From 034c3234f1f053621a3f6a6f6bd384781b8508ec Mon Sep 17 00:00:00 2001 From: Rob Scott Date: Wed, 16 Sep 2020 22:00:07 -0700 Subject: [PATCH] API Validation and Cleanup - Adds min and max length everywhere possible - Removes +required since it is inferred - Updates default fields to no longer be optional - Updates Routes to use HTTP forward to style and shared type - Fixes all examples to be valid again --- apis/v1alpha1/backendpolicy_types.go | 1 + apis/v1alpha1/forwarding_target_types.go | 145 ---------- apis/v1alpha1/gateway_types.go | 51 ++-- apis/v1alpha1/gatewayclass_types.go | 5 +- apis/v1alpha1/httproute_types.go | 41 +-- apis/v1alpha1/local_object_reference_types.go | 31 ++- .../route_extension_reference_types.go | 34 --- apis/v1alpha1/route_types.go | 3 + apis/v1alpha1/tcproute_types.go | 30 +- apis/v1alpha1/tlsroute_types.go | 42 +-- apis/v1alpha1/udproute_types.go | 37 +-- apis/v1alpha1/zz_generated.deepcopy.go | 57 +--- .../networking.x-k8s.io_backendpolicies.yaml | 9 + .../networking.x-k8s.io_gatewayclasses.yaml | 12 +- .../bases/networking.x-k8s.io_gateways.yaml | 30 +- .../bases/networking.x-k8s.io_httproutes.yaml | 87 +++++- .../bases/networking.x-k8s.io_tcproutes.yaml | 23 +- .../bases/networking.x-k8s.io_tlsroutes.yaml | 25 +- .../bases/networking.x-k8s.io_udproutes.yaml | 24 +- docs-src/spec.md | 256 ++---------------- docs/spec/index.html | 256 ++---------------- examples/basic-http.yaml | 1 + examples/basic-udp.yaml | 2 +- examples/default-match-http.yaml | 1 + examples/http-trafficsplit.yaml | 1 + examples/multiple-https.yaml | 8 +- examples/multiple-tcp.yaml | 4 +- examples/tls-in-route.yaml | 8 +- examples/wildcard-https.yaml | 4 +- 29 files changed, 369 insertions(+), 859 deletions(-) delete mode 100644 apis/v1alpha1/forwarding_target_types.go delete mode 100644 apis/v1alpha1/route_extension_reference_types.go diff --git a/apis/v1alpha1/backendpolicy_types.go b/apis/v1alpha1/backendpolicy_types.go index 16f9bdd4b8..026d15fa53 100644 --- a/apis/v1alpha1/backendpolicy_types.go +++ b/apis/v1alpha1/backendpolicy_types.go @@ -167,6 +167,7 @@ type BackendTLSConfig struct { type BackendPolicyStatus struct { // Conditions describe the current conditions of the BackendPolicy. // +optional + // +kubebuilder:validation:MaxItems=8 Conditions []metav1.Condition `json:"conditions,omitempty"` } diff --git a/apis/v1alpha1/forwarding_target_types.go b/apis/v1alpha1/forwarding_target_types.go deleted file mode 100644 index d0a13ff633..0000000000 --- a/apis/v1alpha1/forwarding_target_types.go +++ /dev/null @@ -1,145 +0,0 @@ -/* - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -// HTTPForwardToTarget identifies a target object within a known namespace. -type HTTPForwardToTarget struct { - // TargetRef is an object reference to forward matched requests to. - // The resource may be "services" (omit or use the empty string for the - // group), or an implementation may support other resources (for - // example, resource "myroutetargets" in group "networking.acme.io"). - // Omitting or specifying the empty string for both the resource and - // group indicates that the resource is "services". If the referent - // cannot be found, the "InvalidRoutes" status condition on any Gateway - // that includes the HTTPRoute will be true. - // - // Support: Core (Kubernetes Services) - // Support: Implementation-specific (Other resource types) - // - TargetRef ForwardToTargetObjectReference `json:"targetRef"` - - // TargetPort specifies the destination port number to use for the TargetRef. - // If unspecified and TargetRef is a Service object consisting of a single - // port definition, that port will be used. If unspecified and TargetRef is - // a Service object consisting of multiple port definitions, an error is - // surfaced in status. - // - // Support: Core - // - // +optional - TargetPort *TargetPort `json:"targetPort,omitempty"` - - // Weight specifies the proportion of traffic forwarded to a targetRef, computed - // as weight/(sum of all weights in targetRefs). Weight is not a percentage and - // the sum of weights does not need to equal 100. The following example (in yaml) - // sends 70% of traffic to service "my-trafficsplit-sv1" and 30% of the traffic - // to service "my-trafficsplit-sv2": - // - // forwardTo: - // - targetRef: - // name: my-trafficsplit-sv1 - // weight: 70 - // - targetRef: - // name: my-trafficsplit-sv2 - // weight: 30 - // - // If only one targetRef is specified, 100% of the traffic is forwarded to the - // targetRef. If unspecified, weight defaults to 1. - // - // Support: Core (HTTPRoute) - // Support: Extended (TCPRoute) - // - // +optional - // +kubebuilder:default=1 - Weight TargetWeight `json:"weight"` - - // Filters defined at this-level should be executed if and only if - // the request is being forwarded to the target defined here. - // - // Conformance: For any implementation, filtering support, including core - // filters, is NOT guaranteed at this-level. - // Use Filters in HTTPRouteRule for portable filters across implementations. - // - // Support: custom - // - // +optional - Filters []HTTPRouteFilter `json:"filters"` -} - -// TargetPort specifies the destination port number to use for a TargetRef. -type TargetPort int32 - -// TargetWeight specifies weight used for making a forwarding decision -// to a TargetRef. -type TargetWeight int32 - -// ForwardToTargetObjectReference identifies a target object of a ForwardTo -// route action within a known namespace. -// -// +k8s:deepcopy-gen=false -type ForwardToTargetObjectReference = ServicesDefaultLocalObjectReference - -// GenericForwardToTarget identifies a target object within a known namespace. -type GenericForwardToTarget struct { - // TargetRef is an object reference to forward matched requests to. - // The resource may be "services" (omit or use the empty string for the - // group), or an implementation may support other resources (for - // example, resource "myroutetargets" in group "networking.acme.io"). - // Omitting or specifying the empty string for both the resource and - // group indicates that the resource is "services". If the referent - // cannot be found, the "InvalidRoutes" status condition on any Gateway - // that includes the HTTPRoute will be true. - // - // Support: Core (Kubernetes Services) - // Support: Implementation-specific (Other resource types) - // - TargetRef ForwardToTargetObjectReference `json:"targetRef"` - - // TargetPort specifies the destination port number to use for the TargetRef. - // If unspecified and TargetRef is a Service object consisting of a single - // port definition, that port will be used. If unspecified and TargetRef is - // a Service object consisting of multiple port definitions, an error is - // surfaced in status. - // - // Support: Core - // - // +optional - TargetPort *TargetPort `json:"targetPort,omitempty"` - - // Weight specifies the proportion of traffic forwarded to a targetRef, computed - // as weight/(sum of all weights in targetRefs). Weight is not a percentage and - // the sum of weights does not need to equal 100. The following example (in yaml) - // sends 70% of traffic to service "my-trafficsplit-sv1" and 30% of the traffic - // to service "my-trafficsplit-sv2": - // - // forwardTo: - // - targetRef: - // name: my-trafficsplit-sv1 - // weight: 70 - // - targetRef: - // name: my-trafficsplit-sv2 - // weight: 30 - // - // If only one targetRef is specified, 100% of the traffic is forwarded to the - // targetRef. If unspecified, weight defaults to 1. - // - // Support: Core (HTTPRoute) - // Support: Extended (TCPRoute) - // - // +optional - // +kubebuilder:default=1 - Weight TargetWeight `json:"weight"` -} diff --git a/apis/v1alpha1/gateway_types.go b/apis/v1alpha1/gateway_types.go index 77a01a118b..54e76485f1 100644 --- a/apis/v1alpha1/gateway_types.go +++ b/apis/v1alpha1/gateway_types.go @@ -53,6 +53,8 @@ type GatewayList struct { type GatewaySpec struct { // GatewayClassName used for this Gateway. This is the name of a // GatewayClass resource. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 GatewayClassName string `json:"gatewayClassName"` // Listeners associated with this Gateway. Listeners define @@ -87,8 +89,8 @@ type GatewaySpec struct { // // Support: Core // - // +required // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=64 Listeners []Listener `json:"listeners"` // Addresses requested for this gateway. This is optional and @@ -107,7 +109,8 @@ type GatewaySpec struct { // Support: Core // // +optional - Addresses []GatewayAddress `json:"addresses"` + // +kubebuilder:validation:MaxItems=16 + Addresses []GatewayAddress `json:"addresses,omitempty"` } // Listener embodies the concept of a logical endpoint where a Gateway can @@ -127,7 +130,6 @@ type Listener struct { // // Support: Core // - // +optional // +kubebuilder:default={match: "Any"} Hostname HostnameMatch `json:"hostname,omitempty"` @@ -136,12 +138,9 @@ type Listener struct { // // Support: Core // - // +required - // +kubebuilder:validation:Minimum=0 - // +kubebuilder:validation:Maximum=65536 - // +kubebuilder:validation:ExclusiveMinimum=true - // +kubebuilder:validation:ExclusiveMaximum=true - Port int32 `json:"port,omitempty"` + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=65535 + Port int32 `json:"port"` // Protocol specifies the network protocol this listener // expects to receive. The GatewayClass MUST validate that @@ -159,9 +158,7 @@ type Listener struct { // applied at both the TLS and HTTP protocol layers. // // Support: Core - // - // +required - Protocol ProtocolType `json:"protocol,omitempty"` + Protocol ProtocolType `json:"protocol"` // TLS is the TLS configuration for the Listener. This field // is required if the Protocol field is "HTTPS" or "TLS" and @@ -216,8 +213,6 @@ type Listener struct { // invalid, the rest of the Route should still be supported. // // Support: Core - // - // +required Routes RouteBindingSelector `json:"routes"` } @@ -229,9 +224,8 @@ type HostnameMatch struct { // Match specifies how the hostname provided by the client should be // matched against the given value. // - // +optional // +kubebuilder:default=Exact - Match HostnameMatchType `json:"match"` + Match HostnameMatchType `json:"match,omitempty"` // Name contains the name to match against. This value must // be a fully qualified host or domain name conforming to the @@ -247,7 +241,8 @@ type HostnameMatch struct { // This field is required for the "Domain" and "Exact" match types. // // +optional - Name string `json:"name"` + // +kubebuilder:validation:MaxLength=253 + Name string `json:"name,omitempty"` } // HostnameMatchType specifies the types of matches that are valid @@ -440,7 +435,6 @@ type RouteBindingSelector struct { // // Support: Core // - // +optional // +kubebuilder:default={onlySameNamespace:true} RouteNamespaces RouteNamespaces `json:"routeNamespaces,omitempty"` // RouteSelector specifies a set of route labels used for selecting @@ -468,9 +462,10 @@ type RouteBindingSelector struct { // // Support: Core // - // +optional // +kubebuilder:default=networking.x-k8s.io - Group string `json:"group"` + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Group string `json:"group,omitempty"` // Resource is the API resource name of the route resource to select. // // Resource MUST correspond to route resources that are compatible with the @@ -482,7 +477,7 @@ type RouteBindingSelector struct { // // Support: Core // - // +required + // +kubebuilder:validation:MaxLength=253 Resource string `json:"resource"` } @@ -524,14 +519,14 @@ type GatewayAddress struct { // // Support: Extended // - // +optional // +kubebuilder:default=IPAddress - Type AddressType `json:"type"` + Type AddressType `json:"type,omitempty"` // Value. Examples: "1.2.3.4", "128::1", "my-ip-address". Validity of the // values will depend on `Type` and support by the controller. // - // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Value string `json:"value"` } @@ -579,6 +574,7 @@ type GatewayStatus struct { // These addresses should all be of type "IPAddress". // // +optional + // +kubebuilder:validation:MaxItems=16 Addresses []GatewayAddress `json:"addresses"` // Conditions describe the current conditions of the Gateway. @@ -598,11 +594,13 @@ type GatewayStatus struct { // +listType=map // +listMapKey=type // +kubebuilder:default={{type: "Scheduled", status: "False", reason:"NotReconciled", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"}} + // +kubebuilder:validation:MaxItems=8 Conditions []metav1.Condition `json:"conditions,omitempty"` // Listeners provide status for each unique listener port defined in the Spec. // // +optional + // +kubebuilder:validation:MaxItems=64 Listeners []ListenerStatus `json:"listeners,omitempty"` } @@ -702,12 +700,13 @@ type ListenerStatus struct { // shares the same port value, this message reports the combined // status of all such Listeners. // - // +required + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=65535 Port int32 `json:"port"` // Conditions describe the current condition of this listener. // - // +required + // +kubebuilder:validation:MaxItems=8 Conditions []metav1.Condition `json:"conditions"` } diff --git a/apis/v1alpha1/gatewayclass_types.go b/apis/v1alpha1/gatewayclass_types.go index 476ac394e1..8499d23b75 100644 --- a/apis/v1alpha1/gatewayclass_types.go +++ b/apis/v1alpha1/gatewayclass_types.go @@ -59,7 +59,7 @@ type GatewayClassSpec struct { // // Support: Core // - // +required + // +kubebuilder:validation:MaxLength=253 Controller string `json:"controller"` // AllowedGatewayNamespaces is a selector of namespaces that Gateways of @@ -118,7 +118,8 @@ const ( type GatewayClassStatus struct { // Conditions is the current status from the controller for // this GatewayClass. - // +optional + // + // +kubebuilder:validation:MaxItems=8 // +kubebuilder:default={{type: "InvalidParameters", status: "Unknown", message: "Waiting for controller", reason: "Waiting", lastTransitionTime: "1970-01-01T00:00:00Z"}} Conditions []metav1.Condition `json:"conditions,omitempty"` diff --git a/apis/v1alpha1/httproute_types.go b/apis/v1alpha1/httproute_types.go index 9cd095cb8c..ca9420c253 100644 --- a/apis/v1alpha1/httproute_types.go +++ b/apis/v1alpha1/httproute_types.go @@ -76,7 +76,8 @@ type HTTPRouteSpec struct { // Support: Core // // +optional - Hostnames []string `json:"hostnames,omitempty"` + // +kubebuilder:validation:MaxItems=16 + Hostnames []HTTPRouteHostname `json:"hostnames,omitempty"` // TLS defines the TLS certificate to use for Hostnames defined in this // Route. This configuration only takes effect if the AllowRouteOverride @@ -102,6 +103,7 @@ type HTTPRouteSpec struct { // Rules are a list of HTTP matchers, filters and actions. // // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 Rules []HTTPRouteRule `json:"rules"` // ExtensionRef is an optional, implementation-specific extension to the @@ -135,6 +137,12 @@ type RouteTLSConfig struct { CertificateRef CertificateObjectReference `json:"certificateRef"` } +// HTTPRouteHostname is used to specify a hostname that should be matched by +// HTTPRoute. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +type HTTPRouteHostname string + // HTTPRouteRule defines semantics for matching an incoming HTTP request against // a set of matching rules and executing an action (and optionally filters) on // the request. @@ -170,7 +178,6 @@ type HTTPRouteRule struct { // path match on "/", which has the effect of matching every // HTTP request. // - // +optional // +kubebuilder:default={{path:{ type: "Prefix", value: "/"}}} // +kubebuilder:validation:MaxItems=8 Matches []HTTPRouteMatch `json:"matches,omitempty"` @@ -195,7 +202,7 @@ type HTTPRouteRule struct { // ForwardTo defines the backend(s) where matching requests should be sent. // +optional - // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:MaxItems=4 ForwardTo []HTTPRouteForwardTo `json:"forwardTo,omitempty"` } @@ -250,13 +257,11 @@ type HTTPPathMatch struct { // // Default: "Prefix" // - // +optional // +kubebuilder:default=Prefix - Type PathMatchType `json:"type"` + Type PathMatchType `json:"type,omitempty"` // Value of the HTTP path to match against. // - // +required // +kubebuilder:validation:MinLength=1 Value string `json:"value"` } @@ -271,9 +276,8 @@ type HTTPHeaderMatch struct { // // Default: "Exact" // - // +optional // +kubebuilder:default=Exact - Type HeaderMatchType `json:"type"` + Type HeaderMatchType `json:"type,omitempty"` // Values is a map of HTTP Headers to be matched. // It MUST contain at least one entry. @@ -284,8 +288,6 @@ type HTTPHeaderMatch struct { // // Multiple match values are ANDed together, meaning, a request // must match all the specified headers to select the route. - // - // +required Values map[string]string `json:"values"` } @@ -308,9 +310,8 @@ type HTTPRouteMatch struct { // Path specifies a HTTP request path matcher. If this field is not // specified, a default prefix match on the "/" path is provided. // - // +optional // +kubebuilder:default={type: "Prefix", value: "/"} - Path *HTTPPathMatch `json:"path"` + Path HTTPPathMatch `json:"path,omitempty"` // Headers specifies a HTTP request header matcher. // @@ -329,7 +330,7 @@ type HTTPRouteMatch struct { // Support: custom // // +optional - ExtensionRef *RouteMatchExtensionObjectReference `json:"extensionRef"` + ExtensionRef *LocalObjectReference `json:"extensionRef,omitempty"` } const ( @@ -380,8 +381,8 @@ type HTTPRouteFilter struct { // types to extend the core API with implementation-specific behavior. // // +unionDiscriminator - // +kubebuilder:validation:Required - // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=100 Type string `json:"type"` // ExtensionRef is an optional, implementation-specific extension to the @@ -392,7 +393,7 @@ type HTTPRouteFilter struct { // group indicates that the resource is "configmaps". // ExtensionRef MUST NOT be used for core and extended filters. // +optional - ExtensionRef *RouteFilterExtensionObjectReference `json:"extensionRef"` + ExtensionRef *LocalObjectReference `json:"extensionRef,omitempty"` // Filter-specific configuration definitions for core and extended filters @@ -419,7 +420,7 @@ type HTTPRequestHeaderFilter struct { // GET /foo HTTP/1.1 // my-header: foo // - // Support: extended? + // Support: Extended Add map[string]string `json:"add"` // Remove the given header(s) from the HTTP request before the @@ -440,10 +441,9 @@ type HTTPRequestHeaderFilter struct { // GET /foo HTTP/1.1 // My-Header2: DEF // - // Support: extended? + // Support: Extended + // +kubebuilder:validation:MaxItems=16 Remove []string `json:"remove"` - - // TODO } // HTTPRequestMirrorFilter defines configuration for the RequestMirror filter. @@ -553,6 +553,7 @@ type HTTPRouteForwardTo struct { // Support: Custom // // +optional + // +kubebuilder:validation:MaxItems=16 Filters []HTTPRouteFilter `json:"filters,omitempty"` } diff --git a/apis/v1alpha1/local_object_reference_types.go b/apis/v1alpha1/local_object_reference_types.go index b8f3776610..995f9153d3 100644 --- a/apis/v1alpha1/local_object_reference_types.go +++ b/apis/v1alpha1/local_object_reference_types.go @@ -35,9 +35,9 @@ type ServicesDefaultLocalObjectReference struct { // resource: foos // name: myfoo // - // +optional + // +kubebuilder:validation:MaxLength=253 // +kubebuilder:default=core - Group string `json:"group"` + Group string `json:"group,omitempty"` // Resource is the API resource name of the referent. Omitting the value // or specifying the empty string indicates the services resource. For example, // use the following to specify a services resource: @@ -53,22 +53,29 @@ type ServicesDefaultLocalObjectReference struct { // resource: foos // name: myfoo // - // +optional + // +kubebuilder:validation:MaxLength=253 // +kubebuilder:default=services - Resource string `json:"resource"` + Resource string `json:"resource,omitempty"` // Name is the name of the referent. // - // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` } // LocalObjectReference identifies an API object within a known namespace. type LocalObjectReference struct { - // Group is the API group name of the referent. + // Group is the API group name of the referent + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Group string `json:"group"` // Resource is the API resource name of the referent. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Resource string `json:"resource"` // Name is the name of the referent. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` } @@ -92,9 +99,9 @@ type SecretsDefaultLocalObjectReference struct { // resource: foos // name: myfoo // - // +optional + // +kubebuilder:validation:MaxLength=253 // +kubebuilder:default=core - Group string `json:"group"` + Group string `json:"group,omitempty"` // Resource is the API resource name of the referent. Omitting the value // or specifying the empty string indicates the secrets resource. For // example, use the following to specify a secrets resource: @@ -110,11 +117,11 @@ type SecretsDefaultLocalObjectReference struct { // resource: foos // name: myfoo // - // +optional + // +kubebuilder:validation:MaxLength=253 // +kubebuilder:default=secrets - Resource string `json:"resource"` + Resource string `json:"resource,omitempty"` // Name is the name of the referent. - // - // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` } diff --git a/apis/v1alpha1/route_extension_reference_types.go b/apis/v1alpha1/route_extension_reference_types.go deleted file mode 100644 index bb868e1867..0000000000 --- a/apis/v1alpha1/route_extension_reference_types.go +++ /dev/null @@ -1,34 +0,0 @@ -/* - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -// RouteMatchExtensionObjectReference identifies a route-match extension object -// within a known namespace. -// -// +k8s:deepcopy-gen=false -type RouteMatchExtensionObjectReference = LocalObjectReference - -// RouteFilterExtensionObjectReference identifies a route-filter extension -// object within a known namespace. -// -// +k8s:deepcopy-gen=false -type RouteFilterExtensionObjectReference = LocalObjectReference - -// RouteActionExtensionObjectReference identifies a route-action extension -// object within a known namespace. -// -// +k8s:deepcopy-gen=false -type RouteActionExtensionObjectReference = LocalObjectReference diff --git a/apis/v1alpha1/route_types.go b/apis/v1alpha1/route_types.go index edf651fb1e..a6792c6ea1 100644 --- a/apis/v1alpha1/route_types.go +++ b/apis/v1alpha1/route_types.go @@ -57,9 +57,11 @@ type RouteGateways struct { // GatewayReference identifies a Gateway in a specified namespace. type GatewayReference struct { // Name is the name of the referent. + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` // Namespace is the namespace of the referent. + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 Namespace string `json:"namespace"` } @@ -140,6 +142,7 @@ type RouteGatewayStatus struct { // route has been admitted or rejected by the Gateway, and why. Note // that the route's availability is also subject to the Gateway's own // status conditions and listener status. + // +kubebuilder:validation:MaxItems=8 Conditions []metav1.Condition `json:"conditions,omitempty"` } diff --git a/apis/v1alpha1/tcproute_types.go b/apis/v1alpha1/tcproute_types.go index 15411bc63d..3032799248 100644 --- a/apis/v1alpha1/tcproute_types.go +++ b/apis/v1alpha1/tcproute_types.go @@ -19,6 +19,19 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:subresource:status + +// TCPRoute is the Schema for the TCPRoute resource. +type TCPRoute struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TCPRouteSpec `json:"spec,omitempty"` + Status TCPRouteStatus `json:"status,omitempty"` +} + // TCPRouteSpec defines the desired state of TCPRoute type TCPRouteSpec struct { // Rules are a list of TCP matchers and actions. @@ -34,19 +47,6 @@ type TCPRouteStatus struct { RouteStatus `json:",inline"` } -// +genclient -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status - -// TCPRoute is the Schema for the TCPRoute resource. -type TCPRoute struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec TCPRouteSpec `json:"spec,omitempty"` - Status TCPRouteStatus `json:"status,omitempty"` -} - // TCPRouteRule is the configuration for a given rule. type TCPRouteRule struct { // Matches define conditions used for matching the rule against @@ -60,7 +60,7 @@ type TCPRouteRule struct { // ForwardTo defines the backend(s) where matching requests should be sent. // +optional - // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:MaxItems=4 ForwardTo []RouteForwardTo `json:"forwardTo,omitempty"` } @@ -79,7 +79,7 @@ type TCPRouteMatch struct { // Support: custom // // +optional - ExtensionRef *RouteMatchExtensionObjectReference `json:"extensionRef"` + ExtensionRef *LocalObjectReference `json:"extensionRef,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/v1alpha1/tlsroute_types.go b/apis/v1alpha1/tlsroute_types.go index 7545d209c7..5f002a6a4a 100644 --- a/apis/v1alpha1/tlsroute_types.go +++ b/apis/v1alpha1/tlsroute_types.go @@ -19,23 +19,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// TLSRouteSpec defines the desired state of TLSRoute -type TLSRouteSpec struct { - // Rules are a list of TLS matchers and actions. - // +required - // +kubebuilder:validation:MinItems=1 - Rules []TLSRouteRule `json:"rules"` - - // Gateways defines which Gateways can use this Route. - // +kubebuilder:default={allow: "SameNamespace"} - Gateways RouteGateways `json:"gateways,omitempty"` -} - -// TLSRouteStatus defines the observed state of TLSRoute -type TLSRouteStatus struct { - RouteStatus `json:",inline"` -} - // +genclient // +kubebuilder:object:root=true // +kubebuilder:subresource:status @@ -55,6 +38,23 @@ type TLSRoute struct { Status TLSRouteStatus `json:"status,omitempty"` } +// TLSRouteSpec defines the desired state of TLSRoute +type TLSRouteSpec struct { + // Rules are a list of TLS matchers and actions. + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Rules []TLSRouteRule `json:"rules"` + + // Gateways defines which Gateways can use this Route. + // +kubebuilder:default={allow: "SameNamespace"} + Gateways RouteGateways `json:"gateways,omitempty"` +} + +// TLSRouteStatus defines the observed state of TLSRoute +type TLSRouteStatus struct { + RouteStatus `json:",inline"` +} + // TLSRouteRule is the configuration for a given rule. type TLSRouteRule struct { // Matches define conditions used for matching the rule against @@ -62,11 +62,12 @@ type TLSRouteRule struct { // Each match is independent, i.e. this rule will be matched // if **any** one of the matches is satisfied. // +optional - Matches []TLSRouteMatch `json:"matches"` + // +kubebuilder:validation:MaxItems=8 + Matches []TLSRouteMatch `json:"matches,omitempty"` // ForwardTo defines the backend(s) where matching requests should be sent. // +optional - // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:MaxItems=4 ForwardTo []RouteForwardTo `json:"forwardTo,omitempty"` } @@ -94,7 +95,6 @@ type TLSRouteMatch struct { // // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=10 - // +required SNIs []string `json:"snis,omitempty"` // ExtensionRef is an optional, implementation-specific extension to the // "match" behavior. The resource may be "configmap" (use the empty @@ -108,7 +108,7 @@ type TLSRouteMatch struct { // Support: custom // // +optional - ExtensionRef *RouteMatchExtensionObjectReference `json:"extensionRef"` + ExtensionRef *LocalObjectReference `json:"extensionRef,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/v1alpha1/udproute_types.go b/apis/v1alpha1/udproute_types.go index 8a005caa84..334f037cce 100644 --- a/apis/v1alpha1/udproute_types.go +++ b/apis/v1alpha1/udproute_types.go @@ -19,21 +19,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// UDPRouteSpec defines the desired state of UDPRoute. -type UDPRouteSpec struct { - // Rules are a list of UDP matchers and actions. - Rules []UDPRouteRule `json:"rules"` - - // Gateways defines which Gateways can use this Route. - // +kubebuilder:default={allow: "SameNamespace"} - Gateways RouteGateways `json:"gateways,omitempty"` -} - -// UDPRouteStatus defines the observed state of UDPRoute. -type UDPRouteStatus struct { - RouteStatus `json:",inline"` -} - // +genclient // +kubebuilder:object:root=true // +kubebuilder:subresource:status @@ -52,14 +37,30 @@ type UDPRouteRule struct { // Matches defines which packets match this rule. // // +optional - Matches []UDPRouteMatch `json:"matches"` + // +kubebuilder:validation:MaxItems=8 + Matches []UDPRouteMatch `json:"matches,omitempty"` // ForwardTo defines the backend(s) where matching requests should be sent. // +optional - // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:MaxItems=4 ForwardTo []RouteForwardTo `json:"forwardTo,omitempty"` } +// UDPRouteSpec defines the desired state of UDPRoute. +type UDPRouteSpec struct { + // Rules are a list of UDP matchers and actions. + Rules []UDPRouteRule `json:"rules"` + + // Gateways defines which Gateways can use this Route. + // +kubebuilder:default={allow: "SameNamespace"} + Gateways RouteGateways `json:"gateways,omitempty"` +} + +// UDPRouteStatus defines the observed state of UDPRoute. +type UDPRouteStatus struct { + RouteStatus `json:",inline"` +} + // UDPRouteMatch defines the predicate used to match packets to a // given action. type UDPRouteMatch struct { @@ -75,7 +76,7 @@ type UDPRouteMatch struct { // Support: custom // // +optional - ExtensionRef *RouteMatchExtensionObjectReference `json:"extensionRef"` + ExtensionRef *LocalObjectReference `json:"extensionRef,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go index bb062f6896..c9292ad5b2 100644 --- a/apis/v1alpha1/zz_generated.deepcopy.go +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -465,55 +465,6 @@ func (in *GatewayTLSConfig) DeepCopy() *GatewayTLSConfig { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GenericForwardToTarget) DeepCopyInto(out *GenericForwardToTarget) { - *out = *in - out.TargetRef = in.TargetRef - if in.TargetPort != nil { - in, out := &in.TargetPort, &out.TargetPort - *out = new(TargetPort) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenericForwardToTarget. -func (in *GenericForwardToTarget) DeepCopy() *GenericForwardToTarget { - if in == nil { - return nil - } - out := new(GenericForwardToTarget) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HTTPForwardToTarget) DeepCopyInto(out *HTTPForwardToTarget) { - *out = *in - out.TargetRef = in.TargetRef - if in.TargetPort != nil { - in, out := &in.TargetPort, &out.TargetPort - *out = new(TargetPort) - **out = **in - } - if in.Filters != nil { - in, out := &in.Filters, &out.Filters - *out = make([]HTTPRouteFilter, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPForwardToTarget. -func (in *HTTPForwardToTarget) DeepCopy() *HTTPForwardToTarget { - if in == nil { - return nil - } - out := new(HTTPForwardToTarget) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPHeaderMatch) DeepCopyInto(out *HTTPHeaderMatch) { *out = *in @@ -737,11 +688,7 @@ func (in *HTTPRouteList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPRouteMatch) DeepCopyInto(out *HTTPRouteMatch) { *out = *in - if in.Path != nil { - in, out := &in.Path, &out.Path - *out = new(HTTPPathMatch) - **out = **in - } + out.Path = in.Path if in.Headers != nil { in, out := &in.Headers, &out.Headers *out = new(HTTPHeaderMatch) @@ -806,7 +753,7 @@ func (in *HTTPRouteSpec) DeepCopyInto(out *HTTPRouteSpec) { in.Gateways.DeepCopyInto(&out.Gateways) if in.Hostnames != nil { in, out := &in.Hostnames, &out.Hostnames - *out = make([]string, len(*in)) + *out = make([]HTTPRouteHostname, len(*in)) copy(*out, *in) } if in.TLS != nil { diff --git a/config/crd/bases/networking.x-k8s.io_backendpolicies.yaml b/config/crd/bases/networking.x-k8s.io_backendpolicies.yaml index 415ccc0e1a..a3d7e419dc 100644 --- a/config/crd/bases/networking.x-k8s.io_backendpolicies.yaml +++ b/config/crd/bases/networking.x-k8s.io_backendpolicies.yaml @@ -71,13 +71,17 @@ spec: group: default: core description: "Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a secrets resource: \n fooRef: resource: secrets name: mysecret \n Otherwise, if the core API group is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: default: secrets description: "Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the secrets resource. For example, use the following to specify a secrets resource: \n fooRef: name: mysecret \n Otherwise, if the secrets resource is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string required: - name @@ -88,13 +92,17 @@ spec: group: default: core description: "Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a secrets resource: \n fooRef: resource: secrets name: mysecret \n Otherwise, if the core API group is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: default: secrets description: "Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the secrets resource. For example, use the following to specify a secrets resource: \n fooRef: name: mysecret \n Otherwise, if the secrets resource is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string required: - name @@ -154,6 +162,7 @@ spec: - status - type type: object + maxItems: 8 type: array type: object type: object diff --git a/config/crd/bases/networking.x-k8s.io_gatewayclasses.yaml b/config/crd/bases/networking.x-k8s.io_gatewayclasses.yaml index e68bc16ffe..bf7d3e085d 100644 --- a/config/crd/bases/networking.x-k8s.io_gatewayclasses.yaml +++ b/config/crd/bases/networking.x-k8s.io_gatewayclasses.yaml @@ -64,18 +64,25 @@ spec: type: object controller: description: "Controller is a domain/path string that indicates the controller that is managing Gateways of this class. \n Example: \"acme.io/gateway-controller\". \n This field is not mutable and cannot be empty. \n The format of this field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). \n Support: Core" + maxLength: 253 type: string parametersRef: description: "ParametersRef is a controller-specific resource containing the configuration parameters corresponding to this class. This is optional if the controller does not require any additional configuration. \n Parameters resources are implementation specific custom resources. These resources must be cluster-scoped. \n If the referent cannot be found, the GatewayClass's \"InvalidParameters\" status condition will be true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -144,6 +151,7 @@ spec: - status - type type: object + maxItems: 8 type: array provisionedGateways: description: ProvisionedGateways is a list of Gateways that have been provisioned using this class. Implementations must add any Gateways of this class to this list once they have been provisioned and remove Gateways as soon as they are deleted or deprovisioned. @@ -153,10 +161,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name diff --git a/config/crd/bases/networking.x-k8s.io_gateways.yaml b/config/crd/bases/networking.x-k8s.io_gateways.yaml index 58d79753cd..798167ca0f 100644 --- a/config/crd/bases/networking.x-k8s.io_gateways.yaml +++ b/config/crd/bases/networking.x-k8s.io_gateways.yaml @@ -46,13 +46,18 @@ spec: type: string value: description: 'Value. Examples: "1.2.3.4", "128::1", "my-ip-address". Validity of the values will depend on `Type` and support by the controller.' + maxLength: 253 + minLength: 1 type: string required: - value type: object + maxItems: 16 type: array gatewayClassName: description: GatewayClassName used for this Gateway. This is the name of a GatewayClass resource. + maxLength: 253 + minLength: 1 type: string listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At least one Listener MUST be specified. \n Each Listener in this array must have a unique Port field, however a GatewayClass may collapse compatible Listener definitions into a single implementation-defined acceptor configuration even if their Port fields would otherwise conflict. \n Listeners are compatible if all of the following conditions are true: \n 1. all their Protocol fields are \"HTTP\", or all their Protocol fields are \"HTTPS\" or TLS\" 2. their Hostname fields are specified with a match type other than \"Any\" 3. their Hostname fields are not an exact match for any other Listener \n As a special case, each group of compatible listeners may contain exactly one Listener with a match type of \"Any\". \n If the GatewayClass collapses compatible Listeners, the hostname provided in the incoming client request MUST be matched to a Listener to find the correct set of Routes. The incoming hostname MUST be matched using the Hostname field for each Listener in order of most to least specific. That is, \"Exact\" matches must be processed before \"Domain\" matches, which must be processed before \"Any\" matches. \n If this field specifies multiple Listeners that have the same Port value but are not compatible, the GatewayClass must raise a \"PortConflict\" condition on the Gateway. \n Support: Core" @@ -74,15 +79,14 @@ spec: type: string name: description: "Name contains the name to match against. This value must be a fully qualified host or domain name conforming to the preferred name syntax defined in [RFC 1034](https://tools.ietf.org/html/rfc1034#section-3.5) \n In addition to any RFC rules, this field MUST NOT contain \n 1. IP address literals 2. Colon-delimited port numbers 3. Percent-encoded octets \n This field is required for the \"Domain\" and \"Exact\" match types." + maxLength: 253 type: string type: object port: description: "Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. \n Support: Core" - exclusiveMaximum: true - exclusiveMinimum: true format: int32 - maximum: 65536 - minimum: 0 + maximum: 65535 + minimum: 1 type: integer protocol: description: "Protocol specifies the network protocol this listener expects to receive. The GatewayClass MUST validate that match type specified in the Hostname field is appropriate for the protocol. \n * For the \"TLS\" protocol, the Hostname match MUST be applied to the [SNI](https://tools.ietf.org/html/rfc6066#section-3) server name offered by the client. * For the \"HTTP\" protocol, the Hostname match MUST be applied to the host portion of the [effective request URI](https://tools.ietf.org/html/rfc7230#section-5.5) or the [:authority pseudo-header](https://tools.ietf.org/html/rfc7540#section-8.1.2.3) * For the \"HTTPS\" protocol, the Hostname match MUST be applied at both the TLS and HTTP protocol layers. \n Support: Core" @@ -99,9 +103,12 @@ spec: group: default: networking.x-k8s.io description: "Group is the group of the route resource to select. Omitting the value or specifying the empty string indicates the networking.x-k8s.io API group. For example, use the following to select an HTTPRoute: \n routes: resource: httproutes \n Otherwise, if an alternative API group is desired, specify the desired group: \n routes: group: acme.io resource: fooroutes \n Support: Core" + maxLength: 253 + minLength: 1 type: string resource: description: "Resource is the API resource name of the route resource to select. \n Resource MUST correspond to route resources that are compatible with the application protocol specified in the Listener's Protocol field. \n If an implementation does not support or recognize this resource type, it SHOULD raise a \"ConditionInvalidRoutes\" condition for the affected Listener. \n Support: Core" + maxLength: 253 type: string routeNamespaces: default: @@ -185,13 +192,17 @@ spec: group: default: core description: "Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a secrets resource: \n fooRef: resource: secrets name: mysecret \n Otherwise, if the core API group is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: default: secrets description: "Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the secrets resource. For example, use the following to specify a secrets resource: \n fooRef: name: mysecret \n Otherwise, if the secrets resource is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string required: - name @@ -224,8 +235,11 @@ spec: type: object type: object required: + - port + - protocol - routes type: object + maxItems: 64 minItems: 1 type: array required: @@ -256,10 +270,13 @@ spec: type: string value: description: 'Value. Examples: "1.2.3.4", "128::1", "my-ip-address". Validity of the values will depend on `Type` and support by the controller.' + maxLength: 253 + minLength: 1 type: string required: - value type: object + maxItems: 16 type: array conditions: default: @@ -310,6 +327,7 @@ spec: - status - type type: object + maxItems: 8 type: array x-kubernetes-list-map-keys: - type @@ -362,15 +380,19 @@ spec: - status - type type: object + maxItems: 8 type: array port: description: Port is the unique Listener port value for which this message is reporting the status. If more than one Gateway Listener shares the same port value, this message reports the combined status of all such Listeners. format: int32 + maximum: 65535 + minimum: 1 type: integer required: - conditions - port type: object + maxItems: 64 type: array type: object type: object diff --git a/config/crd/bases/networking.x-k8s.io_httproutes.yaml b/config/crd/bases/networking.x-k8s.io_httproutes.yaml index 92a2cb5c0c..68f9377820 100644 --- a/config/crd/bases/networking.x-k8s.io_httproutes.yaml +++ b/config/crd/bases/networking.x-k8s.io_httproutes.yaml @@ -36,13 +36,19 @@ spec: description: "ExtensionRef is an optional, implementation-specific extension to the \"host\" block. The resource may be \"configmaps\" or an implementation-defined resource (for example, resource \"myroutehosts\" in group \"networking.acme.io\"). \n If the referent cannot be found, the GatewayClass's \"InvalidParameters\" status condition will be true. \n Support: custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -70,10 +76,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name @@ -84,7 +92,11 @@ spec: hostnames: description: "Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process the request. Hostname is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in the RFC: \n 1. IPs are not allowed. 2. The `:` delimiter is not respected because ports are not allowed. \n Incoming requests are matched against the hostnames before the HTTPRoute rules. If no hostname is specified, traffic is routed based on the HTTPRouteRules. \n Hostname can be \"precise\" which is a domain name without the terminating dot of a network host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain name prefixed with a single wildcard label (e.g. \"*.example.com\"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\"). Requests will be matched against the Host field in the following order: 1. If Host is precise, the request matches this rule if the http host header is equal to Host. 2. If Host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule. \n Support: Core" items: + description: HTTPRouteHostname is used to specify a hostname that should be matched by HTTPRoute. + maxLength: 253 + minLength: 1 type: string + maxItems: 16 type: array rules: description: Rules are a list of HTTP matchers, filters and actions. @@ -100,13 +112,19 @@ spec: description: ExtensionRef is an optional, implementation-specific extension to the "filter" behavior. The resource may be "configmap" (use the empty string for the group) or an implementation-defined resource (for example, resource "myroutefilters" in group "networking.acme.io"). Omitting or specifying the empty string for both the resource and group indicates that the resource is "configmaps". ExtensionRef MUST NOT be used for core and extended filters. properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -119,12 +137,13 @@ spec: add: additionalProperties: type: string - description: "Add adds the given header (name, value) to the request before the action. \n Input: GET /foo HTTP/1.1 \n Config: add: {\"my-header\": \"foo\"} \n Output: GET /foo HTTP/1.1 my-header: foo \n Support: extended?" + description: "Add adds the given header (name, value) to the request before the action. \n Input: GET /foo HTTP/1.1 \n Config: add: {\"my-header\": \"foo\"} \n Output: GET /foo HTTP/1.1 my-header: foo \n Support: Extended" type: object remove: - description: "Remove the given header(s) from the HTTP request before the action. The value of RemoveHeader is a list of HTTP header names. Note that the header names are case-insensitive [RFC-2616 4.2]. \n Input: GET /foo HTTP/1.1 My-Header1: ABC My-Header2: DEF My-Header2: GHI \n Config: remove: [\"my-header1\", \"my-header3\"] \n Output: GET /foo HTTP/1.1 My-Header2: DEF \n Support: extended?" + description: "Remove the given header(s) from the HTTP request before the action. The value of RemoveHeader is a list of HTTP header names. Note that the header names are case-insensitive [RFC-2616 4.2]. \n Input: GET /foo HTTP/1.1 My-Header1: ABC My-Header2: DEF My-Header2: GHI \n Config: remove: [\"my-header1\", \"my-header3\"] \n Output: GET /foo HTTP/1.1 My-Header2: DEF \n Support: Extended" items: type: string + maxItems: 16 type: array required: - add @@ -137,13 +156,19 @@ spec: description: "BackendRef is a local object reference to mirror matched requests to. If both BackendRef and ServiceName are specified, ServiceName will be given precedence. If the referent cannot be found, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -163,6 +188,8 @@ spec: type: object type: description: "Type identifies the filter to execute. Types are classified into three conformance-levels (similar to other locations in this API): - Core and extended: These filter types and their corresponding configuration is defined in this package. All implementations must implement the core filters. Implementers are encouraged to support extended filters. Definitions for filter-specific configuration for these filters is defined in this package. - Custom: These filters are defined and supported by specific vendors. In the future, filters showing convergence in behavior across multiple implementations will be considered for inclusion in extended or core conformance rings. Filter-specific configuration for such filters is specified using the ExtensionRef field. `Type` should be set to \"ImplementationSpecific\" for custom filters. \n Implementers are encouraged to define custom implementation types to extend the core API with implementation-specific behavior." + maxLength: 100 + minLength: 1 type: string required: - type @@ -178,13 +205,19 @@ spec: description: "BackendRef is a reference to a backend to forward matched requests to. If both BackendRef and ServiceName are specified, ServiceName will be given precedence. If the referent cannot be found, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -200,13 +233,19 @@ spec: description: ExtensionRef is an optional, implementation-specific extension to the "filter" behavior. The resource may be "configmap" (use the empty string for the group) or an implementation-defined resource (for example, resource "myroutefilters" in group "networking.acme.io"). Omitting or specifying the empty string for both the resource and group indicates that the resource is "configmaps". ExtensionRef MUST NOT be used for core and extended filters. properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -219,12 +258,13 @@ spec: add: additionalProperties: type: string - description: "Add adds the given header (name, value) to the request before the action. \n Input: GET /foo HTTP/1.1 \n Config: add: {\"my-header\": \"foo\"} \n Output: GET /foo HTTP/1.1 my-header: foo \n Support: extended?" + description: "Add adds the given header (name, value) to the request before the action. \n Input: GET /foo HTTP/1.1 \n Config: add: {\"my-header\": \"foo\"} \n Output: GET /foo HTTP/1.1 my-header: foo \n Support: Extended" type: object remove: - description: "Remove the given header(s) from the HTTP request before the action. The value of RemoveHeader is a list of HTTP header names. Note that the header names are case-insensitive [RFC-2616 4.2]. \n Input: GET /foo HTTP/1.1 My-Header1: ABC My-Header2: DEF My-Header2: GHI \n Config: remove: [\"my-header1\", \"my-header3\"] \n Output: GET /foo HTTP/1.1 My-Header2: DEF \n Support: extended?" + description: "Remove the given header(s) from the HTTP request before the action. The value of RemoveHeader is a list of HTTP header names. Note that the header names are case-insensitive [RFC-2616 4.2]. \n Input: GET /foo HTTP/1.1 My-Header1: ABC My-Header2: DEF My-Header2: GHI \n Config: remove: [\"my-header1\", \"my-header3\"] \n Output: GET /foo HTTP/1.1 My-Header2: DEF \n Support: Extended" items: type: string + maxItems: 16 type: array required: - add @@ -237,13 +277,19 @@ spec: description: "BackendRef is a local object reference to mirror matched requests to. If both BackendRef and ServiceName are specified, ServiceName will be given precedence. If the referent cannot be found, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -263,10 +309,13 @@ spec: type: object type: description: "Type identifies the filter to execute. Types are classified into three conformance-levels (similar to other locations in this API): - Core and extended: These filter types and their corresponding configuration is defined in this package. All implementations must implement the core filters. Implementers are encouraged to support extended filters. Definitions for filter-specific configuration for these filters is defined in this package. - Custom: These filters are defined and supported by specific vendors. In the future, filters showing convergence in behavior across multiple implementations will be considered for inclusion in extended or core conformance rings. Filter-specific configuration for such filters is specified using the ExtensionRef field. `Type` should be set to \"ImplementationSpecific\" for custom filters. \n Implementers are encouraged to define custom implementation types to extend the core API with implementation-specific behavior." + maxLength: 100 + minLength: 1 type: string required: - type type: object + maxItems: 16 type: array port: description: "Port specifies the destination port number to use for the backend referenced by the ServiceName or BackendRef field. If unspecified and a Service object consisting of a single port definition is the backend, that port will be used. If unspecified and the backend is a Service object consisting of multiple port definitions, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Core" @@ -286,7 +335,7 @@ spec: minimum: 1 type: integer type: object - maxItems: 8 + maxItems: 4 type: array matches: default: @@ -301,13 +350,19 @@ spec: description: "ExtensionRef is an optional, implementation-specific extension to the \"match\" behavior. The resource may be \"configmap\" (use the empty string for the group) or an implementation-defined resource (for example, resource \"myroutematchers\" in group \"networking.acme.io\"). Omitting or specifying the empty string for both the resource and group indicates that the resource is \"configmaps\". If the referent cannot be found, the \"InvalidRoutes\" status condition on any Gateway that includes the HTTPRoute will be true. \n Support: custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -358,6 +413,7 @@ spec: maxItems: 8 type: array type: object + maxItems: 16 minItems: 1 type: array tls: @@ -369,13 +425,17 @@ spec: group: default: core description: "Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a secrets resource: \n fooRef: resource: secrets name: mysecret \n Otherwise, if the core API group is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: default: secrets description: "Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the secrets resource. For example, use the following to specify a secrets resource: \n fooRef: name: mysecret \n Otherwise, if the secrets resource is not desired, specify the desired group: \n fooRef: group: acme.io resource: foos name: myfoo" + maxLength: 253 type: string required: - name @@ -437,6 +497,7 @@ spec: - status - type type: object + maxItems: 8 type: array gatewayRef: description: GatewayRef is a reference to a Gateway object that is associated with the route. @@ -444,10 +505,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name diff --git a/config/crd/bases/networking.x-k8s.io_tcproutes.yaml b/config/crd/bases/networking.x-k8s.io_tcproutes.yaml index b71d06fbf8..e3e998a151 100644 --- a/config/crd/bases/networking.x-k8s.io_tcproutes.yaml +++ b/config/crd/bases/networking.x-k8s.io_tcproutes.yaml @@ -53,10 +53,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name @@ -78,13 +80,19 @@ spec: description: "BackendRef is a reference to a backend to forward matched requests to. If both BackendRef and ServiceName are specified, ServiceName will be given precedence. If the referent cannot be found, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -109,7 +117,7 @@ spec: minimum: 1 type: integer type: object - maxItems: 8 + maxItems: 4 type: array matches: description: Matches define conditions used for matching the rule against incoming TCP connections. Each match is independent, i.e. this rule will be matched if **any** one of the matches is satisfied. @@ -120,13 +128,19 @@ spec: description: "ExtensionRef is an optional, implementation-specific extension to the \"match\" behavior. The resource may be \"configmap\" (use the empty string for the group) or an implementation-defined resource (for example, resource \"myroutematchers\" in group \"networking.acme.io\"). Omitting or specifying the empty string for both the resource and group indicates that the resource is \"configmaps\". If the referent cannot be found, the \"InvalidRoutes\" status condition on any Gateway that includes the TCPRoute will be true. \n Support: custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -192,6 +206,7 @@ spec: - status - type type: object + maxItems: 8 type: array gatewayRef: description: GatewayRef is a reference to a Gateway object that is associated with the route. @@ -199,10 +214,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name diff --git a/config/crd/bases/networking.x-k8s.io_tlsroutes.yaml b/config/crd/bases/networking.x-k8s.io_tlsroutes.yaml index 2b5d99c949..3bdab109bc 100644 --- a/config/crd/bases/networking.x-k8s.io_tlsroutes.yaml +++ b/config/crd/bases/networking.x-k8s.io_tlsroutes.yaml @@ -53,10 +53,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name @@ -78,13 +80,19 @@ spec: description: "BackendRef is a reference to a backend to forward matched requests to. If both BackendRef and ServiceName are specified, ServiceName will be given precedence. If the referent cannot be found, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -109,7 +117,7 @@ spec: minimum: 1 type: integer type: object - maxItems: 8 + maxItems: 4 type: array matches: description: Matches define conditions used for matching the rule against incoming TLS handshake. Each match is independent, i.e. this rule will be matched if **any** one of the matches is satisfied. @@ -120,13 +128,19 @@ spec: description: "ExtensionRef is an optional, implementation-specific extension to the \"match\" behavior. The resource may be \"configmap\" (use the empty string for the group) or an implementation-defined resource (for example, resource \"myroutematchers\" in group \"networking.acme.io\"). Omitting or specifying the empty string for both the resource and group indicates that the resource is \"configmaps\". If the referent cannot be found, the \"InvalidRoutes\" status condition on any Gateway that includes the TLSRoute will be true. \n Support: custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -141,8 +155,10 @@ spec: minItems: 1 type: array type: object + maxItems: 8 type: array type: object + maxItems: 16 minItems: 1 type: array required: @@ -199,6 +215,7 @@ spec: - status - type type: object + maxItems: 8 type: array gatewayRef: description: GatewayRef is a reference to a Gateway object that is associated with the route. @@ -206,10 +223,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name diff --git a/config/crd/bases/networking.x-k8s.io_udproutes.yaml b/config/crd/bases/networking.x-k8s.io_udproutes.yaml index d0a0b29b76..752c728db4 100644 --- a/config/crd/bases/networking.x-k8s.io_udproutes.yaml +++ b/config/crd/bases/networking.x-k8s.io_udproutes.yaml @@ -53,10 +53,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name @@ -78,13 +80,19 @@ spec: description: "BackendRef is a reference to a backend to forward matched requests to. If both BackendRef and ServiceName are specified, ServiceName will be given precedence. If the referent cannot be found, controllers must set the \"InvalidRoutes\" status condition on any Gateway that includes this Route to true. \n Support: Custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -109,7 +117,7 @@ spec: minimum: 1 type: integer type: object - maxItems: 8 + maxItems: 4 type: array matches: description: Matches defines which packets match this rule. @@ -120,13 +128,19 @@ spec: description: "ExtensionRef is an optional, implementation-specific extension to the \"match\" behavior. The resource may be \"configmap\" (use the empty string for the group) or an implementation-defined resource (for example, resource \"myroutematchers\" in group \"networking.acme.io\"). Omitting or specifying the empty string for both the resource and group indicates that the resource is \"configmaps\". If the referent cannot be found, the \"InvalidRoutes\" status condition on any Gateway that includes the UDPRoute will be true. \n Support: custom" properties: group: - description: Group is the API group name of the referent. + description: Group is the API group name of the referent + maxLength: 253 + minLength: 1 type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string resource: description: Resource is the API resource name of the referent. + maxLength: 253 + minLength: 1 type: string required: - group @@ -134,6 +148,7 @@ spec: - resource type: object type: object + maxItems: 8 type: array type: object type: array @@ -191,6 +206,7 @@ spec: - status - type type: object + maxItems: 8 type: array gatewayRef: description: GatewayRef is a reference to a Gateway object that is associated with the route. @@ -198,10 +214,12 @@ spec: name: description: Name is the name of the referent. maxLength: 253 + minLength: 1 type: string namespace: description: Namespace is the namespace of the referent. maxLength: 253 + minLength: 1 type: string required: - name diff --git a/docs-src/spec.md b/docs-src/spec.md index 5ab79a06bc..37e79b753a 100644 --- a/docs-src/spec.md +++ b/docs-src/spec.md @@ -501,7 +501,9 @@ RouteGateways hostnames
-[]string + +[]HTTPRouteHostname + @@ -1215,7 +1217,6 @@ AddressType -(Optional)

