forked from kubernetes-sigs/gateway-api
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgenerated.proto
1327 lines (1193 loc) · 46.4 KB
/
generated.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.service_apis.api.v1alpha1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// RouteMatchExtensionObjectReference identifies a route-match extension object
// within a known namespace.
//
// +k8s:deepcopy-gen=false
message ConfigMapsDefaultLocalObjectReference {
// Group is the group of the referent. Omitting the value or specifying
// the empty string indicates the core API group. For example, use the
// following to specify a configmaps:
//
// fooRef:
// resource: configmaps
// name: myconfigmap
//
// Otherwise, if the core API group is not desired, specify the desired
// group:
//
// fooRef:
// group: acme.io
// resource: foos
// name: myfoo
//
// +optional
// +kubebuilder:default=core
optional string group = 1;
// Resource is the API resource name of the referent. Omitting the value
// or specifying the empty string indicates the configmaps resource. For
// example, use the following to specify a configmaps resource:
//
// fooRef:
// name: myconfigmap
//
// Otherwise, if the configmaps resource is not desired, specify the desired
// group:
//
// fooRef:
// group: acme.io
// resource: foos
// name: myfoo
//
// +optional
// +kubebuilder:default=configmaps
optional string resource = 2;
// Name is the name of the referent.
//
// +kubebuilder:validation:Required
optional string name = 3;
}
// ForwardToTarget identifies a target object within a known namespace.
message ForwardToTarget {
// TargetRef is an object reference to forward matched requests to.
// The resource may be "services" (omit or use the empty string for the
// group), or an implementation may support other resources (for
// example, resource "myroutetargets" in group "networking.acme.io").
// Omitting or specifying the empty string for both the resource and
// group indicates that the resource is "services". If the referent
// cannot be found, the "InvalidRoutes" status condition on any Gateway
// that includes the HTTPRoute will be true.
//
// Support: Core (Kubernetes Services)
// Support: Implementation-specific (Other resource types)
optional ServicesDefaultLocalObjectReference targetRef = 1;
// TargetPort specifies the destination port number to use for the TargetRef.
// If unspecified and TargetRef is a Service object consisting of a single
// port definition, that port will be used. If unspecified and TargetRef is
// a Service object consisting of multiple port definitions, an error is
// surfaced in status.
//
// Support: Core
//
// +optional
optional int32 targetPort = 2;
// Weight specifies the proportion of traffic forwarded to a targetRef, computed
// as weight/(sum of all weights in targetRefs). Weight is not a percentage and
// the sum of weights does not need to equal 100. The following example (in yaml)
// sends 70% of traffic to service "my-trafficsplit-sv1" and 30% of the traffic
// to service "my-trafficsplit-sv2":
//
// forwardTo:
// - targetRef:
// name: my-trafficsplit-sv1
// weight: 70
// - targetRef:
// name: my-trafficsplit-sv2
// weight: 30
//
// If only one targetRef is specified, 100% of the traffic is forwarded to the
// targetRef. If unspecified, weight defaults to 1.
//
// Support: Core (httproute)
// Support: Extended (tcproute)
//
// +optional
// +kubebuilder:default=1
optional int32 weight = 3;
// Filters defined at this-level should be executed if and only if
// the request is being forwarded to the target defined here.
//
// Conformance: For any implementation, filtering support, including core
// filters, is NOT guaranteed at this-level.
// Use Filters in HTTPRouteRule for portable filters across implementations.
//
// Support: custom
//
// +optional
repeated HTTPRouteFilter filters = 4;
}
// Gateway represents an instantiation of a service-traffic handling
// infrastructure by binding Listeners to a set of IP addresses.
message Gateway {
optional k8s.io.apimachinery.pkg.apis.meta.v1.TypeMeta typeMeta = 1;
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 2;
optional GatewaySpec spec = 3;
optional GatewayStatus status = 4;
}
// GatewayAddress describes an address that can be bound to a Gateway.
message GatewayAddress {
// Type of the Address. This is either "IPAddress" or "NamedAddress".
//
// Support: Extended
//
// +optional
// +kubebuilder:default=IPAddress
optional string type = 1;
// Value. Examples: "1.2.3.4", "128::1", "my-ip-address". Validity of the
// values will depend on `Type` and support by the controller.
