"timeoutSec": {
"description": "TimeoutSec is a BackendService parameter. See https://cloud.google.com/compute/docs/reference/rest/v1/backendServices. If the field is omitted, a default value (30s) will be used.",
"format": "int64",
"maximum": 2147483647,
"minimum": 1,
"type": "integer"
}
},
"type": "object",
"additionalProperties": false
},
"targetRef": {
"description": "TargetRef identifies an API object to apply policy to.",
"properties": {
"group": {
"description": "Group is the group of the target resource.",
"maxLength": 253,
"pattern": "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$",
"type": "string"
},
"kind": {
"description": "Kind is kind of the target resource.",
"maxLength": 63,
"minLength": 1,
"pattern": "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$",
"type": "string"
},
"name": {
"description": "Name is the name of the target resource.",
"maxLength": 253,
"minLength": 1,
"type": "string"
},
"namespace": {
"description": "Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy.",
"maxLength": 63,
"minLength": 1,
"pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$",
"type": "string"
}
},
"required": [
"group",
"kind",
"name"
],
"type": "object",
"additionalProperties": false
}
},
"required": [
"targetRef"
],
"type": "object",
"additionalProperties": false
},
"status": {
"description": "Status defines the current state of GCPBackendPolicy.",
"properties": {
"conditions": {
"description": "Conditions describe the current conditions of the GCPBackendPolicy.",
"items": {
"description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }",
"properties": {
"lastTransitionTime": {
"description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "message is a human readable message indicating details about the transition. This may be an empty string.",
"maxLength": 32768,
"type": "string"
},
"observedGeneration": {
"description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.",
"format": "int64",
"minimum": 0,
"type": "integer"
},
"reason": {
"description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.",
"maxLength": 1024,
"minLength": 1,
"pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$",
"type": "string"
},
"status": {
"description": "status of the condition, one of True, False, Unknown.",
"enum": [
"True",
"False",
"Unknown"
],
"type": "string"
},
"type": {
"description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)",
"maxLength": 316,
"pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$",
"type": "string"
}
},
"required": [
"lastTransitionTime",
"message",
"reason",
"status",
"type"
],
"type": "object",
"additionalProperties": false
},
"maxItems": 8,
"type": "array",
"x-kubernetes-list-map-keys": [
"type"
],
"x-kubernetes-list-type": "map"
}
},
"type": "object",
"additionalProperties": false
}
},
"required": [
"spec"
],
"type": "object"
}
Loading

0 comments on commit 7d55407

Please sign in to comment.