Type of the Address. This is either “IPAddress” or “NamedAddress”.

Support: Extended

@@ -1359,7 +1360,6 @@ status condition will be true.

-(Optional)

Conditions is the current status from the controller for this GatewayClass.

@@ -1712,195 +1712,6 @@ construct.

-

GenericForwardToTarget -

-

-

GenericForwardToTarget identifies a target object within a known namespace.

-

- - - - - - - - - - - - - - - - - - - - - -
FieldDescription
-targetRef
- - -ServicesDefaultLocalObjectReference - - -		 -

TargetRef is an object reference to forward matched requests to. -The resource may be “services” (omit or use the empty string for the -group), or an implementation may support other resources (for -example, resource “myroutetargets” in group “networking.acme.io”). -Omitting or specifying the empty string for both the resource and -group indicates that the resource is “services”. If the referent -cannot be found, the “InvalidRoutes” status condition on any Gateway -that includes the HTTPRoute will be true.

-

Support: Core (Kubernetes Services) -Support: Implementation-specific (Other resource types)

-
-targetPort
- - -TargetPort - - -		 -(Optional) -

TargetPort specifies the destination port number to use for the TargetRef. -If unspecified and TargetRef is a Service object consisting of a single -port definition, that port will be used. If unspecified and TargetRef is -a Service object consisting of multiple port definitions, an error is -surfaced in status.

-

Support: Core

-
-weight
- - -TargetWeight - - -		 -(Optional) -

Weight specifies the proportion of traffic forwarded to a targetRef, computed -as weight/(sum of all weights in targetRefs). Weight is not a percentage and -the sum of weights does not need to equal 100. The following example (in yaml) -sends 70% of traffic to service “my-trafficsplit-sv1” and 30% of the traffic -to service “my-trafficsplit-sv2”:

-

forwardTo: -- targetRef: -name: my-trafficsplit-sv1 -weight: 70 -- targetRef: -name: my-trafficsplit-sv2 -weight: 30

-

If only one targetRef is specified, 100% of the traffic is forwarded to the -targetRef. If unspecified, weight defaults to 1.