//
// +required
optional string value = 2;
}
// GatewayClass describes a class of Gateways available to the user
// for creating Gateway resources.
//
// GatewayClass is a Cluster level resource.
//
// Support: Core.
message GatewayClass {
optional k8s.io.apimachinery.pkg.apis.meta.v1.TypeMeta typeMeta = 4;
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec for this GatewayClass.
optional GatewayClassSpec spec = 2;
// Status of the GatewayClass.
// +kubebuilder:default={conditions: {{type: "InvalidParameters", status: "Unknown"}}}
optional GatewayClassStatus status = 3;
}
// GatewayClassCondition contains the details for the current
// condition of this GatewayClass.
//
// Support: Core, unless otherwise specified.
message GatewayClassCondition {
// Type of this condition.
//
// +required
optional string type = 1;
// Status of this condition.
//
// +required
optional string status = 2;
// Reason is a machine consumable string for the last
// transition. It should be a one-word, CamelCase
// string. Reason will be defined by the controller.
//
// Support: Custom; values will be controller-specific.
// This field must not be empty.
//
// +required
optional string reason = 3;
// Message is a human readable reason for last transition.
// This field may be empty.
//
// +required
optional string message = 4;
// LastTransitionTime is the time of the last change to this condition.
// This should be when the underlying condition changed.
// If that is not known, then using the time when the API field changed is acceptable.
//
// +required
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 5;
// If set, this represents the .metadata.generation that the condition was set based upon.
// For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date
// with respect to the current state of the instance.
//
// +optional
optional int64 observedGeneration = 6;
}
// GatewayClassList contains a list of GatewayClass
message GatewayClassList {
optional k8s.io.apimachinery.pkg.apis.meta.v1.TypeMeta typeMeta = 3;
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated GatewayClass items = 2;
}
// GatewayClassSpec reflects the configuration of a class of Gateways.
message GatewayClassSpec {
// Controller is a domain/path string that indicates the
// controller that is managing Gateways of this class.
//
// Example: "acme.io/gateway-controller".
//
// This field is not mutable and cannot be empty.
//
// The format of this field is DOMAIN "/" PATH, where DOMAIN
// and PATH are valid Kubernetes names
// (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
//
// Support: Core
//
// +required
optional string controller = 1;
// AllowedGatewayNamespaceSelector is a selector of namespaces that Gateways
// can use this GatewayClass from. This is a standard Kubernetes
// LabelSelector. Controllers must not support Gateways in namespaces
// outside this selector.
//
// An empty selector (default) indicates that Gateways can use this
// GatewayClass from any namespace.
//
// When a Gateway attempts to use this class from a namespace that is not
// allowed by this selector, the controller implementing the GatewayClass
// may add a new "ForbiddenNamespaceForClass" condition to the Gateway
// status. Adding this condition is considered optional since not all
// controllers will have access to all namespaces.
//
// Support: Core
//
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector allowedGatewayNamespaceSelector = 2;
// AllowedRouteNamespaces indicates in which namespaces Routes can be
// selected for Gateways of this class. This is restricted to the namespace
// of the Gateway by default.
//
// When any Routes are selected by a Gateway in a namespace that is not
// allowed by this selector, the controller implementing the GatewayClass
// may add a new "ForbiddenRoutesForClass" condition to the Gateway status.
// Adding this condition is considered optional since not all controllers
// will have access to all namespaces.
//
// Support: Core
//
// +optional
// +kubebuilder:default={onlySameNamespace:true}
optional RouteNamespaces allowedRouteNamespaces = 3;
// ParametersRef is a controller-specific resource containing
// the configuration parameters corresponding to this
// class. This is optional if the controller does not require
// any additional configuration.
//
// Valid resources for reference are up to the Controller. Examples
// include "configmaps" (omit or specify the empty string for the group
// to indicate the core API group) or a custom resource (CRD). Omitting
// or specifying the empty string for both the resource and group
// indicates that the resource is "configmaps". If the referent cannot
// be found, the GatewayClass's "InvalidParameters" status condition
// will be true.
//
// Support: Custom
//
// +optional
// +protobuf=false
optional ConfigMapsDefaultLocalObjectReference parametersRef = 4;
}
// GatewayClassStatus is the current status for the GatewayClass.
message GatewayClassStatus {
// Conditions is the current status from the controller for
// this GatewayClass.
// +optional
// +kubebuilder:default={{type: "InvalidParameters", status: "Unknown"}}
repeated GatewayClassCondition conditions = 1;
}
// GatewayCondition is an error status for a given route.
message GatewayCondition {
// Type indicates the type of condition.
//
// +required
optional string type = 1;
// Status describes the current state of this condition. Can be "True",
// "False", or "Unknown".
//
// +required
optional string status = 2;
// Message is a human-understandable message describing the condition.
// This field may be empty.
//
// +required
optional string message = 3;
// Reason indicates why the condition is in this state.
// This field must not be empty.
//
// +required
optional string reason = 4;
// LastTransitionTime indicates the last time this condition changed.
// This should be when the underlying condition changed.
// If that is not known, then using the time when the API field changed is acceptable.
//
// +required
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 5;
// If set, this represents the .metadata.generation that the condition was set based upon.
// For instance, if .metadata.generation is currently 12, but
// the .status.conditions[x].observedGeneration is 9, the condition is out of date
// with respect to the current state of the instance.
//
// +optional
optional int64 observedGeneration = 6;
}
// GatewayList contains a list of Gateway
message GatewayList {
optional k8s.io.apimachinery.pkg.apis.meta.v1.TypeMeta typeMeta = 1;
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 2;
repeated Gateway items = 3;
}
// GatewayObjectReference identifies a Gateway object.
message GatewayObjectReference {
// Namespace is the namespace of the referent.
// +optional
optional string namespace = 1;
// Name is the name of the referent.
//
// +kubebuilder:validation:Required
// +required
optional string name = 2;
}
// GatewaySpec defines the desired state of Gateway.
//
// Not all possible combinations of options specified in the Spec are
// valid. Some invalid configurations can be caught synchronously via a
// webhook, but there are many cases that will require asynchronous
// signaling via the GatewayStatus block.
message GatewaySpec {
// Class used for this Gateway. This is the name of a GatewayClass resource.
optional string class = 1;
// Listeners associated with this Gateway. Listeners define
// logical endpoints that are bound on this Gateway's addresses.
// At least one Listener MUST be specified.
//
// Each Listener in this array must have a unique Port field,
// however a GatewayClass may collapse compatible Listener
// definitions into a single implementation-defined acceptor
// configuration even if their Port fields would otherwise conflict.
//
// Listeners are compatible if all of the following conditions are true:
//
// 1. all their Protocol fields are "HTTP", or all their Protocol fields are "HTTPS" or TLS"
// 2. their Hostname fields are specified with a match type other than "Any"
// 3. their Hostname fields are not an exact match for any other Listener
//
// As a special case, each group of compatible listeners
// may contain exactly one Listener with a match type of "Any".
//
// If the GatewayClass collapses compatible Listeners, the
// hostname provided in the incoming client request MUST be
// matched to a Listener to find the correct set of Routes.
// The incoming hostname MUST be matched using the Hostname
// field for each Listener in order of most to least specific.
// That is, "Exact" matches must be processed before "Domain"
// matches, which must be processed before "Any" matches.
//
// If this field specifies multiple Listeners that have the same
// Port value but are not compatible, the GatewayClass must raise
// a "PortConflict" condition on the Gateway.
//
// Support: Core
//
// +required
// +kubebuilder:validation:MinItems=1
repeated Listener listeners = 2;
// Addresses requested for this gateway. This is optional and
// behavior can depend on the GatewayClass. If a value is set
// in the spec and the requested address is invalid, the
// GatewayClass MUST indicate this in the associated entry in
// GatewayStatus.Addresses.
//
// If no Addresses are specified, the GatewayClass may
// schedule the Gateway in an implementation-defined manner,
// assigning an appropriate set of Addresses.
//
// The GatewayClass MUST bind all Listeners to every
// GatewayAddress that it assigns to the Gateway.
//
// Support: Core
//
// +optional
repeated GatewayAddress addresses = 3;
}
// GatewayStatus defines the observed state of Gateway.
message GatewayStatus {
// Addresses lists the IP addresses that have actually been
// bound to the Gateway. These addresses may differ from the
// addresses in the Spec, e.g. if the Gateway automatically
// assigns an address from a reserved pool.
//
// These addresses should all be of type "IPAddress".
//
// +required
repeated GatewayAddress addresses = 1;
// Conditions describe the current conditions of the Gateway.
// +optional
repeated GatewayCondition conditions = 2;
// Listeners provide status for each unique listener port defined in the Spec.
// +optional
repeated ListenerStatus listeners = 3;
}
// HTTPRequestHeaderConfig defines configuration for the
// RequestHeader filter.
message HTTPRequestHeaderConfig {
// Add adds the given header (name, value) to the request
// before the action.
//
// Input:
// GET /foo HTTP/1.1
//
// Config:
// add: {"my-header": "foo"}
//
// Output:
// GET /foo HTTP/1.1
// my-header: foo
//
// Support: extended?
map<string, string> add = 1;
// Remove the given header(s) from the HTTP request before the
// action. The value of RemoveHeader is a list of HTTP header
// names. Note that the header names are case-insensitive
// [RFC-2616 4.2].
//
// Input:
// GET /foo HTTP/1.1
// My-Header1: ABC
// My-Header2: DEF
// My-Header2: GHI
//
// Config:
// remove: ["my-header1", "my-header3"]
//
// Output:
// GET /foo HTTP/1.1
// My-Header2: DEF
//
// Support: extended?
repeated string remove = 2;
}
// HTTPRoute is the Schema for the httproutes API
message HTTPRoute {
optional k8s.io.apimachinery.pkg.apis.meta.v1.TypeMeta typeMeta = 1;
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 2;
optional HTTPRouteSpec spec = 3;
optional HTTPRouteStatus status = 4;
}
// HTTPRouteAction is the action taken given a match.
message HTTPRouteAction {
// ForwardTo sends requests to the referenced object(s). The
// resource may be "services" (omit or use the empty string for the
// group), or an implementation may support other resources (for
// example, resource "myroutetargets" in group "networking.acme.io").
// Omitting or specifying the empty string for both the resource and
// group indicates that the resource is "services". If the referent
// cannot be found, the "InvalidRoutes" status condition on any Gateway
// that includes the HTTPRoute will be true.
//
// Support: core
//
// +kubebuilder:validation:MinItems=1
repeated ForwardToTarget forwardTo = 1;
// ExtensionRef is an optional, implementation-specific extension to the
// "action" behavior. The resource may be "configmaps" (use the empty
// string for the group) or an implementation-defined resource (for
// example, resource "myrouteactions" in group "networking.acme.io").
// Omitting or specifying the empty string for both the resource and
// group indicates that the resource is "configmaps". If the referent
// cannot be found, the "InvalidRoutes" status condition on any Gateway
// that includes the HTTPRoute will be true.
//
// Support: custom
//
// +optional
optional ConfigMapsDefaultLocalObjectReference extensionRef = 2;
}
// HTTPRouteFilter defines additional processing steps that must be completed
// during the request or response lifecycle.
// HTTPRouteFilters are meant as an extension point to express additional
// processing that may be done in Gateway implementations. Some examples include
// request or response modification, implementing authentication strategies,
// rate-limiting, and traffic shaping.
// API guarantee/conformance is defined based on the type of the filter.
// TODO(hbagdi): re-render CRDs once controller-tools supports union tags:
// - https://github.com/kubernetes-sigs/controller-tools/pull/298
// - https://github.com/kubernetes-sigs/controller-tools/issues/461
// +union
message HTTPRouteFilter {
// Type identifies the filter to execute.
// Types are classified into three conformance-levels (similar to
// other locations in this API):
// - Core and extended: These filter types and their corresponding configuration
// is defined in this package. All implementations must implement
// the core filters. Implementers are encouraged to support extended filters.
// Definitions for filter-specific configuration for these
// filters is defined in this package.
// - Custom: These filters are defined and supported by specific vendors.
// In the future, filters showing convergence in behavior across multiple
// implementations will be considered for inclusion in extended or core
// conformance rings. Filter-specific configuration for such filters
// is specified using the ExtensionRef field. `Type` should be set to
// "ImplementationSpecific" for custom filters.
//
// Implementers are encouraged to define custom implementation
// types to extend the core API with implementation-specific behavior.
//
// +unionDiscriminator
// +kubebuilder:validation:Required
// +required
optional string type = 1;
// ExtensionRef is an optional, implementation-specific extension to the
// "filter" behavior. The resource may be "configmap" (use the empty
// string for the group) or an implementation-defined resource (for
// example, resource "myroutefilters" in group "networking.acme.io").
// Omitting or specifying the empty string for both the resource and
// group indicates that the resource is "configmaps".
// ExtensionRef MUST NOT be used for core and extended filters.
// +optional
optional ConfigMapsDefaultLocalObjectReference extensionRef = 2;
optional HTTPRequestHeaderConfig requestHeader = 3;
}
// HTTPRouteHost is the configuration for a given set of hosts.
message HTTPRouteHost {
// Hostnames defines a set of hostname that should match against
// the HTTP Host header to select a HTTPRoute to process the request.
// Hostname is the fully qualified domain name of a network host,
// as defined by RFC 3986. Note the following deviations from the
// "host" part of the URI as defined in the RFC:
//
// 1. IPs are not allowed.
// 2. The `:` delimiter is not respected because ports are not allowed.
//
// Incoming requests are matched against the hostnames before the
// HTTPRoute rules. If no hostname is specified, traffic is routed
// based on the HTTPRouteRules.
//
// Hostname can be "precise" which is a domain name without the terminating
// dot of a network host (e.g. "foo.example.com") or "wildcard", which is
// a domain name prefixed with a single wildcard label (e.g. "*.example.com").
// The wildcard character '*' must appear by itself as the first DNS
// label and matches only a single label.
// You cannot have a wildcard label by itself (e.g. Host == "*").
// Requests will be matched against the Host field in the following order:
// 1. If Host is precise, the request matches this rule if
// the http host header is equal to Host.
// 2. If Host is a wildcard, then the request matches this rule if
// the http host header is to equal to the suffix
// (removing the first label) of the wildcard rule.
//
// Support: Core
//
// +optional
repeated string hostnames = 1;
// Rules are a list of HTTP matchers, filters and actions.
//
// +kubebuilder:validation:MinItems=1
repeated HTTPRouteRule rules = 2;
// ExtensionRef is an optional, implementation-specific extension to the
// "host" block. The resource may be "configmaps" (omit or specify the
// empty string for the group) or an implementation-defined resource
// (for example, resource "myroutehosts" in group "networking.acme.io").
// Omitting or specifying the empty string for both the resource and
// group indicates that the resource is "configmaps". If the referent
// cannot be found, the "InvalidRoutes" status condition on any Gateway
// that includes the HTTPRoute will be true.
//
// Support: custom
//
// +optional
optional ConfigMapsDefaultLocalObjectReference extensionRef = 3;
}
// HTTPRouteList contains a list of HTTPRoute
message HTTPRouteList {
optional k8s.io.apimachinery.pkg.apis.meta.v1.TypeMeta typeMeta = 1;
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 2;
repeated HTTPRoute items = 3;
}
// HTTPRouteMatch defines the predicate used to match requests to a
// given action.
// Multiple match types are ANDed together, i.e. the match will evaluate
// to true only if all conditions are satisfied.
// For example:
// match:
// path: /foo
// headers:
// version: "1"
// will result in a match only if an HTTP request's path starts with `/foo` AND
// contains the `version: "1"` header.
message HTTPRouteMatch {
// PathType defines the semantics of the `Path` matcher.
//
// Support: core (Exact, Prefix)
// Support: custom (RegularExpression, ImplementationSpecific)
//
// Since RegularExpression PathType has custom conformance, implementations
// can support POSIX, PCRE or any other dialects of regular expressions.
// Please read the implementation's documentation to determine the supported
// dialect.
//
// Default: "Prefix"
//
// +optional
// +kubebuilder:default=Prefix
optional string pathMatchType = 1;
// Path is the value of the HTTP path as interpreted via
// PathType.
//
// Default: "/"
optional string path = 2;
// HeaderMatchType defines the semantics of the `Header` matcher.
//
// Support: core (Exact)
// Support: custom (ImplementationSpecific)
//
// Default: "Exact"
//
// +optional
// +kubebuilder:default=Exact
optional string headerMatchType = 3;
// Headers are the HTTP Headers to match as interpreted via
// HeaderMatchType. Multiple headers are ANDed together, meaning, a request
// must contain all the headers specified in order to select this route.
//
// +optional
map<string, string> headers = 4;
// ExtensionRef is an optional, implementation-specific extension to the
// "match" behavior. The resource may be "configmap" (use the empty
// string for the group) or an implementation-defined resource (for
// example, resource "myroutematchers" in group "networking.acme.io").
// Omitting or specifying the empty string for both the resource and
// group indicates that the resource is "configmaps". If the referent
// cannot be found, the "InvalidRoutes" status condition on any Gateway
// that includes the HTTPRoute will be true.
//
// Support: custom
//
// +optional
optional ConfigMapsDefaultLocalObjectReference extensionRef = 5;
}
// HTTPRouteRule defines semantics for matching an incoming HTTP request against
// a set of matching rules and executing an action (and optionally filters) on
// the request.
message HTTPRouteRule {
// Matches define conditions used for matching the rule against
// incoming HTTP requests.
// Each match is independent, i.e. this rule will be matched
// if **any** one of the matches is satisfied.
// For example, take the following matches configuration:
// matches:
// - path: /foo
// headers:
// version: "2"
// - path: /v2/foo
// For a request to match against this rule, a request should satisfy
// EITHER of the two conditions:
// - path prefixed with `/foo` AND contains the header `version: "2"`
// - path prefix of `/v2/foo`
// Please see doc for HTTPRouteMatch on how to specify multiple
// match conditions that should be ANDed together.
// +optional
repeated HTTPRouteMatch matches = 1;
// Filters define the filters that are applied to requests that match
// this rule.
//
// The effects of ordering of multiple behaviors are currently undefined.
// This can change in the future based on feedback during the alpha stage.
//
// Conformance-levels at this level are defined based on the type of filter:
// - ALL core filters MUST be supported by all implementations.
// - Implementers are encouraged to support extended filters.
// - Implementation-specific custom filters have no API guarantees across implementations.
// Specifying a core filter multiple times has undefined or custom conformance.
//
// Support: core
//
// +optional
repeated HTTPRouteFilter filters = 2;
// Action defines what happens to the request.
// +optional
optional HTTPRouteAction action = 3;
}
// HTTPRouteSpec defines the desired state of HTTPRoute
message HTTPRouteSpec {
// Hosts is a list of Host definitions.
repeated HTTPRouteHost hosts = 1;
}
// HTTPRouteStatus defines the observed state of HTTPRoute.
message HTTPRouteStatus {
// Gateways is a list of the Gateways that are associated with the
// HTTPRoute, and the status of the route with respect to each of these
// Gateways. When a Gateway selects this route, the controller that
// manages the Gateway should add an entry to this list when the
// controller first sees the route and should update the entry as
// appropriate when the route is modified.
repeated RouteGatewayStatus gateways = 1;
}
// HostnameMatch specifies how a Listener should match the incoming
// hostname from a client request. Depending on the incoming protocol,
// the match must apply to names provided by the client at both the
// TLS and the HTTP protocol layers.
message HostnameMatch {
// Match specifies how the hostname provided by the client should be
// matched against the given value.
//
// +optional
// +kubebuilder:default=Exact
optional string match = 1;
// Name contains the name to match against. This value must
// be a fully qualified host or domain name conforming to the
// preferred name syntax defined in
// [RFC 1034](https://tools.ietf.org/html/rfc1034#section-3.5)
//
// In addition to any RFC rules, this field MUST NOT contain
//
// 1. IP address literals
// 2. Colon-delimited port numbers
// 3. Percent-encoded octets
//
// This field is required for the "Domain" and "Exact" match types.
//
// +optional
optional string name = 2;
}
// Listener embodies the concept of a logical endpoint where a
// Gateway can accept network connections.
message Listener {
// Hostname specifies to match the virtual hostname for
// protocol types that define this concept.
//
// Incoming requests that include a hostname are matched
// according to the given HostnameMatchType to select
// the Routes from this Listener.
//
// If a match type other than "Any" is supplied, it MUST
// be compatible with the specified Protocol field.
//
// Support: Core
//
// +optional
// +kubebuilder:default={match: "Any"}
optional HostnameMatch hostname = 1;
// Port is the network port. Multiple listeners may use the
// same port, subject to the Listener compatibility rules.
//
// Support: Core
//
// +required
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=65536
// +kubebuilder:validation:ExclusiveMinimum=true
// +kubebuilder:validation:ExclusiveMaximum=true
optional int32 port = 2;
// Protocol specifies the network protocol this listener
// expects to receive. The GatewayClass MUST validate that
// match type specified in the Hostname field is appropriate
// for the protocol.
//
// * For the "TLS" protocol, the Hostname match MUST be
// applied to the [SNI](https://tools.ietf.org/html/rfc6066#section-3)
// server name offered by the client.
// * For the "HTTP" protocol, the Hostname match MUST be
// applied to the host portion of the
// [effective request URI](https://tools.ietf.org/html/rfc7230#section-5.5)
// or the [:authority pseudo-header](https://tools.ietf.org/html/rfc7540#section-8.1.2.3)
// * For the "HTTPS" protocol, the Hostname match MUST be
// applied at both the TLS and HTTP protocol layers.
//
// Support: Core
//
// +required
optional string protocol = 3;
// TLS is the TLS configuration for the Listener. This field
// is required if the Protocol field is "HTTPS" or "TLS" and
// ignored otherwise.
//
// Support: Core
//
// +optional
optional TLSConfig tls = 4;
// Routes specifies a schema for associating routes with the
// Listener using selectors. A Route is a resource capable of
// servicing a request and allows a cluster operator to expose
// a cluster resource (i.e. Service) by externally-reachable
// URL, load-balance traffic and terminate SSL/TLS. Typically,
// a route is a "HTTPRoute" or "TCPRoute" in group
// "networking.x-k8s.io", however, an implementation may support
// other types of resources.
//
// The Routes selector MUST select a set of objects that
// are compatible with the application protocol specified in
// the Protocol field.
//
// Support: Core
//
// +required
optional RouteBindingSelector routes = 5;
}
// ListenerCondition is an error status for a given listener.
message ListenerCondition {
// Type indicates the type of condition.
//
// +required
optional string type = 1;
// Status describes the current state of this condition. Can be "True",
// "False", or "Unknown".
//
// +required
optional string status = 2;
// Message is a human-understandable message describing the condition.
// This field may be empty.
//
// +required
optional string message = 3;
// Reason indicates why the condition is in this state.
// This field must not be empty.
//
// +required
optional string reason = 4;
// LastTransitionTime indicates the last time this condition changed.
// This should be when the underlying condition changed.
// If that is not known, then using the time when the API field changed is acceptable.
//
// +required
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 5;
// If set, this represents the .metadata.generation that the condition was
// set based upon. For instance, if .metadata.generation is currently 12,
// but the .status.conditions[x].observedGeneration is 9, the condition is
// out of date with respect to the current state of the instance.
//
// +optional
optional int64 observedGeneration = 6;
}
// ListenerStatus is the status associated with a Listener port.
message ListenerStatus {
// Port is the unique Listener port value for which this message
// is reporting the status. If more than one Gateway Listener
// shares the same port value, this message reports the combined
// status of all such Listeners.
//
// +required
optional string port = 1;
// Conditions describe the current condition of this listener.
//
// +required
repeated ListenerCondition conditions = 3;
}
// RouteBindingSelector defines a schema for associating routes with the Gateway.
// If NamespaceSelector and RouteSelector are defined, only routes matching both
// selectors are associated with the Gateway.
message RouteBindingSelector {
// RouteNamespaces indicates in which namespaces Routes should be selected
// for this Gateway. This is restricted to the namespace of this Gateway by
// default.
//
// Support: Core
//
// +optional
// +kubebuilder:default={onlySameNamespace:true}
optional RouteNamespaces routeNamespaces = 1;
// RouteSelector specifies a set of route labels used for selecting
// routes to associate with the Gateway. If RouteSelector is defined,
// only routes matching the RouteSelector are associated with the Gateway.
// An empty RouteSelector matches all routes.
//
// Support: Core
//
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector routeSelector = 2;
// Group is the group of the route resource to select. Omitting the value or specifying
// the empty string indicates the networking.x-k8s.io API group.
// For example, use the following to select an HTTPRoute:
//
// routes:
// resource: httproutes
//
// Otherwise, if an alternative API group is desired, specify the desired
// group:
//
// routes:
// group: acme.io
// resource: fooroutes