-

Support: Core (HTTPRoute) -Support: Extended (TCPRoute)

-
-

HTTPForwardToTarget -

-

-

HTTPForwardToTarget identifies a target object within a known namespace.

-

- - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
-targetRef
- - -ServicesDefaultLocalObjectReference - - -		 -

TargetRef is an object reference to forward matched requests to. -The resource may be “services” (omit or use the empty string for the -group), or an implementation may support other resources (for -example, resource “myroutetargets” in group “networking.acme.io”). -Omitting or specifying the empty string for both the resource and -group indicates that the resource is “services”. If the referent -cannot be found, the “InvalidRoutes” status condition on any Gateway -that includes the HTTPRoute will be true.

-

Support: Core (Kubernetes Services) -Support: Implementation-specific (Other resource types)

-
-targetPort
- - -TargetPort - - -		 -(Optional) -

TargetPort specifies the destination port number to use for the TargetRef. -If unspecified and TargetRef is a Service object consisting of a single -port definition, that port will be used. If unspecified and TargetRef is -a Service object consisting of multiple port definitions, an error is -surfaced in status.

-

Support: Core

-
-weight
- - -TargetWeight - - -		 -(Optional) -

Weight specifies the proportion of traffic forwarded to a targetRef, computed -as weight/(sum of all weights in targetRefs). Weight is not a percentage and -the sum of weights does not need to equal 100. The following example (in yaml) -sends 70% of traffic to service “my-trafficsplit-sv1” and 30% of the traffic -to service “my-trafficsplit-sv2”:

-

forwardTo: -- targetRef: -name: my-trafficsplit-sv1 -weight: 70 -- targetRef: -name: my-trafficsplit-sv2 -weight: 30

-

If only one targetRef is specified, 100% of the traffic is forwarded to the -targetRef. If unspecified, weight defaults to 1.

-

Support: Core (HTTPRoute) -Support: Extended (TCPRoute)

-
-filters
- - -[]HTTPRouteFilter - - -		 -(Optional) -

Filters defined at this-level should be executed if and only if -the request is being forwarded to the target defined here.

-

Conformance: For any implementation, filtering support, including core -filters, is NOT guaranteed at this-level. -Use Filters in HTTPRouteRule for portable filters across implementations.

-

Support: custom

-

HTTPHeaderMatch

@@ -1928,7 +1739,6 @@ HeaderMatchType -(Optional)

HeaderMatchType specifies how to match a HTTP request header against the Values map.

Support: core (Exact) @@ -1982,7 +1792,6 @@ PathMatchType -(Optional)

Type specifies how to match against the path Value.

Support: core (Exact, Prefix) Support: custom (RegularExpression, ImplementationSpecific)

@@ -2041,7 +1850,7 @@ add: {“my-header”: “foo”}

Output: GET /foo HTTP/1.1 my-header: foo

-

Support: extended?

+

Support: Extended

@@ -2066,7 +1875,7 @@ remove: [“my-header1”, “my-header3”]

Output: GET /foo HTTP/1.1 My-Header2: DEF

-

Support: extended?

+

Support: Extended

@@ -2150,7 +1959,6 @@ to true.

(Appears on: -HTTPForwardToTarget, HTTPRouteForwardTo, HTTPRouteRule)

@@ -2359,6 +2167,16 @@ implementations.

+

HTTPRouteHostname +(string alias)

+

+(Appears on: +HTTPRouteSpec) +

+

+

HTTPRouteHostname is used to specify a hostname that should be matched by +HTTPRoute.

+

HTTPRouteMatch

@@ -2397,7 +2215,6 @@ HTTPPathMatch -(Optional)

Path specifies a HTTP request path matcher. If this field is not specified, a default prefix match on the “/” path is provided.

@@ -2469,7 +2286,6 @@ the request.

-(Optional)

Matches define conditions used for matching the rule against incoming HTTP requests. Each match is independent, i.e. this rule will be matched @@ -2570,7 +2386,9 @@ RouteGateways hostnames
-[]string + +[]HTTPRouteHostname + @@ -2742,7 +2560,6 @@ HostnameMatchType -(Optional)

Match specifies how the hostname provided by the client should be matched against the given value.

@@ -2817,7 +2634,6 @@ HostnameMatch -(Optional)

Hostname specifies to match the virtual hostname for protocol types that define this concept.

Incoming requests that include a hostname are matched @@ -3008,7 +2824,7 @@ status of all such Listeners.

UDPRouteMatch)

-

RouteMatchExtensionObjectReference identifies a route-match extension object +

RouteHostExtensionObjectReference identifies a route-host extension object within a known namespace.

@@ -3027,7 +2843,7 @@ string @@ -3120,7 +2936,6 @@ RouteNamespaces
-

Group is the API group name of the referent.

+

Group is the API group name of the referent
-(Optional)

RouteNamespaces indicates in which namespaces Routes should be selected for this Gateway. This is restricted to the namespace of this Gateway by default.

@@ -3153,7 +2968,6 @@ string 		-(Optional)

Group is the group of the route resource to select. Omitting the value or specifying the empty string indicates the networking.x-k8s.io API group. For example, use the following to select an HTTPRoute:

@@ -3563,7 +3377,6 @@ string 		-(Optional)

Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a secrets resource:

@@ -3586,7 +3399,6 @@ string 		-(Optional)

Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the secrets resource. For example, use the following to specify a secrets resource:

@@ -3616,11 +3428,6 @@ string

ServicesDefaultLocalObjectReference

-(Appears on: -GenericForwardToTarget, -HTTPForwardToTarget) -

-

ServicesDefaultLocalObjectReference identifies an API object within a known namespace that defaults group to core and resource to services if unspecified.

@@ -3641,7 +3448,6 @@ string 		-(Optional)

Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a service:

@@ -3664,7 +3470,6 @@ string 		-(Optional)

Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the services resource. For example, use the following to specify a services resource:

@@ -4116,27 +3921,6 @@ RouteStatus
-

TargetPort -(int32 alias)

-

-(Appears on: -GenericForwardToTarget, -HTTPForwardToTarget) -

-

-

TargetPort specifies the destination port number to use for a TargetRef.

-

-

TargetWeight -(int32 alias)

-

-(Appears on: -GenericForwardToTarget, -HTTPForwardToTarget) -

-

-

TargetWeight specifies weight used for making a forwarding decision -to a TargetRef.

-

UDPRouteMatch

diff --git a/docs/spec/index.html b/docs/spec/index.html index 6bbdc36275..fd7d18d74c 100644 --- a/docs/spec/index.html +++ b/docs/spec/index.html @@ -826,7 +826,9 @@

HTTPRoute hostnames
-[]string + +[]HTTPRouteHostname + @@ -1540,7 +1542,6 @@

GatewayAddress -(Optional)

Type of the Address. This is either “IPAddress” or “NamedAddress”.

Support: Extended

@@ -1684,7 +1685,6 @@

GatewayClassStatus -(Optional)

Conditions is the current status from the controller for this GatewayClass.

@@ -2037,195 +2037,6 @@

GatewayTLSConfig -

GenericForwardToTarget -

-

-

GenericForwardToTarget identifies a target object within a known namespace.

-

- - - - - - - - - - - - - - - - - - - - - -
FieldDescription
-targetRef
- - -ServicesDefaultLocalObjectReference - - -		 -

TargetRef is an object reference to forward matched requests to. -The resource may be “services” (omit or use the empty string for the -group), or an implementation may support other resources (for -example, resource “myroutetargets” in group “networking.acme.io”). -Omitting or specifying the empty string for both the resource and -group indicates that the resource is “services”. If the referent -cannot be found, the “InvalidRoutes” status condition on any Gateway -that includes the HTTPRoute will be true.

-

Support: Core (Kubernetes Services) -Support: Implementation-specific (Other resource types)

-
-targetPort
- - -TargetPort - - -		 -(Optional) -

TargetPort specifies the destination port number to use for the TargetRef. -If unspecified and TargetRef is a Service object consisting of a single -port definition, that port will be used. If unspecified and TargetRef is -a Service object consisting of multiple port definitions, an error is -surfaced in status.

-

Support: Core

-
-weight
- - -TargetWeight - - -		 -(Optional) -

Weight specifies the proportion of traffic forwarded to a targetRef, computed -as weight/(sum of all weights in targetRefs). Weight is not a percentage and -the sum of weights does not need to equal 100. The following example (in yaml) -sends 70% of traffic to service “my-trafficsplit-sv1” and 30% of the traffic -to service “my-trafficsplit-sv2”:

-

forwardTo: -- targetRef: -name: my-trafficsplit-sv1 -weight: 70 -- targetRef: -name: my-trafficsplit-sv2 -weight: 30

-

If only one targetRef is specified, 100% of the traffic is forwarded to the -targetRef. If unspecified, weight defaults to 1.

-

Support: Core (HTTPRoute) -Support: Extended (TCPRoute)

-
-

HTTPForwardToTarget -

-

-

HTTPForwardToTarget identifies a target object within a known namespace.

-

- - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
-targetRef
- - -ServicesDefaultLocalObjectReference - - -		 -

TargetRef is an object reference to forward matched requests to. -The resource may be “services” (omit or use the empty string for the -group), or an implementation may support other resources (for -example, resource “myroutetargets” in group “networking.acme.io”). -Omitting or specifying the empty string for both the resource and -group indicates that the resource is “services”. If the referent -cannot be found, the “InvalidRoutes” status condition on any Gateway -that includes the HTTPRoute will be true.

-

Support: Core (Kubernetes Services) -Support: Implementation-specific (Other resource types)

-
-targetPort
- - -TargetPort - - -		 -(Optional) -

TargetPort specifies the destination port number to use for the TargetRef. -If unspecified and TargetRef is a Service object consisting of a single -port definition, that port will be used. If unspecified and TargetRef is -a Service object consisting of multiple port definitions, an error is -surfaced in status.

-

Support: Core

-
-weight
- - -TargetWeight - - -		 -(Optional) -

Weight specifies the proportion of traffic forwarded to a targetRef, computed -as weight/(sum of all weights in targetRefs). Weight is not a percentage and -the sum of weights does not need to equal 100. The following example (in yaml) -sends 70% of traffic to service “my-trafficsplit-sv1” and 30% of the traffic -to service “my-trafficsplit-sv2”:

-

forwardTo: -- targetRef: -name: my-trafficsplit-sv1 -weight: 70 -- targetRef: -name: my-trafficsplit-sv2 -weight: 30

-

If only one targetRef is specified, 100% of the traffic is forwarded to the -targetRef. If unspecified, weight defaults to 1.

-

Support: Core (HTTPRoute) -Support: Extended (TCPRoute)

-
-filters
- - -[]HTTPRouteFilter - - -		 -(Optional) -

Filters defined at this-level should be executed if and only if -the request is being forwarded to the target defined here.

-

Conformance: For any implementation, filtering support, including core -filters, is NOT guaranteed at this-level. -Use Filters in HTTPRouteRule for portable filters across implementations.

-

Support: custom

-

HTTPHeaderMatch

@@ -2253,7 +2064,6 @@

HTTPHeaderMatch -(Optional)

HeaderMatchType specifies how to match a HTTP request header against the Values map.

Support: core (Exact) @@ -2307,7 +2117,6 @@

HTTPPathMatch -(Optional)

Type specifies how to match against the path Value.

Support: core (Exact, Prefix) Support: custom (RegularExpression, ImplementationSpecific)

@@ -2366,7 +2175,7 @@

HTTPRequestHeaderF

Output: GET /foo HTTP/1.1 my-header: foo

-

Support: extended?

+

Support: Extended

@@ -2391,7 +2200,7 @@

HTTPRequestHeaderF

Output: GET /foo HTTP/1.1 My-Header2: DEF

-

Support: extended?

+

Support: Extended

@@ -2475,7 +2284,6 @@

HTTPRouteFilter

(Appears on: -HTTPForwardToTarget, HTTPRouteForwardTo, HTTPRouteRule)

@@ -2684,6 +2492,16 @@

HTTPRouteForwardTo +

HTTPRouteHostname +(string alias)

+

+(Appears on: +HTTPRouteSpec) +

+

+

HTTPRouteHostname is used to specify a hostname that should be matched by +HTTPRoute.

+

HTTPRouteMatch

@@ -2722,7 +2540,6 @@

HTTPRouteMatch -(Optional)

Path specifies a HTTP request path matcher. If this field is not specified, a default prefix match on the “/” path is provided.

@@ -2794,7 +2611,6 @@

HTTPRouteRule -(Optional)

Matches define conditions used for matching the rule against incoming HTTP requests. Each match is independent, i.e. this rule will be matched @@ -2895,7 +2711,9 @@

HTTPRouteSpec hostnames
-[]string + +[]HTTPRouteHostname + @@ -3067,7 +2885,6 @@

HostnameMatch -(Optional)

Match specifies how the hostname provided by the client should be matched against the given value.

@@ -3142,7 +2959,6 @@

Listener -(Optional)

Hostname specifies to match the virtual hostname for protocol types that define this concept.

Incoming requests that include a hostname are matched @@ -3333,7 +3149,7 @@

LocalObjectReference UDPRouteMatch)

-

RouteMatchExtensionObjectReference identifies a route-match extension object +

RouteHostExtensionObjectReference identifies a route-host extension object within a known namespace.

@@ -3352,7 +3168,7 @@

LocalObjectReference

@@ -3445,7 +3261,6 @@

RouteBindingSelector

-

Group is the API group name of the referent.

+

Group is the API group name of the referent
-(Optional)

RouteNamespaces indicates in which namespaces Routes should be selected for this Gateway. This is restricted to the namespace of this Gateway by default.

@@ -3478,7 +3293,6 @@

RouteBindingSelector

-(Optional)

Group is the group of the route resource to select. Omitting the value or specifying the empty string indicates the networking.x-k8s.io API group. For example, use the following to select an HTTPRoute:

@@ -3888,7 +3702,6 @@

Secrets

-(Optional)

Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a secrets resource:

@@ -3911,7 +3724,6 @@

Secrets

-(Optional)

Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the secrets resource. For example, use the following to specify a secrets resource:

@@ -3941,11 +3753,6 @@

Secrets

ServicesDefaultLocalObjectReference

-(Appears on: -GenericForwardToTarget, -HTTPForwardToTarget) -

-

ServicesDefaultLocalObjectReference identifies an API object within a known namespace that defaults group to core and resource to services if unspecified.

@@ -3966,7 +3773,6 @@

Servic

-(Optional)

Group is the group of the referent. Omitting the value or specifying the empty string indicates the core API group. For example, use the following to specify a service:

@@ -3989,7 +3795,6 @@

Servic

-(Optional)

Resource is the API resource name of the referent. Omitting the value or specifying the empty string indicates the services resource. For example, use the following to specify a services resource:

@@ -4441,27 +4246,6 @@

TLSRouteStatus

-

TargetPort -(int32 alias)

-

-(Appears on: -GenericForwardToTarget, -HTTPForwardToTarget) -

-

-

TargetPort specifies the destination port number to use for a TargetRef.

-

-

TargetWeight -(int32 alias)

-

-(Appears on: -GenericForwardToTarget, -HTTPForwardToTarget) -

-

-

TargetWeight specifies weight used for making a forwarding decision -to a TargetRef.

-

UDPRouteMatch

diff --git a/examples/basic-http.yaml b/examples/basic-http.yaml index 39dab99d78..5d78613c61 100644 --- a/examples/basic-http.yaml +++ b/examples/basic-http.yaml @@ -18,6 +18,7 @@ spec: gatewayClassName: acme-lb listeners: # Use GatewayClass defaults for listener definition. - protocol: HTTP + port: 80 routes: resource: httproutes routeNamespaces: diff --git a/examples/basic-udp.yaml b/examples/basic-udp.yaml index b9f16aab7f..16deb60786 100644 --- a/examples/basic-udp.yaml +++ b/examples/basic-udp.yaml @@ -15,7 +15,7 @@ metadata: name: my-gateway namespace: default spec: - class: acme-lb + gatewayClassName: acme-lb listeners: # Use GatewayClass defaults for listener definition. - protocol: UDP port: 8080 diff --git a/examples/default-match-http.yaml b/examples/default-match-http.yaml index e34f582a53..77067a1020 100644 --- a/examples/default-match-http.yaml +++ b/examples/default-match-http.yaml @@ -16,6 +16,7 @@ spec: gatewayClassName: default-match-example listeners: - protocol: HTTP + port: 80 routes: resource: httproutes routeNamespaces: diff --git a/examples/http-trafficsplit.yaml b/examples/http-trafficsplit.yaml index 70e9ac6ed4..73ebee1064 100644 --- a/examples/http-trafficsplit.yaml +++ b/examples/http-trafficsplit.yaml @@ -17,6 +17,7 @@ spec: gatewayClassName: trafficsplit-lb listeners: # Use GatewayClass defaults for listener definition. - protocol: HTTP + port: 80 routes: resource: httproutes routeNamespaces: diff --git a/examples/multiple-https.yaml b/examples/multiple-https.yaml index 0722b64c39..9a00d54790 100644 --- a/examples/multiple-https.yaml +++ b/examples/multiple-https.yaml @@ -15,8 +15,8 @@ spec: protocol: HTTPS tls: options: {} - certificateRefs: - - resource: secrets + certificateRef: + resource: secrets group: core name: httpbin routes: @@ -33,8 +33,8 @@ spec: protocol: HTTPS tls: options: {} - certificateRefs: - - resource: secrets + certificateRef: + resource: secrets group: core name: conformance routes: diff --git a/examples/multiple-tcp.yaml b/examples/multiple-tcp.yaml index 163f4c273a..34faf21b2e 100644 --- a/examples/multiple-tcp.yaml +++ b/examples/multiple-tcp.yaml @@ -40,8 +40,8 @@ spec: protocol: TLS tls: options: {} - certificateRefs: - - name: ssh-server + certificateRef: + name: ssh-server resource: secrets group: core routes: diff --git a/examples/tls-in-route.yaml b/examples/tls-in-route.yaml index 34dc3912bc..a1e67d6f36 100644 --- a/examples/tls-in-route.yaml +++ b/examples/tls-in-route.yaml @@ -54,8 +54,8 @@ spec: group: core name: bar-example-com-cert rules: - - match: - path: + - matches: + - path: type: Prefix value: / forwardTo: @@ -80,8 +80,8 @@ spec: group: core name: baz-example-com-cert rules: - - match: - path: + - matches: + - path: type: Prefix value: / forwardTo: diff --git a/examples/wildcard-https.yaml b/examples/wildcard-https.yaml index 06ab167adc..478aa08b4b 100644 --- a/examples/wildcard-https.yaml +++ b/examples/wildcard-https.yaml @@ -16,8 +16,8 @@ spec: protocol: HTTPS tls: options: {} - certificateRefs: - - name: example-wildcard + certificateRef: + name: example-wildcard resource: secrets group: core routes: